Update to 2.045

- New upstream release 2.045 - Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL objects (GH#55) - Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if perl is compiled without thread support - Small fix in t/protocol_version.t to use older versions of Net::SSLeay with openssl build without SSLv3 support - When setting SSL_keepSocketOnError to true the socket will not be closed on fatal error (GH#53, modified) - Update patches as needed
2017-02-14 11:52:13 +00:00 · 2017-02-14 11:52:13 +00:00 · 46a5435ffc
commit 46a5435ffc
parent 88d911cebb
4 changed files with 27 additions and 14 deletions
--- a/IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
+++ b/IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -99,7 +99,7 @@ my $algo2digest = do {
+@@ -102,7 +102,7 @@ my $algo2digest = do {
 # global defaults
 my %DEFAULT_SSL_ARGS = (
     SSL_check_crl => 0,
@ -9,7 +9,7 @@
     SSL_verify_callback => undef,
     SSL_verifycn_scheme => undef,  # fallback cn verification
     SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2227,7 +2227,7 @@ sub new {
+@@ -2233,7 +2233,7 @@ sub new {
 
     my $ssl_op = $DEFAULT_SSL_OP;
 
@ -20,7 +20,7 @@
 	or croak("invalid SSL_version specified");
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -960,11 +960,12 @@ protocol to the specified version.
+@@ -967,11 +967,12 @@ protocol to the specified version.
 All values are case-insensitive.  Instead of 'TLSv1_1' and 'TLSv1_2' one can
 also use 'TLSv11' and 'TLSv12'.  Support for 'TLSv1_1' and 'TLSv1_2' requires
 recent versions of Net::SSLeay and openssl.
--- a/IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
+++ b/IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -107,10 +107,10 @@ my %DEFAULT_SSL_ARGS = (
+@@ -110,10 +110,10 @@ my %DEFAULT_SSL_ARGS = (
     SSL_npn_protocols => undef,    # meaning depends whether on server or client side
     SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
 
@ -15,7 +15,7 @@
 );
 
 my %DEFAULT_SSL_CLIENT_ARGS = (
-@@ -120,63 +120,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
+@@ -123,63 +123,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
     SSL_ca_file => undef,
     SSL_ca_path => undef,
 
@ -81,7 +81,7 @@
 # set values inside _init to work with perlcc, RT#95452
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -986,12 +986,8 @@ documentation (L<http://www.openssl.org/
+@@ -993,12 +993,8 @@ documentation (L<http://www.openssl.org/
 for more details.
 
 Unless you fail to contact your peer because of no shared ciphers it is
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@ -1,13 +1,13 @@
 Name:		perl-IO-Socket-SSL
-Version:	2.044
-Release:	2%{?dist}
+Version:	2.045
+Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 Group:		Development/Libraries
 License:	GPL+ or Artistic
 URL:		http://search.cpan.org/dist/IO-Socket-SSL/
 Source0:	http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz
-Patch0:		IO-Socket-SSL-2.044-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.044-use-system-default-SSL-version.patch
+Patch0:		IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
+Patch1:		IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
 BuildArch:	noarch
 # Module Build
@ -20,6 +20,7 @@ BuildRequires:	perl(ExtUtils::MakeMaker)
 # Module Runtime
 BuildRequires:	openssl >= 0.9.8
 BuildRequires:	perl(Carp)
+BuildRequires:	perl(Config)
 BuildRequires:	perl(constant)
 BuildRequires:	perl(Errno)
 BuildRequires:	perl(Exporter)
@ -34,7 +35,6 @@ BuildRequires:	perl(strict)
 BuildRequires:	perl(vars)
 BuildRequires:	perl(warnings)
 # Test Suite
-BuildRequires:	perl(Config)
 BuildRequires:	perl(Data::Dumper)
 BuildRequires:	perl(File::Temp)
 BuildRequires:	perl(FindBin)
@ -46,6 +46,7 @@ BuildRequires:	procps
 # Runtime
 Requires:	perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
 Requires:	openssl >= 0.9.8
+Requires:	perl(Config)
 Requires:	perl(HTTP::Tiny)

 # Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6
@ -116,6 +117,18 @@ rm -rf %{buildroot}
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*

 %changelog
+* Tue Feb 14 2017 Paul Howarth <paul@city-fan.org> - 2.045-1
+- Update to 2.045
+  - Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
+    objects (GH#55)
+  - Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if
+    perl is compiled without thread support
+  - Small fix in t/protocol_version.t to use older versions of Net::SSLeay with
+    openssl build without SSLv3 support
+  - When setting SSL_keepSocketOnError to true the socket will not be closed on
+    fatal error (GH#53, modified)
+- Update patches as needed
+
 * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.044-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

@ -177,7 +190,7 @@ rm -rf %{buildroot}
 - Update to 2.035
  - Fixes for issues introduced in 2.034
    - Return with error in configure_SSL if context creation failed; this
-      might otherwise result in an segmentation fault later
+      might otherwise result in a segmentation fault later
    - Apply builtin defaults before any (user configurable) global settings
      (i.e. done with set_defaults, set_default_context...) so that builtins
      don't replace user settings
@ -541,7 +554,7 @@ rm -rf %{buildroot}
    because of bad setup of the socket; otherwise we get an endless calling of
    the OCSP callback
  - Consider an OCSP response that is not yet or no longer valid a soft error
-    instead of an hard error
+    instead of a hard error
  - Fix skip in t/external/ocsp.t in case fingerprint does not match
  - Call EVP_PKEY_free not EVP_KEY_free in IO::Socket::SSL::Utils::KEY_free
    (CPAN RT#95633)
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (IO-Socket-SSL-2.044.tar.gz) = 2c92494f795a6dbad8636636e69131689512d6a4c5da68ee19f2fc807b9e7a368b62936a772c3b9aa0d3a1c6bbb7dcf118bb501a30ba91830edeb768b1ce556e
+SHA512 (IO-Socket-SSL-2.045.tar.gz) = fa2d1c9ad690965069a2f05a0bcecfd6c03fe3c2d38e50195933a9301c5c2374871eed3da637eaf3556df0c8e60ef8be26491d2d3ca453062079d69d2ce0ffa0