Accepting request 370293 from devel:languages:perl
- updated to 2.024 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.024 2016/02/06 - Work around issue where the connect fails on systems having only a loopback interface and where IO::Socket::IP is used as super class (default when available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to localhost would fail on this systems. This happened at least for the tests, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796 Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not be useful anyway but would cause at most harm. 2.023 2016/01/30 - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) which caused an endless loop. It will now ignore this result in case the TLS connection was not yet established and consider the TLS connection closed instead. 2.022 2015/12/10 - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash. Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253 2.021 2015/12/02 - Fixes for documentation and typos thanks to DavsX and jwilk. - Update PublicSuffx with latest version from publicsuffix.org 2.020 2015/09/20 - support multiple directories in SSL_ca_path as proposed in RT#106711 by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string with a path separator, see documentation. - typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34 2.019 2015/09/01 OBS-URL: https://build.opensuse.org/request/show/370293 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/perl-IO-Socket-SSL?expand=0&rev=72
This commit is contained in:
commit
aacdc5a2ef
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:936268b3c152a4900f9c1762ab2e0aa3f84ed3a988e8e60aaad604beda7bfe41
|
||||
size 195529
|
3
IO-Socket-SSL-2.024.tar.gz
Normal file
3
IO-Socket-SSL-2.024.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:dab3125b004b24ff8dfc003aa81c00c0f976a1bc34a75e1d8d9de9de837ce6c9
|
||||
size 209567
|
@ -1,3 +1,58 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 11 10:14:57 UTC 2016 - coolo@suse.com
|
||||
|
||||
- updated to 2.024
|
||||
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
|
||||
|
||||
2.024 2016/02/06
|
||||
- Work around issue where the connect fails on systems having only a loopback
|
||||
interface and where IO::Socket::IP is used as super class (default when
|
||||
available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
|
||||
localhost would fail on this systems. This happened at least for the tests,
|
||||
see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
|
||||
Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags
|
||||
is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
|
||||
be useful anyway but would cause at most harm.
|
||||
2.023 2016/01/30
|
||||
- OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
|
||||
was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
|
||||
This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
|
||||
which caused an endless loop. It will now ignore this result in case the TLS
|
||||
connection was not yet established and consider the TLS connection closed
|
||||
instead.
|
||||
2.022 2015/12/10
|
||||
- fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
|
||||
Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
|
||||
2.021 2015/12/02
|
||||
- Fixes for documentation and typos thanks to DavsX and jwilk.
|
||||
- Update PublicSuffx with latest version from publicsuffix.org
|
||||
2.020 2015/09/20
|
||||
- support multiple directories in SSL_ca_path as proposed in RT#106711
|
||||
by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
|
||||
with a path separator, see documentation.
|
||||
- typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34
|
||||
2.019 2015/09/01
|
||||
- work around different behavior of getnameinfo from Socket and Socket6 by
|
||||
using a different wrapper depending on which module I use for IPv6.
|
||||
Thanks to bluhm for reporting.
|
||||
2.018 2015/08/27
|
||||
- RT#106687 - startssl.t failed on darwin with old openssl since server
|
||||
requested client certificate but offered also anon ciphers
|
||||
2.017 2015/08/24
|
||||
- checks for readability of files/dirs for certificates and CA no longer use
|
||||
-r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295
|
||||
- new method sock_certificate similar to peer_certificate based on idea of
|
||||
Paul Evans, RT#105733
|
||||
- get_fingerprint can now take optional certificate as argument and compute
|
||||
the fingerprint of it. Useful in connection with sock_certificate.
|
||||
- check for both EWOULDBLOCK and EAGAIN since these codes are different on
|
||||
some platforms. Thanks to Andy Grundman, RT#106573
|
||||
- enforce default verification scheme if none was specified, i.e. no longer
|
||||
just warn but accept. If really no verification is wanted a scheme of
|
||||
'none' must be explicitly specified.
|
||||
- support different cipher suites per SNI hosts
|
||||
- remove perl-IO-Socket-SSL_fix_offline.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 7 18:54:46 UTC 2015 - coolo@suse.com
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package perl-IO-Socket-SSL
|
||||
#
|
||||
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: perl-IO-Socket-SSL
|
||||
Version: 2.016
|
||||
Version: 2.024
|
||||
Release: 0
|
||||
%define cpan_name IO-Socket-SSL
|
||||
Summary: Nearly transparent SSL encapsulation for IO::Socket::INET
|
||||
@ -27,7 +27,6 @@ Url: http://search.cpan.org/dist/IO-Socket-SSL/
|
||||
Source0: http://www.cpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{version}.tar.gz
|
||||
Source1: cpanspec.yml
|
||||
Patch0: perl-IO-Socket-SSL_add_DHE-RSA_to_default_client_cipher_list.patch
|
||||
Patch1: perl-IO-Socket-SSL_fix_offline.patch
|
||||
BuildArch: noarch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: perl
|
||||
@ -38,10 +37,10 @@ Requires: perl(Net::SSLeay) >= 1.46
|
||||
|
||||
%description
|
||||
IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary
|
||||
functionality into the familiar the IO::Socket manpage interface and
|
||||
providing secure defaults whenever possible. This way, existing
|
||||
applications can be made SSL-aware without much effort, at least if you do
|
||||
blocking I/O and don't use select or poll.
|
||||
functionality into the familiar IO::Socket interface and providing secure
|
||||
defaults whenever possible. This way, existing applications can be made
|
||||
SSL-aware without much effort, at least if you do blocking I/O and don't
|
||||
use select or poll.
|
||||
|
||||
But, under the hood, SSL is a complex beast. So there are lots of methods
|
||||
to make it do what you need if the default behavior is not adequate.
|
||||
@ -51,36 +50,34 @@ documentation carefully.
|
||||
|
||||
The documentation consists of the following parts:
|
||||
|
||||
* * the /"Essential Information About SSL/TLS" manpage
|
||||
* * "Essential Information About SSL/TLS"
|
||||
|
||||
* * the /"Basic SSL Client" manpage
|
||||
* * "Basic SSL Client"
|
||||
|
||||
* * the /"Basic SSL Server" manpage
|
||||
* * "Basic SSL Server"
|
||||
|
||||
* * the /"Common Usage Errors" manpage
|
||||
* * "Common Usage Errors"
|
||||
|
||||
* * the /"Common Problems with SSL" manpage
|
||||
* * "Common Problems with SSL"
|
||||
|
||||
* * the /"Using Non-Blocking Sockets" manpage
|
||||
* * "Using Non-Blocking Sockets"
|
||||
|
||||
* * the /"Advanced Usage" manpage
|
||||
* * "Advanced Usage"
|
||||
|
||||
* * the /"Integration Into Own Modules" manpage
|
||||
* * "Integration Into Own Modules"
|
||||
|
||||
* * the /"Description Of Methods" manpage
|
||||
* * "Description Of Methods"
|
||||
|
||||
Additional documentation can be found in
|
||||
|
||||
* * the IO::Socket::SSL::Intercept manpage - Doing Man-In-The-Middle with
|
||||
SSL
|
||||
* * IO::Socket::SSL::Intercept - Doing Man-In-The-Middle with SSL
|
||||
|
||||
* * the IO::Socket::SSL::Utils manpage - Useful functions for certificates
|
||||
etc
|
||||
* * IO::Socket::SSL::Utils - Useful functions for certificates etc
|
||||
|
||||
%prep
|
||||
%setup -q -n %{cpan_name}-%{version}
|
||||
find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
|
||||
%build
|
||||
%{__perl} Makefile.PL INSTALLDIRS=vendor
|
||||
|
@ -1,362 +0,0 @@
|
||||
Subject: OBS has no network and no DNS
|
||||
|
||||
Index: IO-Socket-SSL-2.016/t/acceptSSL-timeout.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/acceptSSL-timeout.t
|
||||
+++ IO-Socket-SSL-2.016/t/acceptSSL-timeout.t
|
||||
@@ -65,6 +65,7 @@ sub client_ssl {
|
||||
my $c = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 0
|
||||
) || die "connect failed: $!|$SSL_ERROR";
|
||||
print "Connected\n";
|
||||
Index: IO-Socket-SSL-2.016/t/auto_verify_hostname.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/auto_verify_hostname.t
|
||||
+++ IO-Socket-SSL-2.016/t/auto_verify_hostname.t
|
||||
@@ -27,6 +27,7 @@ my $server = IO::Socket::SSL->new(
|
||||
LocalPort => 0,
|
||||
Listen => 2,
|
||||
ReuseAddr => 1,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_server => 1,
|
||||
SSL_cert_file => "certs/server-wildcard.pem",
|
||||
SSL_key_file => "certs/server-wildcard.pem",
|
||||
@@ -51,6 +52,7 @@ for( my $i=0;$i<@tests;$i+=3 ) {
|
||||
my $cl = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 1,
|
||||
SSL_verifycn_scheme => $scheme,
|
||||
SSL_verifycn_name => $name,
|
||||
Index: IO-Socket-SSL-2.016/t/mitm.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/mitm.t
|
||||
+++ IO-Socket-SSL-2.016/t/mitm.t
|
||||
@@ -16,6 +16,7 @@ END { kill 9,@pid }
|
||||
my $server = IO::Socket::SSL->new(
|
||||
LocalAddr => '127.0.0.1',
|
||||
LocalPort => 0,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_cert_file => 'certs/server-cert.pem',
|
||||
SSL_key_file => 'certs/server-key.pem',
|
||||
Listen => 10,
|
||||
@@ -28,6 +29,7 @@ push @pid,$pid;
|
||||
close($server);
|
||||
|
||||
my $proxy = IO::Socket::INET->new(
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
LocalAddr => '127.0.0.1',
|
||||
LocalPort => 0,
|
||||
Listen => 10,
|
||||
@@ -44,6 +46,7 @@ close($proxy);
|
||||
my $cl = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 1,
|
||||
SSL_ca_file => 'certs/my-ca.pem',
|
||||
);
|
||||
@@ -57,6 +60,7 @@ $cl = IO::Socket::SSL->new(
|
||||
PeerAddr => $paddr,
|
||||
Domain => AF_INET,
|
||||
SSL_verify_mode => 1,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_ca_file => 'certs/proxyca.pem',
|
||||
);
|
||||
ssl_ok($cl,"ssl connected to proxy");
|
||||
@@ -81,6 +85,7 @@ sub proxy {
|
||||
my $toc = $proxy->accept or next;
|
||||
my $tos = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Domain => AF_INET,
|
||||
SSL_verify_mode => 1,
|
||||
SSL_ca_file => 'certs/my-ca.pem',
|
||||
Index: IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/plain_upgrade_downgrade.t
|
||||
+++ IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t
|
||||
@@ -11,6 +11,7 @@ IO::Socket::SSL::default_ca('certs/my-ca
|
||||
my $server = IO::Socket::SSL->new(
|
||||
LocalAddr => '127.0.0.1',
|
||||
LocalPort => 0,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Listen => 2,
|
||||
SSL_cert_file => 'certs/server-cert.pem',
|
||||
SSL_key_file => 'certs/server-key.pem',
|
||||
@@ -105,6 +106,7 @@ for my $test (
|
||||
if ($act =~m{newSSL(?::(.*))?$} ) {
|
||||
$cl = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Domain => AF_INET,
|
||||
defined($1) ? (SSL_startHandshake => $1):(),
|
||||
) or die "failed to connect: $!|$SSL_ERROR";
|
||||
Index: IO-Socket-SSL-2.016/t/alpn.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/alpn.t
|
||||
+++ IO-Socket-SSL-2.016/t/alpn.t
|
||||
@@ -25,6 +25,7 @@ my $addr = '127.0.0.1';
|
||||
my $server = IO::Socket::SSL->new(
|
||||
LocalAddr => $addr,
|
||||
Listen => 2,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg
|
||||
SSL_cert_file => 'certs/server-cert.pem',
|
||||
SSL_key_file => 'certs/server-key.pem',
|
||||
SSL_alpn_protocols => [qw(one two)],
|
||||
@@ -49,6 +50,7 @@ if ( !defined $pid ) {
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $addr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 0,
|
||||
SSL_alpn_protocols => [qw(two three)],
|
||||
) or do {
|
||||
Index: IO-Socket-SSL-2.016/t/cert_no_file.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/cert_no_file.t
|
||||
+++ IO-Socket-SSL-2.016/t/cert_no_file.t
|
||||
@@ -28,6 +28,7 @@ my %server_args = (
|
||||
LocalAddr => '127.0.0.1',
|
||||
LocalPort => 0,
|
||||
Listen => 2,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
SSL_server => 1,
|
||||
SSL_verify_mode => 0x00,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
@@ -73,6 +74,7 @@ foreach my $test ( 1,2,3 ) {
|
||||
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Domain => AF_INET,
|
||||
SSL_verify_mode => 0x00,
|
||||
);
|
||||
Index: IO-Socket-SSL-2.016/t/core.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/core.t
|
||||
+++ IO-Socket-SSL-2.016/t/core.t
|
||||
@@ -77,6 +77,7 @@ unless (fork) {
|
||||
$client = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg
|
||||
SSL_verify_mode => 0x01,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
SSL_use_cert => 1,
|
||||
@@ -178,6 +179,7 @@ unless (fork) {
|
||||
my $client_3 = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 0x01,
|
||||
SSL_version => 'TLSv1',
|
||||
SSL_cipher_list => 'HIGH',
|
||||
@@ -194,6 +196,7 @@ unless (fork) {
|
||||
|
||||
my $client_4 = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Domain => AF_INET,
|
||||
SSL_reuse_ctx => $client_3,
|
||||
Blocking => 0
|
||||
Index: IO-Socket-SSL-2.016/t/dhe.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/dhe.t
|
||||
+++ IO-Socket-SSL-2.016/t/dhe.t
|
||||
@@ -25,6 +25,7 @@ my $server = IO::Socket::SSL->new(
|
||||
LocalAddr => $addr,
|
||||
Listen => 2,
|
||||
ReuseAddr => 1,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_cert_file => "certs/server-rsa384-dh.pem",
|
||||
SSL_key_file => "certs/server-rsa384-dh.pem",
|
||||
SSL_dh_file => "certs/server-rsa384-dh.pem",
|
||||
@@ -52,6 +53,7 @@ if ( !defined $pid ) {
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $addr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_cipher_list => 'ALL:RSA:!aRSA',
|
||||
SSL_verify_mode => 0 ) || do {
|
||||
notok( "connect failed: $SSL_ERROR" );
|
||||
Index: IO-Socket-SSL-2.016/t/ecdhe.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/ecdhe.t
|
||||
+++ IO-Socket-SSL-2.016/t/ecdhe.t
|
||||
@@ -47,6 +47,7 @@ if ( !defined $pid ) {
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $addr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 0 ) || do {
|
||||
notok( "connect failed: $SSL_ERROR" );
|
||||
exit
|
||||
Index: IO-Socket-SSL-2.016/t/nonblock.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/nonblock.t
|
||||
+++ IO-Socket-SSL-2.016/t/nonblock.t
|
||||
@@ -119,6 +119,7 @@ if ( $pid == 0 ) {
|
||||
|
||||
# upgrade to SSL socket w/o connection yet
|
||||
if ( ! IO::Socket::SSL->start_SSL( $to_server,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_startHandshake => 0,
|
||||
SSL_verify_mode => 0,
|
||||
SSL_key_file => "certs/server-key.enc",
|
||||
@@ -283,6 +284,7 @@ if ( $pid == 0 ) {
|
||||
# no handshake yet
|
||||
if ( ! IO::Socket::SSL->start_SSL( $from_client,
|
||||
SSL_startHandshake => 0,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_server => 1,
|
||||
SSL_verify_mode => 0x00,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
Index: IO-Socket-SSL-2.016/t/npn.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/npn.t
|
||||
+++ IO-Socket-SSL-2.016/t/npn.t
|
||||
@@ -49,6 +49,7 @@ if ( !defined $pid ) {
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $addr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_verify_mode => 0,
|
||||
SSL_npn_protocols => [qw(two three)],
|
||||
) or do {
|
||||
Index: IO-Socket-SSL-2.016/t/protocol_version.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/protocol_version.t
|
||||
+++ IO-Socket-SSL-2.016/t/protocol_version.t
|
||||
@@ -43,6 +43,7 @@ if ($pid == 0) {
|
||||
my $cl = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
SSL_startHandshake => 0,
|
||||
SSL_verify_mode => 0,
|
||||
SSL_version => $ver,
|
||||
Index: IO-Socket-SSL-2.016/t/readline.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/readline.t
|
||||
+++ IO-Socket-SSL-2.016/t/readline.t
|
||||
@@ -154,6 +154,7 @@ my $testid = "Test00";
|
||||
foreach my $test (@tests) {
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $addr,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
Domain => AF_INET,
|
||||
SSL_verify_mode => 0 ) || do {
|
||||
notok( "connect failed: ".IO::Socket::SSL->errstr() );
|
||||
Index: IO-Socket-SSL-2.016/t/sessions.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/sessions.t
|
||||
+++ IO-Socket-SSL-2.016/t/sessions.t
|
||||
@@ -45,6 +45,7 @@ unless (fork) {
|
||||
SSL_version => 'TLSv1',
|
||||
SSL_cipher_list => 'HIGH',
|
||||
SSL_session_cache_size => 4,
|
||||
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
|
||||
);
|
||||
|
||||
|
||||
@@ -97,8 +98,8 @@ unless (fork) {
|
||||
|
||||
my $sock3 = IO::Socket::INET->new($saddr[2]);
|
||||
my @clients = (
|
||||
- IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET),
|
||||
- IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET),
|
||||
+ IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET, GetAddrInfoFlags => 0),
|
||||
+ IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET, GetAddrInfoFlags => 0),
|
||||
IO::Socket::SSL->start_SSL( $sock3 ),
|
||||
);
|
||||
|
||||
@@ -140,7 +141,7 @@ unless (fork) {
|
||||
}
|
||||
|
||||
@clients = map {
|
||||
- IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET)
|
||||
+ IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET, GetAddrInfoFlags => 0 )
|
||||
} @saddr;
|
||||
|
||||
if (keys(%$cache) != 6) {
|
||||
Index: IO-Socket-SSL-2.016/t/signal-readline.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/signal-readline.t
|
||||
+++ IO-Socket-SSL-2.016/t/signal-readline.t
|
||||
@@ -36,6 +36,7 @@ if ( $pid == 0 ) {
|
||||
close($server);
|
||||
my $client = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
Domain => AF_INET,
|
||||
SSL_verify_mode => 0
|
||||
) || print "not ";
|
||||
Index: IO-Socket-SSL-2.016/t/sni.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/sni.t
|
||||
+++ IO-Socket-SSL-2.016/t/sni.t
|
||||
@@ -60,6 +60,7 @@ if ( $pid == 0 ) {
|
||||
my $client = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
SSL_verify_mode => 1,
|
||||
SSL_hostname => $host,
|
||||
SSL_ca_file => 'certs/my-ca.pem',
|
||||
Index: IO-Socket-SSL-2.016/t/sni_verify.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/sni_verify.t
|
||||
+++ IO-Socket-SSL-2.016/t/sni_verify.t
|
||||
@@ -61,6 +61,7 @@ if ( $pid == 0 ) {
|
||||
my $client = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
SSL_verify_mode => 1,
|
||||
SSL_hostname => $host,
|
||||
SSL_ca_file => 'certs/my-ca.pem',
|
||||
Index: IO-Socket-SSL-2.016/t/sysread_write.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/sysread_write.t
|
||||
+++ IO-Socket-SSL-2.016/t/sysread_write.t
|
||||
@@ -47,6 +47,7 @@ if ( $pid == 0 ) {
|
||||
|
||||
my $to_server = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
Domain => AF_INET,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
) || do {
|
||||
Index: IO-Socket-SSL-2.016/t/verify_hostname.t
|
||||
===================================================================
|
||||
--- IO-Socket-SSL-2.016.orig/t/verify_hostname.t
|
||||
+++ IO-Socket-SSL-2.016/t/verify_hostname.t
|
||||
@@ -40,6 +40,7 @@ if ( $pid == 0 ) {
|
||||
my $client = IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
SSL_verify_mode => 0
|
||||
) || print "not ";
|
||||
ok( "client ssl connect" );
|
||||
@@ -110,6 +111,7 @@ defined( $pid = fork() ) || die $!;
|
||||
if ( $pid == 0 ) {
|
||||
IO::Socket::SSL->new(
|
||||
PeerAddr => $saddr,
|
||||
+ GetAddrInfoFlags => 0,
|
||||
Domain => AF_INET,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
SSL_verify_mode => 1,
|
||||
@@ -129,6 +131,7 @@ if ( $pid == 0 ) {
|
||||
PeerAddr => $saddr,
|
||||
Domain => AF_INET,
|
||||
SSL_ca_file => "certs/test-ca.pem",
|
||||
+ GetAddrInfoFlags => 0,
|
||||
SSL_verify_mode => 1,
|
||||
SSL_verifycn_scheme => 'www',
|
||||
SSL_verifycn_name => 'does.not.match.server.local'
|
Loading…
Reference in New Issue
Block a user