Author: Nicholas Bamber <nicholas@periapt.co.uk>
Subject: Digest::SHA1 phased out in Debian
 cf. http://wiki.debian.org/Teams/DebianPerlGroup/OpenTasks/Transitions/DigestSHA1ToDigestSHA
Forwarded: no
Last-Update: 2011-10-28
--- a/Build.PL
+++ b/Build.PL
@@ -11,7 +11,7 @@
         'CGI::Application'  => '4.00',
         'GD::SecurityImage' => 0,
         'Data::Random'      => 0,
-        'Digest::SHA1'      => 0,
+        'Digest::SHA'      => 0,
     },
     build_requires => {
         'Test::More'           => 0,
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -7,7 +7,7 @@
           'PREREQ_PM' => {
                            'CGI::Application' => '4.00',
                            'Data::Random' => 0,
-                           'Digest::SHA1' => 0,
+                           'Digest::SHA' => 0,
                            'GD::SecurityImage' => 0,
                            'Test::Exception' => 0,
                            'Test::More' => 0,
--- a/lib/CGI/Application/Plugin/CAPTCHA.pm
+++ b/lib/CGI/Application/Plugin/CAPTCHA.pm
@@ -3,7 +3,7 @@
 use strict;
 
 use GD::SecurityImage;
-use Digest::SHA1;
+use Digest::SHA;
 use vars qw($VERSION @EXPORT);
 
 require Exporter;
@@ -114,7 +114,7 @@
 An easy way to generate a relatively good secret is to run the following perl
 snippet:
 
-  perl -MDigest::SHA1=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))'
+  perl -MDigest::SHA=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))'
 
 The author recognizes that the transmission of a cookie with the CAPTCHA image
 may not be a popular decision, and welcomes any patches from those who can
@@ -245,12 +245,12 @@
 
     # check the secret
     if (!$secret) {
-        $secret = Digest::SHA1::sha1_base64( ref $self );
+        $secret = Digest::SHA::sha1_base64( ref $self );
         warn "using default SECRET!  Please provide a proper SECRET when using the CGI::Application::Plugin::CAPTCHA plugin";
     }
 
     # Create the verification hash
-    my $hash = Digest::SHA1::sha1_base64(join("\0", $secret, $random_string));
+    my $hash = Digest::SHA::sha1_base64(join("\0", $secret, $random_string));
     
     # Stuff the verification hash in a cookie and push it out to the 
     # client.
@@ -277,11 +277,11 @@
 
     # check the secret
     if (!$secret) {
-        $secret = Digest::SHA1::sha1_base64( ref $self );
+        $secret = Digest::SHA::sha1_base64( ref $self );
         warn "using default SECRET!  Please provide a proper SECRET when using the CGI::Application::Plugin::CAPTCHA plugin";
     }
 
-    return 1 if Digest::SHA1::sha1_base64(join("\0", $secret, $verify)) eq $hash;
+    return 1 if Digest::SHA::sha1_base64(join("\0", $secret, $verify)) eq $hash;
     return 0;
 }
 
--- a/t/03-verify.t
+++ b/t/03-verify.t
@@ -49,7 +49,7 @@
 
     # Make sure our cookie contains the CAPTCHA value ABC123
     my $secret = 'vbCrfzMCi45TD7Uz4C6fjWvX6us';
-    my $check  = Digest::SHA1::sha1_base64(join("\0", $secret, 'ABC123'));
+    my $check  = Digest::SHA::sha1_base64(join("\0", $secret, 'ABC123'));
     #my $salt = substr($hash, 0, 2);
     #ok(crypt("ABC123", $salt) eq $hash, "Hash contains CAPTCHA value ABC123");
     ok( $check eq $hash, "Hash contains CAPTCHA value ABC123");
--- a/README
+++ b/README
@@ -90,7 +90,7 @@
     An easy way to generate a relatively good secret is to run the following
     perl snippet:
 
-      perl -MDigest::SHA1=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))'
+      perl -MDigest::SHA=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))'
 
     The author recognizes that the transmission of a cookie with the CAPTCHA
     image may not be a popular decision, and welcomes any patches from those
--- a/META.yml
+++ b/META.yml
@@ -21,7 +21,7 @@
 requires:
   CGI::Application: 4.00
   Data::Random: 0
-  Digest::SHA1: 0
+  Digest::SHA: 0
   GD::SecurityImage: 0
 resources:
   license: http://dev.perl.org/licenses/