reinit the tree, so we can have metadata

8 files changed, 232 insertions, 0 deletions

diff --git a/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.60.0.ebuild b/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.60.0.ebuild
new file mode 100644
index 000000000000..6ccd6071570c
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.60.0.ebuild
@@ -0,0 +1,32 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+MODULE_AUTHOR=MSCHILLI
+MODULE_VERSION=6.06
+inherit perl-module
+
+DESCRIPTION="Provide https support for LWP::UserAgent"
+SRC_URI+=" https://dev.gentoo.org/~tove/distfiles/${CATEGORY}/${PN}/${PN}_ca-cert-r1.patch.gz"
+
+SLOT="0"
+IUSE=""
+KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+
+RDEPEND="
+	app-misc/ca-certificates
+	>=dev-perl/libwww-perl-6.20.0
+	>=dev-perl/Net-HTTP-6
+	>=dev-perl/IO-Socket-SSL-1.540.0
+"
+DEPEND="${RDEPEND}
+	virtual/perl-ExtUtils-MakeMaker
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-6.60.0-etcsslcerts.patch
+	"${FILESDIR}"/${PN}-6.60.0-CVE-2014-3230.patch
+)
+
+SRC_TEST=online
diff --git a/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.70.0.ebuild b/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.70.0.ebuild
new file mode 100644
index 000000000000..d7b641534748
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/LWP-Protocol-https-6.70.0.ebuild
@@ -0,0 +1,36 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+DIST_AUTHOR=OALDERS
+DIST_VERSION=6.07
+inherit perl-module
+
+DESCRIPTION="Provide https support for LWP::UserAgent"
+
+SLOT="0"
+IUSE="test"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+
+RDEPEND="
+	app-misc/ca-certificates
+	>=dev-perl/IO-Socket-SSL-1.540.0
+	>=dev-perl/libwww-perl-6.60.0
+	>=dev-perl/Net-HTTP-6
+"
+DEPEND="${RDEPEND}
+	virtual/perl-ExtUtils-MakeMaker
+	test? (
+		virtual/perl-Test-Simple
+		dev-perl/Test-RequiresInternet
+	)
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-6.70.0-etcsslcerts.patch
+	"${FILESDIR}"/${PN}-6.70.0-CVE-2014-3230.patch # note: breaks a test, still needed?
+)
+PERL_RM_FILES=(
+	"t/https_proxy.t" # see above
+)
diff --git a/dev-perl/LWP-Protocol-https/Manifest b/dev-perl/LWP-Protocol-https/Manifest
new file mode 100644
index 000000000000..112dd6d87cf1
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/Manifest
@@ -0,0 +1,12 @@
+AUX LWP-Protocol-https-6.60.0-CVE-2014-3230.patch 903 SHA256 a27fa98068979ab94040d41f9d8a48466b52bf14eac8638bea939f791f8a015d SHA512 028cfcdd4fd0cab46b2d1aef4a59fd575a3180bc34a69d8973c67177d27fc7995dac0e003983e448354858747f3f3d19ec3eaf6a42e2619cfde1275ea7e41ec1 WHIRLPOOL 3e07cc7b8044ad34057390af89dd6bde15b82b03b9c5611dfd49e71f1bb2acfd773fa685bdb3d8727dbed8009b0230af2bcfd721da0eca641411910a922a2603
+AUX LWP-Protocol-https-6.60.0-etcsslcerts.patch 1193 SHA256 c8e58f754e619bea03e3d41895b742736c63f08022186b43c8cafd411011a12c SHA512 09fb5755f9a56199c1b6aea9c3e75bf397424f041474904e1c93545ce676edbac4fafd105c1a87038576e2e5017186c2836357dbefe89b1872186027b318ea34 WHIRLPOOL 8a853d5c8f9f78e36e357d589f8472308e52417ca1e33c01a2c7d56365985677aa8962fdb5683b0900b38dadb4f259e0beca643052387c3ca91b58a30a2e4e80
+AUX LWP-Protocol-https-6.70.0-CVE-2014-3230.patch 1136 SHA256 68d5bd1d32b0bdbed470b2dc2b89673c9d765c52ffdc812fb4d54572a551c69b SHA512 115a0b152722e874e35a6d7207b8e77c19f14a7f1fe7d4dd2e246c3085332ec37b2839e386063e48159d9194a6dce19c2dcbe03d5e66360d28cc5d0547f9e63d WHIRLPOOL 73781fc4756a0c9671f8671353263299f66868b44c7b8194e425a9c8444e0d24a61e2f7fc85ac431b11db8159df1de52ce74867d4864c746f7b99eb4bf0199b5
+AUX LWP-Protocol-https-6.70.0-etcsslcerts.patch 1595 SHA256 a2fec9d0c9f20200c1968c335802f9a1a97c787c3d228c04f6fa30f874c44417 SHA512 977ae51ffaa8d931e55b1aac278980f0a13fc06f0cbed99b81d983cd98068f5f8e65b388ed97befa6c850d92e9cae785ae3b4f84d5115cf730271bc04a40e18d WHIRLPOOL 9a91a985b0d143f6ebb4efef81f0a9d55f43e8b0de48eace77673cc4a0d6260db913278625512c2089684293aca782977c77a348b8dc59e863e8b1f019b32c4c
+DIST LWP-Protocol-https-6.06.tar.gz 8376 SHA256 b86c83cc1dcf4a6f84e2fbe32f9c39591a36e6e418af00533505f3452496adef SHA512 acc65d63da858f25cf9cc1e11d074f035e8ead4c1ffea22bac930f61100ff98f2bf0bb4ede12219d6c22bd5fe4d99532a45fe5cbc9a4b863dd16b0c379f8d2ea WHIRLPOOL a7baea45b51a4646ca014eb63684ea21a86d89b53e6ee551276b9b94fe4508b102c20e6e1f5fc6507ccedd1f4fa4cf38888dfb3e68d7982e5c3c1822631f4883
+DIST LWP-Protocol-https-6.07.tar.gz 9184 SHA256 522cc946cf84a1776304a5737a54b8822ec9e79b264d0ba0722a70473dbfb9e7 SHA512 4a07cd8a1c44e31781069a632a77f3af43747933420e831b4fd4a12faac7dc04f0c6b10ea773c3e14ecb66209a547b3587c0e3f481a55b9929db65f7b10343aa WHIRLPOOL a6e1a3d38b522721fdedcbb86b2df53346d68ba9f1777e91fbda3e7ba5b9ba9523e52c89257e8933c4df93e6735fd5155f2dde2a0cf6b74a71c46366c3bbe47b
+DIST LWP-Protocol-https_ca-cert-r1.patch.gz 597 SHA256 c8eee81eb55537aa47637b3e218a6c1fec13ca362a9d397b085eb8703fbee851 SHA512 9cc73a042e8c8a9e6bcd377d70978063d3da4c263da35097306b916990845d19580c7cb9fbf7b63efa280366969fcda38a9ac8c2b443891dcf6ac522edab6c0c WHIRLPOOL 743d272adbd4ce461ce50072ba443557a4eb9cf4cf1f0d4d867a19515e4d8bd85bf3bcfa0bd6f1657d758cef3ba24022aafca6cd029d352aa02651f6bdbfc05f
+EBUILD LWP-Protocol-https-6.60.0.ebuild 896 SHA256 c5252531de38617ea7cd289c329e73afac49c6797bfa56644fa40cf2790b0c87 SHA512 e2065d2b6cdeba60ed2502ae59602151d60032940ea2d82ebafcd2362de164f6fb817700a7ae5a5f8ce33d88ade5aa42b9b1751988654c1a2fa203a13f7179fd WHIRLPOOL 2c0783081f0c722770d13d677a17984d372115945661c686a4ca5f07257cb8f5e54f70fa811d1449e9224bb744fb09dac78772f7a3a1d3303a402d3900361757
+EBUILD LWP-Protocol-https-6.70.0.ebuild 934 SHA256 1170739a8f8f2980fc68cc20a05d07bbdb9c5956e12998b912e095a9b8da5756 SHA512 2299e2875c9c4788a8c95f0eeef29be5700b8b02816f5a34db7912f0790454e27a7a0439cf46102eef162b3b1cc93583ef51c92ff598a2a28cb7addca24d3ed4 WHIRLPOOL 10c4b7fe4fe4a6ee2288306006797a6a29cb3172b9fb0083ded99033ef8683b63a30b8c5cad9079fac4aaaa756b569455b155cc09dd4bc953c88e120e75a9972
+MISC ChangeLog 3140 SHA256 105316951224d9e2ea08346cda1eb729879af3646461d5a1b2fcab1213827d2f SHA512 7d167751341f5352469452d0c1e10fa14ccf21b4cbd019473bbd96466f1c0badee55d026ba5549727ef8eee4dc1aa281570c80119115cafe6c36e2ff2dfc3cdb WHIRLPOOL 1d8fb951dac738fce45faf54fdfc2ab0711ebddaf1896e250609bedbab2bbc4b225c858daa9d467b752442d043a01c022186adf33a7ad1b6474acec932812af6
+MISC ChangeLog-2015 5292 SHA256 e32201bae52a013e94f95c6482dcfa3586a721421e0d520fb2cecd8bf7cc2d75 SHA512 2db7fae592652a8530be5c04906813ccd5beb6694f99b9bad6c83950587de1c54fedb5ce8941a42c7e5ed946785f48e6b153a68192b479c8c515318cdc061cd3 WHIRLPOOL fed48fb35cbfc054b0e548c5b25a31f9917246848b368409a927b9cfdd2c2fcbe228827a09c79adedb634e8c52ac3da673152f5d13ddfcc7c6920160e1f253ba
+MISC metadata.xml 470 SHA256 8926efbd13d3a1a476bfc1288377f51ce40c06f1c4a23c4cfe7d35de409fa358 SHA512 53faefb3533b9b8534d5a41f25eb5c77e0d9a5e765ef0c90a18c6bb1bee62bc9ee88ad4e8eed4c85453ef4cfabb240d5ff1e60e6a6651af0476ce0fa1d269bb8 WHIRLPOOL 7b48c8fe31c00d974eeea9148af8129db810110f8dba8d07bfbf743f59f016b7c2591a67e1e5f889226537c53713dd20b2af9b6b973284cfe65822d9108fa227
diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch
new file mode 100644
index 000000000000..1eb26d2e4092
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch
@@ -0,0 +1,22 @@
+Source: https://bugzilla.redhat.com/show_bug.cgi?id=1094440
+
+This patch combines the following two:
+https://bugzilla.redhat.com/attachment.cgi?id=894747
+https://bugzilla.redhat.com/attachment.cgi?id=894748
+
+diff -ruN LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
+--- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm	2014-04-18 18:33:26.000000000 +0200
++++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm	2014-10-26 23:57:27.714303175 +0100
+@@ -21,7 +21,11 @@
+ 	$ssl_opts{SSL_verifycn_scheme} = 'www';
+     }
+     else {
+-	$ssl_opts{SSL_verify_mode} = 0;
++	if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
++	    $ssl_opts{SSL_verifycn_scheme} = '';
++	} else {
++	    $ssl_opts{SSL_verifycn_scheme} = 'none';
++	}
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+ 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch
new file mode 100644
index 000000000000..55163a097835
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch
@@ -0,0 +1,33 @@
+See https://bugs.gentoo.org/358081
+
+
+diff -ruN LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
+--- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm	2014-04-18 18:33:26.000000000 +0200
++++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm	2014-10-27 00:04:50.604802937 +0100
+@@ -25,25 +25,7 @@
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+ 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+-	    eval {
+-		require Mozilla::CA;
+-	    };
+-	    if ($@) {
+-		if ($@ =! /^Can't locate Mozilla\/CA\.pm/) {
+-		    $@ = <<'EOT';
+-Can't verify SSL peers without knowing which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-environment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-environment variable to 0.  If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+-		}
+-		die $@;
+-	    }
+-	    $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
++	    $ssl_opts{SSL_ca_path} = '/etc/ssl/certs';
+ 	}
+     }
+     $self->{ssl_opts} = \%ssl_opts;
diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch
new file mode 100644
index 000000000000..781d72ee03e9
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch
@@ -0,0 +1,36 @@
+From 67de137e737e4fa92d0cb746bdc8474d7bb5e000 Mon Sep 17 00:00:00 2001
+From: Kent Fredric <kentnl@gentoo.org>
+Date: Tue, 21 Mar 2017 10:11:32 +1300
+Subject: Use SSL_verifycn_scheme instead of disabling SSL_verify_mode
+
+Re: CVE-2014-3230
+
+Redhat Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1094440
+
+Combines: https://bugzilla.redhat.com/attachment.cgi?id=894747
+  https://bugzilla.redhat.com/attachment.cgi?id=894748
+---
+ lib/LWP/Protocol/https.pm | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
+index f8ab398..ba69966 100644
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,7 +21,12 @@ sub _extra_sock_opts
+ 	$ssl_opts{SSL_verifycn_scheme} = 'www';
+     }
+     else {
+-	$ssl_opts{SSL_verify_mode} = 0;
++      if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
++        $ssl_opts{SSL_verifycn_scheme} = '';
++      }
++      else {
++        $ssl_opts{SSL_verifycn_scheme} = 'none';
++      }
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+       unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+-- 
+2.12.0
+
diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch
new file mode 100644
index 000000000000..2553c7949af9
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch
@@ -0,0 +1,48 @@
+From 9baa19987f93284be254415d15db56c599e52e1e Mon Sep 17 00:00:00 2001
+From: Kent Fredric <kentnl@gentoo.org>
+Date: Tue, 21 Mar 2017 10:07:35 +1300
+Subject: Ensure using System Certificates instead of Mozilla-CA
+
+Bug: https://bugs.gentoo.org/358081
+---
+ lib/LWP/Protocol/https.pm | 24 +++---------------------
+ 1 file changed, 3 insertions(+), 21 deletions(-)
+
+diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
+index ed4d832..f8ab398 100644
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -24,27 +24,9 @@ sub _extra_sock_opts
+ 	$ssl_opts{SSL_verify_mode} = 0;
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+-	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+-	    eval {
+-		require Mozilla::CA;
+-	    };
+-	    if ($@) {
+-		if ($@ =~ /^Can't locate Mozilla\/CA\.pm/) {
+-		    $@ = <<'EOT';
+-Can't verify SSL peers without knowing which Certificate Authorities to trust
+-
+-This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
+-environment variable or by installing the Mozilla::CA module.
+-
+-To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
+-environment variable to 0.  If you do this you can't be sure that you
+-communicate with the expected peer.
+-EOT
+-		}
+-		die $@;
+-	    }
+-	    $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
+-	}
++      unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
++        $ssl_opts{SSL_ca_path} = '/etc/ssl/certs';
++      }
+     }
+     $self->{ssl_opts} = \%ssl_opts;
+     return (%ssl_opts, $self->SUPER::_extra_sock_opts);
+-- 
+2.12.0
+
diff --git a/dev-perl/LWP-Protocol-https/metadata.xml b/dev-perl/LWP-Protocol-https/metadata.xml
new file mode 100644
index 000000000000..06f924d1c8e9
--- /dev/null
+++ b/dev-perl/LWP-Protocol-https/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>perl@gentoo.org</email>
+		<name>Gentoo Perl Project</name>
+	</maintainer>
+	<upstream>
+		<remote-id type="cpan">LWP-Protocol-https</remote-id>
+		<remote-id type="cpan-module">LWP::Protocol::https</remote-id>
+		<remote-id type="cpan-module">LWP::Protocol::https::Socket</remote-id>
+	</upstream>
+</pkgmetadata>