rpms/perl-IO-Socket-SSL
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 1.967

Browse Source 
- New upstream release 1.967
  - Verify the hostname inside a certificate by default with a superset of
    common verification schemes instead of not verifying identity at all; for
    now it will only complain if name verification failed but in the future it
    will fail certificate verification, forcing you to set the expected
    SSL_verifycn_name if you want to accept the certificate
  - New option SSL_fingerprint and new methods get_fingerprint and
    get_fingerprint_bin; together they can be used to selectively accept
    specific certificates that would otherwise fail verification, like
    self-signed, outdated or from unknown CAs
  - Utils:
    - Default RSA key length 2048
    - Digest algorithm to sign certificate in CERT_create can be given;
      defaults to SHA-256
    - CERT_create can now issue non-CA self-signed certificate
    - CERT_create add some more useful constraints to certificate
  - Spelling fixes
This commit is contained in:
Paul Howarth 2014-02-07 15:58:48 +00:00
parent 5821112cbb
commit 961f407eff
2 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
perl-IO-Socket-SSL.spec
View File

@ -1,5 +1,5 @@
Name: perl-IO-Socket-SSL Name: perl-IO-Socket-SSL
Version: 1.966 Version: 1.967
Release: 1%{?dist} Release: 1%{?dist}
Summary: Perl library for transparent SSL Summary: Perl library for transparent SSL
Group: Development/Libraries Group: Development/Libraries
@ -23,6 +23,7 @@ BuildRequires: perl(Net::SSLeay) >= 1.46
BuildRequires: perl(Scalar::Util) BuildRequires: perl(Scalar::Util)
BuildRequires: perl(Socket) BuildRequires: perl(Socket)
BuildRequires: perl(Socket6) BuildRequires: perl(Socket6)
BuildRequires: perl(Test::More)
BuildRequires: procps BuildRequires: procps
# Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6 # Use IO::Socket::IP for IPv6 support where available, else IO::Socket::INET6
%if 0%{?fedora} > 15 || 0%{?rhel} > 6 %if 0%{?fedora} > 15 || 0%{?rhel} > 6
@ -71,6 +72,25 @@ rm -rf %{buildroot}
%{_mandir}/man3/IO::Socket::SSL::Utils.3pm* %{_mandir}/man3/IO::Socket::SSL::Utils.3pm*
%changelog %changelog
* Fri Feb 7 2014 Paul Howarth <paul@city-fan.org> - 1.967-1
- Update to 1.967
- Verify the hostname inside a certificate by default with a superset of
common verification schemes instead of not verifying identity at all; for
now it will only complain if name verification failed but in the future it
will fail certificate verification, forcing you to set the expected
SSL_verifycn_name if you want to accept the certificate
- New option SSL_fingerprint and new methods get_fingerprint and
get_fingerprint_bin; together they can be used to selectively accept
specific certificates that would otherwise fail verification, like
self-signed, outdated or from unknown CAs
- Utils:
- Default RSA key length 2048
- Digest algorithm to sign certificate in CERT_create can be given;
defaults to SHA-256
- CERT_create can now issue non-CA self-signed certificate
- CERT_create add some more useful constraints to certificate
- Spelling fixes
* Wed Jan 22 2014 Paul Howarth <paul@city-fan.org> - 1.966-1 * Wed Jan 22 2014 Paul Howarth <paul@city-fan.org> - 1.966-1
- Update to 1.966 - Update to 1.966
- Fixed bug introduced in 1.964 - disabling TLSv1_2 no longer worked by - Fixed bug introduced in 1.964 - disabling TLSv1_2 no longer worked by

2
sources
View File

@ -1 +1 @@
af82b20feb6633f1a707d40dbbf7f590 IO-Socket-SSL-1.966.tar.gz 78b84d50e5a04c19b1d3835514dece95 IO-Socket-SSL-1.967.tar.gz