Hello community, here is the log from the commit of package perl-IO-Socket-SSL for openSUSE:Factory checked in at 2016-03-18 21:29:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL (Old) and /work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-IO-Socket-SSL" Changes: -------- --- /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes 2015-07-21 13:24:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new/perl-IO-Socket-SSL.changes 2016-03-18 21:29:31.000000000 +0100 @@ -1,0 +2,55 @@ +Fri Mar 11 10:14:57 UTC 2016 - co...@suse.com + +- updated to 2.024 + see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes + + 2.024 2016/02/06 + - Work around issue where the connect fails on systems having only a loopback + interface and where IO::Socket::IP is used as super class (default when + available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to + localhost would fail on this systems. This happened at least for the tests, + see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796 + Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags + is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not + be useful anyway but would cause at most harm. + 2.023 2016/01/30 + - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection + was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). + This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) + which caused an endless loop. It will now ignore this result in case the TLS + connection was not yet established and consider the TLS connection closed + instead. + 2.022 2015/12/10 + - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash. + Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253 + 2.021 2015/12/02 + - Fixes for documentation and typos thanks to DavsX and jwilk. + - Update PublicSuffx with latest version from publicsuffix.org + 2.020 2015/09/20 + - support multiple directories in SSL_ca_path as proposed in RT#106711 + by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string + with a path separator, see documentation. + - typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34 + 2.019 2015/09/01 + - work around different behavior of getnameinfo from Socket and Socket6 by + using a different wrapper depending on which module I use for IPv6. + Thanks to bluhm for reporting. + 2.018 2015/08/27 + - RT#106687 - startssl.t failed on darwin with old openssl since server + requested client certificate but offered also anon ciphers + 2.017 2015/08/24 + - checks for readability of files/dirs for certificates and CA no longer use + -r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295 + - new method sock_certificate similar to peer_certificate based on idea of + Paul Evans, RT#105733 + - get_fingerprint can now take optional certificate as argument and compute + the fingerprint of it. Useful in connection with sock_certificate. + - check for both EWOULDBLOCK and EAGAIN since these codes are different on + some platforms. Thanks to Andy Grundman, RT#106573 + - enforce default verification scheme if none was specified, i.e. no longer + just warn but accept. If really no verification is wanted a scheme of + 'none' must be explicitly specified. + - support different cipher suites per SNI hosts +- remove perl-IO-Socket-SSL_fix_offline.patch + +------------------------------------------------------------------- Old: ---- IO-Socket-SSL-2.016.tar.gz perl-IO-Socket-SSL_fix_offline.patch New: ---- IO-Socket-SSL-2.024.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-IO-Socket-SSL.spec ++++++ --- /var/tmp/diff_new_pack.0IPliz/_old 2016-03-18 21:29:32.000000000 +0100 +++ /var/tmp/diff_new_pack.0IPliz/_new 2016-03-18 21:29:32.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package perl-IO-Socket-SSL # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: perl-IO-Socket-SSL -Version: 2.016 +Version: 2.024 Release: 0 %define cpan_name IO-Socket-SSL Summary: Nearly transparent SSL encapsulation for IO::Socket::INET @@ -27,7 +27,6 @@ Source0: http://www.cpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{version}.tar.gz Source1: cpanspec.yml Patch0: perl-IO-Socket-SSL_add_DHE-RSA_to_default_client_cipher_list.patch -Patch1: perl-IO-Socket-SSL_fix_offline.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl @@ -38,10 +37,10 @@ %description IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary -functionality into the familiar the IO::Socket manpage interface and -providing secure defaults whenever possible. This way, existing -applications can be made SSL-aware without much effort, at least if you do -blocking I/O and don't use select or poll. +functionality into the familiar IO::Socket interface and providing secure +defaults whenever possible. This way, existing applications can be made +SSL-aware without much effort, at least if you do blocking I/O and don't +use select or poll. But, under the hood, SSL is a complex beast. So there are lots of methods to make it do what you need if the default behavior is not adequate. @@ -51,36 +50,34 @@ The documentation consists of the following parts: -* * the /"Essential Information About SSL/TLS" manpage +* * "Essential Information About SSL/TLS" -* * the /"Basic SSL Client" manpage +* * "Basic SSL Client" -* * the /"Basic SSL Server" manpage +* * "Basic SSL Server" -* * the /"Common Usage Errors" manpage +* * "Common Usage Errors" -* * the /"Common Problems with SSL" manpage +* * "Common Problems with SSL" -* * the /"Using Non-Blocking Sockets" manpage +* * "Using Non-Blocking Sockets" -* * the /"Advanced Usage" manpage +* * "Advanced Usage" -* * the /"Integration Into Own Modules" manpage +* * "Integration Into Own Modules" -* * the /"Description Of Methods" manpage +* * "Description Of Methods" Additional documentation can be found in -* * the IO::Socket::SSL::Intercept manpage - Doing Man-In-The-Middle with - SSL +* * IO::Socket::SSL::Intercept - Doing Man-In-The-Middle with SSL -* * the IO::Socket::SSL::Utils manpage - Useful functions for certificates - etc +* * IO::Socket::SSL::Utils - Useful functions for certificates etc %prep %setup -q -n %{cpan_name}-%{version} +find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644 %patch0 -p1 -%patch1 -p1 %build %{__perl} Makefile.PL INSTALLDIRS=vendor ++++++ IO-Socket-SSL-2.016.tar.gz -> IO-Socket-SSL-2.024.tar.gz ++++++ ++++ 5495 lines of diff (skipped)