2007-01-16 00:30:54 +01:00
|
|
|
#
|
2011-05-17 10:25:26 +02:00
|
|
|
# spec file for package perl-IO-Socket-SSL
|
2007-01-16 00:30:54 +01:00
|
|
|
#
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
2007-01-16 00:30:54 +01:00
|
|
|
#
|
2008-08-19 00:22:02 +02:00
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2007-01-16 00:30:54 +01:00
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
|
|
|
#
|
|
|
|
|
|
2011-05-17 10:25:26 +02:00
|
|
|
|
2007-01-16 00:30:54 +01:00
|
|
|
Name: perl-IO-Socket-SSL
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
Version: 1.88
|
2011-12-08 12:15:34 +01:00
|
|
|
Release: 0
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
%define cpan_name IO-Socket-SSL
|
2011-05-10 21:38:21 +02:00
|
|
|
Summary: Nearly transparent SSL encapsulation for IO::Socket::INET
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
License: Artistic-1.0 or GPL-1.0+
|
2012-02-22 09:29:05 +01:00
|
|
|
Group: Development/Libraries/Perl
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
Url: http://search.cpan.org/dist/IO-Socket-SSL/
|
2011-05-04 13:11:22 +02:00
|
|
|
Source: http://www.cpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{version}.tar.gz
|
2010-11-24 22:06:13 +01:00
|
|
|
BuildRequires: perl
|
2011-05-04 13:11:22 +02:00
|
|
|
# MANUAL BEGIN
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
BuildRequires: perl-macros
|
2011-05-10 21:38:21 +02:00
|
|
|
BuildRequires: perl(IO::Socket::INET6)
|
2011-05-04 13:11:22 +02:00
|
|
|
BuildRequires: perl(Net::LibIDN)
|
2011-10-17 16:44:21 +02:00
|
|
|
BuildRequires: perl(Net::SSLeay) >= 1.21
|
|
|
|
|
Requires: perl(Net::SSLeay) >= 1.21
|
2010-11-24 22:12:52 +01:00
|
|
|
Recommends: perl(IO::Socket::INET6)
|
2010-11-24 22:06:13 +01:00
|
|
|
Recommends: perl(Net::LibIDN)
|
2011-10-17 16:44:21 +02:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
|
|
|
BuildArch: noarch
|
2011-05-04 13:11:22 +02:00
|
|
|
# MANUAL END
|
|
|
|
|
%{perl_requires}
|
2007-01-16 00:30:54 +01:00
|
|
|
|
|
|
|
|
%description
|
2010-11-24 22:06:13 +01:00
|
|
|
This module is a true drop-in replacement for IO::Socket::INET that uses
|
|
|
|
|
SSL to encrypt data before it is transferred to a remote server or client.
|
|
|
|
|
IO::Socket::SSL supports all the extra features that one needs to write a
|
|
|
|
|
full-featured SSL client or server application: multiple SSL contexts,
|
|
|
|
|
cipher selection, certificate verification, and SSL version selection. As
|
|
|
|
|
an extra bonus, it works perfectly with mod_perl.
|
|
|
|
|
|
|
|
|
|
If you have never used SSL before, you should read the appendix labelled
|
|
|
|
|
'Using SSL' before attempting to use this module.
|
2007-01-16 00:30:54 +01:00
|
|
|
|
2010-11-24 22:06:13 +01:00
|
|
|
If you have used this module before, read on, as versions 0.93 and above
|
|
|
|
|
have several changes from the previous IO::Socket::SSL versions (especially
|
|
|
|
|
see the note about return values).
|
2007-01-16 00:30:54 +01:00
|
|
|
|
2010-11-24 22:06:13 +01:00
|
|
|
If you are using non-blocking sockets read on, as version 0.98 added better
|
|
|
|
|
support for non-blocking.
|
|
|
|
|
|
|
|
|
|
If you are trying to use it with threads see the BUGS section.
|
2007-01-16 00:30:54 +01:00
|
|
|
|
|
|
|
|
%prep
|
2010-11-24 22:06:13 +01:00
|
|
|
%setup -q -n %{cpan_name}-%{version}
|
2007-01-16 00:30:54 +01:00
|
|
|
|
|
|
|
|
%build
|
2011-10-17 16:44:21 +02:00
|
|
|
perl Makefile.PL INSTALLDIRS=vendor
|
|
|
|
|
make %{?_smp_mflags}
|
2007-06-11 13:08:20 +02:00
|
|
|
|
2007-01-16 00:30:54 +01:00
|
|
|
%install
|
|
|
|
|
%perl_make_install
|
|
|
|
|
%perl_process_packlist
|
2010-11-24 22:06:13 +01:00
|
|
|
%perl_gen_filelist
|
2007-01-16 00:30:54 +01:00
|
|
|
|
- update to 1.88
+ consider a value of '' the same as undef for SSL_ca_(path|file)
+ complain if given SSL_(key|cert|ca)_(file|path) do not exist or
if they are not readable
+ disabled client side SNI for openssl version < 1.0.0
+ added functions can_client_sni, can_server_sni, can_npn to check
avaibility of SNI and NPN features. Added more documentation for
SNI and NPN
+ Server Name Indication (SNI) support on the server side
+ sub error sets $SSL_ERROR etc only if there really is an error,
otherwise it will keep the latest error. This causes
IO::Socket::SSL->new.. to report the correct problem, even if
the problem is deeper in the code (like in connect)
+ deprecated set_ctx_defaults, new name ist set_defaults
+ changed handling of default path for SSL_(ca|cert|key)* keys: either
if one of these keys is user defined don't add defaults for the
others, e.g. don't mix user settings and defaults
+ cleaner handling of module defaults vs. global settings vs. socket
specific settings
+ prepare transition to a more secure default for SSL_verify_mode.
The use of the current default SSL_VERIFY_NONE will cause a big warning
for clients, unless SSL_verify_mode was explicitly set inside the
application to this insecure value.
In the near future the default will be SSL_VERIFY_PEER, and thus
causing verification failures in unchanged applications.
+ use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
PeerPort from sockaddr in _update_peer, because this provides scope
+ work around systems which don't defined AF_INET6
+ update_peer for IPv6 also
+ no longer depend on Socket.pm 1.95 for inet_pton, but use
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=58
2013-05-12 01:06:34 +02:00
|
|
|
%check
|
|
|
|
|
make test
|
|
|
|
|
|
2007-01-16 00:30:54 +01:00
|
|
|
%clean
|
2011-10-17 16:44:21 +02:00
|
|
|
rm -rf %{buildroot}
|
2010-11-24 22:06:13 +01:00
|
|
|
|
|
|
|
|
%files -f %{name}.files
|
2011-05-04 13:11:22 +02:00
|
|
|
%defattr(-,root,root,755)
|
2011-05-10 21:38:21 +02:00
|
|
|
%doc BUGS Changes README
|
2008-01-28 16:08:44 +01:00
|
|
|
|
2007-03-07 13:38:30 +01:00
|
|
|
%changelog
|
