From ee2bb1ed57d47b327deb3924f8bc8d2ff9b947a1 Mon Sep 17 00:00:00 2001
From: Paul Howarth <paul@city-fan.org>
Date: Mon, 25 Feb 2019 13:43:35 +0000
Subject: [PATCH] Update to 2.062

- New upstream release 2.062
  - Enable X509_V_FLAG_PARTIAL_CHAIN if supported by Net::SSLeay (1.83+) and
    OpenSSL (1.1.0+); this makes leaf certificates or intermediate certificates
    in the trust store be usable as full trust anchors too
---
 ...et-SSL-2.062-use-system-default-SSL-version.patch |  4 ++--
 ...et-SSL-2.062-use-system-default-cipher-list.patch |  4 ++--
 perl-IO-Socket-SSL.spec                              | 12 +++++++++---
 sources                                              |  2 +-
 4 files changed, 14 insertions(+), 8 deletions(-)
 rename IO-Socket-SSL-2.061-use-system-default-SSL-version.patch => IO-Socket-SSL-2.062-use-system-default-SSL-version.patch (94%)
 rename IO-Socket-SSL-2.061-use-system-default-cipher-list.patch => IO-Socket-SSL-2.062-use-system-default-cipher-list.patch (97%)

diff --git a/IO-Socket-SSL-2.061-use-system-default-SSL-version.patch b/IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
similarity index 94%
rename from IO-Socket-SSL-2.061-use-system-default-SSL-version.patch
rename to IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
index eddad04..a767a99 100644
--- a/IO-Socket-SSL-2.061-use-system-default-SSL-version.patch
+++ b/IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -146,7 +146,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
+@@ -155,7 +155,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
  # global defaults
  my %DEFAULT_SSL_ARGS = (
      SSL_check_crl => 0,
@@ -9,7 +9,7 @@
      SSL_verify_callback => undef,
      SSL_verifycn_scheme => undef,  # fallback cn verification
      SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2315,7 +2315,7 @@ sub new {
+@@ -2324,7 +2324,7 @@ sub new {
  
      my $ssl_op = $DEFAULT_SSL_OP;
  
diff --git a/IO-Socket-SSL-2.061-use-system-default-cipher-list.patch b/IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
similarity index 97%
rename from IO-Socket-SSL-2.061-use-system-default-cipher-list.patch
rename to IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
index bba0451..e9883bc 100644
--- a/IO-Socket-SSL-2.061-use-system-default-cipher-list.patch
+++ b/IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -154,10 +154,10 @@ my %DEFAULT_SSL_ARGS = (
+@@ -163,10 +163,10 @@ my %DEFAULT_SSL_ARGS = (
      SSL_npn_protocols => undef,    # meaning depends whether on server or client side
      SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
  
@@ -15,7 +15,7 @@
  );
  
  my %DEFAULT_SSL_CLIENT_ARGS = (
-@@ -167,63 +167,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
+@@ -176,63 +176,6 @@ my %DEFAULT_SSL_CLIENT_ARGS = (
      SSL_ca_file => undef,
      SSL_ca_path => undef,
  
diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec
index 854c077..824d6f7 100644
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@@ -1,12 +1,12 @@
 Name:		perl-IO-Socket-SSL
-Version:	2.061
+Version:	2.062
 Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 License:	GPL+ or Artistic
 URL:		https://metacpan.org/release/IO-Socket-SSL
 Source0:	https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
-Patch0:		IO-Socket-SSL-2.061-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.061-use-system-default-SSL-version.patch
+Patch0:		IO-Socket-SSL-2.062-use-system-default-cipher-list.patch
+Patch1:		IO-Socket-SSL-2.062-use-system-default-SSL-version.patch
 # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
 # bug #1632660, requires openssl tool
 Patch4:		IO-Socket-SSL-2.060-Test-client-performs-Post-Handshake-Authentication.patch
@@ -121,6 +121,12 @@ make test
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*
 
 %changelog
+* Mon Feb 25 2019 Paul Howarth <paul@city-fan.org> - 2.062-1
+- Update to 2.062
+  - Enable X509_V_FLAG_PARTIAL_CHAIN if supported by Net::SSLeay (1.83+) and
+    OpenSSL (1.1.0+); this makes leaf certificates or intermediate certificates
+    in the trust store be usable as full trust anchors too
+
 * Sat Feb 23 2019 Paul Howarth <paul@city-fan.org> - 2.061-1
 - Update to 2.061
   - Support for TLS 1.3 session reuse (needs Net::SSLeay ≥ 1.86); note that
diff --git a/sources b/sources
index ed095c8..94b5acd 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (IO-Socket-SSL-2.061.tar.gz) = 2c5aa45f0ace5843e87c2b88f0805efa95b90af3b6e9c8bb258118886ab10ba9feb9b57a224704c33176a02563ae23dacb0707e644a7c647f7ead81132d1e3e0
+SHA512 (IO-Socket-SSL-2.062.tar.gz) = 8a568b08961550df532cbad2707aea670d00a4e446c3f91e2ba6ca2bb1d85e09428d1f495dab1c8f7d9a74b04717852a1dcdb1b9e2684cf37b7166797b6f1183