see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.064
- make algorithm for fingerprint optional, i.e. detect based on length of
fingerprint - https://rt.cpan.org/Ticket/Display.html?id=127773
- fix t/sessions.t and improve stability of t/verify_hostname.t on windows
- use CTX_set_ecdh_auto when needed (OpenSSL 1.0.2) if explicit curves are set
- update fingerprints for live tests
2.063
- support for both RSA and ECDSA certificate on same domain
- update PublicSuffix
- Refuse to build if Net::SSLeay is compiled with one version of OpenSSL but
then linked against another API-incompatible version (ie. more than just the
patchlevel differs).
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=116
- ignore Mozilla::CA
- updated to 2.054
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.054 2018/01/22
- added missing test certificates to MANIFEST
2.053 2018/01/21
- small behavior fixes
- if SSL_fingerprint is used and matches don't check for OCSP
- Utils::CERT_create - small fixes to properly specific purpose, ability to
use predefined complex purpose but disable some features
- update PublicSuffix
- updates for documentation, especially regarding pitfalls with forking or using
non-blocking sockets. Spelling fixes.
- test fixes and improvements
- stability improvements for live tests
- regenerate certificate in certs/ and make sure they are limited to the
correct purpose. Checkin program used to generate certificates.
- adjust tests since certificates have changed and some tests used
certificates intended for client authentication as server certificates,
which now no longer works
OBS-URL: https://build.opensuse.org/request/show/575636
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/perl-IO-Socket-SSL?expand=0&rev=76
- update to 2.051
fixes build with openssl 1.1
- syswrite: if SSL_write sets SSL_ERROR_SYSCALL but no $! (as seen with
OpenSSL 1.1.0 on Windows) set $! to EPIPE to propagate a useful error up
https://github.com/noxxi/p5-io-socket-ssl/issues/62
- removed unecessary settings of SSL_version and SSL_cipher_list from tests
- protocol_version.t can now deal when TLS 1.0 and/or TLS 1.1 are not supported
as is the case with openssl versions in latest Debian (buster)
- fixed problem caused by typo in the context of session cache
https://github.com/noxxi/p5-io-socket-ssl/issues/60
- update PublicSuffix information from publicsuffix.org
- fixed small memory leaks during destruction of socket and context, RT#120643
- better fix for problem which 2.046 tried to fix but broke LWP this way
- cleanup everything in DESTROY and make sure to start with a fresh %{*self}
in configure_SSL because it can happen that a GLOB gets used again without
calling DESTROY (https://github.com/noxxi/p5-io-socket-ssl/issues/56)
- fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
objects -> github pull#55
- optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD
if perl is compiled w/o thread support
- small fix in t/protocol_version.t to use older versions of Net::SSLeay
with openssl build w/o SSLv3 support
- when setting SSL_keepSocketOnError to true the socket will not be closed
on fatal error. This is a modified version of
https://github.com/noxxi/p5-io-socket-ssl/pull/53/
- protect various 'eval'-based capability detections at startup with a localized
__DIE__ handler. This way dynamically requiring IO::Socket::SSL as done by
various third party software should cause less problems even if there is a
global __DIE__ handler which does not properly deal with 'eval'.
- make t/session_ticket.t work with OpenSSL 1.1.0. With this version the
session does not get reused any longer if it was not properly closed which
OBS-URL: https://build.opensuse.org/request/show/528108
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=92
- updated to 2.024
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.024 2016/02/06
- Work around issue where the connect fails on systems having only a loopback
interface and where IO::Socket::IP is used as super class (default when
available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
localhost would fail on this systems. This happened at least for the tests,
see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags
is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
be useful anyway but would cause at most harm.
2.023 2016/01/30
- OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
which caused an endless loop. It will now ignore this result in case the TLS
connection was not yet established and consider the TLS connection closed
instead.
2.022 2015/12/10
- fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
2.021 2015/12/02
- Fixes for documentation and typos thanks to DavsX and jwilk.
- Update PublicSuffx with latest version from publicsuffix.org
2.020 2015/09/20
- support multiple directories in SSL_ca_path as proposed in RT#106711
by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
with a path separator, see documentation.
- typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34
2.019 2015/09/01
OBS-URL: https://build.opensuse.org/request/show/370293
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/perl-IO-Socket-SSL?expand=0&rev=72
