[Bps-public-commit] RT-Authen-OpenID branch, rt4, updated. 1c6e58ee68ac7faf763d54d256573da6572e0ca9

Thomas Sibley trs at bestpractical.com
Thu Mar 21 18:43:06 EDT 2013 

The branch, rt4 has been updated
       via  1c6e58ee68ac7faf763d54d256573da6572e0ca9 (commit)
      from  b16d7a2fff185b9730bf7617ad450b4912d0da35 (commit)

Summary of changes:
 META.yml                                  | 2 +-
 Makefile.PL                               | 2 +-
 html/Callbacks/OpenID/autohandler/Session | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

- Log -----------------------------------------------------------------
commit 1c6e58ee68ac7faf763d54d256573da6572e0ca9
Author: Thomas Sibley <trs at bestpractical.com>
Date:   Wed Mar 20 20:15:57 2013 -0700

    Switch from LWPx::ParanoidAgent to LWP::UserAgent::Paranoid
    
    The former does not work correctly on modern LWP + SSL due to it being
    unmaintained and essentially a fork of the 2009-era http and https LWP
    protocol handlers.
    
    The latter provides the same protection with a cleaner implementation.

diff --git a/META.yml b/META.yml
index ec07b3e..e08878e 100644
--- a/META.yml
+++ b/META.yml
@@ -20,7 +20,7 @@ no_index:
     - inc
 requires:
   Cache::FileCache: 0
-  LWPx::ParanoidAgent: 0
+  LWP::UserAgent::Paranoid: 0.92
   Net::OpenID::Consumer: 1.13
   perl: 5.8.0
 resources:
diff --git a/Makefile.PL b/Makefile.PL
index cf3f909..017b688 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -7,7 +7,7 @@ license         'GPL version 2';
 all_from        'lib/RT/Authen/OpenID.pm';
 
 requires        'Net::OpenID::Consumer' => '1.13',
-requires        'LWPx::ParanoidAgent';
+requires        'LWP::UserAgent::Paranoid' => '0.92';
 requires        'Cache::FileCache';
 
 auto_install();
diff --git a/html/Callbacks/OpenID/autohandler/Session b/html/Callbacks/OpenID/autohandler/Session
index 042776a..da27c9a 100644
--- a/html/Callbacks/OpenID/autohandler/Session
+++ b/html/Callbacks/OpenID/autohandler/Session
@@ -1,8 +1,8 @@
 <%INIT>
 return unless (RT->Config->Get("EnableOpenId"));
 
+use LWP::UserAgent::Paranoid;
 use Net::OpenID::Consumer;
-use LWPx::ParanoidAgent;
 use Cache::FileCache;
 
 my $openid_url = ref( $ARGS{openid} ) ? $ARGS{openid}->[0] : $ARGS{openid};
@@ -19,7 +19,7 @@ if ($ARGS{'openid.sig'}) {
 
 my $root_user = RT::User->new(RT->SystemUser);
 my $csr = Net::OpenID::Consumer->new(
-    ua              => LWPx::ParanoidAgent->new,
+    ua              => LWP::UserAgent::Paranoid->new( protocols_allowed => ["http", "https"] ),
     args            => \%ARGS,
     cache           => Cache::FileCache->new,
     consumer_secret => 'x'.RT->Config->Get("DatabasePassword"),

-----------------------------------------------------------------------

More information about the Bps-public-commit mailing list