rpms/perl-IO-Socket-SSL
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 2.045

Browse Source 
- New upstream release 2.045
  - Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
    objects (GH#55)
  - Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if
    perl is compiled without thread support
  - Small fix in t/protocol_version.t to use older versions of Net::SSLeay with
    openssl build without SSLv3 support
  - When setting SSL_keepSocketOnError to true the socket will not be closed on
    fatal error (GH#53, modified)
- Update patches as needed
This commit is contained in:
Paul Howarth 2017-02-14 11:52:13 +00:00
parent 88d911cebb
commit 46a5435ffc
4 changed files with 27 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
IO-Socket-SSL-2.044-use-system-default-SSL-version.patch → IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
View File

@ -1,6 +1,6 @@
--- lib/IO/Socket/SSL.pm --- lib/IO/Socket/SSL.pm
+++ lib/IO/Socket/SSL.pm +++ lib/IO/Socket/SSL.pm
@@ -99,7 +99,7 @@ my $algo2digest = do { @@ -102,7 +102,7 @@ my $algo2digest = do {
# global defaults # global defaults
my %DEFAULT_SSL_ARGS = ( my %DEFAULT_SSL_ARGS = (
SSL_check_crl => 0, SSL_check_crl => 0,
@ -9,7 +9,7 @@
SSL_verify_callback => undef, SSL_verify_callback => undef,
SSL_verifycn_scheme => undef, # fallback cn verification SSL_verifycn_scheme => undef, # fallback cn verification
SSL_verifycn_publicsuffix => undef, # fallback default list verification SSL_verifycn_publicsuffix => undef, # fallback default list verification
@@ -2227,7 +2227,7 @@ sub new { @@ -2233,7 +2233,7 @@ sub new {
my $ssl_op = $DEFAULT_SSL_OP; my $ssl_op = $DEFAULT_SSL_OP;
@ -20,7 +20,7 @@
or croak("invalid SSL_version specified"); or croak("invalid SSL_version specified");
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -960,11 +960,12 @@ protocol to the specified version. @@ -967,11 +967,12 @@ protocol to the specified version.
All values are case-insensitive. Instead of 'TLSv1_1' and 'TLSv1_2' one can All values are case-insensitive. Instead of 'TLSv1_1' and 'TLSv1_2' one can
also use 'TLSv11' and 'TLSv12'. Support for 'TLSv1_1' and 'TLSv1_2' requires also use 'TLSv11' and 'TLSv12'. Support for 'TLSv1_1' and 'TLSv1_2' requires
recent versions of Net::SSLeay and openssl. recent versions of Net::SSLeay and openssl.

6
IO-Socket-SSL-2.044-use-system-default-cipher-list.patch → IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
View File

@ -1,6 +1,6 @@
--- lib/IO/Socket/SSL.pm --- lib/IO/Socket/SSL.pm
+++ lib/IO/Socket/SSL.pm +++ lib/IO/Socket/SSL.pm
@@ -107,10 +107,10 @@ my %DEFAULT_SSL_ARGS = ( @@ -110,10 +110,10 @@ my %DEFAULT_SSL_ARGS = (
SSL_npn_protocols => undef, # meaning depends whether on server or client side SSL_npn_protocols => undef, # meaning depends whether on server or client side
SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1'] SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
@ -15,7 +15,7 @@
); );
my %DEFAULT_SSL_CLIENT_ARGS = ( my %DEFAULT_SSL_CLIENT_ARGS = (
@@ -120,63 +120,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = ( @@ -123,63 +123,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
SSL_ca_file => undef, SSL_ca_file => undef,
SSL_ca_path => undef, SSL_ca_path => undef,
@ -81,7 +81,7 @@
# set values inside _init to work with perlcc, RT#95452 # set values inside _init to work with perlcc, RT#95452
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -986,12 +986,8 @@ documentation (L<http://www.openssl.org/ @@ -993,12 +993,8 @@ documentation (L<http://www.openssl.org/
for more details. for more details.
Unless you fail to contact your peer because of no shared ciphers it is Unless you fail to contact your peer because of no shared ciphers it is

27
perl-IO-Socket-SSL.spec
View File

@ -1,13 +1,13 @@
Name: perl-IO-Socket-SSL Name: perl-IO-Socket-SSL
Version: 2.044 Version: 2.045
Release: 2%{?dist} Release: 1%{?dist}
Summary: Perl library for transparent SSL Summary: Perl library for transparent SSL
Group: Development/Libraries Group: Development/Libraries
License: GPL+ or Artistic License: GPL+ or Artistic
URL: http://search.cpan.org/dist/IO-Socket-SSL/ URL: http://search.cpan.org/dist/IO-Socket-SSL/
Source0: http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz Source0: http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz
Patch0: IO-Socket-SSL-2.044-use-system-default-cipher-list.patch Patch0: IO-Socket-SSL-2.045-use-system-default-cipher-list.patch
Patch1: IO-Socket-SSL-2.044-use-system-default-SSL-version.patch Patch1: IO-Socket-SSL-2.045-use-system-default-SSL-version.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
BuildArch: noarch BuildArch: noarch
# Module Build # Module Build
@ -20,6 +20,7 @@ BuildRequires: perl(ExtUtils::MakeMaker)
# Module Runtime # Module Runtime
BuildRequires: openssl >= 0.9.8 BuildRequires: openssl >= 0.9.8
BuildRequires: perl(Carp) BuildRequires: perl(Carp)
BuildRequires: perl(Config)
BuildRequires: perl(constant) BuildRequires: perl(constant)
BuildRequires: perl(Errno) BuildRequires: perl(Errno)
BuildRequires: perl(Exporter) BuildRequires: perl(Exporter)
@ -34,7 +35,6 @@ BuildRequires: perl(strict)
BuildRequires: perl(vars) BuildRequires: perl(vars)
BuildRequires: perl(warnings) BuildRequires: perl(warnings)
# Test Suite # Test Suite
BuildRequires: perl(Config)
BuildRequires: perl(Data::Dumper) BuildRequires: perl(Data::Dumper)
BuildRequires: perl(File::Temp) BuildRequires: perl(File::Temp)
BuildRequires: perl(FindBin) BuildRequires: perl(FindBin)
@ -46,6 +46,7 @@ BuildRequires: procps
# Runtime # Runtime
Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
Requires: openssl >= 0.9.8 Requires: openssl >= 0.9.8
Requires: perl(Config)
Requires: perl(HTTP::Tiny) Requires: perl(HTTP::Tiny)
# Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6 # Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6
@ -116,6 +117,18 @@ rm -rf %{buildroot}
%{_mandir}/man3/IO::Socket::SSL::Utils.3* %{_mandir}/man3/IO::Socket::SSL::Utils.3*
%changelog %changelog
* Tue Feb 14 2017 Paul Howarth <paul@city-fan.org> - 2.045-1
- Update to 2.045
- Fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
objects (GH#55)
- Optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD if
perl is compiled without thread support
- Small fix in t/protocol_version.t to use older versions of Net::SSLeay with
openssl build without SSLv3 support
- When setting SSL_keepSocketOnError to true the socket will not be closed on
fatal error (GH#53, modified)
- Update patches as needed
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.044-2 * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.044-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
@ -177,7 +190,7 @@ rm -rf %{buildroot}
- Update to 2.035 - Update to 2.035
- Fixes for issues introduced in 2.034 - Fixes for issues introduced in 2.034
- Return with error in configure_SSL if context creation failed; this - Return with error in configure_SSL if context creation failed; this
might otherwise result in an segmentation fault later might otherwise result in a segmentation fault later
- Apply builtin defaults before any (user configurable) global settings - Apply builtin defaults before any (user configurable) global settings
(i.e. done with set_defaults, set_default_context...) so that builtins (i.e. done with set_defaults, set_default_context...) so that builtins
don't replace user settings don't replace user settings
@ -541,7 +554,7 @@ rm -rf %{buildroot}
because of bad setup of the socket; otherwise we get an endless calling of because of bad setup of the socket; otherwise we get an endless calling of
the OCSP callback the OCSP callback
- Consider an OCSP response that is not yet or no longer valid a soft error - Consider an OCSP response that is not yet or no longer valid a soft error
instead of an hard error instead of a hard error
- Fix skip in t/external/ocsp.t in case fingerprint does not match - Fix skip in t/external/ocsp.t in case fingerprint does not match
- Call EVP_PKEY_free not EVP_KEY_free in IO::Socket::SSL::Utils::KEY_free - Call EVP_PKEY_free not EVP_KEY_free in IO::Socket::SSL::Utils::KEY_free
(CPAN RT#95633) (CPAN RT#95633)

2
sources
View File

@ -1 +1 @@
SHA512 (IO-Socket-SSL-2.044.tar.gz) = 2c92494f795a6dbad8636636e69131689512d6a4c5da68ee19f2fc807b9e7a368b62936a772c3b9aa0d3a1c6bbb7dcf118bb501a30ba91830edeb768b1ce556e SHA512 (IO-Socket-SSL-2.045.tar.gz) = fa2d1c9ad690965069a2f05a0bcecfd6c03fe3c2d38e50195933a9301c5c2374871eed3da637eaf3556df0c8e60ef8be26491d2d3ca453062079d69d2ce0ffa0