Hello community,
here is the log from the commit of package perl-IO-Socket-SSL for
openSUSE:Factory checked in at 2016-03-18 21:29:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL (Old)
and /work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-IO-Socket-SSL"
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes
2015-07-21 13:24:23.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new/perl-IO-Socket-SSL.changes
2016-03-18 21:29:31.000000000 +0100
@@ -1,0 +2,55 @@
+Fri Mar 11 10:14:57 UTC 2016 - co...@suse.com
+
+- updated to 2.024
+ see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
+
+ 2.024 2016/02/06
+ - Work around issue where the connect fails on systems having only a loopback
+ interface and where IO::Socket::IP is used as super class (default when
+ available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
+ localhost would fail on this systems. This happened at least for the tests,
+ see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
+ Workaround is to explicitely set GetAddrInfoFlags to 0 if no
GetAddrInfoFlags
+ is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
+ be useful anyway but would cause at most harm.
+ 2.023 2016/01/30
+ - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS
connection
+ was not fully established (commit:
f73c737c7ac908c5d6407c419769123392a3b0a9).
+ This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep
trying)
+ which caused an endless loop. It will now ignore this result in case the
TLS
+ connection was not yet established and consider the TLS connection closed
+ instead.
+ 2.022 2015/12/10
+ - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
+ Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
+ 2.021 2015/12/02
+ - Fixes for documentation and typos thanks to DavsX and jwilk.
+ - Update PublicSuffx with latest version from publicsuffix.org
+ 2.020 2015/09/20
+ - support multiple directories in SSL_ca_path as proposed in RT#106711
+ by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
+ with a path separator, see documentation.
+ - typos fixed thanks to jwilk
https://github.com/noxxi/p5-io-socket-ssl/pull/34
+ 2.019 2015/09/01
+ - work around different behavior of getnameinfo from Socket and Socket6 by
+ using a different wrapper depending on which module I use for IPv6.
+ Thanks to bluhm for reporting.
+ 2.018 2015/08/27
+ - RT#106687 - startssl.t failed on darwin with old openssl since server
+ requested client certificate but offered also anon ciphers
+ 2.017 2015/08/24
+ - checks for readability of files/dirs for certificates and CA no longer use
+ -r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295
+ - new method sock_certificate similar to peer_certificate based on idea of
+ Paul Evans, RT#105733
+ - get_fingerprint can now take optional certificate as argument and compute
+ the fingerprint of it. Useful in connection with sock_certificate.
+ - check for both EWOULDBLOCK and EAGAIN since these codes are different on
+ some platforms. Thanks to Andy Grundman, RT#106573
+ - enforce default verification scheme if none was specified, i.e. no longer
+ just warn but accept. If really no verification is wanted a scheme of
+ 'none' must be explicitly specified.
+ - support different cipher suites per SNI hosts
+- remove perl-IO-Socket-SSL_fix_offline.patch
+
+-------------------------------------------------------------------
Old:
----
IO-Socket-SSL-2.016.tar.gz
perl-IO-Socket-SSL_fix_offline.patch
New:
----
IO-Socket-SSL-2.024.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-IO-Socket-SSL.spec ++++++
--- /var/tmp/diff_new_pack.0IPliz/_old 2016-03-18 21:29:32.000000000 +0100
+++ /var/tmp/diff_new_pack.0IPliz/_new 2016-03-18 21:29:32.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package perl-IO-Socket-SSL
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: perl-IO-Socket-SSL
-Version: 2.016
+Version: 2.024
Release: 0
%define cpan_name IO-Socket-SSL
Summary: Nearly transparent SSL encapsulation for IO::Socket::INET
@@ -27,7 +27,6 @@
Source0:
http://www.cpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{version}.tar.gz
Source1: cpanspec.yml
Patch0:
perl-IO-Socket-SSL_add_DHE-RSA_to_default_client_cipher_list.patch
-Patch1: perl-IO-Socket-SSL_fix_offline.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl
@@ -38,10 +37,10 @@
%description
IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary
-functionality into the familiar the IO::Socket manpage interface and
-providing secure defaults whenever possible. This way, existing
-applications can be made SSL-aware without much effort, at least if you do
-blocking I/O and don't use select or poll.
+functionality into the familiar IO::Socket interface and providing secure
+defaults whenever possible. This way, existing applications can be made
+SSL-aware without much effort, at least if you do blocking I/O and don't
+use select or poll.
But, under the hood, SSL is a complex beast. So there are lots of methods
to make it do what you need if the default behavior is not adequate.
@@ -51,36 +50,34 @@
The documentation consists of the following parts:
-* * the /"Essential Information About SSL/TLS" manpage
+* * "Essential Information About SSL/TLS"
-* * the /"Basic SSL Client" manpage
+* * "Basic SSL Client"
-* * the /"Basic SSL Server" manpage
+* * "Basic SSL Server"
-* * the /"Common Usage Errors" manpage
+* * "Common Usage Errors"
-* * the /"Common Problems with SSL" manpage
+* * "Common Problems with SSL"
-* * the /"Using Non-Blocking Sockets" manpage
+* * "Using Non-Blocking Sockets"
-* * the /"Advanced Usage" manpage
+* * "Advanced Usage"
-* * the /"Integration Into Own Modules" manpage
+* * "Integration Into Own Modules"
-* * the /"Description Of Methods" manpage
+* * "Description Of Methods"
Additional documentation can be found in
-* * the IO::Socket::SSL::Intercept manpage - Doing Man-In-The-Middle with
- SSL
+* * IO::Socket::SSL::Intercept - Doing Man-In-The-Middle with SSL
-* * the IO::Socket::SSL::Utils manpage - Useful functions for certificates
- etc
+* * IO::Socket::SSL::Utils - Useful functions for certificates etc
%prep
%setup -q -n %{cpan_name}-%{version}
+find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644
%patch0 -p1
-%patch1 -p1
%build
%{__perl} Makefile.PL INSTALLDIRS=vendor
++++++ IO-Socket-SSL-2.016.tar.gz -> IO-Socket-SSL-2.024.tar.gz ++++++
++++ 5495 lines of diff (skipped)
