Accepting request 1186638 from devel:languages:perl:autoupdate

- updated to 2.87.0 (2.087)
   see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
  2.087 2024/07/08
  - support for PSK, see SSL_psk in documentation

OBS-URL: https://build.opensuse.org/request/show/1186638
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-IO-Socket-SSL?expand=0&rev=154

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

IO-Socket-SSL-2.087.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:936a46c58312df272313fedb4bb39faea7481629c163d83a8cdd283a0e28c578
+size 270113

cpanspec.yml

@@ -0,0 +1,5 @@
+patches:
+  perl-IO-Socket-SSL-use-system-default-cipher-list.patch: -p1 PATCH-FIX-UPSTREAM (bsc1200295) perl-IO-Socket-SSL doesn't follow system "PROFILE=SYSTEM" openSSL ciphers - https://git.centos.org/rpms/perl-IO-Socket-SSL/blob/e0b0ae04f5cdb41b1f29cb7d76c23abba7ac35e9/f/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch
+ignore_requires: Mozilla::CA
+prep: |-
+ rm README.Win32

perl-IO-Socket-SSL-use-system-default-cipher-list.patch

@@ -0,0 +1,34 @@
+Index: IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pm
+===================================================================
+--- IO-Socket-SSL-2.074.orig/lib/IO/Socket/SSL.pm
++++ IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pm
+@@ -205,8 +205,10 @@ my %DEFAULT_SSL_ARGS = (
+     SSL_npn_protocols => undef,    # meaning depends whether on server or client side
+     SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
+ 
+-    # rely on system default but be sure to disable some definitely bad ones
+-    SSL_cipher_list => 'DEFAULT !EXP !MEDIUM !LOW !eNULL !aNULL !RC4 !DES !MD5 !PSK !SRP',
++    # Use system-wide default cipher list to support use of system-wide
++    # crypto policy (#1076390, #1127577, CPAN RT#97816)
++    # https://fedoraproject.org/wiki/Changes/CryptoPolicy
++    SSL_cipher_list => 'PROFILE=SYSTEM',
+ );
+ 
+ my %DEFAULT_SSL_CLIENT_ARGS = (
+Index: IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pod
+===================================================================
+--- IO-Socket-SSL-2.074.orig/lib/IO/Socket/SSL.pod
++++ IO-Socket-SSL-2.074/lib/IO/Socket/SSL.pod
+@@ -1070,9 +1070,8 @@ ciphers for TLS 1.2 and lower. See the O
+ for more details.
+ 
+ Unless you fail to contact your peer because of no shared ciphers it is
+-recommended to leave this option at the default setting, which uses the system
+-default but disables some insecure ciphers which might still be enabled on older
+-systems.
++recommended to leave this option at the default setting, which honors the
++system-wide PROFILE=SYSTEM cipher list.
+ 
+ In case different cipher lists are needed for different SNI hosts a hash can be
+ given with the host as key and the cipher suite as value, similar to
+

perl-IO-Socket-SSL.spec

@@ -0,0 +1,111 @@
+#
+# spec file for package perl-IO-Socket-SSL
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%define cpan_name IO-Socket-SSL
+Name:           perl-IO-Socket-SSL
+Version:        2.87.0
+Release:        0
+# 2.087 -> normalize -> 2.87.0
+%define cpan_version 2.087
+License:        Artistic-1.0 OR GPL-1.0-or-later
+Summary:        Nearly transparent SSL encapsulation for IO::Socket::INET
+URL:            https://metacpan.org/release/%{cpan_name}
+Source0:        https://cpan.metacpan.org/authors/id/S/SU/SULLR/%{cpan_name}-%{cpan_version}.tar.gz
+Source1:        cpanspec.yml
+# PATCH-FIX-UPSTREAM (bsc1200295) perl-IO-Socket-SSL doesn't follow system "PROFILE=SYSTEM" openSSL ciphers - https://git.centos.org/rpms/perl-IO-Socket-SSL/blob/e0b0ae04f5cdb41b1f29cb7d76c23abba7ac35e9/f/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch
+Patch0:         perl-IO-Socket-SSL-use-system-default-cipher-list.patch
+BuildArch:      noarch
+BuildRequires:  perl
+BuildRequires:  perl-macros
+#BuildRequires:  perl(Mozilla::CA)
+BuildRequires:  perl(Net::SSLeay) >= 1.46
+#Requires:       perl(Mozilla::CA)
+Requires:       perl(Net::SSLeay) >= 1.46
+Provides:       perl(IO::Socket::SSL) = %{version}
+Provides:       perl(IO::Socket::SSL::Intercept) = 2.056
+Provides:       perl(IO::Socket::SSL::OCSP_Cache)
+Provides:       perl(IO::Socket::SSL::OCSP_Resolver)
+Provides:       perl(IO::Socket::SSL::PublicSuffix)
+Provides:       perl(IO::Socket::SSL::SSL_Context)
+Provides:       perl(IO::Socket::SSL::SSL_HANDLE)
+Provides:       perl(IO::Socket::SSL::Session_Cache)
+Provides:       perl(IO::Socket::SSL::Trace)
+Provides:       perl(IO::Socket::SSL::Utils) = 2.015
+%undefine       __perllib_provides
+%{perl_requires}
+
+%description
+IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary
+functionality into the familiar IO::Socket interface and providing secure
+defaults whenever possible. This way, existing applications can be made
+SSL-aware without much effort, at least if you do blocking I/O and don't
+use select or poll.
+
+But, under the hood, SSL is a complex beast. So there are lots of methods
+to make it do what you need if the default behavior is not adequate.
+Because it is easy to inadvertently introduce critical security bugs or
+just hard to debug problems, I would recommend studying the following
+documentation carefully.
+
+The documentation consists of the following parts:
+
+* * "Essential Information About SSL/TLS"
+
+* * "Basic SSL Client"
+
+* * "Basic SSL Server"
+
+* * "Common Usage Errors"
+
+* * "Common Problems with SSL"
+
+* * "Using Non-Blocking Sockets"
+
+* * "Advanced Usage"
+
+* * "Integration Into Own Modules"
+
+* * "Description Of Methods"
+
+Additional documentation can be found in
+
+* * IO::Socket::SSL::Intercept - Doing Man-In-The-Middle with SSL
+
+* * IO::Socket::SSL::Utils - Useful functions for certificates etc
+
+%prep
+%autosetup  -n %{cpan_name}-%{cpan_version} -p1
+
+find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -path "*/scripts/*" ! -name "configure" -print0 | xargs -0 chmod 644
+
+%build
+perl Makefile.PL INSTALLDIRS=vendor
+%make_build
+
+%check
+make test
+
+%install
+%perl_make_install
+%perl_process_packlist
+%perl_gen_filelist
+
+%files -f %{name}.files
+%doc BUGS Changes docs example README
+
+%changelog