Revisions of perl-IO-Socket-SSL
Dominique Leuenberger (dimstar_suse)
accepted
request 636831
from
Dirk Stoecker (dstoecker)
(revision 80)
- updated to 2.060 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
Dominique Leuenberger (dimstar_suse)
accepted
request 631330
from
Dirk Stoecker (dstoecker)
(revision 79)
Dominique Leuenberger (dimstar_suse)
accepted
request 624414
from
Stephan Kulow (coolo)
(revision 78)
Dominique Leuenberger (dimstar_suse)
accepted
request 578432
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 77)
Dominique Leuenberger (dimstar_suse)
accepted
request 575636
from
Stephan Kulow (coolo)
(revision 76)
- ignore Mozilla::CA - updated to 2.054 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.054 2018/01/22 - added missing test certificates to MANIFEST 2.053 2018/01/21 - small behavior fixes - if SSL_fingerprint is used and matches don't check for OCSP - Utils::CERT_create - small fixes to properly specific purpose, ability to use predefined complex purpose but disable some features - update PublicSuffix - updates for documentation, especially regarding pitfalls with forking or using non-blocking sockets. Spelling fixes. - test fixes and improvements - stability improvements for live tests - regenerate certificate in certs/ and make sure they are limited to the correct purpose. Checkin program used to generate certificates. - adjust tests since certificates have changed and some tests used certificates intended for client authentication as server certificates, which now no longer works
Dominique Leuenberger (dimstar_suse)
accepted
request 535945
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 75)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 528222
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 74)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 385293
from
P. Janouch (pjanouch)
(revision 73)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 370293
from
Stephan Kulow (coolo)
(revision 72)
- updated to 2.024 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.024 2016/02/06 - Work around issue where the connect fails on systems having only a loopback interface and where IO::Socket::IP is used as super class (default when available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to localhost would fail on this systems. This happened at least for the tests, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796 Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not be useful anyway but would cause at most harm. 2.023 2016/01/30 - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) which caused an endless loop. It will now ignore this result in case the TLS connection was not yet established and consider the TLS connection closed instead. 2.022 2015/12/10 - fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash. Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253 2.021 2015/12/02 - Fixes for documentation and typos thanks to DavsX and jwilk. - Update PublicSuffx with latest version from publicsuffix.org 2.020 2015/09/20 - support multiple directories in SSL_ca_path as proposed in RT#106711 by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string with a path separator, see documentation. - typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34 2.019 2015/09/01
Dominique Leuenberger (dimstar_suse)
accepted
request 311427
from
Stephan Kulow (coolo)
(revision 70)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 305006
from
Stephan Kulow (coolo)
(revision 68)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 297987
from
Stephan Kulow (coolo)
(revision 67)
1
Adrian Schröter (adrianSuSE)
committed
(revision 66)
Split 13.2 from Factory
Stephan Kulow (coolo)
accepted
request 242336
from
Stephan Kulow (coolo)
(revision 65)
- updated to 1.997, huge Changes
Stephan Kulow (coolo)
accepted
request 221506
from
Stephan Kulow (coolo)
(revision 63)
- updated to 1.967 - verify the hostname inside a certificate by default with a superset of common verification schemes instead of not verifying identity at all. For now it will only complain if name verification failed, in the future it will fail certificate verification, forcing you to set the expected SSL_verifycn_name if you want to accept the certificate. - new option SSL_fingerprint and new methods get_fingerprint and get_fingerprint_bin. Together they can be used to selectively accept specific certificates which would otherwise fail verification, like self-signed, outdated or from unknown CAs. This makes another reason to disable verification obsolete. - Utils: - default RSA key length 2048 - digest algorithm to sign certificate in CERT_create can be given, defaults to SHA-256 - CERT_create can now issue non-CA selfsigned certificate - CERT_create add some more useful constraints to certificate - spelling fixes, thanks to ville[dot]skytta[at]iki[dot]fi 1.966 2014/01/21 - fixed bug introduced in 1.964 - disabling TLSv1_2 worked no longer with specifying !TLSv12, only !TLSv1_2 worked - fixed leak of session objects in SessionCache, if another session replaced an existing session (introduced in 1.965) 1.965 2014/01/16 - new key SSL_session_key to influence how sessions are inserted and looked up in the clients session cache. This makes it possible to share sessions over different ip:host (like required with some FTPS servers) - t/core.t - handle case, were default loopback source is not 127.0.0.1, like in FreeBSD jails 1.964 2014/01/15
Stephan Kulow (coolo)
accepted
request 208877
from
Stephan Kulow (coolo)
(revision 62)
- updated to 1.962 - work around problems with older F5 BIG-IP by offering fewer ciphers on the client side by default, so that the client hello stays below 255 byte - IO::Socket::SSL::Utils::CERT_create can now create CA-certificates which are not self-signed (by giving issuer_*)
Displaying revisions 21 - 40 of 100