From 555a7498a4e1b46ab8019480205471f595ed5e35 Mon Sep 17 00:00:00 2001
From: Thomas Klausner <domm@cpan.org>
Date: Mon, 1 Dec 2008 23:23:13 +0100
Subject: corrected memcached config

---
 pause_openid.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pause_openid.pl b/pause_openid.pl
index f480b77..a5e22ee 100644
--- a/pause_openid.pl
+++ b/pause_openid.pl
@@ -11,7 +11,7 @@ return {
         flash_to_stash => 1,
         expires        => 172800,    # two days
         memcached_new_args => {
-            data => [ "10.10.10.108:11211" ],
+            data => [ "localhost:11211" ],
             namespace => "pause_openid_session",
         },
     },
-- 
cgit v1.2.3


From 1f03bd52e91dc1744068778d0d9656577753ef0e Mon Sep 17 00:00:00 2001
From: Thomas Klausner <domm@cpan.org>
Date: Mon, 1 Dec 2008 23:27:49 +0100
Subject: store pauseid in session after successfull login

---
 lib/PAUSE/OpenID/Controller/Root.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm
index 566a0a1..12bcac6 100644
--- a/lib/PAUSE/OpenID/Controller/Root.pm
+++ b/lib/PAUSE/OpenID/Controller/Root.pm
@@ -76,6 +76,7 @@ sub login :Local {
     
     if ($res->code == 200) {
         $c->log->info('login pass');
+        $c->session->{pauseid} = $username;
         $c->res->redirect($c->uri_for('/login_pass'));
     }
     else {
@@ -86,7 +87,7 @@ sub login :Local {
 
 sub login_pass :Local {
     my ( $self, $c ) = @_;
-    
+
     $c->res->content_type('text/plain');
     $c->res->body('login pass');
 }
-- 
cgit v1.2.3


From df3923706db0a920e652f8f16b00372a225e7f35 Mon Sep 17 00:00:00 2001
From: Jozef Kutej <jozef@kutej.net>
Date: Mon, 1 Dec 2008 23:38:13 +0100
Subject: server certificate validation

---
 lib/PAUSE/OpenID/Controller/Root.pm | 11 ++++++++++-
 pause_openid.pl                     |  4 ++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm
index 566a0a1..275bff8 100644
--- a/lib/PAUSE/OpenID/Controller/Root.pm
+++ b/lib/PAUSE/OpenID/Controller/Root.pm
@@ -71,8 +71,14 @@ sub login :Local {
     $c->log->debug('username "'.$username.'" login attempt');
     
     my $ua = LWP::UserAgent->new;
+    my $req = HTTP::Request->new(GET => 'https://pause.perl.org/pause/authenquery');
+    $req->header('If-SSL-Cert-Subject' => '/CN=pause.perl.org');
+    local $ENV{HTTPS_CA_DIR} = $c->config->{'ssl'}->{'ca_dir'};
     $ua->credentials('pause.perl.org:443', 'PAUSE', $username, $password);
-    my $res = $ua->get('https://pause.perl.org/pause/authenquery');
+    my $res = $ua->request($req);
+    
+    die 'pause server certificate validation failed'
+        if exists $res->headers->{'client-ssl-warning'};
     
     if ($res->code == 200) {
         $c->log->info('login pass');
@@ -80,6 +86,9 @@ sub login :Local {
     }
     else {
         $c->log->warn('login failed');
+        use Data::Dumper;
+        die Dumper($res);
+        
         $c->res->redirect($c->uri_for('/login_failed'));
     }
 }
diff --git a/pause_openid.pl b/pause_openid.pl
index f480b77..7fae2ea 100644
--- a/pause_openid.pl
+++ b/pause_openid.pl
@@ -25,5 +25,9 @@ return {
     'PAUSE::OpenID'=>{
         hostname=>'id.pause.org',
     },
+    
+    'ssl' => {
+        'ca_dir' => '/etc/ssl/certs/',
+    }
 
 };
-- 
cgit v1.2.3