Accepting request 1187397 from devel:languages:perl:autoupdate
- Remove patches 80315ed1a6a0b7968ce26284ed81b56c0ab288d9.patch,
perl-IO-Socket-SSL-use-system-default-cipher-list.patch (fixed upstream)
- updated to 2.88.0 (2.088)
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.088 2024/07/14
- minor fixes for use on ancient versions of perl and for building with
newer versions of openssl
OBS-URL: https://build.opensuse.org/request/show/1187397
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=157
This commit is contained in:
Tina Müller
Git OBS Bridge
parent
cd4c6314fc
commit
6fb3e7d0e6
@ -1,36 +0,0 @@
|
||||
From 80315ed1a6a0b7968ce26284ed81b56c0ab288d9 Mon Sep 17 00:00:00 2001
|
||||
From: Steffen Ullrich <github@maulwuff.de>
|
||||
Date: Wed, 10 Jul 2024 06:59:14 +0200
|
||||
Subject: [PATCH] fix typo and warning
|
||||
|
||||
---
|
||||
lib/IO/Socket/SSL.pm | 2 +-
|
||||
lib/IO/Socket/SSL.pod | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/IO/Socket/SSL.pm b/lib/IO/Socket/SSL.pm
|
||||
index 50b2660..d38a75c 100644
|
||||
--- a/lib/IO/Socket/SSL.pm
|
||||
+++ b/lib/IO/Socket/SSL.pm
|
||||
@@ -2594,7 +2594,7 @@ sub new {
|
||||
Net::SSLeay::CTX_set_psk_server_callback($ctx, sub {
|
||||
my ($ssl,$identity,$psklen) = @_;
|
||||
if (ref($psk) eq 'HASH') {
|
||||
- return $psk->{$identity} || $psk->{''} or return
|
||||
+ return $psk->{$identity} || $psk->{''} ||
|
||||
IO::Socket::SSL->_internal_error(
|
||||
"no PSK for given identity '$identity' and no default");
|
||||
} else {
|
||||
diff --git a/lib/IO/Socket/SSL.pod b/lib/IO/Socket/SSL.pod
|
||||
index f5af020..5ec29cc 100644
|
||||
--- a/lib/IO/Socket/SSL.pod
|
||||
+++ b/lib/IO/Socket/SSL.pod
|
||||
@@ -1357,7 +1357,7 @@ the configuration in the peer can be useless ("handshake failure") or misleading
|
||||
("bad mac").
|
||||
|
||||
PSK support needs respective API functionality in Net::SSLeay, which was
|
||||
-only fully included in 1.94. C<<IO::Socket::SSL->can_psk()>> returns undef if
|
||||
+only fully included in 1.94. C<< IO::Socket::SSL->can_psk() >> returns undef if
|
||||
functionality is not available and a hash-ref with details otherwise: key
|
||||
C<client> in the hash signals support for using PSK in a SSL client (available
|
||||
since Net::SSLeay 1.82) while key server for support of PSK in SSL server (since
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:936a46c58312df272313fedb4bb39faea7481629c163d83a8cdd283a0e28c578
|
||||
size 270113
|
||||
3
IO-Socket-SSL-2.088.tar.gz
Normal file
3
IO-Socket-SSL-2.088.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:9d27a31f0b617022180a1d1c45664beb76f51f3b8caede1404072a87dab74536
|
||||
size 270154
|
||||
@ -1,6 +1,4 @@
|
||||
patches:
|
||||
perl-IO-Socket-SSL-use-system-default-cipher-list.patch: -p1 PATCH-FIX-UPSTREAM (bsc1200295) perl-IO-Socket-SSL doesn't follow system "PROFILE=SYSTEM" openSSL ciphers - https://git.centos.org/rpms/perl-IO-Socket-SSL/blob/e0b0ae04f5cdb41b1f29cb7d76c23abba7ac35e9/f/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch
|
||||
https://github.com/noxxi/p5-io-socket-ssl/commit/80315ed1a6a0b7968ce26284ed81b56c0ab288d9.patch: -p1 PATCH-FIX-UPSTREAM https://github.com/noxxi/p5-io-socket-ssl/issues/155
|
||||
#patches:
|
||||
ignore_requires: Mozilla::CA
|
||||
prep: |-
|
||||
rm README.Win32
|
||||
|
||||
@ -1,34 +0,0 @@
|
||||
Index: IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pm
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.074.orig/lib/IO/Socket/SSL.pm
|
||||
+++ IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pm
|
||||
@@ -205,8 +205,10 @@ my %DEFAULT_SSL_ARGS = (
|
||||
SSL_npn_protocols => undef, # meaning depends whether on server or client side
|
||||
SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
|
||||
|
||||
- # rely on system default but be sure to disable some definitely bad ones
|
||||
- SSL_cipher_list => 'DEFAULT !EXP !MEDIUM !LOW !eNULL !aNULL !RC4 !DES !MD5 !PSK !SRP',
|
||||
+ # Use system-wide default cipher list to support use of system-wide
|
||||
+ # crypto policy (#1076390, #1127577, CPAN RT#97816)
|
||||
+ # https://fedoraproject.org/wiki/Changes/CryptoPolicy
|
||||
+ SSL_cipher_list => 'PROFILE=SYSTEM',
|
||||
);
|
||||
|
||||
my %DEFAULT_SSL_CLIENT_ARGS = (
|
||||
Index: IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pod
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.074.orig/lib/IO/Socket/SSL.pod
|
||||
+++ IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pod
|
||||
@@ -1070,9 +1070,8 @@ ciphers for TLS 1.2 and lower. See the O
|
||||
for more details.
|
||||
|
||||
Unless you fail to contact your peer because of no shared ciphers it is
|
||||
-recommended to leave this option at the default setting, which uses the system
|
||||
-default but disables some insecure ciphers which might still be enabled on older
|
||||
-systems.
|
||||
+recommended to leave this option at the default setting, which honors the
|
||||
+system-wide PROFILE=SYSTEM cipher list.
|
||||
|
||||
In case different cipher lists are needed for different SNI hosts a hash can be
|
||||
given with the host as key and the cipher suite as value, similar to
|
||||
|
||||
@ -1,3 +1,19 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Jul 14 16:02:28 UTC 2024 - Tina Müller <tina.mueller@suse.com>
|
||||
|
||||
- Remove patches 80315ed1a6a0b7968ce26284ed81b56c0ab288d9.patch,
|
||||
perl-IO-Socket-SSL-use-system-default-cipher-list.patch (fixed upstream)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jul 14 05:31:32 UTC 2024 - Tina Müller <timueller+perl@suse.de>
|
||||
|
||||
- updated to 2.88.0 (2.088)
|
||||
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
|
||||
|
||||
2.088 2024/07/14
|
||||
- minor fixes for use on ancient versions of perl and for building with
|
||||
newer versions of openssl
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 11 14:38:31 UTC 2024 - Dirk Stoecker <opensuse@dstoecker.de>
|
||||
|
||||
|
||||
@ -18,19 +18,15 @@
|
||||
|
||||
%define cpan_name IO-Socket-SSL
|
||||
Name: perl-IO-Socket-SSL
|
||||
Version: 2.87.0
|
||||
Version: 2.88.0
|
||||
Release: 0
|
||||
# 2.087 -> normalize -> 2.87.0
|
||||
%define cpan_version 2.087
|
||||
# 2.088 -> normalize -> 2.88.0
|
||||
%define cpan_version 2.088
|
||||
License: Artistic-1.0 OR GPL-1.0-or-later
|
||||
Summary: Nearly transparent SSL encapsulation for IO::Socket::INET
|
||||
URL: https://metacpan.org/release/%{cpan_name}
|
||||
Source0: https://cpan.metacpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{cpan_version}.tar.gz
|
||||
Source1: cpanspec.yml
|
||||
# PATCH-FIX-UPSTREAM https://github.com/noxxi/p5-io-socket-ssl/issues/155
|
||||
Patch0: https://github.com/noxxi/p5-io-socket-ssl/commit/80315ed1a6a0b7968ce26284ed81b56c0ab288d9.patch
|
||||
# PATCH-FIX-UPSTREAM (bsc1200295) perl-IO-Socket-SSL doesn't follow system "PROFILE=SYSTEM" openSSL ciphers - https://git.centos.org/rpms/perl-IO-Socket-SSL/blob/e0b0ae04f5cdb41b1f29cb7d76c23abba7ac35e9/f/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch
|
||||
Patch1: perl-IO-Socket-SSL-use-system-default-cipher-list.patch
|
||||
BuildArch: noarch
|
||||
BuildRequires: perl
|
||||
BuildRequires: perl-macros
|
||||
@ -91,7 +87,7 @@ Additional documentation can be found in
|
||||
* * IO::Socket::SSL::Utils - Useful functions for certificates etc
|
||||
|
||||
%prep
|
||||
%autosetup -n %{cpan_name}-%{cpan_version} -p1
|
||||
%autosetup -n %{cpan_name}-%{cpan_version}
|
||||
|
||||
find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -path "*/scripts/*" ! -name "configure" -print0 | xargs -0 chmod 644
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user