pool/perl-IO-Socket-SSL
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 370293 from devel:languages:perl

Browse Source 
- updated to 2.024
   see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
  2.024 2016/02/06
  - Work around issue where the connect fails on systems having only a loopback
    interface and where IO::Socket::IP is used as super class (default when
    available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
    localhost would fail on this systems. This happened at least for the tests,
    see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
    Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags
    is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
    be useful anyway but would cause at most harm.
  2.023 2016/01/30
  - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
    was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
    This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
    which caused an endless loop. It will now ignore this result in case the TLS
    connection was not yet established and consider the TLS connection closed
    instead.
  2.022 2015/12/10
  - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
    Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
  2.021 2015/12/02
  - Fixes for documentation and typos thanks to DavsX and jwilk.
  - Update PublicSuffx with latest version from publicsuffix.org
  2.020 2015/09/20
  - support multiple directories in SSL_ca_path as proposed in RT#106711
    by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
    with a path separator, see documentation.
  - typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34
  2.019 2015/09/01

OBS-URL: https://build.opensuse.org/request/show/370293
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/perl-IO-Socket-SSL?expand=0&rev=72
This commit is contained in:
Dominique Leuenberger 2016-03-18 20:29:30 +00:00 committed by Git OBS Bridge
commit aacdc5a2ef
5 changed files with 76 additions and 386 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
IO-Socket-SSL-2.016.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:936268b3c152a4900f9c1762ab2e0aa3f84ed3a988e8e60aaad604beda7bfe41
size 195529

3
IO-Socket-SSL-2.024.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dab3125b004b24ff8dfc003aa81c00c0f976a1bc34a75e1d8d9de9de837ce6c9
size 209567

55
perl-IO-Socket-SSL.changes
View File

@ -1,3 +1,58 @@
-------------------------------------------------------------------
Fri Mar 11 10:14:57 UTC 2016 - coolo@suse.com
- updated to 2.024
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.024 2016/02/06
- Work around issue where the connect fails on systems having only a loopback
interface and where IO::Socket::IP is used as super class (default when
available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
localhost would fail on this systems. This happened at least for the tests,
see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags
is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
be useful anyway but would cause at most harm.
2.023 2016/01/30
- OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
which caused an endless loop. It will now ignore this result in case the TLS
connection was not yet established and consider the TLS connection closed
instead.
2.022 2015/12/10
- fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
2.021 2015/12/02
- Fixes for documentation and typos thanks to DavsX and jwilk.
- Update PublicSuffx with latest version from publicsuffix.org
2.020 2015/09/20
- support multiple directories in SSL_ca_path as proposed in RT#106711
by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
with a path separator, see documentation.
- typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34
2.019 2015/09/01
- work around different behavior of getnameinfo from Socket and Socket6 by
using a different wrapper depending on which module I use for IPv6.
Thanks to bluhm for reporting.
2.018 2015/08/27
- RT#106687 - startssl.t failed on darwin with old openssl since server
requested client certificate but offered also anon ciphers
2.017 2015/08/24
- checks for readability of files/dirs for certificates and CA no longer use
-r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295
- new method sock_certificate similar to peer_certificate based on idea of
Paul Evans, RT#105733
- get_fingerprint can now take optional certificate as argument and compute
the fingerprint of it. Useful in connection with sock_certificate.
- check for both EWOULDBLOCK and EAGAIN since these codes are different on
some platforms. Thanks to Andy Grundman, RT#106573
- enforce default verification scheme if none was specified, i.e. no longer
just warn but accept. If really no verification is wanted a scheme of
'none' must be explicitly specified.
- support different cipher suites per SNI hosts
- remove perl-IO-Socket-SSL_fix_offline.patch
-------------------------------------------------------------------
Tue Jul 7 18:54:46 UTC 2015 - coolo@suse.com

39
perl-IO-Socket-SSL.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package perl-IO-Socket-SSL
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: perl-IO-Socket-SSL
Version: 2.016
Version: 2.024
Release: 0
%define cpan_name IO-Socket-SSL
Summary: Nearly transparent SSL encapsulation for IO::Socket::INET
@ -27,7 +27,6 @@ Url: http://search.cpan.org/dist/IO-Socket-SSL/
Source0: http://www.cpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{version}.tar.gz
Source1: cpanspec.yml
Patch0: perl-IO-Socket-SSL_add_DHE-RSA_to_default_client_cipher_list.patch
Patch1: perl-IO-Socket-SSL_fix_offline.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl
@ -38,10 +37,10 @@ Requires: perl(Net::SSLeay) >= 1.46
%description
IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary
functionality into the familiar the IO::Socket manpage interface and
providing secure defaults whenever possible. This way, existing
applications can be made SSL-aware without much effort, at least if you do
blocking I/O and don't use select or poll.
functionality into the familiar IO::Socket interface and providing secure
defaults whenever possible. This way, existing applications can be made
SSL-aware without much effort, at least if you do blocking I/O and don't
use select or poll.
But, under the hood, SSL is a complex beast. So there are lots of methods
to make it do what you need if the default behavior is not adequate.
@ -51,36 +50,34 @@ documentation carefully.
The documentation consists of the following parts:
* * the /"Essential Information About SSL/TLS" manpage
* * "Essential Information About SSL/TLS"
* * the /"Basic SSL Client" manpage
* * "Basic SSL Client"
* * the /"Basic SSL Server" manpage
* * "Basic SSL Server"
* * the /"Common Usage Errors" manpage
* * "Common Usage Errors"
* * the /"Common Problems with SSL" manpage
* * "Common Problems with SSL"
* * the /"Using Non-Blocking Sockets" manpage
* * "Using Non-Blocking Sockets"
* * the /"Advanced Usage" manpage
* * "Advanced Usage"
* * the /"Integration Into Own Modules" manpage
* * "Integration Into Own Modules"
* * the /"Description Of Methods" manpage
* * "Description Of Methods"
Additional documentation can be found in
* * the IO::Socket::SSL::Intercept manpage - Doing Man-In-The-Middle with
SSL
* * IO::Socket::SSL::Intercept - Doing Man-In-The-Middle with SSL
* * the IO::Socket::SSL::Utils manpage - Useful functions for certificates
etc
* * IO::Socket::SSL::Utils - Useful functions for certificates etc
%prep
%setup -q -n %{cpan_name}-%{version}
find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644
%patch0 -p1
%patch1 -p1
%build
%{__perl} Makefile.PL INSTALLDIRS=vendor

362
perl-IO-Socket-SSL_fix_offline.patch
View File

@ -1,362 +0,0 @@
Subject: OBS has no network and no DNS
Index: IO-Socket-SSL-2.016/t/acceptSSL-timeout.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/acceptSSL-timeout.t
+++ IO-Socket-SSL-2.016/t/acceptSSL-timeout.t
@@ -65,6 +65,7 @@ sub client_ssl {
my $c = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 0
) || die "connect failed: $!|$SSL_ERROR";
print "Connected\n";
Index: IO-Socket-SSL-2.016/t/auto_verify_hostname.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/auto_verify_hostname.t
+++ IO-Socket-SSL-2.016/t/auto_verify_hostname.t
@@ -27,6 +27,7 @@ my $server = IO::Socket::SSL->new(
LocalPort => 0,
Listen => 2,
ReuseAddr => 1,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_server => 1,
SSL_cert_file => "certs/server-wildcard.pem",
SSL_key_file => "certs/server-wildcard.pem",
@@ -51,6 +52,7 @@ for( my $i=0;$i<@tests;$i+=3 ) {
my $cl = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 1,
SSL_verifycn_scheme => $scheme,
SSL_verifycn_name => $name,
Index: IO-Socket-SSL-2.016/t/mitm.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/mitm.t
+++ IO-Socket-SSL-2.016/t/mitm.t
@@ -16,6 +16,7 @@ END { kill 9,@pid }
my $server = IO::Socket::SSL->new(
LocalAddr => '127.0.0.1',
LocalPort => 0,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_cert_file => 'certs/server-cert.pem',
SSL_key_file => 'certs/server-key.pem',
Listen => 10,
@@ -28,6 +29,7 @@ push @pid,$pid;
close($server);
my $proxy = IO::Socket::INET->new(
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
LocalAddr => '127.0.0.1',
LocalPort => 0,
Listen => 10,
@@ -44,6 +46,7 @@ close($proxy);
my $cl = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 1,
SSL_ca_file => 'certs/my-ca.pem',
);
@@ -57,6 +60,7 @@ $cl = IO::Socket::SSL->new(
PeerAddr => $paddr,
Domain => AF_INET,
SSL_verify_mode => 1,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_ca_file => 'certs/proxyca.pem',
);
ssl_ok($cl,"ssl connected to proxy");
@@ -81,6 +85,7 @@ sub proxy {
my $toc = $proxy->accept or next;
my $tos = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Domain => AF_INET,
SSL_verify_mode => 1,
SSL_ca_file => 'certs/my-ca.pem',
Index: IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/plain_upgrade_downgrade.t
+++ IO-Socket-SSL-2.016/t/plain_upgrade_downgrade.t
@@ -11,6 +11,7 @@ IO::Socket::SSL::default_ca('certs/my-ca
my $server = IO::Socket::SSL->new(
LocalAddr => '127.0.0.1',
LocalPort => 0,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Listen => 2,
SSL_cert_file => 'certs/server-cert.pem',
SSL_key_file => 'certs/server-key.pem',
@@ -105,6 +106,7 @@ for my $test (
if ($act =~m{newSSL(?::(.*))?$} ) {
$cl = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Domain => AF_INET,
defined($1) ? (SSL_startHandshake => $1):(),
) or die "failed to connect: $!|$SSL_ERROR";
Index: IO-Socket-SSL-2.016/t/alpn.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/alpn.t
+++ IO-Socket-SSL-2.016/t/alpn.t
@@ -25,6 +25,7 @@ my $addr = '127.0.0.1';
my $server = IO::Socket::SSL->new(
LocalAddr => $addr,
Listen => 2,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg
SSL_cert_file => 'certs/server-cert.pem',
SSL_key_file => 'certs/server-key.pem',
SSL_alpn_protocols => [qw(one two)],
@@ -49,6 +50,7 @@ if ( !defined $pid ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $addr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 0,
SSL_alpn_protocols => [qw(two three)],
) or do {
Index: IO-Socket-SSL-2.016/t/cert_no_file.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/cert_no_file.t
+++ IO-Socket-SSL-2.016/t/cert_no_file.t
@@ -28,6 +28,7 @@ my %server_args = (
LocalAddr => '127.0.0.1',
LocalPort => 0,
Listen => 2,
+ GetAddrInfoFlags => 0,
SSL_server => 1,
SSL_verify_mode => 0x00,
SSL_ca_file => "certs/test-ca.pem",
@@ -73,6 +74,7 @@ foreach my $test ( 1,2,3 ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Domain => AF_INET,
SSL_verify_mode => 0x00,
);
Index: IO-Socket-SSL-2.016/t/core.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/core.t
+++ IO-Socket-SSL-2.016/t/core.t
@@ -77,6 +77,7 @@ unless (fork) {
$client = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIg
SSL_verify_mode => 0x01,
SSL_ca_file => "certs/test-ca.pem",
SSL_use_cert => 1,
@@ -178,6 +179,7 @@ unless (fork) {
my $client_3 = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 0x01,
SSL_version => 'TLSv1',
SSL_cipher_list => 'HIGH',
@@ -194,6 +196,7 @@ unless (fork) {
my $client_4 = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Domain => AF_INET,
SSL_reuse_ctx => $client_3,
Blocking => 0
Index: IO-Socket-SSL-2.016/t/dhe.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/dhe.t
+++ IO-Socket-SSL-2.016/t/dhe.t
@@ -25,6 +25,7 @@ my $server = IO::Socket::SSL->new(
LocalAddr => $addr,
Listen => 2,
ReuseAddr => 1,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_cert_file => "certs/server-rsa384-dh.pem",
SSL_key_file => "certs/server-rsa384-dh.pem",
SSL_dh_file => "certs/server-rsa384-dh.pem",
@@ -52,6 +53,7 @@ if ( !defined $pid ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $addr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_cipher_list => 'ALL:RSA:!aRSA',
SSL_verify_mode => 0 ) || do {
notok( "connect failed: $SSL_ERROR" );
Index: IO-Socket-SSL-2.016/t/ecdhe.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/ecdhe.t
+++ IO-Socket-SSL-2.016/t/ecdhe.t
@@ -47,6 +47,7 @@ if ( !defined $pid ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $addr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 0 ) || do {
notok( "connect failed: $SSL_ERROR" );
exit
Index: IO-Socket-SSL-2.016/t/nonblock.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/nonblock.t
+++ IO-Socket-SSL-2.016/t/nonblock.t
@@ -119,6 +119,7 @@ if ( $pid == 0 ) {
# upgrade to SSL socket w/o connection yet
if ( ! IO::Socket::SSL->start_SSL( $to_server,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_startHandshake => 0,
SSL_verify_mode => 0,
SSL_key_file => "certs/server-key.enc",
@@ -283,6 +284,7 @@ if ( $pid == 0 ) {
# no handshake yet
if ( ! IO::Socket::SSL->start_SSL( $from_client,
SSL_startHandshake => 0,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_server => 1,
SSL_verify_mode => 0x00,
SSL_ca_file => "certs/test-ca.pem",
Index: IO-Socket-SSL-2.016/t/npn.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/npn.t
+++ IO-Socket-SSL-2.016/t/npn.t
@@ -49,6 +49,7 @@ if ( !defined $pid ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $addr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_verify_mode => 0,
SSL_npn_protocols => [qw(two three)],
) or do {
Index: IO-Socket-SSL-2.016/t/protocol_version.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/protocol_version.t
+++ IO-Socket-SSL-2.016/t/protocol_version.t
@@ -43,6 +43,7 @@ if ($pid == 0) {
my $cl = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
SSL_startHandshake => 0,
SSL_verify_mode => 0,
SSL_version => $ver,
Index: IO-Socket-SSL-2.016/t/readline.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/readline.t
+++ IO-Socket-SSL-2.016/t/readline.t
@@ -154,6 +154,7 @@ my $testid = "Test00";
foreach my $test (@tests) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $addr,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
Domain => AF_INET,
SSL_verify_mode => 0 ) || do {
notok( "connect failed: ".IO::Socket::SSL->errstr() );
Index: IO-Socket-SSL-2.016/t/sessions.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/sessions.t
+++ IO-Socket-SSL-2.016/t/sessions.t
@@ -45,6 +45,7 @@ unless (fork) {
SSL_version => 'TLSv1',
SSL_cipher_list => 'HIGH',
SSL_session_cache_size => 4,
+ GetAddrInfoFlags => 0, # avoid AI_ADDRCONFIG
);
@@ -97,8 +98,8 @@ unless (fork) {
my $sock3 = IO::Socket::INET->new($saddr[2]);
my @clients = (
- IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET),
- IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET),
+ IO::Socket::SSL->new(PeerAddr => $saddr[0], Domain => AF_INET, GetAddrInfoFlags => 0),
+ IO::Socket::SSL->new(PeerAddr => $saddr[1], Domain => AF_INET, GetAddrInfoFlags => 0),
IO::Socket::SSL->start_SSL( $sock3 ),
);
@@ -140,7 +141,7 @@ unless (fork) {
}
@clients = map {
- IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET)
+ IO::Socket::SSL->new(PeerAddr => $_, Domain => AF_INET, GetAddrInfoFlags => 0 )
} @saddr;
if (keys(%$cache) != 6) {
Index: IO-Socket-SSL-2.016/t/signal-readline.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/signal-readline.t
+++ IO-Socket-SSL-2.016/t/signal-readline.t
@@ -36,6 +36,7 @@ if ( $pid == 0 ) {
close($server);
my $client = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0,
Domain => AF_INET,
SSL_verify_mode => 0
) || print "not ";
Index: IO-Socket-SSL-2.016/t/sni.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/sni.t
+++ IO-Socket-SSL-2.016/t/sni.t
@@ -60,6 +60,7 @@ if ( $pid == 0 ) {
my $client = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0,
SSL_verify_mode => 1,
SSL_hostname => $host,
SSL_ca_file => 'certs/my-ca.pem',
Index: IO-Socket-SSL-2.016/t/sni_verify.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/sni_verify.t
+++ IO-Socket-SSL-2.016/t/sni_verify.t
@@ -61,6 +61,7 @@ if ( $pid == 0 ) {
my $client = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0,
SSL_verify_mode => 1,
SSL_hostname => $host,
SSL_ca_file => 'certs/my-ca.pem',
Index: IO-Socket-SSL-2.016/t/sysread_write.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/sysread_write.t
+++ IO-Socket-SSL-2.016/t/sysread_write.t
@@ -47,6 +47,7 @@ if ( $pid == 0 ) {
my $to_server = IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0,
Domain => AF_INET,
SSL_ca_file => "certs/test-ca.pem",
) || do {
Index: IO-Socket-SSL-2.016/t/verify_hostname.t
===================================================================
--- IO-Socket-SSL-2.016.orig/t/verify_hostname.t
+++ IO-Socket-SSL-2.016/t/verify_hostname.t
@@ -40,6 +40,7 @@ if ( $pid == 0 ) {
my $client = IO::Socket::SSL->new(
PeerAddr => $saddr,
Domain => AF_INET,
+ GetAddrInfoFlags => 0,
SSL_verify_mode => 0
) || print "not ";
ok( "client ssl connect" );
@@ -110,6 +111,7 @@ defined( $pid = fork() ) || die $!;
if ( $pid == 0 ) {
IO::Socket::SSL->new(
PeerAddr => $saddr,
+ GetAddrInfoFlags => 0,
Domain => AF_INET,
SSL_ca_file => "certs/test-ca.pem",
SSL_verify_mode => 1,
@@ -129,6 +131,7 @@ if ( $pid == 0 ) {
PeerAddr => $saddr,
Domain => AF_INET,
SSL_ca_file => "certs/test-ca.pem",
+ GetAddrInfoFlags => 0,
SSL_verify_mode => 1,
SSL_verifycn_scheme => 'www',
SSL_verifycn_name => 'does.not.match.server.local'