rpms/perl-IO-Socket-SSL
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 2.084

Browse Source 
- New upstream release 2.084
  - Various fixes for edge cases and build: GH#136, GH#141, GH#142, GH#143,
    GH#145
  - Update documentation to reflect default SSL_version
This commit is contained in:
Paul Howarth 2023-11-07 08:52:53 +00:00
parent ad30eff1d1
commit e66cad755e
4 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
IO-Socket-SSL-2.082-use-system-default-SSL-version.patch → IO-Socket-SSL-2.084-use-system-default-SSL-version.patch
View File

@ -10,7 +10,7 @@
SSL_verify_callback => undef, SSL_verify_callback => undef,
SSL_verifycn_scheme => undef, # fallback cn verification SSL_verifycn_scheme => undef, # fallback cn verification
SSL_verifycn_publicsuffix => undef, # fallback default list verification SSL_verifycn_publicsuffix => undef, # fallback default list verification
@@ -2438,7 +2437,7 @@ sub new { @@ -2445,7 +2444,7 @@ sub new {
my $ssl_op = $DEFAULT_SSL_OP; my $ssl_op = $DEFAULT_SSL_OP;
@ -21,17 +21,17 @@
or croak("invalid SSL_version specified"); or croak("invalid SSL_version specified");
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -1043,11 +1043,12 @@ All values are case-insensitive. Instea @@ -1044,11 +1044,12 @@ All values are case-insensitive. Instea
'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for versions are actually supported depend on the versions of OpenSSL and
'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay Net::SSLeay installed, but modern protocols like TLS 1.3 are supported by these
and openssl. for many years now.
+The default SSL_version is defined by the underlying cryptographic library. +The default SSL_version is defined by the underlying cryptographic library.
Independent from the handshake format you can limit to set of accepted SSL Independent from the handshake format you can limit to set of accepted SSL
versions by adding !version separated by ':'. versions by adding !version separated by ':'.
-The default SSL_version is 'SSLv23:!SSLv3:!SSLv2' which means, that the -The default SSL_version is 'SSLv23:!TLSv1:!TLSv1_1:!SSLv3:!SSLv2'. This means,
+For example, 'SSLv23:!SSLv3:!SSLv2' means that the +For example, 'SSLv23:!TLSv1:!TLSv1_1:!SSLv3:!SSLv2' means
handshake format is compatible to SSL2.0 and higher, but that the successful that the handshake format is compatible to SSL2.0 and higher, but that the
handshake is limited to TLS1.0 and higher, that is no SSL2.0 or SSL3.0 because successful handshake is limited to TLS1.2 and higher, that is no SSL2.0, SSL3.0,
both of these versions have serious security issues and should not be used TLS 1.0 or TLS 1.1 because these versions have serious security issues and

2
IO-Socket-SSL-2.082-use-system-default-cipher-list.patch → IO-Socket-SSL-2.084-use-system-default-cipher-list.patch
View File

@ -15,7 +15,7 @@
my %DEFAULT_SSL_CLIENT_ARGS = ( my %DEFAULT_SSL_CLIENT_ARGS = (
--- lib/IO/Socket/SSL.pod --- lib/IO/Socket/SSL.pod
+++ lib/IO/Socket/SSL.pod +++ lib/IO/Socket/SSL.pod
@@ -1070,9 +1070,8 @@ ciphers for TLS 1.2 and lower. See the O @@ -1071,9 +1071,8 @@ ciphers for TLS 1.2 and lower. See the O
for more details. for more details.
Unless you fail to contact your peer because of no shared ciphers it is Unless you fail to contact your peer because of no shared ciphers it is

14
perl-IO-Socket-SSL.spec
View File

@ -7,14 +7,14 @@
%endif %endif
Name: perl-IO-Socket-SSL Name: perl-IO-Socket-SSL
Version: 2.083 Version: 2.084
Release: 3%{?dist} Release: 1%{?dist}
Summary: Perl library for transparent SSL Summary: Perl library for transparent SSL
License: (GPL-1.0-or-later OR Artistic-1.0-Perl) AND MPL-2.0 License: (GPL-1.0-or-later OR Artistic-1.0-Perl) AND MPL-2.0
URL: https://metacpan.org/release/IO-Socket-SSL URL: https://metacpan.org/release/IO-Socket-SSL
Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
Patch0: IO-Socket-SSL-2.082-use-system-default-cipher-list.patch Patch0: IO-Socket-SSL-2.084-use-system-default-cipher-list.patch
Patch1: IO-Socket-SSL-2.082-use-system-default-SSL-version.patch Patch1: IO-Socket-SSL-2.084-use-system-default-SSL-version.patch
# A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch, # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
# bug #1632660, requires openssl tool # bug #1632660, requires openssl tool
Patch2: IO-Socket-SSL-2.080-Test-client-performs-Post-Handshake-Authentication.patch Patch2: IO-Socket-SSL-2.080-Test-client-performs-Post-Handshake-Authentication.patch
@ -126,6 +126,12 @@ make test
%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3* %{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
%changelog %changelog
* Tue Nov 7 2023 Paul Howarth <paul@city-fan.org> - 2.084-1
- Update to 2.084
- Various fixes for edge cases and build: GH#136, GH#141, GH#142, GH#143,
GH#145
- Update documentation to reflect default SSL_version
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.083-3 * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.083-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (IO-Socket-SSL-2.083.tar.gz) = a3fb70148eabc7b972c9b7a132b2a3f3ef23877606670c19ebffe40c82fc462431337ab498bca98b823b89ade8e2288d37fdb677ae154461de8f9f24e7568e4a SHA512 (IO-Socket-SSL-2.084.tar.gz) = 348e71cda3b0f6c06f9e72a9cd332e5c747feec82b6e74fe508ef294fdca85f9318bdda2e369b1dd1f0f2c857bfba89f52f09a3088c9906326cda5f43a91b6b5