Merge branch 'release-5.35.7' into blead

MANIFEST

@@ -309,6 +309,7 @@ cpan/CPAN/PAUSE2005.pub		CPAN public key
 cpan/CPAN/PAUSE2007.pub		CPAN public key
 cpan/CPAN/PAUSE2009.pub		CPAN public key
 cpan/CPAN/PAUSE2011.pub
+cpan/CPAN/PAUSE2022.pub
 cpan/CPAN/scripts/cpan		easily interact with CPAN from the command line
 cpan/CPAN/t/01loadme.t		See if CPAN the module works
 cpan/CPAN/t/02nox.t		See if CPAN::Nox works
@@ -1358,6 +1359,8 @@ cpan/Math-BigInt/t/bnstr-mbf.t		Test Math::BigInt
 cpan/Math-BigInt/t/bnstr-mbi.t		Test Math::BigInt
 cpan/Math-BigInt/t/bpi-mbf.t
 cpan/Math-BigInt/t/bpi-mbi.t
+cpan/Math-BigInt/t/bpow-mbf.t
+cpan/Math-BigInt/t/bpow-mbi.t
 cpan/Math-BigInt/t/bsstr-mbf.t		Test Math::BigInt
 cpan/Math-BigInt/t/bsstr-mbi.t		Test Math::BigInt
 cpan/Math-BigInt/t/buparrow-mbi.t	Test Math::BigInt
@@ -1374,6 +1377,8 @@ cpan/Math-BigInt/t/dparts-mbf.t		Test Math::BigInt
 cpan/Math-BigInt/t/dparts-mbi.t		Test Math::BigInt
 cpan/Math-BigInt/t/eparts-mbf.t		Test Math::BigInt
 cpan/Math-BigInt/t/eparts-mbi.t		Test Math::BigInt
+cpan/Math-BigInt/t/fparts-mbf.t
+cpan/Math-BigInt/t/fparts-mbi.t
 cpan/Math-BigInt/t/from_base-mbi.t
 cpan/Math-BigInt/t/from_base_num-mbi.t
 cpan/Math-BigInt/t/from_bin-mbf.t	Test Math::BigInt

META.json

@@ -166,5 +166,5 @@
       }
    },
    "version" : "5.035007",
-   "x_serialization_backend" : "JSON::PP version 4.06"
+   "x_serialization_backend" : "JSON::PP version 4.07"
 }

Porting/Maintainers.pl

@@ -186,7 +186,7 @@ package Maintainers;
     },
 
     'bignum' => {
-        'DISTRIBUTION' => 'PJACKLAM/bignum-0.53.tar.gz',
+        'DISTRIBUTION' => 'PJACKLAM/bignum-0.63.tar.gz',
         'FILES'        => q[cpan/bignum],
         'EXCLUDED'     => [
             qr{^xt/},
@@ -250,7 +250,7 @@ package Maintainers;
     },
 
     'CPAN' => {
-        'DISTRIBUTION' => 'ANDK/CPAN-2.28.tar.gz',
+        'DISTRIBUTION' => 'ANDK/CPAN-2.29.tar.gz',
         'FILES'        => q[cpan/CPAN],
         'EXCLUDED'     => [
             qr{^distroprefs/},
@@ -676,7 +676,7 @@ package Maintainers;
     },
 
     'JSON::PP' => {
-        'DISTRIBUTION' => 'ISHIGAKI/JSON-PP-4.06.tar.gz',
+        'DISTRIBUTION' => 'ISHIGAKI/JSON-PP-4.07.tar.gz',
         'FILES'        => q[cpan/JSON-PP],
     },
 
@@ -728,7 +728,7 @@ package Maintainers;
     },
 
     'Math::BigInt' => {
-        'DISTRIBUTION' => 'PJACKLAM/Math-BigInt-1.999827.tar.gz',
+        'DISTRIBUTION' => 'PJACKLAM/Math-BigInt-1.999828.tar.gz',
         'FILES'        => q[cpan/Math-BigInt],
         'EXCLUDED'     => [
             qr{^xt/},

cpan/CPAN/lib/CPAN.pm

@@ -2,7 +2,7 @@
 # vim: ts=4 sts=4 sw=4:
 use strict;
 package CPAN;
-$CPAN::VERSION = '2.28';
+$CPAN::VERSION = '2.29';
 $CPAN::VERSION =~ s/_//;
 
 # we need to run chdir all over and we would get at wrong libraries
@@ -549,8 +549,9 @@ sub _yaml_module () {
 
 # CPAN::_yaml_loadfile
 sub _yaml_loadfile {
-    my($self,$local_file) = @_;
+    my($self,$local_file,$opt) = @_;
     return +[] unless -s $local_file;
+    my $opt_loadblessed = $opt->{loadblessed} || $CPAN::Config->{yaml_load_code} || 0;
     my $yaml_module = _yaml_module;
     if ($CPAN::META->has_inst($yaml_module)) {
         # temporarily enable yaml code deserialisation
@@ -560,7 +561,7 @@ sub _yaml_loadfile {
         my $old_loadcode = ${"$yaml_module\::LoadCode"};
         my $old_loadblessed = ${"$yaml_module\::LoadBlessed"};
         ${ "$yaml_module\::LoadCode" } = $CPAN::Config->{yaml_load_code} || 0;
-        ${ "$yaml_module\::LoadBlessed" } = 1;
+        ${ "$yaml_module\::LoadBlessed" } = $opt_loadblessed ? 1 : 0;
 
         my ($code, @yaml);
         if ($code = UNIVERSAL::can($yaml_module, "LoadFile")) {
@@ -1114,6 +1115,28 @@ sub has_usable {
                             sub {require Net::FTP},
                             sub {require Net::Config},
                            ],
+               'IO::Socket::SSL' => [
+                                 sub {
+                                     require IO::Socket::SSL;
+                                     unless (CPAN::Version->vge(IO::Socket::SSL::->VERSION,1.56)) {
+                                         for ("Will not use IO::Socket::SSL, need 1.56\n") {
+                                             $CPAN::Frontend->mywarn($_);
+                                             die $_;
+                                         }
+                                     }
+                                 }
+                                ],
+               'Net::SSLeay' => [
+                                 sub {
+                                     require Net::SSLeay;
+                                     unless (CPAN::Version->vge(Net::SSLeay::->VERSION,1.49)) {
+                                         for ("Will not use Net::SSLeay, need 1.49\n") {
+                                             $CPAN::Frontend->mywarn($_);
+                                             die $_;
+                                         }
+                                     }
+                                 }
+                                ],
                'HTTP::Tiny' => [
                             sub {
                                 require HTTP::Tiny;
@@ -2252,6 +2275,8 @@ currently defined:
   prefs_dir          local directory to store per-distro build options
   proxy_user         username for accessing an authenticating proxy
   proxy_pass         password for accessing an authenticating proxy
+  pushy_https        use https to cpan.org when possible, otherwise use http
+                     to cpan.org and issue a warning
   randomize_urllist  add some randomness to the sequence of the urllist
   recommends_policy  whether recommended prerequisites should be included
   scan_cache         controls scanning of cache ('atstart', 'atexit' or 'never')

cpan/CPAN/lib/CPAN/Distribution.pm

@@ -9,7 +9,7 @@ use File::Path ();
 use POSIX ":sys_wait_h"; 
 @CPAN::Distribution::ISA = qw(CPAN::InfoObj);
 use vars qw($VERSION);
-$VERSION = "2.27";
+$VERSION = "2.29";
 
 my $run_allow_installing_within_test = 1; # boolean; either in test or in install, there is no third option
 
@@ -1473,18 +1473,32 @@ sub SIG_check_file {
     my($self,$chk_file) = @_;
     my $rv = eval { Module::Signature::_verify($chk_file) };
 
-    if ($rv == Module::Signature::SIGNATURE_OK()) {
+    if ($rv eq Module::Signature::CANNOT_VERIFY()) {
+        $CPAN::Frontend->myprint(qq{\nSignature for }.
+                                 qq{file $chk_file could not be verified for an unknown reason. }.
+                                 $self->as_string.
+                                 qq{Module::Signature verification returned value $rv\n\n}
+                                );
+
+        my $wrap = qq{The manual says for this case: Cannot verify the
+OpenPGP signature, maybe due to the lack of a network connection to
+the key server, or if neither gnupg nor Crypt::OpenPGP exists on the
+system. You probably want to analyse the situation and if you cannot
+fix it you will have to decide whether you want to stop this session
+or you want to turn off signature verification. The latter would be
+done with the command 'o conf init check_sigs'};
+
+        $CPAN::Frontend->mydie(Text::Wrap::wrap("","",$wrap));
+    } if ($rv == Module::Signature::SIGNATURE_OK()) {
         $CPAN::Frontend->myprint("Signature for $chk_file ok\n");
         return $self->{SIG_STATUS} = "OK";
     } else {
-        $CPAN::Frontend->myprint(qq{\nSignature invalid for }.
-                                 qq{distribution file. }.
+        $CPAN::Frontend->mywarn(qq{\nSignature invalid for }.
+                                 qq{file $chk_file. }.
                                  qq{Please investigate.\n\n}.
-                                 $self->as_string,
-                                 $CPAN::META->instance(
-                                                       'CPAN::Author',
-                                                       $self->cpan_userid
-                                                      )->as_string);
+                                 $self->as_string.
+                                 qq{Module::Signature verification returned value $rv\n\n}
+                                );
 
         my $wrap = qq{I\'d recommend removing $chk_file. Its signature
 is invalid. Maybe you have configured your 'urllist' with
@@ -1519,20 +1533,43 @@ sub CHECKSUM_check_file {
 
     $file = $self->{localfile};
     $basename = File::Basename::basename($file);
+    my($signed_data);
     my $fh = FileHandle->new;
-    if (open $fh, $chk_file) {
-        local($/);
-        my $eval = <$fh>;
-        $eval =~ s/\015?\012/\n/g;
-        close $fh;
-        my($compmt) = Safe->new();
-        $cksum = $compmt->reval($eval);
-        if ($@) {
-            rename $chk_file, "$chk_file.bad";
-            Carp::confess($@) if $@;
+    if ($check_sigs) {
+        my $tempdir;
+        if ($CPAN::META->has_usable("File::Temp")) {
+            $tempdir = File::Temp::tempdir("CHECKSUMS-XXXX", CLEANUP => 1, DIR => "/tmp" );
+        } else {
+            $tempdir = File::Spec->catdir(File::Spec->tmpdir, "CHECKSUMS-$$");
+            File::Path::mkpath($tempdir);
         }
+        my $tempfile = File::Spec->catfile($tempdir, "CHECKSUMS.$$");
+        unlink $tempfile; # ignore missing file
+        my $gpg = $CPAN::Config->{gpg} or
+            $CPAN::Frontend->mydie("Your configuration suggests that you do not have 'gpg' installed. This is needed to verify checksums with the config variable 'check_sigs' on. Please configure it with 'o conf init gpg'");
+        my $system = "gpg --verify --batch --no-tty --output $tempfile $chk_file 2> /dev/null";
+        0 == system $system or $CPAN::Frontend->mydie("gpg run was failing, cannot continue: $system");
+        open $fh, $tempfile or $CPAN::Frontend->mydie("Could not open $tempfile: $!");
+        local $/;
+        $signed_data = <$fh>;
+        close $fh;
+        File::Path::rmtree($tempdir);
     } else {
-        Carp::carp "Could not open $chk_file for reading";
+        my $fh = FileHandle->new;
+        if (open $fh, $chk_file) {
+            local($/);
+            $signed_data = <$fh>;
+        } else {
+            $CPAN::Frontend->mydie("Could not open $chk_file for reading");
+        }
+        close $fh;
+    }
+    $signed_data =~ s/\015?\012/\n/g;
+    my($compmt) = Safe->new();
+    $cksum = $compmt->reval($signed_data);
+    if ($@) {
+        rename $chk_file, "$chk_file.bad";
+        Carp::confess($@) if $@;
     }
 
     if (! ref $cksum or ref $cksum ne "HASH") {
@@ -1546,6 +1583,30 @@ for further processing, but got garbage instead.
         $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
         $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS file broken";
         return;
+    } elsif (exists $cksum->{$basename} && ! exists $cksum->{$basename}{cpan_path}) {
+        $CPAN::Frontend->mywarn(qq{
+Warning: checksum file '$chk_file' not conforming.
+
+The cksum does not contain the key 'cpan_path' for '$basename'.
+});
+        my $answer = CPAN::Shell::colorable_makemaker_prompt("Proceed nonetheless?", "no");
+        $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
+        $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS file without cpan_path";
+        return;
+    } elsif (exists $cksum->{$basename} && substr($self->{ID},0,length($cksum->{$basename}{cpan_path}))
+             ne $cksum->{$basename}{cpan_path}) {
+        $CPAN::Frontend->mywarn(qq{
+Warning: checksum file not matching path '$self->{ID}'.
+
+The cksum contain the key 'cpan_path=$cksum->{$basename}{cpan_path}'
+which does not match the ID of the distribution '$self->{ID}'.
+Something's suspicious might be going on here. Please investigate.
+
+});
+        my $answer = CPAN::Shell::colorable_makemaker_prompt("Proceed nonetheless?", "no");
+        $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
+        $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS non-matching cpan_path vs. ID";
+        return;
     } elsif (exists $cksum->{$basename}{sha256}) {
         $self->debug("Found checksum for $basename:" .
                      "$cksum->{$basename}{sha256}\n") if $CPAN::DEBUG;