pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/p5-IO-Socket-SSL Update to 1.992. From the ch...
details: https://anonhg.NetBSD.org/pkgsrc/rev/cb8d531f5f3a
branches: trunk
changeset: 635701:cb8d531f5f3a
user: schmonz <schmonz%pkgsrc.org@localhost>
date: Mon Jun 09 19:43:51 2014 +0000
description:
Update to 1.992. From the changelog:
1.992 2014/06/01
- set $! to undef before doing IO (accept, read..). On Winwdows a connection
reset could cause SSL read error without setting $!, so make sure we don't
keep the old value and maybe thus run into endless loop.
1.991 2014/05/27
- new option SSL_OCSP_TRY_STAPLE to enforce staple request even if
VERIFY_NONE
- work around for RT#96013 in peer_certificates
1.990 2014/05/27
- added option SSL_ocsp_staple_callback to get the stapled OCSP response
and verify it somewhere else
- try to fix warnings on Windows again (#95967)
- work around temporary OCSP error in t/external/ocsp.t
1.989 2014/05/24
- fix #95881 (warnings on windows), thanks to TMHALL
1.988 2014/05/17
- add transparent support for DER and PKCS#12 files to specify cert and key,
e.g. it will autodetect the format
- if SSL_cert_file is PEM and no SSL_key_file is given it will check if
the key is in SSL_cert_file too
1.987 2014/05/17
- fix t/verify_hostname_standalone.t on systems without usable IDNA or IPv6
#95719, thanks srchulo
- enable IPv6 support only if we have a usable inet_pton
- remove stale entries from MANIFEST (thanks seen[AT]myfairpoint[DOT]net)
1.986 2014/05/16
- allow IPv4 in common name, because browsers allow this too. But only for
scheme www/http, not for rfc2818 (because RC2818 does not allow this).
In default scheme IPv6 and IPv4 are allowed in CN.
Thanks to heiko[DOT]hund[AT]sophos[DOT]com for reporting the problem.
- Fix handling of public suffix. Add exemption for *.googleapis.com
wildcard, which should be better not allowed according to public suffix
list but actually is used.
- Add hostname verification test based on older test of chromium. But change
some of the test expectations because we don't want to support IP as SAN
DNS and because we enforce a public suffix list (and thus *.co.uk should
not be allowed)
diffstat:
security/p5-IO-Socket-SSL/Makefile | 5 ++---
security/p5-IO-Socket-SSL/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 7 deletions(-)
diffs (27 lines):
diff -r 9001c4fd678a -r cb8d531f5f3a security/p5-IO-Socket-SSL/Makefile
--- a/security/p5-IO-Socket-SSL/Makefile Mon Jun 09 19:25:49 2014 +0000
+++ b/security/p5-IO-Socket-SSL/Makefile Mon Jun 09 19:43:51 2014 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.69 2014/05/29 23:37:24 wiz Exp $
+# $NetBSD: Makefile,v 1.70 2014/06/09 19:43:51 schmonz Exp $
-DISTNAME= IO-Socket-SSL-1.985
+DISTNAME= IO-Socket-SSL-1.992
PKGNAME= p5-${DISTNAME}
-PKGREVISION= 1
SVR4_PKGNAME= p5iss
CATEGORIES= security net perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=../../authors/id/S/SU/SULLR/}
diff -r 9001c4fd678a -r cb8d531f5f3a security/p5-IO-Socket-SSL/distinfo
--- a/security/p5-IO-Socket-SSL/distinfo Mon Jun 09 19:25:49 2014 +0000
+++ b/security/p5-IO-Socket-SSL/distinfo Mon Jun 09 19:43:51 2014 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.48 2014/05/15 10:01:43 wiz Exp $
+$NetBSD: distinfo,v 1.49 2014/06/09 19:43:51 schmonz Exp $
-SHA1 (IO-Socket-SSL-1.985.tar.gz) = 49a1e1acb3eb2df5dbfcd34975ff2a6268ef12ce
-RMD160 (IO-Socket-SSL-1.985.tar.gz) = 1eaeacf4ff37a7d4780085a3578f36f0fd684219
-Size (IO-Socket-SSL-1.985.tar.gz) = 166580 bytes
+SHA1 (IO-Socket-SSL-1.992.tar.gz) = b0313bb650bc931b340ca50549bfe781d5b5baab
+RMD160 (IO-Socket-SSL-1.992.tar.gz) = 31075269225912cc2d69a313018c74025558a55e
+Size (IO-Socket-SSL-1.992.tar.gz) = 180052 bytes
Home |
Main Index |
Thread Index |
Old Index