2008-08-04 02:49:41 +00:00
|
|
|
#
|
2011-11-18 11:43:24 +00:00
|
|
|
# spec file for package perl-Net-SSLeay
|
2008-08-04 02:49:41 +00:00
|
|
|
#
|
2023-12-17 21:29:03 +00:00
|
|
|
# Copyright (c) 2023 SUSE LLC
|
2008-08-04 02:49:41 +00:00
|
|
|
#
|
2009-06-18 15:09:49 +00:00
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2019-01-15 09:41:44 +00:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2008-08-04 02:49:41 +00:00
|
|
|
#
|
|
|
|
|
|
|
|
|
|
|
2018-08-27 12:27:14 +00:00
|
|
|
%define cpan_name Net-SSLeay
|
2008-08-04 02:49:41 +00:00
|
|
|
Name: perl-Net-SSLeay
|
Accepting request 947245 from devel:languages:perl:autoupdate
- updated to 1.92
see /usr/share/doc/packages/perl-Net-SSLeay/Changes
1.92 2022-01-12
- New stable release incorporating all changes from developer releases 1.91_01
to 1.91_03.
- Summary of major changes since version 1.90:
- Net::SSLeay now supports stable releases of OpenSSL 3.0.
- OpenSSL 3.0.0 introduces the concept of "providers", which contain
cryptographic algorithm implementations. Many outdated, deprecated and/or
insecure algorithms have been moved to the "legacy" provider, which may
need to be loaded explicitly in order to use them with Net::SSLeay. See
"Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the
Net::SSLeay module documentation for details.
- Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on
algorithms that have moved to the legacy provider described above; if
OpenSSL has been compiled without the legacy provider, the tests
t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will
fail when the test suite is run.
- TLS 1.1 and below may only be used at security level 0 as of OpenSSL
3.0.0; if a minimum required security level is imposed (e.g. in an
OpenSSL configuration file managed by the operating system), the tests
t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite
is run.
- Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4
series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the
Net::SSLeay module documentation for details).
- The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are
enabled by default, is not fully compatible with the libssl API and may
not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS"
in the Net::SSLeay module documentation for details.
- A number of new libcrypto/libssl constants and functions are now exposed,
including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(),
which are helpful when debugging TLS handshakes. See the release notes for
the 1.91 developer releases below for a full list of newly-exposed
constants and functions.
1.91_03 2022-01-10
- Avoid misclassifying Clang as GCC in Test::Net::SSLeay's can_thread()
function. This fixes test failures in 61_threads-cb-crash.t and
62_threads-ctx_new-deadlock.t on OpenBSD and FreeBSD (and possibly other OSes
too). Fixes GH-350.
- Add the following constants for OpenSSL_version():
- OPENSSL_CPU_INFO
- OPENSSL_FULL_VERSION_STRING
- OPENSSL_MODULES_DIR
- OPENSSL_VERSION_STRING
These constants are new in OpenSSL 3.0.0 release.
- Update test 03_use.t to print information returned by the new constants.
- Add more information to 03_use.t print output, including printing
OPENSSL_VERSION_NUMBER as a 32bit hex number.
- Add the following constants for OPENSSL_info() added in OpenSSL 3.0.0.
- OPENSSL_INFO_CONFIG_DIR
- OPENSSL_INFO_CPU_SETTINGS
- OPENSSL_INFO_DIR_FILENAME_SEPARATOR
- OPENSSL_INFO_DSO_EXTENSION
- OPENSSL_INFO_ENGINES_DIR
- OPENSSL_INFO_LIST_SEPARATOR
- OPENSSL_INFO_MODULES_DIR
- OPENSSL_INFO_SEED_SOURCE
- Expose OPENSSL_info(), OPENSSL_version_major(),
OPENSSL_version_minor(), OPENSSL_version_patch(),
OPENSSL_version_pre_release() and
OPENSSL_version_build_metadata() added in OpenSSL
3.0.0. Update 03_use.t diagnostics and 04_basic.t tests to
use these functions.
- Clarify documentation of OpenSSL_version_num(), SSLeay(),
SSLeay_version() and OpenSSL_version().
- Add notes to OpenSSL_version_num() and SSLeay() on how to
determine if the library is OpenSSL or LibreSSL and how to
interpret the version number these functions return.
- Add constants OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR
and OPENSSL_VERSION_PATCH. Update
OPENSSL_version_major/minor/patch documentation to describe
how these library functions relate to Net-SSLeay compile
time constants. Add tests to verify the constants and
functions return equal values.
1.91_02 2021-12-29
- On OpenVMS, detect vendor SSL111 product based on OpenSSL 1.1.x.
- Cast the return value of OCSP_SINGLERESP_get0_id to fix a
const/non-const mismatch warning that broke the build on OpenVMS.
- Create SSL_CTXs with Test::Net::SSLeay's new_ctx() function for tests that
are broken with LibreSSL 3.2. Partially fixes GH-232.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.2
versions from 3.2.4 onwards. Fixes the remainder of GH-232.
- Note in the Net::SSLeay documentation that the TLS 1.3 implementation in
LibreSSL 3.1 - 3.3, parts of which are enabled by default, is not
libssl-compatible. See the "KNOWN BUGS AND CAVEATS" section of
lib/Net/SSLeay.pod for details.
- Add constants for, but not limited to,
SSL_CTX_set_msg_callback and SSL_set_msg_callback functions:
SSL3_RT_* for record content types, SSL3_MT_* for Handshake
and ChangeCipherSpec message types, SSL2_VERSION to
complement the list of existing SSL and TLS version
constants and SSL2_MT_* for SSLv2 Handshake messages.
- Expose SSL_CTX_set_keylog_callback and
SSL_CTX_get_keylog_callback available with OpenSSL 1.1.1pre1
and later.
- Enhance 10_rand.t RAND_file_name tests: tests are no longer
affected by the runtime environment variables, HOME and
RANDFILE. These variables are insted controlled by the tests
with local %ENV. Problems related to RAND_file_name were
discussed in Github issue GH-152, and there might still be
cases when, for example, setuid is used because of OpenSSL's
use of glibc secure_getenv() and related functions. Address
RAND_file_name differences between OpenSSL versions. Note in
SSLeay.pod that RAND_file_name() can return undef with
LibreSSL and recent OpenSSL versions.
- Removed the following exportable symbols from SSLeay.pm:
- SESSION, clear_error and err have never been defined.
- add_session, flush_sessions and remove_session were
removed in Net::SSLeay 1.04
- Undocumented X509_STORE_CTX_set_flags() was removed in
Net::SSLeay 1.37 when X509_VERIFY_PARAM_* functions were
added. These are preferred over directly setting the flags.
- Clarified Changes entry for release 1.75 to state that
CTX_v2_new is not removed from Net::SSLeay. SSLv2 is
completely removed in OpenSSL 1.1.0.
- Beginning with OpenSSL 3.0.0-alpha17, SSL_CTX_get_options()
and related functions return uint64_t instead of long. For
this reason constant() in constant.c and Net::SSLeay must
also be able to return 64bit constants. Add uint64_t
definitions to typemap file and update constant() and
options functions to use uint64_t with OpenSSL 3.0.0 and
later when Perl is compiled with 64bit integers. With 32bit
integers, the functions remain as they are: constant()
functions return double and options functions return
long. This partially fixes GH-315, 32bit integer Perls need
to be handled separately.
- Work around macOS Monterey build failure during 'perl
Makefile.PL' that causes perl to exit with 'WARNING:
.../perl is loading libcrypto in an unsafe way' or similar
message. This fixes GH-329. Thanks to Daniel J. Luke for the
report and John Napiorkowski for additional help.
1.91_01 2021-10-24
- Correct X509_STORE_CTX_init() return value to integer. Previous
versions of Net::SSLeay return nothing.
- Update tests to call close() to avoid problems seen with
test 44_sess.t, and possibly other tests, running on older
Windows Perl versions. Also add some missing calls in tests
to shutdown and free ssl structures.
- Fix multiple formatting errors in the documentation for Net::SSLeay.
Thanks to John Jetmore.
- Check for presence of libssl headers in Makefile.PL, and exit with an
error instead of generating an invalid Makefile if they cannot be found.
Fixes RT#105189. Thanks to James E Keenan for the report.
- Added support for SSL_CTX_set_msg_callback/SSL_set_msg_callback
Thanks to Tim Aerts.
- Adjust time in ASN1_TIME_timet based on current offset to GMT to
address GH-148. Thanks to Steffen Ullrich.
- Multiple updates to tests to match OpenSSL 3.0 behaviour.
Thanks to Michal Josef Špaček.
- OpenSSL 3.0 related changes in tests include:
- TLSv1 and TLSv1.1 require security level 0 starting with 3.0 alpha 5.
- SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() ignore
unknown ciphersuites starting with 3.0 alpha 11.
- Error code and error string packing and formatting changes.
- PEM_get_string_PrivateKey default algorithm requires legacy provider.
- See OpenSSL manual page migration_guide(7) for more information about
changes in OpenSSL 3.0.
- Automatically detect OpenSSL installed via Homebrew on ARM-based macOS
systems. Thanks to Graham Knop for the patch.
- Account for the divergence in TLSv1.3 ciphersuite names between OpenSSL and
LibreSSL, which was causing failures of some TLSv1.3 tests with LibreSSL.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.3.2 and
above.
- In 43_misc_functions.t, account for the fact that LibreSSL 3.2.0 and above
implement TLSv1.3 without exposing a TLS1_3_VERSION constant.
- Expose OpenSSL 3.0 functions
OSSL_LIB_CTX_get0_global_default, OSSL_PROVIDER_load,
OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
OSSL_PROVIDER_available, OSSL_PROVIDER_do_all
OSSL_PROVIDER_get0_name and OSSL_PROVIDER_self_test.
Add test files 22_provider.t, 22_provider_try_load.t and
22_provider_try_load_zero_retain.t.
- With OpenSSL 3.0 and later, the legacy provider is loaded in
33_x509_create_cert.t to allow PEM_get_string_PrivateKey to
continue working until its default encryption method is
updated. Fixes GH-272 and closes GH-273.
- Remove the test suite's optional dependency on the non-core modules
Test::Exception, Test::NoWarnings and Test::Warn. Tests that verify
Net::SSLeay's behaviour when errors occur are now executed regardless of the
availability of these modules.
- Fully automate the process of changing the list of constants exported by
Net::SSLeay. Fixes GH-313.
- Perform function autoloading tests in the test suite. Fixes GH-311.
- In 36_verify.t, account for the fact that the X509_V_FLAG_LEGACY_VERIFY flag
(signalling the use of the legacy X.509 verifier) is no longer exposed as of
LibreSSL 3.4.1. Fixes GH-324.
OBS-URL: https://build.opensuse.org/request/show/947245
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Net-SSLeay?expand=0&rev=53
2022-01-18 18:08:39 +00:00
|
|
|
Version: 1.92
|
2012-02-10 11:14:13 +00:00
|
|
|
Release: 0
|
Accepting request 947245 from devel:languages:perl:autoupdate
- updated to 1.92
see /usr/share/doc/packages/perl-Net-SSLeay/Changes
1.92 2022-01-12
- New stable release incorporating all changes from developer releases 1.91_01
to 1.91_03.
- Summary of major changes since version 1.90:
- Net::SSLeay now supports stable releases of OpenSSL 3.0.
- OpenSSL 3.0.0 introduces the concept of "providers", which contain
cryptographic algorithm implementations. Many outdated, deprecated and/or
insecure algorithms have been moved to the "legacy" provider, which may
need to be loaded explicitly in order to use them with Net::SSLeay. See
"Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the
Net::SSLeay module documentation for details.
- Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on
algorithms that have moved to the legacy provider described above; if
OpenSSL has been compiled without the legacy provider, the tests
t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will
fail when the test suite is run.
- TLS 1.1 and below may only be used at security level 0 as of OpenSSL
3.0.0; if a minimum required security level is imposed (e.g. in an
OpenSSL configuration file managed by the operating system), the tests
t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite
is run.
- Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4
series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the
Net::SSLeay module documentation for details).
- The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are
enabled by default, is not fully compatible with the libssl API and may
not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS"
in the Net::SSLeay module documentation for details.
- A number of new libcrypto/libssl constants and functions are now exposed,
including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(),
which are helpful when debugging TLS handshakes. See the release notes for
the 1.91 developer releases below for a full list of newly-exposed
constants and functions.
1.91_03 2022-01-10
- Avoid misclassifying Clang as GCC in Test::Net::SSLeay's can_thread()
function. This fixes test failures in 61_threads-cb-crash.t and
62_threads-ctx_new-deadlock.t on OpenBSD and FreeBSD (and possibly other OSes
too). Fixes GH-350.
- Add the following constants for OpenSSL_version():
- OPENSSL_CPU_INFO
- OPENSSL_FULL_VERSION_STRING
- OPENSSL_MODULES_DIR
- OPENSSL_VERSION_STRING
These constants are new in OpenSSL 3.0.0 release.
- Update test 03_use.t to print information returned by the new constants.
- Add more information to 03_use.t print output, including printing
OPENSSL_VERSION_NUMBER as a 32bit hex number.
- Add the following constants for OPENSSL_info() added in OpenSSL 3.0.0.
- OPENSSL_INFO_CONFIG_DIR
- OPENSSL_INFO_CPU_SETTINGS
- OPENSSL_INFO_DIR_FILENAME_SEPARATOR
- OPENSSL_INFO_DSO_EXTENSION
- OPENSSL_INFO_ENGINES_DIR
- OPENSSL_INFO_LIST_SEPARATOR
- OPENSSL_INFO_MODULES_DIR
- OPENSSL_INFO_SEED_SOURCE
- Expose OPENSSL_info(), OPENSSL_version_major(),
OPENSSL_version_minor(), OPENSSL_version_patch(),
OPENSSL_version_pre_release() and
OPENSSL_version_build_metadata() added in OpenSSL
3.0.0. Update 03_use.t diagnostics and 04_basic.t tests to
use these functions.
- Clarify documentation of OpenSSL_version_num(), SSLeay(),
SSLeay_version() and OpenSSL_version().
- Add notes to OpenSSL_version_num() and SSLeay() on how to
determine if the library is OpenSSL or LibreSSL and how to
interpret the version number these functions return.
- Add constants OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR
and OPENSSL_VERSION_PATCH. Update
OPENSSL_version_major/minor/patch documentation to describe
how these library functions relate to Net-SSLeay compile
time constants. Add tests to verify the constants and
functions return equal values.
1.91_02 2021-12-29
- On OpenVMS, detect vendor SSL111 product based on OpenSSL 1.1.x.
- Cast the return value of OCSP_SINGLERESP_get0_id to fix a
const/non-const mismatch warning that broke the build on OpenVMS.
- Create SSL_CTXs with Test::Net::SSLeay's new_ctx() function for tests that
are broken with LibreSSL 3.2. Partially fixes GH-232.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.2
versions from 3.2.4 onwards. Fixes the remainder of GH-232.
- Note in the Net::SSLeay documentation that the TLS 1.3 implementation in
LibreSSL 3.1 - 3.3, parts of which are enabled by default, is not
libssl-compatible. See the "KNOWN BUGS AND CAVEATS" section of
lib/Net/SSLeay.pod for details.
- Add constants for, but not limited to,
SSL_CTX_set_msg_callback and SSL_set_msg_callback functions:
SSL3_RT_* for record content types, SSL3_MT_* for Handshake
and ChangeCipherSpec message types, SSL2_VERSION to
complement the list of existing SSL and TLS version
constants and SSL2_MT_* for SSLv2 Handshake messages.
- Expose SSL_CTX_set_keylog_callback and
SSL_CTX_get_keylog_callback available with OpenSSL 1.1.1pre1
and later.
- Enhance 10_rand.t RAND_file_name tests: tests are no longer
affected by the runtime environment variables, HOME and
RANDFILE. These variables are insted controlled by the tests
with local %ENV. Problems related to RAND_file_name were
discussed in Github issue GH-152, and there might still be
cases when, for example, setuid is used because of OpenSSL's
use of glibc secure_getenv() and related functions. Address
RAND_file_name differences between OpenSSL versions. Note in
SSLeay.pod that RAND_file_name() can return undef with
LibreSSL and recent OpenSSL versions.
- Removed the following exportable symbols from SSLeay.pm:
- SESSION, clear_error and err have never been defined.
- add_session, flush_sessions and remove_session were
removed in Net::SSLeay 1.04
- Undocumented X509_STORE_CTX_set_flags() was removed in
Net::SSLeay 1.37 when X509_VERIFY_PARAM_* functions were
added. These are preferred over directly setting the flags.
- Clarified Changes entry for release 1.75 to state that
CTX_v2_new is not removed from Net::SSLeay. SSLv2 is
completely removed in OpenSSL 1.1.0.
- Beginning with OpenSSL 3.0.0-alpha17, SSL_CTX_get_options()
and related functions return uint64_t instead of long. For
this reason constant() in constant.c and Net::SSLeay must
also be able to return 64bit constants. Add uint64_t
definitions to typemap file and update constant() and
options functions to use uint64_t with OpenSSL 3.0.0 and
later when Perl is compiled with 64bit integers. With 32bit
integers, the functions remain as they are: constant()
functions return double and options functions return
long. This partially fixes GH-315, 32bit integer Perls need
to be handled separately.
- Work around macOS Monterey build failure during 'perl
Makefile.PL' that causes perl to exit with 'WARNING:
.../perl is loading libcrypto in an unsafe way' or similar
message. This fixes GH-329. Thanks to Daniel J. Luke for the
report and John Napiorkowski for additional help.
1.91_01 2021-10-24
- Correct X509_STORE_CTX_init() return value to integer. Previous
versions of Net::SSLeay return nothing.
- Update tests to call close() to avoid problems seen with
test 44_sess.t, and possibly other tests, running on older
Windows Perl versions. Also add some missing calls in tests
to shutdown and free ssl structures.
- Fix multiple formatting errors in the documentation for Net::SSLeay.
Thanks to John Jetmore.
- Check for presence of libssl headers in Makefile.PL, and exit with an
error instead of generating an invalid Makefile if they cannot be found.
Fixes RT#105189. Thanks to James E Keenan for the report.
- Added support for SSL_CTX_set_msg_callback/SSL_set_msg_callback
Thanks to Tim Aerts.
- Adjust time in ASN1_TIME_timet based on current offset to GMT to
address GH-148. Thanks to Steffen Ullrich.
- Multiple updates to tests to match OpenSSL 3.0 behaviour.
Thanks to Michal Josef Špaček.
- OpenSSL 3.0 related changes in tests include:
- TLSv1 and TLSv1.1 require security level 0 starting with 3.0 alpha 5.
- SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() ignore
unknown ciphersuites starting with 3.0 alpha 11.
- Error code and error string packing and formatting changes.
- PEM_get_string_PrivateKey default algorithm requires legacy provider.
- See OpenSSL manual page migration_guide(7) for more information about
changes in OpenSSL 3.0.
- Automatically detect OpenSSL installed via Homebrew on ARM-based macOS
systems. Thanks to Graham Knop for the patch.
- Account for the divergence in TLSv1.3 ciphersuite names between OpenSSL and
LibreSSL, which was causing failures of some TLSv1.3 tests with LibreSSL.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.3.2 and
above.
- In 43_misc_functions.t, account for the fact that LibreSSL 3.2.0 and above
implement TLSv1.3 without exposing a TLS1_3_VERSION constant.
- Expose OpenSSL 3.0 functions
OSSL_LIB_CTX_get0_global_default, OSSL_PROVIDER_load,
OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
OSSL_PROVIDER_available, OSSL_PROVIDER_do_all
OSSL_PROVIDER_get0_name and OSSL_PROVIDER_self_test.
Add test files 22_provider.t, 22_provider_try_load.t and
22_provider_try_load_zero_retain.t.
- With OpenSSL 3.0 and later, the legacy provider is loaded in
33_x509_create_cert.t to allow PEM_get_string_PrivateKey to
continue working until its default encryption method is
updated. Fixes GH-272 and closes GH-273.
- Remove the test suite's optional dependency on the non-core modules
Test::Exception, Test::NoWarnings and Test::Warn. Tests that verify
Net::SSLeay's behaviour when errors occur are now executed regardless of the
availability of these modules.
- Fully automate the process of changing the list of constants exported by
Net::SSLeay. Fixes GH-313.
- Perform function autoloading tests in the test suite. Fixes GH-311.
- In 36_verify.t, account for the fact that the X509_V_FLAG_LEGACY_VERIFY flag
(signalling the use of the legacy X.509 verifier) is no longer exposed as of
LibreSSL 3.4.1. Fixes GH-324.
OBS-URL: https://build.opensuse.org/request/show/947245
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Net-SSLeay?expand=0&rev=53
2022-01-18 18:08:39 +00:00
|
|
|
Summary: Perl bindings for OpenSSL and LibreSSL
|
2017-08-21 09:31:40 +00:00
|
|
|
License: Artistic-2.0
|
Accepting request 705651 from home:pmonrealgonzalez:branches:devel:languages:perl
- Update to 1.88
1.88 2019-05-10
- New stable release incorporating all changes from developer
releases 1.86_01 to 1.86_11.
- From this release, Net-SSLeay is switching to an "odd/even"
developer/stable release version numbering system, like that of
many core modules (e.g. ExtUtils::MakeMaker): developer releases
will have an odd minor version number (and the usual "_xx" suffix),
and stable releases will have an even minor version number. This
means there is no Net-SSLeay 1.87.
- Summary of major changes since version 1.85:
- Mike McCauley has stepped down as maintainer. The new maintainers
are Chris Novakovic, Heikki Vatiainen and Tuure Vartiainen.
- The source code has moved from the now-defunct Debian Subversion
server (alioth.debian.org) to GitHub
(https://github.com/radiator-software/p5-net-ssleay).
- Net-SSLeay is provided under the terms of the Artistic License
2.0 - this has been the case since version 1.66, but references
to other licenses remained in the source code, causing ambiguity.
- Perl 5.8.1 or newer is now required to use Net-SSLeay. This has
already been the case for some time in practice, as the test
suite hasn't fully passed on Perl 5.6 for several years.
- Much-improved compatibility with OpenSSL 1.1.1, and improved
support for TLS 1.3.
- Fixed a long-standing bug in cb_data_advanced_put() that caused
memory leaks when callbacks were frequently added and removed.
- Support in the test suite for "hardened" OpenSSL configurations
that set a default security level of 2 or higher (e.g., in the
OpenSSL packages that ship with recent versions of Debian, Fedora
and Ubuntu).
OBS-URL: https://build.opensuse.org/request/show/705651
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Net-SSLeay?expand=0&rev=46
2019-05-27 11:42:22 +00:00
|
|
|
URL: https://metacpan.org/release/%{cpan_name}
|
|
|
|
|
Source0: https://cpan.metacpan.org/authors/id/C/CH/CHRISN/%{cpan_name}-%{version}.tar.gz
|
2021-06-23 09:20:52 +00:00
|
|
|
Source1: cpanspec.yml
|
2023-12-17 21:29:03 +00:00
|
|
|
# PATCH-FIX-UPSTREAM https://github.com/radiator-software/p5-net-ssleay/issues/449
|
|
|
|
|
Patch0: Use-constants-X509_VERSION_3-and-X509_REQ_VERSION_1-when-available.patch
|
2010-07-19 18:54:44 +00:00
|
|
|
BuildRequires: perl
|
|
|
|
|
BuildRequires: perl-macros
|
2012-02-10 11:14:13 +00:00
|
|
|
%{perl_requires}
|
2021-06-23 09:20:52 +00:00
|
|
|
# MANUAL BEGIN
|
|
|
|
|
BuildRequires: libopenssl-devel
|
|
|
|
|
BuildRequires: zlib-devel
|
2010-07-19 18:54:44 +00:00
|
|
|
BuildRequires: perl(Test::Exception)
|
|
|
|
|
BuildRequires: perl(Test::NoWarnings)
|
2021-06-23 09:20:52 +00:00
|
|
|
BuildRequires: perl(Test::Pod) >= 1.41
|
2012-02-10 11:14:13 +00:00
|
|
|
BuildRequires: perl(Test::Warn)
|
2021-06-23 09:20:52 +00:00
|
|
|
# MANUAL END
|
2008-08-04 02:49:41 +00:00
|
|
|
|
|
|
|
|
%description
|
2021-06-23 09:20:52 +00:00
|
|
|
This module provides Perl bindings for libssl (an SSL/TLS API) and
|
|
|
|
|
libcrypto (a cryptography API).
|
2008-08-04 02:49:41 +00:00
|
|
|
|
|
|
|
|
%prep
|
2023-12-17 21:29:03 +00:00
|
|
|
%autosetup -n %{cpan_name}-%{version} -p1
|
2021-06-23 09:20:52 +00:00
|
|
|
find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -name "configure" -print0 | xargs -0 chmod 644
|
2010-07-19 18:54:44 +00:00
|
|
|
|
|
|
|
|
%build
|
2021-06-23 09:20:52 +00:00
|
|
|
perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}"
|
|
|
|
|
%make_build
|
2008-08-04 02:49:41 +00:00
|
|
|
|
|
|
|
|
%check
|
2021-06-23 09:20:52 +00:00
|
|
|
make test
|
2008-08-04 02:49:41 +00:00
|
|
|
|
|
|
|
|
%install
|
2010-07-19 18:54:44 +00:00
|
|
|
%perl_make_install
|
2008-08-04 02:49:41 +00:00
|
|
|
%perl_process_packlist
|
2010-07-19 18:54:44 +00:00
|
|
|
%perl_gen_filelist
|
2008-08-04 02:49:41 +00:00
|
|
|
|
2010-07-19 18:54:44 +00:00
|
|
|
%files -f %{name}.files
|
Accepting request 947245 from devel:languages:perl:autoupdate
- updated to 1.92
see /usr/share/doc/packages/perl-Net-SSLeay/Changes
1.92 2022-01-12
- New stable release incorporating all changes from developer releases 1.91_01
to 1.91_03.
- Summary of major changes since version 1.90:
- Net::SSLeay now supports stable releases of OpenSSL 3.0.
- OpenSSL 3.0.0 introduces the concept of "providers", which contain
cryptographic algorithm implementations. Many outdated, deprecated and/or
insecure algorithms have been moved to the "legacy" provider, which may
need to be loaded explicitly in order to use them with Net::SSLeay. See
"Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the
Net::SSLeay module documentation for details.
- Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on
algorithms that have moved to the legacy provider described above; if
OpenSSL has been compiled without the legacy provider, the tests
t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will
fail when the test suite is run.
- TLS 1.1 and below may only be used at security level 0 as of OpenSSL
3.0.0; if a minimum required security level is imposed (e.g. in an
OpenSSL configuration file managed by the operating system), the tests
t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite
is run.
- Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4
series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the
Net::SSLeay module documentation for details).
- The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are
enabled by default, is not fully compatible with the libssl API and may
not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS"
in the Net::SSLeay module documentation for details.
- A number of new libcrypto/libssl constants and functions are now exposed,
including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(),
which are helpful when debugging TLS handshakes. See the release notes for
the 1.91 developer releases below for a full list of newly-exposed
constants and functions.
1.91_03 2022-01-10
- Avoid misclassifying Clang as GCC in Test::Net::SSLeay's can_thread()
function. This fixes test failures in 61_threads-cb-crash.t and
62_threads-ctx_new-deadlock.t on OpenBSD and FreeBSD (and possibly other OSes
too). Fixes GH-350.
- Add the following constants for OpenSSL_version():
- OPENSSL_CPU_INFO
- OPENSSL_FULL_VERSION_STRING
- OPENSSL_MODULES_DIR
- OPENSSL_VERSION_STRING
These constants are new in OpenSSL 3.0.0 release.
- Update test 03_use.t to print information returned by the new constants.
- Add more information to 03_use.t print output, including printing
OPENSSL_VERSION_NUMBER as a 32bit hex number.
- Add the following constants for OPENSSL_info() added in OpenSSL 3.0.0.
- OPENSSL_INFO_CONFIG_DIR
- OPENSSL_INFO_CPU_SETTINGS
- OPENSSL_INFO_DIR_FILENAME_SEPARATOR
- OPENSSL_INFO_DSO_EXTENSION
- OPENSSL_INFO_ENGINES_DIR
- OPENSSL_INFO_LIST_SEPARATOR
- OPENSSL_INFO_MODULES_DIR
- OPENSSL_INFO_SEED_SOURCE
- Expose OPENSSL_info(), OPENSSL_version_major(),
OPENSSL_version_minor(), OPENSSL_version_patch(),
OPENSSL_version_pre_release() and
OPENSSL_version_build_metadata() added in OpenSSL
3.0.0. Update 03_use.t diagnostics and 04_basic.t tests to
use these functions.
- Clarify documentation of OpenSSL_version_num(), SSLeay(),
SSLeay_version() and OpenSSL_version().
- Add notes to OpenSSL_version_num() and SSLeay() on how to
determine if the library is OpenSSL or LibreSSL and how to
interpret the version number these functions return.
- Add constants OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR
and OPENSSL_VERSION_PATCH. Update
OPENSSL_version_major/minor/patch documentation to describe
how these library functions relate to Net-SSLeay compile
time constants. Add tests to verify the constants and
functions return equal values.
1.91_02 2021-12-29
- On OpenVMS, detect vendor SSL111 product based on OpenSSL 1.1.x.
- Cast the return value of OCSP_SINGLERESP_get0_id to fix a
const/non-const mismatch warning that broke the build on OpenVMS.
- Create SSL_CTXs with Test::Net::SSLeay's new_ctx() function for tests that
are broken with LibreSSL 3.2. Partially fixes GH-232.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.2
versions from 3.2.4 onwards. Fixes the remainder of GH-232.
- Note in the Net::SSLeay documentation that the TLS 1.3 implementation in
LibreSSL 3.1 - 3.3, parts of which are enabled by default, is not
libssl-compatible. See the "KNOWN BUGS AND CAVEATS" section of
lib/Net/SSLeay.pod for details.
- Add constants for, but not limited to,
SSL_CTX_set_msg_callback and SSL_set_msg_callback functions:
SSL3_RT_* for record content types, SSL3_MT_* for Handshake
and ChangeCipherSpec message types, SSL2_VERSION to
complement the list of existing SSL and TLS version
constants and SSL2_MT_* for SSLv2 Handshake messages.
- Expose SSL_CTX_set_keylog_callback and
SSL_CTX_get_keylog_callback available with OpenSSL 1.1.1pre1
and later.
- Enhance 10_rand.t RAND_file_name tests: tests are no longer
affected by the runtime environment variables, HOME and
RANDFILE. These variables are insted controlled by the tests
with local %ENV. Problems related to RAND_file_name were
discussed in Github issue GH-152, and there might still be
cases when, for example, setuid is used because of OpenSSL's
use of glibc secure_getenv() and related functions. Address
RAND_file_name differences between OpenSSL versions. Note in
SSLeay.pod that RAND_file_name() can return undef with
LibreSSL and recent OpenSSL versions.
- Removed the following exportable symbols from SSLeay.pm:
- SESSION, clear_error and err have never been defined.
- add_session, flush_sessions and remove_session were
removed in Net::SSLeay 1.04
- Undocumented X509_STORE_CTX_set_flags() was removed in
Net::SSLeay 1.37 when X509_VERIFY_PARAM_* functions were
added. These are preferred over directly setting the flags.
- Clarified Changes entry for release 1.75 to state that
CTX_v2_new is not removed from Net::SSLeay. SSLv2 is
completely removed in OpenSSL 1.1.0.
- Beginning with OpenSSL 3.0.0-alpha17, SSL_CTX_get_options()
and related functions return uint64_t instead of long. For
this reason constant() in constant.c and Net::SSLeay must
also be able to return 64bit constants. Add uint64_t
definitions to typemap file and update constant() and
options functions to use uint64_t with OpenSSL 3.0.0 and
later when Perl is compiled with 64bit integers. With 32bit
integers, the functions remain as they are: constant()
functions return double and options functions return
long. This partially fixes GH-315, 32bit integer Perls need
to be handled separately.
- Work around macOS Monterey build failure during 'perl
Makefile.PL' that causes perl to exit with 'WARNING:
.../perl is loading libcrypto in an unsafe way' or similar
message. This fixes GH-329. Thanks to Daniel J. Luke for the
report and John Napiorkowski for additional help.
1.91_01 2021-10-24
- Correct X509_STORE_CTX_init() return value to integer. Previous
versions of Net::SSLeay return nothing.
- Update tests to call close() to avoid problems seen with
test 44_sess.t, and possibly other tests, running on older
Windows Perl versions. Also add some missing calls in tests
to shutdown and free ssl structures.
- Fix multiple formatting errors in the documentation for Net::SSLeay.
Thanks to John Jetmore.
- Check for presence of libssl headers in Makefile.PL, and exit with an
error instead of generating an invalid Makefile if they cannot be found.
Fixes RT#105189. Thanks to James E Keenan for the report.
- Added support for SSL_CTX_set_msg_callback/SSL_set_msg_callback
Thanks to Tim Aerts.
- Adjust time in ASN1_TIME_timet based on current offset to GMT to
address GH-148. Thanks to Steffen Ullrich.
- Multiple updates to tests to match OpenSSL 3.0 behaviour.
Thanks to Michal Josef Špaček.
- OpenSSL 3.0 related changes in tests include:
- TLSv1 and TLSv1.1 require security level 0 starting with 3.0 alpha 5.
- SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() ignore
unknown ciphersuites starting with 3.0 alpha 11.
- Error code and error string packing and formatting changes.
- PEM_get_string_PrivateKey default algorithm requires legacy provider.
- See OpenSSL manual page migration_guide(7) for more information about
changes in OpenSSL 3.0.
- Automatically detect OpenSSL installed via Homebrew on ARM-based macOS
systems. Thanks to Graham Knop for the patch.
- Account for the divergence in TLSv1.3 ciphersuite names between OpenSSL and
LibreSSL, which was causing failures of some TLSv1.3 tests with LibreSSL.
- In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY
flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.3.2 and
above.
- In 43_misc_functions.t, account for the fact that LibreSSL 3.2.0 and above
implement TLSv1.3 without exposing a TLS1_3_VERSION constant.
- Expose OpenSSL 3.0 functions
OSSL_LIB_CTX_get0_global_default, OSSL_PROVIDER_load,
OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
OSSL_PROVIDER_available, OSSL_PROVIDER_do_all
OSSL_PROVIDER_get0_name and OSSL_PROVIDER_self_test.
Add test files 22_provider.t, 22_provider_try_load.t and
22_provider_try_load_zero_retain.t.
- With OpenSSL 3.0 and later, the legacy provider is loaded in
33_x509_create_cert.t to allow PEM_get_string_PrivateKey to
continue working until its default encryption method is
updated. Fixes GH-272 and closes GH-273.
- Remove the test suite's optional dependency on the non-core modules
Test::Exception, Test::NoWarnings and Test::Warn. Tests that verify
Net::SSLeay's behaviour when errors occur are now executed regardless of the
availability of these modules.
- Fully automate the process of changing the list of constants exported by
Net::SSLeay. Fixes GH-313.
- Perform function autoloading tests in the test suite. Fixes GH-311.
- In 36_verify.t, account for the fact that the X509_V_FLAG_LEGACY_VERIFY flag
(signalling the use of the legacy X.509 verifier) is no longer exposed as of
LibreSSL 3.4.1. Fixes GH-324.
OBS-URL: https://build.opensuse.org/request/show/947245
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Net-SSLeay?expand=0&rev=53
2022-01-18 18:08:39 +00:00
|
|
|
%doc Changes CONTRIBUTING.md Credits examples QuickRef README README.OSX README.VMS README.Win32
|
2021-06-29 11:13:32 +00:00
|
|
|
%license LICENSE
|
2008-08-04 02:49:41 +00:00
|
|
|
|
|
|
|
|
%changelog
|
