diff --git a/perl-IO-Socket-SSL.changes b/perl-IO-Socket-SSL.changes index 46ff555..662c17c 100644 --- a/perl-IO-Socket-SSL.changes +++ b/perl-IO-Socket-SSL.changes @@ -51,6 +51,7 @@ Fri Mar 11 10:14:57 UTC 2016 - coolo@suse.com just warn but accept. If really no verification is wanted a scheme of 'none' must be explicitly specified. - support different cipher suites per SNI hosts +- remove perl-IO-Socket-SSL_fix_offline.patch ------------------------------------------------------------------- Tue Jul 7 18:54:46 UTC 2015 - coolo@suse.com diff --git a/perl-IO-Socket-SSL_fix_offline.patch b/perl-IO-Socket-SSL_fix_offline.patch deleted file mode 100644 index eb1f383..0000000 --- a/perl-IO-Socket-SSL_fix_offline.patch +++ /dev/null @@ -1,362 +0,0 @@ -Subject: OBS has no network and no DNS - -Index: IO-Socket-SSL-2.016/t/acceptSSL-timeout.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/acceptSSL-timeout.t -+++ IO-Socket-SSL-2.016/t/acceptSSL-timeout.t -@@ -65,6 +65,7 @@ sub client_ssl { - my $c = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 0 - ) || die "connect failed: $!|$SSL_ERROR"; - print "Connected\n"; -Index: IO-Socket-SSL-2.016/t/auto_verify_hostname.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/auto_verify_hostname.t -+++ IO-Socket-SSL-2.016/t/auto_verify_hostname.t -@@ -27,6 +27,7 @@ my $server = IO::Socket::SSL->new( - LocalPort => 0, - Listen => 2, - ReuseAddr => 1, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_server => 1, - SSL_cert_file => "certs/server-wildcard.pem", - SSL_key_file => "certs/server-wildcard.pem", -@@ -51,6 +52,7 @@ for( my $i=0;$i<@tests;$i+=3 ) { - my $cl = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 1, - SSL_verifycn_scheme => $scheme, - SSL_verifycn_name => $name, -Index: IO-Socket-SSL-2.016/t/mitm.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/mitm.t -+++ IO-Socket-SSL-2.016/t/mitm.t -@@ -16,6 +16,7 @@ END { kill 9,@pid } - my $server = IO::Socket::SSL->new( - LocalAddr => '127.0.0.1', - LocalPort => 0, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_cert_file => 'certs/server-cert.pem', - SSL_key_file => 'certs/server-key.pem', - Listen => 10, -@@ -28,6 +29,7 @@ push @pid,$pid; - close($server); - - my $proxy = IO::Socket::INET->new( -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - LocalAddr => '127.0.0.1', - LocalPort => 0, - Listen => 10, -@@ -44,6 +46,7 @@ close($proxy); - my $cl = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 1, - SSL_ca_file => 'certs/my-ca.pem', - ); -@@ -57,6 +60,7 @@ $cl = IO::Socket::SSL->new( - PeerAddr => $paddr, - Domain => AF_INET, - SSL_verify_mode => 1, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_ca_file => 'certs/proxyca.pem', - ); - ssl_ok($cl,"ssl connected to proxy"); -@@ -81,6 +85,7 @@ sub proxy { - my $toc = $proxy->accept or next; - my $tos = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Domain => AF_INET, - SSL_verify_mode => 1, - SSL_ca_file => 'certs/my-ca.pem', -Index: IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/plain_upgrade_downgrade.t -+++ IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t -@@ -11,6 +11,7 @@ IO::Socket::SSL::default_ca('certs/my-ca - my $server = IO::Socket::SSL->new( - LocalAddr => '127.0.0.1', - LocalPort => 0, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Listen => 2, - SSL_cert_file => 'certs/server-cert.pem', - SSL_key_file => 'certs/server-key.pem', -@@ -105,6 +106,7 @@ for my $test ( - if ($act =~m{newSSL(?::(.*))?$} ) { - $cl = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Domain => AF_INET, - defined($1) ? (SSL_startHandshake => $1):(), - ) or die "failed to connect: $!|$SSL_ERROR"; -Index: IO-Socket-SSL-2.016/t/alpn.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/alpn.t -+++ IO-Socket-SSL-2.016/t/alpn.t -@@ -25,6 +25,7 @@ my $addr = '127.0.0.1'; - my $server = IO::Socket::SSL->new( - LocalAddr => $addr, - Listen => 2, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg - SSL_cert_file => 'certs/server-cert.pem', - SSL_key_file => 'certs/server-key.pem', - SSL_alpn_protocols => [qw(one two)], -@@ -49,6 +50,7 @@ if ( !defined $pid ) { - my $to_server = IO::Socket::SSL->new( - PeerAddr => $addr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 0, - SSL_alpn_protocols => [qw(two three)], - ) or do { -Index: IO-Socket-SSL-2.016/t/cert_no_file.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/cert_no_file.t -+++ IO-Socket-SSL-2.016/t/cert_no_file.t -@@ -28,6 +28,7 @@ my %server_args = ( - LocalAddr => '127.0.0.1', - LocalPort => 0, - Listen => 2, -+ GetAddrInfoFlags => 0, - SSL_server => 1, - SSL_verify_mode => 0x00, - SSL_ca_file => "certs/test-ca.pem", -@@ -73,6 +74,7 @@ foreach my $test ( 1,2,3 ) { - - my $to_server = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Domain => AF_INET, - SSL_verify_mode => 0x00, - ); -Index: IO-Socket-SSL-2.016/t/core.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/core.t -+++ IO-Socket-SSL-2.016/t/core.t -@@ -77,6 +77,7 @@ unless (fork) { - $client = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg - SSL_verify_mode => 0x01, - SSL_ca_file => "certs/test-ca.pem", - SSL_use_cert => 1, -@@ -178,6 +179,7 @@ unless (fork) { - my $client_3 = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 0x01, - SSL_version => 'TLSv1', - SSL_cipher_list => 'HIGH', -@@ -194,6 +196,7 @@ unless (fork) { - - my $client_4 = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Domain => AF_INET, - SSL_reuse_ctx => $client_3, - Blocking => 0 -Index: IO-Socket-SSL-2.016/t/dhe.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/dhe.t -+++ IO-Socket-SSL-2.016/t/dhe.t -@@ -25,6 +25,7 @@ my $server = IO::Socket::SSL->new( - LocalAddr => $addr, - Listen => 2, - ReuseAddr => 1, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_cert_file => "certs/server-rsa384-dh.pem", - SSL_key_file => "certs/server-rsa384-dh.pem", - SSL_dh_file => "certs/server-rsa384-dh.pem", -@@ -52,6 +53,7 @@ if ( !defined $pid ) { - my $to_server = IO::Socket::SSL->new( - PeerAddr => $addr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_cipher_list => 'ALL:RSA:!aRSA', - SSL_verify_mode => 0 ) || do { - notok( "connect failed: $SSL_ERROR" ); -Index: IO-Socket-SSL-2.016/t/ecdhe.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/ecdhe.t -+++ IO-Socket-SSL-2.016/t/ecdhe.t -@@ -47,6 +47,7 @@ if ( !defined $pid ) { - my $to_server = IO::Socket::SSL->new( - PeerAddr => $addr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 0 ) || do { - notok( "connect failed: $SSL_ERROR" ); - exit -Index: IO-Socket-SSL-2.016/t/nonblock.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/nonblock.t -+++ IO-Socket-SSL-2.016/t/nonblock.t -@@ -119,6 +119,7 @@ if ( $pid == 0 ) { - - # upgrade to SSL socket w/o connection yet - if ( ! IO::Socket::SSL->start_SSL( $to_server, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_startHandshake => 0, - SSL_verify_mode => 0, - SSL_key_file => "certs/server-key.enc", -@@ -283,6 +284,7 @@ if ( $pid == 0 ) { - # no handshake yet - if ( ! IO::Socket::SSL->start_SSL( $from_client, - SSL_startHandshake => 0, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_server => 1, - SSL_verify_mode => 0x00, - SSL_ca_file => "certs/test-ca.pem", -Index: IO-Socket-SSL-2.016/t/npn.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/npn.t -+++ IO-Socket-SSL-2.016/t/npn.t -@@ -49,6 +49,7 @@ if ( !defined $pid ) { - my $to_server = IO::Socket::SSL->new( - PeerAddr => $addr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_verify_mode => 0, - SSL_npn_protocols => [qw(two three)], - ) or do { -Index: IO-Socket-SSL-2.016/t/protocol_version.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/protocol_version.t -+++ IO-Socket-SSL-2.016/t/protocol_version.t -@@ -43,6 +43,7 @@ if ($pid == 0) { - my $cl = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - SSL_startHandshake => 0, - SSL_verify_mode => 0, - SSL_version => $ver, -Index: IO-Socket-SSL-2.016/t/readline.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/readline.t -+++ IO-Socket-SSL-2.016/t/readline.t -@@ -154,6 +154,7 @@ my $testid = "Test00"; - foreach my $test (@tests) { - my $to_server = IO::Socket::SSL->new( - PeerAddr => $addr, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - Domain => AF_INET, - SSL_verify_mode => 0 ) || do { - notok( "connect failed: ".IO::Socket::SSL->errstr() ); -Index: IO-Socket-SSL-2.016/t/sessions.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/sessions.t -+++ IO-Socket-SSL-2.016/t/sessions.t -@@ -45,6 +45,7 @@ unless (fork) { - SSL_version => 'TLSv1', - SSL_cipher_list => 'HIGH', - SSL_session_cache_size => 4, -+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG - ); - - -@@ -97,8 +98,8 @@ unless (fork) { - - my $sock3 = IO::Socket::INET->new($saddr[2]); - my @clients = ( -- IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET), -- IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET), -+ IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET, GetAddrInfoFlags => 0), -+ IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET, GetAddrInfoFlags => 0), - IO::Socket::SSL->start_SSL( $sock3 ), - ); - -@@ -140,7 +141,7 @@ unless (fork) { - } - - @clients = map { -- IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET) -+ IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET, GetAddrInfoFlags => 0 ) - } @saddr; - - if (keys(%$cache) != 6) { -Index: IO-Socket-SSL-2.016/t/signal-readline.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/signal-readline.t -+++ IO-Socket-SSL-2.016/t/signal-readline.t -@@ -36,6 +36,7 @@ if ( $pid == 0 ) { - close($server); - my $client = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, - Domain => AF_INET, - SSL_verify_mode => 0 - ) || print "not "; -Index: IO-Socket-SSL-2.016/t/sni.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/sni.t -+++ IO-Socket-SSL-2.016/t/sni.t -@@ -60,6 +60,7 @@ if ( $pid == 0 ) { - my $client = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, - SSL_verify_mode => 1, - SSL_hostname => $host, - SSL_ca_file => 'certs/my-ca.pem', -Index: IO-Socket-SSL-2.016/t/sni_verify.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/sni_verify.t -+++ IO-Socket-SSL-2.016/t/sni_verify.t -@@ -61,6 +61,7 @@ if ( $pid == 0 ) { - my $client = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, - SSL_verify_mode => 1, - SSL_hostname => $host, - SSL_ca_file => 'certs/my-ca.pem', -Index: IO-Socket-SSL-2.016/t/sysread_write.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/sysread_write.t -+++ IO-Socket-SSL-2.016/t/sysread_write.t -@@ -47,6 +47,7 @@ if ( $pid == 0 ) { - - my $to_server = IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, - Domain => AF_INET, - SSL_ca_file => "certs/test-ca.pem", - ) || do { -Index: IO-Socket-SSL-2.016/t/verify_hostname.t -=================================================================== ---- IO-Socket-SSL-2.016.orig/t/verify_hostname.t -+++ IO-Socket-SSL-2.016/t/verify_hostname.t -@@ -40,6 +40,7 @@ if ( $pid == 0 ) { - my $client = IO::Socket::SSL->new( - PeerAddr => $saddr, - Domain => AF_INET, -+ GetAddrInfoFlags => 0, - SSL_verify_mode => 0 - ) || print "not "; - ok( "client ssl connect" ); -@@ -110,6 +111,7 @@ defined( $pid = fork() ) || die $!; - if ( $pid == 0 ) { - IO::Socket::SSL->new( - PeerAddr => $saddr, -+ GetAddrInfoFlags => 0, - Domain => AF_INET, - SSL_ca_file => "certs/test-ca.pem", - SSL_verify_mode => 1, -@@ -129,6 +131,7 @@ if ( $pid == 0 ) { - PeerAddr => $saddr, - Domain => AF_INET, - SSL_ca_file => "certs/test-ca.pem", -+ GetAddrInfoFlags => 0, - SSL_verify_mode => 1, - SSL_verifycn_scheme => 'www', - SSL_verifycn_name => 'does.not.match.server.local'