Thu Sep 5 19:39:04 2013 UTC ()
Update to 1.953:

1.953 2013/7/22
- fixes to IO::Socket::SSL::Utils, thanks to rurban[AT]x-ray[DOT]at,
  RT#87052
1.952 2013/7/11
- fix t/acceptSSL-timeout.t on Win32, RT#86862
1.951 2013/7/3
- better document builtin defaults for key,cert,CA and how they are depreceated
- use Net::SSLeay::SSL_CTX_set_default_verify_paths to use openssl's builtin
  defaults for CA unless CA path/file was given (or IO::Socket::SSL builtins
  used)
1.950 2013/7/3
- MAJOR BEHAVIOR CHANGE:
  ssl_verify_mode now defaults to verify_peer for client.
  Until now it used verify_none, but loudly complained since 1.79 about it.
  It will not complain any longer, but the connection might probably fail.
  Please don't simply disable ssl verification, but instead set SSL_ca_file
  etc so that verification succeeds!
- MAJOR BEHAVIOR CHANGE:
  it will now complain if the builtin defaults of certs/my-ca.pem or ca/
  for CA and certs/{server,client}-{key,cert}.pem for cert and key are used,
  e.g. no certificates are specified explicitly.
  In the future these insecure (relative path!) defaults will be removed
  and the CA replaced with the system defaults.
v1.94 2013.06.01
- Makefile.PL reported wrong version of openssl, if Net::SSLeay was not
  installed instead of reporting missing dependency to Net::SSLeay.
v1.93 2013.05.31
- need at least OpenSSL version 0.9.8 now, since last 0.9.7 was released 6
  years ago. Remove code to work around older releases.
- changed AUTHOR in Makefile.PL from array back to string, because the
  array feature is not available in MakeMaker shipped with 5.8.9 (RT#85739)
v1.92 2013.05.30
- Intercept: use sha1-fingerprint of original cert for id into cache unless
  otherwise given
- Fix pod error in IO::Socket::SSL::Utils RT#85733
v1.91 2013.05.30
- added IO::Socket::SSL::Utils for easier manipulation of certificates and keys
- moved SSL interception into IO::Socket::SSL::Intercept and simplified it
  using IO::Socket::SSL::Utils
- enhance meta information in Makefile.PL
v1.90 2013.05.27
- RT#85290, support more digest, especially SHA-2.
  Thanks to ujvari[AT]microsec[DOT]hu
- added support for easy SSL interception (man in the middle) based
  on ideas found in mojo-mitm proxy (which was written by Karel Miko)
- make 1.46 the minimal required version for Net::SSLeay, because it
  introduced lots of useful functions.
v1.89 2013.05.14
- if IO::Socket::IP is used it should be at least version 0.20, otherwise
  we get problems with HTTP::Daemon::SSL and maybe others (RT#81932)
- Spelling corrections, thanks to dsteinbrunner
v1.88 2013.05.02
- consider a value of '' the same as undef for SSL_ca_(path|file), SSL_key*
  and SSL_cert* - some apps like Net::LDAP use it that way.
  Thanks to alexander[AT]kuehn[AT]nagilum[DOT]de for reporting the problem.
v1.87 2013.04.24
- RT#84829 - complain if given SSL_(key|cert|ca)_(file|path) do not exist or
  if they are not readable. Thanks to perl[AT]minty[DOT]org
- fix use of SSL_key|SSL_file objects instead of files, broken with 1.83


(wiz)
diff -r1.64 -r1.65 pkgsrc/security/p5-IO-Socket-SSL/Makefile
diff -r1.45 -r1.46 pkgsrc/security/p5-IO-Socket-SSL/distinfo
cvs diff -r1.64 -r1.65 pkgsrc/security/p5-IO-Socket-SSL/Makefile (expand / switch to unified diff)

--- pkgsrc/security/p5-IO-Socket-SSL/Makefile 2013/05/31 12:41:56 1.64
+++ pkgsrc/security/p5-IO-Socket-SSL/Makefile 2013/09/05 19:39:04 1.65
@@ -1,18 +1,17 @@ @@ -1,18 +1,17 @@
1# $NetBSD: Makefile,v 1.64 2013/05/31 12:41:56 wiz Exp $ 1# $NetBSD: Makefile,v 1.65 2013/09/05 19:39:04 wiz Exp $
2 2
3DISTNAME= IO-Socket-SSL-1.86 3DISTNAME= IO-Socket-SSL-1.953
4PKGNAME= p5-${DISTNAME} 4PKGNAME= p5-${DISTNAME}
5PKGREVISION= 1 
6SVR4_PKGNAME= p5iss 5SVR4_PKGNAME= p5iss
7CATEGORIES= security net perl5 6CATEGORIES= security net perl5
8MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=IO/} 7MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=IO/}
9 8
10MAINTAINER= pkgsrc-users@NetBSD.org 9MAINTAINER= pkgsrc-users@NetBSD.org
11HOMEPAGE= http://search.cpan.org/dist/IO-Socket-SSL/ 10HOMEPAGE= http://search.cpan.org/dist/IO-Socket-SSL/
12COMMENT= Perl5 SSL socket interface class 11COMMENT= Perl5 SSL socket interface class
13LICENSE= ${PERL5_LICENSE} 12LICENSE= ${PERL5_LICENSE}
14 13
15DEPENDS+= p5-IO-Socket-INET6-[0-9]*:../../net/p5-IO-Socket-INET6 14DEPENDS+= p5-IO-Socket-INET6-[0-9]*:../../net/p5-IO-Socket-INET6
16DEPENDS+= p5-Net-LibIDN-[0-9]*:../../net/p5-Net-LibIDN 15DEPENDS+= p5-Net-LibIDN-[0-9]*:../../net/p5-Net-LibIDN
17DEPENDS+= p5-Net-SSLeay>=1.33:../../security/p5-Net-SSLeay 16DEPENDS+= p5-Net-SSLeay>=1.33:../../security/p5-Net-SSLeay
18 17
cvs diff -r1.45 -r1.46 pkgsrc/security/p5-IO-Socket-SSL/distinfo (expand / switch to unified diff)

--- pkgsrc/security/p5-IO-Socket-SSL/distinfo 2013/04/19 09:12:50 1.45
+++ pkgsrc/security/p5-IO-Socket-SSL/distinfo 2013/09/05 19:39:04 1.46
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.45 2013/04/19 09:12:50 hiramatsu Exp $ 1$NetBSD: distinfo,v 1.46 2013/09/05 19:39:04 wiz Exp $
2 2
3SHA1 (IO-Socket-SSL-1.86.tar.gz) = 990c7adc29a7c967637593f22542a4203d67dbb9 3SHA1 (IO-Socket-SSL-1.953.tar.gz) = d8155bb2a5e1206dc60a28fdc6f2b67d84f748f7
4RMD160 (IO-Socket-SSL-1.86.tar.gz) = 4a7906f6e13b6dbe2743265b96770f6858af7bf9 4RMD160 (IO-Socket-SSL-1.953.tar.gz) = e393533bc7677e5d93c7892fe3f3fbccb56b2c84
5Size (IO-Socket-SSL-1.86.tar.gz) = 80558 bytes 5Size (IO-Socket-SSL-1.953.tar.gz) = 89807 bytes