From 46a5435ffc32293ee8a53b57936b9844666798af Mon Sep 17 00:00:00 2001
From: Paul Howarth <paul@city-fan.org>
Date: Tue, 14 Feb 2017 11:52:13 +0000
Subject: [PATCH] Update to 2.045

- New upstream release 2.045
  - Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
    objects (GH#55)
  - Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if
    perl is compiled without thread support
  - Small fix in t/protocol_version.t to use older versions of Net::SSLeay with
    openssl build without SSLv3 support
  - When setting SSL_keepSocketOnError to true the socket will not be closed on
    fatal error (GH#53, modified)
- Update patches as needed
---
 ...2.045-use-system-default-SSL-version.patch |  6 ++---
 ...2.045-use-system-default-cipher-list.patch |  6 ++---
 perl-IO-Socket-SSL.spec                       | 27 ++++++++++++++-----
 sources                                       |  2 +-
 4 files changed, 27 insertions(+), 14 deletions(-)
 rename IO-Socket-SSL-2.044-use-system-default-SSL-version.patch => IO-Socket-SSL-2.045-use-system-default-SSL-version.patch (91%)
 rename IO-Socket-SSL-2.044-use-system-default-cipher-list.patch => IO-Socket-SSL-2.045-use-system-default-cipher-list.patch (96%)

diff --git a/IO-Socket-SSL-2.044-use-system-default-SSL-version.patch b/IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
similarity index 91%
rename from IO-Socket-SSL-2.044-use-system-default-SSL-version.patch
rename to IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
index 90f98c0..6fb68cd 100644
--- a/IO-Socket-SSL-2.044-use-system-default-SSL-version.patch
+++ b/IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -99,7 +99,7 @@ my $algo2digest = do {
+@@ -102,7 +102,7 @@ my $algo2digest = do {
  # global defaults
  my %DEFAULT_SSL_ARGS = (
      SSL_check_crl => 0,
@@ -9,7 +9,7 @@
      SSL_verify_callback => undef,
      SSL_verifycn_scheme => undef,  # fallback cn verification
      SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2227,7 +2227,7 @@ sub new {
+@@ -2233,7 +2233,7 @@ sub new {
  
      my $ssl_op = $DEFAULT_SSL_OP;
  
@@ -20,7 +20,7 @@
  	or croak("invalid SSL_version specified");
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -960,11 +960,12 @@ protocol to the specified version.
+@@ -967,11 +967,12 @@ protocol to the specified version.
  All values are case-insensitive.  Instead of 'TLSv1_1' and 'TLSv1_2' one can
  also use 'TLSv11' and 'TLSv12'.  Support for 'TLSv1_1' and 'TLSv1_2' requires
  recent versions of Net::SSLeay and openssl.
diff --git a/IO-Socket-SSL-2.044-use-system-default-cipher-list.patch b/IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
similarity index 96%
rename from IO-Socket-SSL-2.044-use-system-default-cipher-list.patch
rename to IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
index 8843f16..1dd9c4d 100644
--- a/IO-Socket-SSL-2.044-use-system-default-cipher-list.patch
+++ b/IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -107,10 +107,10 @@ my %DEFAULT_SSL_ARGS = (
+@@ -110,10 +110,10 @@ my %DEFAULT_SSL_ARGS = (
      SSL_npn_protocols => undef,    # meaning depends whether on server or client side
      SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
  
@@ -15,7 +15,7 @@
  );
  
  my %DEFAULT_SSL_CLIENT_ARGS = (
-@@ -120,63 +120,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
+@@ -123,63 +123,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
      SSL_ca_file => undef,
      SSL_ca_path => undef,
  
@@ -81,7 +81,7 @@
  # set values inside _init to work with perlcc, RT#95452
 --- lib/IO/Socket/SSL.pod
 +++ lib/IO/Socket/SSL.pod
-@@ -986,12 +986,8 @@ documentation (L<http://www.openssl.org/
+@@ -993,12 +993,8 @@ documentation (L<http://www.openssl.org/
  for more details.
  
  Unless you fail to contact your peer because of no shared ciphers it is
diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec
index 78202c3..60788d6 100644
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@@ -1,13 +1,13 @@
 Name:		perl-IO-Socket-SSL
-Version:	2.044
-Release:	2%{?dist}
+Version:	2.045
+Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 Group:		Development/Libraries
 License:	GPL+ or Artistic
 URL:		http://search.cpan.org/dist/IO-Socket-SSL/
 Source0:	http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz
-Patch0:		IO-Socket-SSL-2.044-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.044-use-system-default-SSL-version.patch
+Patch0:		IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
+Patch1:		IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
 BuildArch:	noarch
 # Module Build
@@ -20,6 +20,7 @@ BuildRequires:	perl(ExtUtils::MakeMaker)
 # Module Runtime
 BuildRequires:	openssl >= 0.9.8
 BuildRequires:	perl(Carp)
+BuildRequires:	perl(Config)
 BuildRequires:	perl(constant)
 BuildRequires:	perl(Errno)
 BuildRequires:	perl(Exporter)
@@ -34,7 +35,6 @@ BuildRequires:	perl(strict)
 BuildRequires:	perl(vars)
 BuildRequires:	perl(warnings)
 # Test Suite
-BuildRequires:	perl(Config)
 BuildRequires:	perl(Data::Dumper)
 BuildRequires:	perl(File::Temp)
 BuildRequires:	perl(FindBin)
@@ -46,6 +46,7 @@ BuildRequires:	procps
 # Runtime
 Requires:	perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
 Requires:	openssl >= 0.9.8
+Requires:	perl(Config)
 Requires:	perl(HTTP::Tiny)
 
 # Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6
@@ -116,6 +117,18 @@ rm -rf %{buildroot}
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*
 
 %changelog
+* Tue Feb 14 2017 Paul Howarth <paul@city-fan.org> - 2.045-1
+- Update to 2.045
+  - Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
+    objects (GH#55)
+  - Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if
+    perl is compiled without thread support
+  - Small fix in t/protocol_version.t to use older versions of Net::SSLeay with
+    openssl build without SSLv3 support
+  - When setting SSL_keepSocketOnError to true the socket will not be closed on
+    fatal error (GH#53, modified)
+- Update patches as needed
+
 * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.044-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 
@@ -177,7 +190,7 @@ rm -rf %{buildroot}
 - Update to 2.035
   - Fixes for issues introduced in 2.034
     - Return with error in configure_SSL if context creation failed; this
-      might otherwise result in an segmentation fault later
+      might otherwise result in a segmentation fault later
     - Apply builtin defaults before any (user configurable) global settings
       (i.e. done with set_defaults, set_default_context...) so that builtins
       don't replace user settings
@@ -541,7 +554,7 @@ rm -rf %{buildroot}
     because of bad setup of the socket; otherwise we get an endless calling of
     the OCSP callback
   - Consider an OCSP response that is not yet or no longer valid a soft error
-    instead of an hard error
+    instead of a hard error
   - Fix skip in t/external/ocsp.t in case fingerprint does not match
   - Call EVP_PKEY_free not EVP_KEY_free in IO::Socket::SSL::Utils::KEY_free
     (CPAN RT#95633)
diff --git a/sources b/sources
index c833f8d..9dca4f2 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (IO-Socket-SSL-2.044.tar.gz) = 2c92494f795a6dbad8636636e69131689512d6a4c5da68ee19f2fc807b9e7a368b62936a772c3b9aa0d3a1c6bbb7dcf118bb501a30ba91830edeb768b1ce556e
+SHA512 (IO-Socket-SSL-2.045.tar.gz) = fa2d1c9ad690965069a2f05a0bcecfd6c03fe3c2d38e50195933a9301c5c2374871eed3da637eaf3556df0c8e60ef8be26491d2d3ca453062079d69d2ce0ffa0