From a22785783b17cbaa28afaee4a024d81a1903701d
From: Stig Palmquist <git@stig.io>
Date: Sun Jun 18 11:36:05 2023 +0200
Subject: [PATCH] Fix incorrect env var name for verify_SSL default

The variable to override the verify_SSL default differed slightly in the
documentation from what was checked for in the code.

This commit makes the code use `PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT`
as documented, instead of `PERL_HTTP_TINY_INSECURE_BY_DEFAULT` which was
missing `SSL_`

CVE: CVE-2023-31486

Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d]

Signed-off-by: Soumya <soumya.sambu@windriver.com>
---
 cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
index ebc34a1..65ac8ff 100644
--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
+++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
@@ -148,7 +148,7 @@ sub _verify_SSL_default {
     my ($self) = @_;
     # Check if insecure default certificate verification behaviour has been
     # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1
-    return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1;
+    return (($ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1;
 }

 sub _set_proxies {
--
2.40.0