Update to 2.062

- New upstream release 2.062 - Enable X509_V_FLAG_PARTIAL_CHAIN if supported by Net::SSLeay (1.83+) and OpenSSL (1.1.0+); this makes leaf certificates or intermediate certificates in the trust store be usable as full trust anchors too
2019-02-25 13:43:35 +00:00 · 2019-02-25 13:43:35 +00:00 · ee2bb1ed57
commit ee2bb1ed57
parent 62e054c052
4 changed files with 14 additions and 8 deletions
--- a/IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
+++ b/IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -146,7 +146,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
+@@ -155,7 +155,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
 # global defaults
 my %DEFAULT_SSL_ARGS = (
     SSL_check_crl => 0,
@ -9,7 +9,7 @@
     SSL_verify_callback => undef,
     SSL_verifycn_scheme => undef,  # fallback cn verification
     SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2315,7 +2315,7 @@ sub new {
+@@ -2324,7 +2324,7 @@ sub new {
 
     my $ssl_op = $DEFAULT_SSL_OP;
 
--- a/IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
+++ b/IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -154,10 +154,10 @@ my %DEFAULT_SSL_ARGS = (
+@@ -163,10 +163,10 @@ my %DEFAULT_SSL_ARGS = (
     SSL_npn_protocols => undef,    # meaning depends whether on server or client side
     SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
 
@ -15,7 +15,7 @@
 );
 
 my %DEFAULT_SSL_CLIENT_ARGS = (
-@@ -167,63 +167,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
+@@ -176,63 +176,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
     SSL_ca_file => undef,
     SSL_ca_path => undef,
 
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@ -1,12 +1,12 @@
 Name:		perl-IO-Socket-SSL
-Version:	2.061
+Version:	2.062
 Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 License:	GPL+ or Artistic
 URL:		https://metacpan.org/release/IO-Socket-SSL
 Source0:	https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
-Patch0:		IO-Socket-SSL-2.061-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.061-use-system-default-SSL-version.patch
+Patch0:		IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
+Patch1:		IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
 # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
 # bug #1632660, requires openssl tool
 Patch4:		IO-Socket-SSL-2.060-Test-client-performs-Post-Handshake-Authentication.patch
@ -121,6 +121,12 @@ make test
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*

 %changelog
+* Mon Feb 25 2019 Paul Howarth <paul@city-fan.org> - 2.062-1
+- Update to 2.062
+  - Enable X509_V_FLAG_PARTIAL_CHAIN if supported by Net::SSLeay (1.83+) and
+    OpenSSL (1.1.0+); this makes leaf certificates or intermediate certificates
+    in the trust store be usable as full trust anchors too
+
 * Sat Feb 23 2019 Paul Howarth <paul@city-fan.org> - 2.061-1
 - Update to 2.061
  - Support for TLS 1.3 session reuse (needs Net::SSLeay ≥ 1.86); note that
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (IO-Socket-SSL-2.061.tar.gz) = 2c5aa45f0ace5843e87c2b88f0805efa95b90af3b6e9c8bb258118886ab10ba9feb9b57a224704c33176a02563ae23dacb0707e644a7c647f7ead81132d1e3e0
+SHA512 (IO-Socket-SSL-2.062.tar.gz) = 8a568b08961550df532cbad2707aea670d00a4e446c3f91e2ba6ca2bb1d85e09428d1f495dab1c8f7d9a74b04717852a1dcdb1b9e2684cf37b7166797b6f1183