rpms/perl-IO-Socket-SSL
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 2.064

Browse Source 
- New upstream release 2.064
  - Make algorithm for fingerprint optional, i.e. detect based on length of
    fingerprint (CPAN RT#127773)
  - Fix t/sessions.t and improve stability of t/verify_hostname.t on Windows
  - Use CTX_set_ecdh_auto when needed (OpenSSL 1.0.2) if explicit curves are
    set
  - Update fingerprints for live tests
This commit is contained in:
Paul Howarth 2019-03-04 16:28:53 +00:00
parent 536e7cbbbc
commit b66fffb029
4 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
IO-Socket-SSL-2.063-use-system-default-SSL-version.patch → IO-Socket-SSL-2.064-use-system-default-SSL-version.patch
View File

@ -1,6 +1,6 @@
--- lib/IO/Socket/SSL.pm --- lib/IO/Socket/SSL.pm
+++ lib/IO/Socket/SSL.pm +++ lib/IO/Socket/SSL.pm
@@ -158,7 +158,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p @@ -163,7 +163,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
# global defaults # global defaults
my %DEFAULT_SSL_ARGS = ( my %DEFAULT_SSL_ARGS = (
SSL_check_crl => 0, SSL_check_crl => 0,
@ -9,7 +9,7 @@
SSL_verify_callback => undef, SSL_verify_callback => undef,
SSL_verifycn_scheme => undef, # fallback cn verification SSL_verifycn_scheme => undef, # fallback cn verification
SSL_verifycn_publicsuffix => undef, # fallback default list verification SSL_verifycn_publicsuffix => undef, # fallback default list verification
@@ -2328,7 +2328,7 @@ sub new { @@ -2333,7 +2333,7 @@ sub new {
my $ssl_op = $DEFAULT_SSL_OP; my $ssl_op = $DEFAULT_SSL_OP;
@ -20,7 +20,7 @@
or croak("invalid SSL_version specified"); or croak("invalid SSL_version specified");
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -1022,11 +1022,12 @@ All values are case-insensitive. Instea @@ -1028,11 +1028,12 @@ All values are case-insensitive. Instea
'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for 'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for
'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay
and openssl. and openssl.

6
IO-Socket-SSL-2.063-use-system-default-cipher-list.patch → IO-Socket-SSL-2.064-use-system-default-cipher-list.patch
View File

@ -1,6 +1,6 @@
--- lib/IO/Socket/SSL.pm --- lib/IO/Socket/SSL.pm
+++ lib/IO/Socket/SSL.pm +++ lib/IO/Socket/SSL.pm
@@ -166,10 +166,10 @@ my %DEFAULT_SSL_ARGS = ( @@ -171,10 +171,10 @@ my %DEFAULT_SSL_ARGS = (
SSL_npn_protocols => undef, # meaning depends whether on server or client side SSL_npn_protocols => undef, # meaning depends whether on server or client side
SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1'] SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
@ -15,7 +15,7 @@
); );
my %DEFAULT_SSL_CLIENT_ARGS = ( my %DEFAULT_SSL_CLIENT_ARGS = (
@@ -179,63 +179,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = ( @@ -184,63 +184,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
SSL_ca_file => undef, SSL_ca_file => undef,
SSL_ca_path => undef, SSL_ca_path => undef,
@ -81,7 +81,7 @@
# set values inside _init to work with perlcc, RT#95452 # set values inside _init to work with perlcc, RT#95452
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -1048,12 +1048,8 @@ documentation (L<http://www.openssl.org/ @@ -1054,12 +1054,8 @@ documentation (L<http://www.openssl.org/
for more details. for more details.
Unless you fail to contact your peer because of no shared ciphers it is Unless you fail to contact your peer because of no shared ciphers it is

15
perl-IO-Socket-SSL.spec
View File

@ -1,12 +1,12 @@
Name: perl-IO-Socket-SSL Name: perl-IO-Socket-SSL
Version: 2.063 Version: 2.064
Release: 1%{?dist} Release: 1%{?dist}
Summary: Perl library for transparent SSL Summary: Perl library for transparent SSL
License: GPL+ or Artistic License: GPL+ or Artistic
URL: https://metacpan.org/release/IO-Socket-SSL URL: https://metacpan.org/release/IO-Socket-SSL
Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
Patch0: IO-Socket-SSL-2.063-use-system-default-cipher-list.patch Patch0: IO-Socket-SSL-2.064-use-system-default-cipher-list.patch
Patch1: IO-Socket-SSL-2.063-use-system-default-SSL-version.patch Patch1: IO-Socket-SSL-2.064-use-system-default-SSL-version.patch
# A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch, # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
# bug #1632660, requires openssl tool # bug #1632660, requires openssl tool
Patch4: IO-Socket-SSL-2.063-Test-client-performs-Post-Handshake-Authentication.patch Patch4: IO-Socket-SSL-2.063-Test-client-performs-Post-Handshake-Authentication.patch
@ -121,6 +121,15 @@ make test
%{_mandir}/man3/IO::Socket::SSL::Utils.3* %{_mandir}/man3/IO::Socket::SSL::Utils.3*
%changelog %changelog
* Mon Mar 4 2019 Paul Howarth <paul@city-fan.org> - 2.064-1
- Update to 2.064
- Make algorithm for fingerprint optional, i.e. detect based on length of
fingerprint (CPAN RT#127773)
- Fix t/sessions.t and improve stability of t/verify_hostname.t on Windows
- Use CTX_set_ecdh_auto when needed (OpenSSL 1.0.2) if explicit curves are
set
- Update fingerprints for live tests
* Sat Mar 2 2019 Paul Howarth <paul@city-fan.org> - 2.063-1 * Sat Mar 2 2019 Paul Howarth <paul@city-fan.org> - 2.063-1
- Update to 2.063 - Update to 2.063
- Support for both RSA and ECDSA certificate on same domain - Support for both RSA and ECDSA certificate on same domain

2
sources
View File

@ -1 +1 @@
SHA512 (IO-Socket-SSL-2.063.tar.gz) = 31e42de5244fe1766c9c699767473d691657350a8dce115a17dde605274a0e99b460bc165625733d473febda699e07c0318a74f8398faa902683722b0c5e80cb SHA512 (IO-Socket-SSL-2.064.tar.gz) = a9e5b78cae1a852ec623c0ea795ecc6870e9a8b4fafe479e94653bec7d44e70ed2da1a8cc86e35baac8414ddb50ca45ca69e092e7675794430edf0d9a3d3d10a