Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
On Mon, 18 Sep 2023 17:48:33 +0200, Francesco P. Lovergine wrote: > > > May I suggest that you ask ftp-masters to REJECT it? Seems they were quicker :) > > Yep indeed. Maybe a wrapper could be tought for packages that have some > > optional dep on that? > I would simply patch Mozilla::CA to have SSL_ca_file() returning the Debian > directory /usr/share/ca-certificates/mozilla instead of the cacert.pem file. > That would avoid to patch third-parties code that eventually use explicitly > the modules. This is compatible with the IO::Socket::SSL module. Right, that's a possible option. > Does it make sense? Given that we've had to patch only 3 packages (in pkg-perl) over the last decades and that the patch is trivial¹, and given that a Mozilla::CA package doing different things on Debian than upstream would cause confusion, I recommend against going that way. Let's see what others on the list say. Cheers, gregor ¹ modulo grep errors: liblwp-protocol-https-perl/debian/patches/cert.patch liblwpx-paranoidagent-perl/debian/patches/0002-Use-ca-certificates.patch libnet-jabber-bot-perl/debian/patches/2001_cert.patch -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- signature.asc Description: Digital Signature
Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
On Mon, Sep 18, 2023 at 02:40:50PM +0200, Francesco P. Lovergine wrote: I see that you have already uploaded the package: https://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/2023-September/171821.html May I suggest that you ask ftp-masters to REJECT it? Yep indeed. Maybe a wrapper could be tought for packages that have some optional dep on that? I would simply patch Mozilla::CA to have SSL_ca_file() returning the Debian directory /usr/share/ca-certificates/mozilla instead of the cacert.pem file. That would avoid to patch third-parties code that eventually use explicitly the modules. This is compatible with the IO::Socket::SSL module. Does it make sense? -- Francesco P. Lovergine
Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
On Mon, Sep 18, 2023 at 02:33:18PM +0200, gregor herrmann wrote: On Mon, 18 Sep 2023 14:29:08 +0200, gregor herrmann wrote: > * Package name: libmozilla-ca-perl We don't package Mozilla::CA in Debian because we have ca-certificates with the same certs. I see that you have already uploaded the package: https://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/2023-September/171821.html May I suggest that you ask ftp-masters to REJECT it? Yep indeed. Maybe a wrapper could be tought for packages that have some optional dep on that? -- Francesco P. Lovergine
Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
On Mon, 18 Sep 2023 14:29:08 +0200, gregor herrmann wrote: > > * Package name: libmozilla-ca-perl > > We don't package Mozilla::CA in Debian because we have > ca-certificates with the same certs. I see that you have already uploaded the package: https://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/2023-September/171821.html May I suggest that you ask ftp-masters to REJECT it? Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- BOFH excuse #344: Network failure - call NBC
Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
On Mon, 18 Sep 2023 11:16:29 +0200, Francesco Paolo Lovergine wrote: > Package: wnpp > Severity: wishlist > Owner: Francesco Paolo Lovergine > X-Debbugs-Cc: debian-de...@lists.debian.org > > * Package name: libmozilla-ca-perl > Version : 20230821-1 > Upstream Contact: Gisle Aas > * URL : https://github.com/libwww-perl/Mozilla-CA > * License : MPL-2.0 > Programming Lang: Perl > Description : Mozilla's CA cert bundle in PEM format Attention attention :) We don't package Mozilla::CA in Debian because we have ca-certificates with the same certs. Typically other modules either just work or need minimal patches to find the certificates from ca-certificates. Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- BOFH excuse #98: The vendor put the bug there.
Bug#1052161: ITP: libmozilla-ca-perl -- Mozilla's CA cert bundle in PEM format
Package: wnpp Severity: wishlist Owner: Francesco Paolo Lovergine X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: libmozilla-ca-perl Version : 20230821-1 Upstream Contact: Gisle Aas * URL : https://github.com/libwww-perl/Mozilla-CA * License : MPL-2.0 Programming Lang: Perl Description : Mozilla's CA cert bundle in PEM format Mozilla::CA provides a copy of Mozilla's bundle of Certificate Authority certificates in a form that can be consumed by modules and libraries based on OpenSSL. The module provide a single function: SSL_ca_file() Returns the absolute path to the Mozilla's CA cert bundle PEM file.
