- New upstream release 1.55
- added support for TLSV1_1 and TLSV1_2 methods with SSL_CTX_tlsv1_1_new(),
SSL_CTX_tlsv1_2_new(), TLSv1_1_method() and TLSv1_2_method(), where
available in the underlying openssl
- added CRL support functions X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(),
X509_CRL_get_ext_count()
- fixed a problem that could cause content with a value of '0' to be
incorrectly encoded by do_httpx3 and friends (CPAN RT#85417)
- added support for SSL_get_tlsa_record_byname() required for DANE support in
openssl-1.0.2 and later
- testing with openssl-1.0.2-stable-SNAP-20130521
- added X509_NAME_new and X509_NAME_hash
- New upstream release 1.54
- added support for SSL_export_keying_material where present (i.e. in OpenSSL
1.0.1 and later)
- changed t/handle/external/50_external.t to use www.airspayce.com instead of
perldition.org, who no longer have an https server
- patch to fix a crash: P_X509_get_crl_distribution_points on an X509
certificate with values in the CDP extension that do not have an ia5 string
would cause a segmentation fault when accessed
- change in t/local/32_x509_get_cert_info.t to not use
Net::SSLeay::ASN1_INTEGER_get, since it works differently on 32 and 64 bit
platforms
- updated author and distribution location details to airspayce.com
- improvement to test 07_sslecho.t so that if set_cert_and_key fails we can
tell why
- New upstream release 1.50
- fixed a problem where t/handle/external/50_external.t would crash if any of
the test sites were not contactable
- now builds on VMS, added README.VMS
- fixed a few compiler warnings in SSLeay.xs; most of them are just
signed/unsigned pointer mismatches but there is one that actually fixes
returning what would be an arbitrary value off the stack from
get_my_thread_id if it happened to be called in a non-threaded build
- added SSL_set_tlsext_host_name, SSL_get_servername, SSL_get_servername_type,
SSL_CTX_set_tlsext_servername_callback for server side Server Name
Indication (SNI) support
- fixed a problem with C++ comments preventing builds on AIX and HPUX
- perdition.org not available for tests, changed to www.open.com.au
- added SSL_FIPS_mode_set
- improvements to test suite so it succeeds with and without FIPS mode
enabled
- added documentation, warning not to pass UTF-8 data in the content
argument to post_https
- New upstream release 1.49
- fixed problem where on some platforms test t/local/07_tcpecho.t would bail
out if it could not bind port 1212; it now tries a number of ports to bind
to until successful
- improvements to unsigned casting
- improvements to Net::SSLeay::read to make it easier to use with
non-blocking IO: it modifies Net::SSLeay::read() to return the result from
SSL_read() as the second return value, if Net::SSLeay::read() is called in
list context (its behavior should be unchanged if called in scalar or void
context)
- fixed a problem where t/local/kwalitee.t fails with
Module::CPANTS::Analyse 0.86
- fixed a number of typos
- fixed a compiler warning from Compiling with gcc-4.4 and -Wall
- Fixed problems with get_https4: documentation was wrong, $header_ref was
not correctly set and $server_cert was not returned
- fixed a problem that could cause a Perl exception about no blength method
on undef (CPAN RT#79309)
- added documentation about how to mitigate various SSL/TLS vulnerabilities
- SSL_MODE_* are now available as constants
- Drop upstreamed pod encoding patch
- New upstream release 1.48
- removed unneeded Debian_CPANTS.txt from MANIFEST
- fixed incorrect documentation about the best way to call CTX_set_options
- fixed problem that caused "Undefined subroutine utf8::encode" in
t/local/33_x509_create_cert.t (on perl 5.6.2)
- in examples and pod documentation, changed #!/usr/local/bin/perl to
#!/usr/bin/perl
- t/local/06_tcpecho.t now tries a number of ports to bind to until
successful
- No longer need to fix shellbangs in examples
- New upstream release 1.47
- fixed overlong lines and spelling errors in pod
- fixed extra "garbage" files in 1.46 tarball
- fixed incorrect fail reports on some 64 bit platforms
- fix to avoid FAIL reports from cpantesters with missing openssl
- use my_snprintf from ppport.h to prevent link failures with perl 5.8 and
earlier when compiled with MSVC
- New upstream release 1.46 (see Changes file for details)
- BR: openssl as well as openssl-devel, needed for building
- No longer need help to find openssl
- Upstream no longer shipping TODO
- Drop %defattr, redundant since rpm 4.4
- New upstream release 1.45 (see Changes file for full details)
- added thread safety and dynamic locking, which should complete thread
safety work, making Net::SSLeay completely thread-safe
- lots of improved documentation
- BR: perl(Test::Pod::Coverage)
- Install Net/SSLeay.pod as %doc
- Use DESTDIR rather than PERL_INSTALL_ROOT
- Use %{_fixperms} macro rather than our own chmod incantation
- BR: perl(AutoLoader), perl(Exporter), perl(Socket)
- New upstream release 1.42
- fixed incorrect documentation of how to enable CRL checking
- fixed incorrect letter in Sebastien in Credits
- changed order of the Changes file to be reverse chronological
- fixed a compile error when building on Windows with MSVC6
- Drop UTF8 patch, no longer needed
- New upstream release 1.41
- fixed incorrect const signatures for 1.0 that were causing warnings; now
have clean compile with 0.9.8a through 1.0.0
- BR: perl(Carp)
- New upstream release 1.40
- fixed incorrect argument type in call to SSL_set1_param
- fixed a number of issues with pointer sizes; removed redundant pointer cast
tests from t/
- added Perl version requirements to SSLeay.pm
- New upstream release 1.38
- fixed a problem with various symbols that only became available in OpenSSL
0.9.8 such as X509_VERIFY_PARAM and X509_POLICY_NODE, causing build
failures with older versions of OpenSSL (CPAN RT#71013)
- New upstream release 1.37
- added X509_get_fingerprint
- added support for SSL_CTX_set1_param, SSL_set1_param and selected
X509_VERIFY_PARAM_* OBJ_* functions
- fixed the prototype for randomize()
- fixed an uninitialized value warning in $Net::SSLeay::proxyauth
- allow net-ssleay to compile if SSLV2 is not present
- fixed a problem where sslcat (and possibly other functions) expect RSA
keys and will not load DSA keys for client certificates
- removed SSL_CTX_v2_new and SSLv2_method() for OpenSSL 1.0 and later
- added CTX_use_PKCS12_file
- This release by MIKEM => update source URL
