Update to 2.038
- New upstream release 2.038
  - Restrict session ticket callback to Net::SSLeay 1.79+ since version before
    contains bug; add test for session reuse
  - Extend SSL fingerprint to pubkey digest, i.e. 'sha1$pub$xxxxxx....'
  - Fix t/external/ocsp.t to use different server (under my control) to check
    OCSP stapling
- Update patches as needed
			
			
This commit is contained in:
		
							parent
							
								
									1c9734277a
								
							
						
					
					
						commit
						4b64c34a03
					
				| @ -1,6 +1,6 @@ | ||||
| --- lib/IO/Socket/SSL.pm
 | ||||
| +++ lib/IO/Socket/SSL.pm
 | ||||
| @@ -95,7 +95,7 @@ my $algo2digest = do {
 | ||||
| @@ -96,7 +96,7 @@ my $algo2digest = do {
 | ||||
|  # global defaults | ||||
|  my %DEFAULT_SSL_ARGS = ( | ||||
|      SSL_check_crl => 0, | ||||
| @ -9,7 +9,7 @@ | ||||
|      SSL_verify_callback => undef, | ||||
|      SSL_verifycn_scheme => undef,  # fallback cn verification | ||||
|      SSL_verifycn_publicsuffix => undef,  # fallback default list verification | ||||
| @@ -2202,7 +2202,7 @@ sub new {
 | ||||
| @@ -2206,7 +2206,7 @@ sub new {
 | ||||
|   | ||||
|      my $ssl_op = $DEFAULT_SSL_OP; | ||||
|   | ||||
| @ -20,7 +20,7 @@ | ||||
|  	or croak("invalid SSL_version specified"); | ||||
| --- lib/IO/Socket/SSL.pod
 | ||||
| +++ lib/IO/Socket/SSL.pod
 | ||||
| @@ -958,11 +958,12 @@ protocol to the specified version.
 | ||||
| @@ -960,11 +960,12 @@ protocol to the specified version.
 | ||||
|  All values are case-insensitive.  Instead of 'TLSv1_1' and 'TLSv1_2' one can | ||||
|  also use 'TLSv11' and 'TLSv12'.  Support for 'TLSv1_1' and 'TLSv1_2' requires | ||||
|  recent versions of Net::SSLeay and openssl. | ||||
| @ -1,6 +1,6 @@ | ||||
| --- lib/IO/Socket/SSL.pm
 | ||||
| +++ lib/IO/Socket/SSL.pm
 | ||||
| @@ -103,10 +103,10 @@ my %DEFAULT_SSL_ARGS = (
 | ||||
| @@ -104,10 +104,10 @@ my %DEFAULT_SSL_ARGS = (
 | ||||
|      SSL_npn_protocols => undef,    # meaning depends whether on server or client side | ||||
|      SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1'] | ||||
|   | ||||
| @ -15,7 +15,7 @@ | ||||
|  ); | ||||
|   | ||||
|  my %DEFAULT_SSL_CLIENT_ARGS = ( | ||||
| @@ -116,63 +116,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
 | ||||
| @@ -117,63 +117,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
 | ||||
|      SSL_ca_file => undef, | ||||
|      SSL_ca_path => undef, | ||||
|   | ||||
| @ -81,7 +81,7 @@ | ||||
|  # set values inside _init to work with perlcc, RT#95452 | ||||
| --- lib/IO/Socket/SSL.pod
 | ||||
| +++ lib/IO/Socket/SSL.pod
 | ||||
| @@ -984,12 +984,8 @@ documentation (L<http://www.openssl.org/
 | ||||
| @@ -986,12 +986,8 @@ documentation (L<http://www.openssl.org/
 | ||||
|  for more details. | ||||
|   | ||||
|  Unless you fail to contact your peer because of no shared ciphers it is | ||||
| @ -1,13 +1,13 @@ | ||||
| Name:		perl-IO-Socket-SSL | ||||
| Version:	2.037 | ||||
| Version:	2.038 | ||||
| Release:	1%{?dist} | ||||
| Summary:	Perl library for transparent SSL | ||||
| Group:		Development/Libraries | ||||
| License:	GPL+ or Artistic | ||||
| URL:		http://search.cpan.org/dist/IO-Socket-SSL/ | ||||
| Source0:	http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz | ||||
| Patch0:		IO-Socket-SSL-2.037-use-system-default-cipher-list.patch | ||||
| Patch1:		IO-Socket-SSL-2.037-use-system-default-SSL-version.patch | ||||
| Patch0:		IO-Socket-SSL-2.038-use-system-default-cipher-list.patch | ||||
| Patch1:		IO-Socket-SSL-2.038-use-system-default-SSL-version.patch | ||||
| BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) | ||||
| BuildArch:	noarch | ||||
| # Module Build | ||||
| @ -116,6 +116,15 @@ rm -rf %{buildroot} | ||||
| %{_mandir}/man3/IO::Socket::SSL::Utils.3* | ||||
| 
 | ||||
| %changelog | ||||
| * Mon Sep 19 2016 Paul Howarth <paul@city-fan.org> - 2.038-1 | ||||
| - Update to 2.038 | ||||
|   - Restrict session ticket callback to Net::SSLeay 1.79+ since version before | ||||
|     contains bug; add test for session reuse | ||||
|   - Extend SSL fingerprint to pubkey digest, i.e. 'sha1$pub$xxxxxx....' | ||||
|   - Fix t/external/ocsp.t to use different server (under my control) to check | ||||
|     OCSP stapling | ||||
| - Update patches as needed | ||||
| 
 | ||||
| * Tue Aug 23 2016 Paul Howarth <paul@city-fan.org> - 2.037-1 | ||||
| - Update to 2.037 | ||||
|   - Disable OCSP support when Net::SSLeay 1.75..1.77 is used (CPAN RT#116795) | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user