pyrox.dev / nixpkgs
lol
fork atom

LWP::Protocol::https: Fix SSL cert handling

We lost this in 9f358f809d1db46f3206d4a09a5366f13c93e777. Updated to
use /etc/ssl/certs/ca-certificates.crt if it exists and SSL_CERT_FILE
is not set.

Eelco Dolstra bd7f379a 4e906f9f

options
unified split
Changed files
+16
pkgs
development
perl-modules
lwp-protocol-https-cert-file.patch
top-level
perl-packages.nix
+15
pkgs/development/perl-modules/lwp-protocol-https-cert-file.patch 
···

       

       
1

       
+

       
diff -ru -x '*~' LWP-Protocol-https-6.04-orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.04/lib/LWP/Protocol/https.pm


     

       

       
2

       
+

       
--- LWP-Protocol-https-6.04-orig/lib/LWP/Protocol/https.pm	2013-04-29 23:16:18.000000000 +0200


     

       

       
3

       
+

       
+++ LWP-Protocol-https-6.04/lib/LWP/Protocol/https.pm	2016-03-02 14:59:01.639844511 +0100


     

       

       
4

       
+

       
@@ -24,6 +24,11 @@


     

       

       
5

       
+

       
     }


     

       

       
6

       
+

       
     if ($ssl_opts{SSL_verify_mode}) {


     

       

       
7

       
+

       
 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {


     

       

       
8

       
+

       
+	    $ssl_opts{SSL_ca_file} = $ENV{'SSL_CERT_FILE'};


     

       

       
9

       
+

       
+	    $ssl_opts{SSL_ca_file} = "/etc/ssl/certs/ca-certificates.crt"


     

       

       
10

       
+

       
+		if !defined $ssl_opts{SSL_ca_file} && -e "/etc/ssl/certs/ca-certificates.crt";


     

       

       
11

       
+

       
+	}


     

       

       
12

       
+

       
+	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {


     

       

       
13

       
+

       
 	    eval {


     

       

       
14

       
+

       
 		require Mozilla::CA;


     

       

       
15

       
+

       
 	    };
+1
pkgs/top-level/perl-packages.nix 
···

       
6950

       
6950

       
 

       
      url = mirror://cpan/authors/id/G/GA/GAAS/LWP-Protocol-https-6.04.tar.gz;


     

       
6951

       
6951

       
 

       
      sha256 = "0agnga5dg94222h6rlzqxa0dri2sh3gayncvfb7jad9nxr87gxhy";


     

       
6952

       
6952

       
 

       
    };


     

       

       
6953

       
+

       
    patches = [ ../development/perl-modules/lwp-protocol-https-cert-file.patch ];


     

       
6953

       
6954

       
 

       
    propagatedBuildInputs = [ LWP IOSocketSSL ];


     

       
6954

       
6955

       
 

       
    doCheck = false; # tries to connect to https://www.apache.org/.


     

       
6955

       
6956

       
 

       
    meta = {