debian/0000755000000000000000000000000011657043711007173 5ustar debian/source/0000755000000000000000000000000011652610214010464 5ustar debian/source/format0000644000000000000000000000001411652610214011672 0ustar 3.0 (quilt) debian/source/lintian-overrides0000644000000000000000000000042311652610214014044 0ustar # Debian Perl Group policy is that the copyright format be kept at # this version until the standard is finalized. libcgi-application-plugin-captcha-perl source: out-of-date-copyright-format-uri http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?view=markup&pathrev=135 debian/compat0000644000000000000000000000000211652610214010362 0ustar 8 debian/control0000644000000000000000000000470711652610214010577 0ustar Source: libcgi-application-plugin-captcha-perl Section: perl Priority: optional Maintainer: Debian Perl Group Uploaders: Nicholas Bamber , Jaldhar H. Vyas Build-Depends: debhelper (>= 8) Build-Depends-Indep: perl, libcgi-application-perl, libgd-securityimage-perl, libdata-random-perl, libtest-exception-perl, libtest-www-mechanize-perl, libtest-pod-perl, libtest-pod-coverage-perl Standards-Version: 3.9.2 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libcgi-application-plugin-captcha-perl.git Vcs-Git: git://git.debian.org/pkg-perl/packages/libcgi-application-plugin-captcha-perl.git Homepage: http://search.cpan.org/dist/CGI-Application-Plugin-CAPTCHA/ Package: libcgi-application-plugin-captcha-perl Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, libcgi-application-perl, libgd-securityimage-perl, libdata-random-perl Breaks: libcgi-application-extra-plugin-bundle-perl (<< 0.5) Replaces: libcgi-application-extra-plugin-bundle-perl (<< 0.5) Enhances: libcgi-application-perl Description: module providing CAPTCHA support in CGI::Application CGI::Application::Plugin::CAPTCHA allows programmers to easily add and verify CAPTCHAs in their CGI::Application-derived web applications. A CAPTCHA (or Completely Automated Public Turing Test to Tell Computers and Humans Apart) is an image with a random string of characters. A user must successfully enter the random string in order to submit a form. This is a simple (yet annoying) procedure for humans to complete, but one that is significantly more difficult for a form-stuffing script to complete without having to integrate some sort of OCR. . CAPTCHAs are not a perfect solution. Any skilled, diligent cracker will eventually be able to bypass a CAPTCHA, but it should be able to shut down your average script-kiddie. . When a CAPTCHA is created with this module, raw image data is transmitted from your web application to the client browser. A cookie containing a checksum is also transmitted with the image. When the client submits their form for processing (along with their verification of the random string), captcha_verify() generates a checksum of the verification string the user entered. If the newly generated checksum matches the checksum found in the cookie, the CAPTCHA is assumed to have been successfully entered, and the user is allowed to continue processing their form. debian/rules0000755000000000000000000000003611652610214010243 0ustar #!/usr/bin/make -f %: dh $@ debian/patches/0000755000000000000000000000000011652610256010621 5ustar debian/patches/digest-sha1.patch0000644000000000000000000000753511652610214013757 0ustar Author: Nicholas Bamber Subject: Digest::SHA1 phased out in Debian cf. http://wiki.debian.org/Teams/DebianPerlGroup/OpenTasks/Transitions/DigestSHA1ToDigestSHA Forwarded: no Last-Update: 2011-10-28 --- a/Build.PL +++ b/Build.PL @@ -11,7 +11,7 @@ 'CGI::Application' => '4.00', 'GD::SecurityImage' => 0, 'Data::Random' => 0, - 'Digest::SHA1' => 0, + 'Digest::SHA' => 0, }, build_requires => { 'Test::More' => 0, --- a/Makefile.PL +++ b/Makefile.PL @@ -7,7 +7,7 @@ 'PREREQ_PM' => { 'CGI::Application' => '4.00', 'Data::Random' => 0, - 'Digest::SHA1' => 0, + 'Digest::SHA' => 0, 'GD::SecurityImage' => 0, 'Test::Exception' => 0, 'Test::More' => 0, --- a/lib/CGI/Application/Plugin/CAPTCHA.pm +++ b/lib/CGI/Application/Plugin/CAPTCHA.pm @@ -3,7 +3,7 @@ use strict; use GD::SecurityImage; -use Digest::SHA1; +use Digest::SHA; use vars qw($VERSION @EXPORT); require Exporter; @@ -114,7 +114,7 @@ An easy way to generate a relatively good secret is to run the following perl snippet: - perl -MDigest::SHA1=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))' + perl -MDigest::SHA=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))' The author recognizes that the transmission of a cookie with the CAPTCHA image may not be a popular decision, and welcomes any patches from those who can @@ -245,12 +245,12 @@ # check the secret if (!$secret) { - $secret = Digest::SHA1::sha1_base64( ref $self ); + $secret = Digest::SHA::sha1_base64( ref $self ); warn "using default SECRET! Please provide a proper SECRET when using the CGI::Application::Plugin::CAPTCHA plugin"; } # Create the verification hash - my $hash = Digest::SHA1::sha1_base64(join("\0", $secret, $random_string)); + my $hash = Digest::SHA::sha1_base64(join("\0", $secret, $random_string)); # Stuff the verification hash in a cookie and push it out to the # client. @@ -277,11 +277,11 @@ # check the secret if (!$secret) { - $secret = Digest::SHA1::sha1_base64( ref $self ); + $secret = Digest::SHA::sha1_base64( ref $self ); warn "using default SECRET! Please provide a proper SECRET when using the CGI::Application::Plugin::CAPTCHA plugin"; } - return 1 if Digest::SHA1::sha1_base64(join("\0", $secret, $verify)) eq $hash; + return 1 if Digest::SHA::sha1_base64(join("\0", $secret, $verify)) eq $hash; return 0; } --- a/t/03-verify.t +++ b/t/03-verify.t @@ -49,7 +49,7 @@ # Make sure our cookie contains the CAPTCHA value ABC123 my $secret = 'vbCrfzMCi45TD7Uz4C6fjWvX6us'; - my $check = Digest::SHA1::sha1_base64(join("\0", $secret, 'ABC123')); + my $check = Digest::SHA::sha1_base64(join("\0", $secret, 'ABC123')); #my $salt = substr($hash, 0, 2); #ok(crypt("ABC123", $salt) eq $hash, "Hash contains CAPTCHA value ABC123"); ok( $check eq $hash, "Hash contains CAPTCHA value ABC123"); --- a/README +++ b/README @@ -90,7 +90,7 @@ An easy way to generate a relatively good secret is to run the following perl snippet: - perl -MDigest::SHA1=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))' + perl -MDigest::SHA=sha1_base64 -le 'print sha1_base64($$,time(),rand(9999))' The author recognizes that the transmission of a cookie with the CAPTCHA image may not be a popular decision, and welcomes any patches from those --- a/META.yml +++ b/META.yml @@ -21,7 +21,7 @@ requires: CGI::Application: 4.00 Data::Random: 0 - Digest::SHA1: 0 + Digest::SHA: 0 GD::SecurityImage: 0 resources: license: http://dev.perl.org/licenses/ debian/patches/series0000644000000000000000000000002211652610214012022 0ustar digest-sha1.patch debian/watch0000644000000000000000000000023111652610214010211 0ustar version=3 http://search.cpan.org/dist/CGI-Application-Plugin-CAPTCHA/ .*/CGI-Application-Plugin-CAPTCHA-v?(\d[\d.-]+)\.(?:tar(?:\.gz|\.bz2)?|tgz|zip)$ debian/copyright0000644000000000000000000000213711652610214011122 0ustar Format-Specification: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?view=markup&pathrev=135 Maintainer: Jason A. Crome Source: http://search.cpan.org/dist/CGI-Application-Plugin-CAPTCHA/ Name: CGI-Application-Plugin-CAPTCHA Files: * Copyright: 2005-2011, Jason A. Crome License: Artistic or GPL-1+ Files: debian/* Copyright: 2011, Nicholas Bamber License: Artistic or GPL-1+ License: Artistic This program is free software; you can redistribute it and/or modify it under the terms of the Artistic License, which comes with Perl. . On Debian systems, the complete text of the Artistic License can be found in `/usr/share/common-licenses/Artistic'. License: GPL-1+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. . On Debian systems, the complete text of version 1 of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-1'. debian/changelog0000644000000000000000000000035411657043711011047 0ustar libcgi-application-plugin-captcha-perl (0.04-1) unstable; urgency=low * Split off from libcgi-application-extra-plugin-bundle-perl (Closes: #646968). -- Nicholas Bamber Thu, 10 Nov 2011 21:53:10 +0000