- New upstream release 1.55
- added support for TLSV1_1 and TLSV1_2 methods with SSL_CTX_tlsv1_1_new(),
SSL_CTX_tlsv1_2_new(), TLSv1_1_method() and TLSv1_2_method(), where
available in the underlying openssl
- added CRL support functions X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(),
X509_CRL_get_ext_count()
- fixed a problem that could cause content with a value of '0' to be
incorrectly encoded by do_httpx3 and friends (CPAN RT#85417)
- added support for SSL_get_tlsa_record_byname() required for DANE support in
openssl-1.0.2 and later
- testing with openssl-1.0.2-stable-SNAP-20130521
- added X509_NAME_new and X509_NAME_hash
- New upstream release 1.54
- added support for SSL_export_keying_material where present (i.e. in OpenSSL
1.0.1 and later)
- changed t/handle/external/50_external.t to use www.airspayce.com instead of
perldition.org, who no longer have an https server
- patch to fix a crash: P_X509_get_crl_distribution_points on an X509
certificate with values in the CDP extension that do not have an ia5 string
would cause a segmentation fault when accessed
- change in t/local/32_x509_get_cert_info.t to not use
Net::SSLeay::ASN1_INTEGER_get, since it works differently on 32 and 64 bit
platforms
- updated author and distribution location details to airspayce.com
- improvement to test 07_sslecho.t so that if set_cert_and_key fails we can
tell why
- New upstream release 1.50
- fixed a problem where t/handle/external/50_external.t would crash if any of
the test sites were not contactable
- now builds on VMS, added README.VMS
- fixed a few compiler warnings in SSLeay.xs; most of them are just
signed/unsigned pointer mismatches but there is one that actually fixes
returning what would be an arbitrary value off the stack from
get_my_thread_id if it happened to be called in a non-threaded build
- added SSL_set_tlsext_host_name, SSL_get_servername, SSL_get_servername_type,
SSL_CTX_set_tlsext_servername_callback for server side Server Name
Indication (SNI) support
- fixed a problem with C++ comments preventing builds on AIX and HPUX
- perdition.org not available for tests, changed to www.open.com.au
- added SSL_FIPS_mode_set
- improvements to test suite so it succeeds with and without FIPS mode
enabled
- added documentation, warning not to pass UTF-8 data in the content
argument to post_https
- New upstream release 1.49
- fixed problem where on some platforms test t/local/07_tcpecho.t would bail
out if it could not bind port 1212; it now tries a number of ports to bind
to until successful
- improvements to unsigned casting
- improvements to Net::SSLeay::read to make it easier to use with
non-blocking IO: it modifies Net::SSLeay::read() to return the result from
SSL_read() as the second return value, if Net::SSLeay::read() is called in
list context (its behavior should be unchanged if called in scalar or void
context)
- fixed a problem where t/local/kwalitee.t fails with
Module::CPANTS::Analyse 0.86
- fixed a number of typos
- fixed a compiler warning from Compiling with gcc-4.4 and -Wall
- Fixed problems with get_https4: documentation was wrong, $header_ref was
not correctly set and $server_cert was not returned
- fixed a problem that could cause a Perl exception about no blength method
on undef (CPAN RT#79309)
- added documentation about how to mitigate various SSL/TLS vulnerabilities
- SSL_MODE_* are now available as constants
- Drop upstreamed pod encoding patch
- New upstream release 1.48
- removed unneeded Debian_CPANTS.txt from MANIFEST
- fixed incorrect documentation about the best way to call CTX_set_options
- fixed problem that caused "Undefined subroutine utf8::encode" in
t/local/33_x509_create_cert.t (on perl 5.6.2)
- in examples and pod documentation, changed #!/usr/local/bin/perl to
#!/usr/bin/perl
- t/local/06_tcpecho.t now tries a number of ports to bind to until
successful
- No longer need to fix shellbangs in examples
- New upstream release 1.47
- fixed overlong lines and spelling errors in pod
- fixed extra "garbage" files in 1.46 tarball
- fixed incorrect fail reports on some 64 bit platforms
- fix to avoid FAIL reports from cpantesters with missing openssl
- use my_snprintf from ppport.h to prevent link failures with perl 5.8 and
earlier when compiled with MSVC
- New upstream release 1.46 (see Changes file for details)
- BR: openssl as well as openssl-devel, needed for building
- No longer need help to find openssl
- Upstream no longer shipping TODO
- Drop %defattr, redundant since rpm 4.4
- New upstream release 1.45 (see Changes file for full details)
- added thread safety and dynamic locking, which should complete thread
safety work, making Net::SSLeay completely thread-safe
- lots of improved documentation
- BR: perl(Test::Pod::Coverage)
- Install Net/SSLeay.pod as %doc
- New upstream release 1.42
- fixed incorrect documentation of how to enable CRL checking
- fixed incorrect letter in Sebastien in Credits
- changed order of the Changes file to be reverse chronological
- fixed a compile error when building on Windows with MSVC6
- Drop UTF8 patch, no longer needed
- New upstream release 1.41
- fixed incorrect const signatures for 1.0 that were causing warnings; now
have clean compile with 0.9.8a through 1.0.0
- BR: perl(Carp)
- New upstream release 1.40
- fixed incorrect argument type in call to SSL_set1_param
- fixed a number of issues with pointer sizes; removed redundant pointer cast
tests from t/
- added Perl version requirements to SSLeay.pm
- New upstream release 1.38
- fixed a problem with various symbols that only became available in OpenSSL
0.9.8 such as X509_VERIFY_PARAM and X509_POLICY_NODE, causing build
failures with older versions of OpenSSL (CPAN RT#71013)
- New upstream release 1.37
- added X509_get_fingerprint
- added support for SSL_CTX_set1_param, SSL_set1_param and selected
X509_VERIFY_PARAM_* OBJ_* functions
- fixed the prototype for randomize()
- fixed an uninitialized value warning in $Net::SSLeay::proxyauth
- allow net-ssleay to compile if SSLV2 is not present
- fixed a problem where sslcat (and possibly other functions) expect RSA
keys and will not load DSA keys for client certificates
- removed SSL_CTX_v2_new and SSLv2_method() for OpenSSL 1.0 and later
- added CTX_use_PKCS12_file
- This release by MIKEM => update source URL
- drop flag and patch for enabling/disabling external tests - patch now
upstream
- external hosts patch no longer needed as we don't do external tests
- filter out unversioned provide for perl(Net::SSLeay)
- use the distro openssl flags rather than guessing them
- cosmetic spec changes suiting new maintainer's preferences
- fix argument order for find with -depth
- remove patch for CVE-2005-0106, fixed upstream in 1.30 (#191351)
(http://rt.cpan.org/Public/Bug/Display.html?id=19218)
- remove test patch, no longer needed
- re-encode Credits as UTF-8
- include TODO as %doc
- add buildreqs perl(Array::Compare), perl(MIME::Base64),
perl(Sub::Uplevel), perl(Test::Exception), perl(Test::NoWarnings),
perl(Test::Pod), perl(Test::Warn), perl(Tree::DAG_Node)
- add patch needed to disable testsuite non-interactively
- run test suite but disable external tests by default; external tests can
be enabled by using rpmbuild --with externaltests
- add patch to change hosts connected to in external tests
