[pkgsrc/trunk]: pkgsrc/security/p5-IO-Socket-SSL Update to 1.992. From the ch...

[schmonz <schmonz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/cb8d531f5f3a
branches:  trunk
changeset: 635701:cb8d531f5f3a
user:      schmonz <schmonz%pkgsrc.org@localhost>
date:      Mon Jun 09 19:43:51 2014 +0000

description:
Update to 1.992. From the changelog:

1.992 2014/06/01
- set $! to undef before doing IO (accept, read..). On Winwdows a connection
  reset could cause SSL read error without setting $!, so make sure we don't
  keep the old value and maybe thus run into endless loop.

1.991 2014/05/27
- new option SSL_OCSP_TRY_STAPLE to enforce staple request even if
  VERIFY_NONE
- work around for RT#96013 in peer_certificates

1.990 2014/05/27
- added option SSL_ocsp_staple_callback to get the stapled OCSP response
  and verify it somewhere else
- try to fix warnings on Windows again (#95967)
- work around temporary OCSP error in t/external/ocsp.t

1.989 2014/05/24
- fix #95881 (warnings on windows), thanks to TMHALL

1.988 2014/05/17
- add transparent support for DER and PKCS#12 files to specify cert and key,
  e.g. it will autodetect the format
- if SSL_cert_file is PEM and no SSL_key_file is given it will check if
  the key is in SSL_cert_file too

1.987 2014/05/17
- fix t/verify_hostname_standalone.t on systems without usable IDNA or IPv6
  #95719, thanks srchulo
- enable IPv6 support only if we have a usable inet_pton
- remove stale entries from MANIFEST (thanks seen[AT]myfairpoint[DOT]net)

1.986 2014/05/16
- allow IPv4 in common name, because browsers allow this too. But only for
  scheme www/http, not for rfc2818 (because RC2818 does not allow this).
  In default scheme IPv6 and IPv4 are allowed in CN.
  Thanks to heiko[DOT]hund[AT]sophos[DOT]com for reporting the problem.
- Fix handling of public suffix. Add exemption for *.googleapis.com
  wildcard, which should be better not allowed according to public suffix
  list but actually is used.
- Add hostname verification test based on older test of chromium. But change
  some of the test expectations because we don't want to support IP as SAN
  DNS and because we enforce a public suffix list (and thus *.co.uk should
  not be allowed)

diffstat:

 security/p5-IO-Socket-SSL/Makefile |  5 ++---
 security/p5-IO-Socket-SSL/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 7 deletions(-)

diffs (27 lines):

diff -r 9001c4fd678a -r cb8d531f5f3a security/p5-IO-Socket-SSL/Makefile
--- a/security/p5-IO-Socket-SSL/Makefile        Mon Jun 09 19:25:49 2014 +0000
+++ b/security/p5-IO-Socket-SSL/Makefile        Mon Jun 09 19:43:51 2014 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.69 2014/05/29 23:37:24 wiz Exp $
+# $NetBSD: Makefile,v 1.70 2014/06/09 19:43:51 schmonz Exp $
 
-DISTNAME=      IO-Socket-SSL-1.985
+DISTNAME=      IO-Socket-SSL-1.992
 PKGNAME=       p5-${DISTNAME}
-PKGREVISION=   1
 SVR4_PKGNAME=  p5iss
 CATEGORIES=    security net perl5
 MASTER_SITES=  ${MASTER_SITE_PERL_CPAN:=../../authors/id/S/SU/SULLR/}
diff -r 9001c4fd678a -r cb8d531f5f3a security/p5-IO-Socket-SSL/distinfo
--- a/security/p5-IO-Socket-SSL/distinfo        Mon Jun 09 19:25:49 2014 +0000
+++ b/security/p5-IO-Socket-SSL/distinfo        Mon Jun 09 19:43:51 2014 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.48 2014/05/15 10:01:43 wiz Exp $
+$NetBSD: distinfo,v 1.49 2014/06/09 19:43:51 schmonz Exp $
 
-SHA1 (IO-Socket-SSL-1.985.tar.gz) = 49a1e1acb3eb2df5dbfcd34975ff2a6268ef12ce
-RMD160 (IO-Socket-SSL-1.985.tar.gz) = 1eaeacf4ff37a7d4780085a3578f36f0fd684219
-Size (IO-Socket-SSL-1.985.tar.gz) = 166580 bytes
+SHA1 (IO-Socket-SSL-1.992.tar.gz) = b0313bb650bc931b340ca50549bfe781d5b5baab
+RMD160 (IO-Socket-SSL-1.992.tar.gz) = 31075269225912cc2d69a313018c74025558a55e
+Size (IO-Socket-SSL-1.992.tar.gz) = 180052 bytes