Package: liblwp-protocol-https-perl / 6.07-2

746579-fix-peer-certificate-verification.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Description: Fix peer certificate verification
 LWP::Protocol::HTTPS disabled peer certificate verification in case
 only hostname verification was disabled.
Origin: vendor
Bug: https://github.com/libwww-perl/lwp-protocol-https/pull/14
Bug-Debian: https://bugs.debian.org/746579
Forwarded: not-needed
Author: Steffen Ullrich <coyote.frank@gmx.net>
Last-Update: 2014-05-04

--- a/lib/LWP/Protocol/https.pm
+++ b/lib/LWP/Protocol/https.pm
@@ -21,7 +21,11 @@
 	$ssl_opts{SSL_verifycn_scheme} = 'www';
     }
     else {
-	$ssl_opts{SSL_verify_mode} = 0;
+	if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
+		$ssl_opts{SSL_verifycn_scheme} = '';
+	} else {
+		$ssl_opts{SSL_verifycn_scheme} = 'none';
+	}
     }
     if ($ssl_opts{SSL_verify_mode}) {
 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {