Overview Repositories Revisions Requests Users Attributes Meta

Nearly transparent SSL encapsulation for IO::Socket::INET

Edit Package perl-IO-Socket-SSL

This module is a true drop-in replacement for IO::Socket::INET that uses
SSL to encrypt data before it is transferred to a remote server or client.
IO::Socket::SSL supports all the extra features that one needs to write a
full-featured SSL client or server application: multiple SSL contexts,
cipher selection, certificate verification, and SSL version selection. As
an extra bonus, it works perfectly with mod_perl.

If you have never used SSL before, you should read the appendix labelled
'Using SSL' before attempting to use this module.

If you have used this module before, read on, as versions 0.93 and above
have several changes from the previous IO::Socket::SSL versions (especially
see the note about return values).

If you are using non-blocking sockets read on, as version 0.98 added better
support for non-blocking.

If you are trying to use it with threads see the BUGS section.

  • Developed at devel:languages:perl
  • 3 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory/perl-IO-Socket-SSL && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
IO-Socket-SSL-1.967.tar.gz 0000097036 94.8 KB
perl-IO-Socket-SSL.changes 0000029878 29.2 KB
perl-IO-Socket-SSL.spec 0000002685 2.62 KB
Revision 63 (latest revision is 100)
Stephan Kulow's avatar Stephan Kulow (coolo) accepted request 221506 from Stephan Kulow's avatar Stephan Kulow (coolo) (revision 63) 
- updated to 1.967
 - verify the hostname inside a certificate by default with a superset of
   common verification schemes instead of not verifying identity at all.
   For now it will only complain if name verification failed, in the future
   it will fail certificate verification, forcing you to set the expected
   SSL_verifycn_name if you want to accept the certificate.
 - new option SSL_fingerprint and new methods get_fingerprint and
   get_fingerprint_bin. Together they can be used to selectively accept
   specific certificates which would otherwise fail verification, like
   self-signed, outdated or from unknown CAs.
   This makes another reason to disable verification obsolete.
 - Utils:
   - default RSA key length 2048
   - digest algorithm to sign certificate in CERT_create can be given,
     defaults to SHA-256
   - CERT_create can now issue non-CA selfsigned certificate
   - CERT_create add some more useful constraints to certificate
 - spelling fixes, thanks to ville[dot]skytta[at]iki[dot]fi
 1.966 2014/01/21
 - fixed bug introduced in 1.964 - disabling TLSv1_2 worked no longer with
   specifying !TLSv12, only !TLSv1_2 worked
 - fixed leak of session objects in SessionCache, if another session 
   replaced an existing session (introduced in 1.965)
 1.965 2014/01/16
 - new key SSL_session_key to influence how sessions are inserted and looked
   up in the clients session cache. This makes it possible to share sessions
   over different ip:host (like required with some FTPS servers)
 - t/core.t - handle case, were default loopback source is not 127.0.0.1, like
   in FreeBSD jails
 1.964 2014/01/15
Comments 0
openSUSE Build Service is sponsored by
Places