Nearly transparent SSL encapsulation for IO::Socket::INET
This module is a true drop-in replacement for IO::Socket::INET that uses
SSL to encrypt data before it is transferred to a remote server or client.
IO::Socket::SSL supports all the extra features that one needs to write a
full-featured SSL client or server application: multiple SSL contexts,
cipher selection, certificate verification, and SSL version selection. As
an extra bonus, it works perfectly with mod_perl.
If you have never used SSL before, you should read the appendix labelled
'Using SSL' before attempting to use this module.
If you have used this module before, read on, as versions 0.93 and above
have several changes from the previous IO::Socket::SSL versions (especially
see the note about return values).
If you are using non-blocking sockets read on, as version 0.98 added better
support for non-blocking.
If you are trying to use it with threads see the BUGS section.
- Developed at devel:languages:perl
-
3
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory/perl-IO-Socket-SSL && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| IO-Socket-SSL-2.024.tar.gz | 0000209567 205 KB | |
| cpanspec.yml | 0000000086 86 Bytes | |
| perl-IO-Socket-SSL.changes | 0000041202 40.2 KB | |
| perl-IO-Socket-SSL.spec | 0000003019 2.95 KB | |
|
perl-IO-Socket-SSL_add_DHE-RSA_to_default_client_c |
0000000569 569 Bytes |
Revision 72 (latest revision is 100)
Dominique Leuenberger (dimstar_suse)
accepted
request 370293
from
Stephan Kulow (coolo)
(revision 72)
- updated to 2.024
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.024 2016/02/06
- Work around issue where the connect fails on systems having only a loopback
interface and where IO::Socket::IP is used as super class (default when
available). Since IO::Socket::IP sets AI_ADDRCONFIG by default connect to
localhost would fail on this systems. This happened at least for the tests,
see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813796
Workaround is to explicitely set GetAddrInfoFlags to 0 if no GetAddrInfoFlags
is set but the Family/Domain is given. In this case AI_ADDRCONFIG would not
be useful anyway but would cause at most harm.
2.023 2016/01/30
- OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
which caused an endless loop. It will now ignore this result in case the TLS
connection was not yet established and consider the TLS connection closed
instead.
2.022 2015/12/10
- fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253
2.021 2015/12/02
- Fixes for documentation and typos thanks to DavsX and jwilk.
- Update PublicSuffx with latest version from publicsuffix.org
2.020 2015/09/20
- support multiple directories in SSL_ca_path as proposed in RT#106711
by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
with a path separator, see documentation.
- typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34
2.019 2015/09/01
Comments 0