[pkgsrc/trunk]: pkgsrc/security/p5-Net-SSLeay p5-Net-SSLeay: update to 1.90.

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/6ec54018d4d2
branches:  trunk
changeset: 451491:6ec54018d4d2
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Tue Apr 27 12:17:13 2021 +0000

description:
p5-Net-SSLeay: update to 1.90.

1.90 2021-01-21
        - New stable release incorporating all changes from developer releases
          1.89_01 to 1.89_05.
        - Summary of major changes since version 1.88:
          - Formalised libssl version support policy: all stable versions of OpenSSL
            in the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and
            all stable releases of LibreSSL in the 2.0 - 3.1 series are supported.
            The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3
            implementation is not currently libssl-compatible.
          - Added support for LibreSSL on Windows when built with Visual C++.
          - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and
            several stack functions.
          - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and
            CTX_set_alpn_select_cb.
          - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as
            OpenSSL security level 2 (the default on many Linux distributions).

1.89_05 2021-01-21
        - Expose SSL_get_ciphers. Thanks to github user dylc5190.
        - Expose SSL_CIPHER_get_version and fix SSL_CIPHER_description
          and SSL_CIPHER_get_bits. Also fixed and enhanced
          documentation for these and related SSL_CIPHER functions.
        - Clarify libssl version support policy: all stable versions of OpenSSL in
          the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and all
          stable releases of LibreSSL in the 2.0 - 3.1 series are supported.
        - Direct bug reports to the GitHub repository, since rt.cpan.org will shut
          down on 2021-03-01.

1.89_04 2021-01-13
        - Fix crashes in the callback functions CTX_set_next_proto_select_cb() and
          CTX_set_alpn_select_cb() caused by the use of a pointer returned by
          SSL_select_next_proto() which may already have been freed under certain
          circumstances. Fixes GH-222. Thanks to dylc5190 for the report.
        - Remove the dependency on the AES128-SHA cipher suite in the test script
          64_ticket_sharing.t. Fixes GH-231.
        - Remove checks and warnings in Makefile.PL relating to the use of RSAref,
          which was removed from OpenSSL in version 0.9.7.

1.89_03 2020-12-12
        - Expose the following functions:
          - X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain
          - sk_X509_pop, sk_X509_shift, sk_X509_unshift,
          - sk_X509_insert, sk_X509_delete, sk_x509_value, sk_X509_num
          Thanks to Dan Freed.
        - Correct the minimum OpenSSL version required for the following functions
          to be made available (previously they were all declared to be present in
          1.1.0-pre1, which caused Net::SSLeay to crash at run-time when built
          against OpenSSL versions between 1.1.0-pre1 and 1.1.0-pre3):
          - CTX_set_max_proto_version (added in 1.1.0-pre2)
          - CTX_set_min_proto_version (added in 1.1.0-pre2)
          - SESSION_up_ref (added in 1.1.0-pre4)
          - set_max_proto_version (added in 1.1.0-pre2)
          - set_min_proto_version (added in 1.1.0-pre2)
        - Correct the minimum OpenSSL version required for get_SSL_CTX and SSL_ctrl
          to be made available (previously they were declared to be present from
          0.9.8f onwards, when in reality they are available in all 0.9.8 versions).
        - Replace the PKI used by the test suite with one generated by the
          generate-test-pki helper script. All entities in the new PKI have 2048-bit
          RSA private keys and CSRs, certificates and CRLs with SHA-256 digests,
          allowing the test suite to execute under OpenSSL security level 2 (now the
          default security level for OpenSSL in many Linux distributions).
        - Initialise libssl consistently in the test suite.
        - Don't rely on the availability of specific SSL/TLS protocol versions or
          cipher suites in the test suite; instead, dynamically select from any of
          the available protocol versions and cipher suites permitted by libssl.
          Fixes RT#132425. Thanks to Graham Ollis for the initial report of the test
          suite failing on Ubuntu 20.04 with the Ubuntu-packaged OpenSSL, whose
          configuration forbids the use of TLSv1.1 and below at run-time by default.

1.89_02 2020-08-07
        - Add support for the P_X509_CRL_add_extensions function. Thanks to
          Manuel Mausz for the patch.
        - X509_get_subjectAltNames now knows how to return
          GEN_RID. The returned value is an ASN OID in text format
          with current maximum length of 2500 characters. Updated
          t/local/33_x509_create_cert.t to use GEN_RID and all other
          supported types with certificate request and signed
          certificate. These relate to GitHub issue GH-149 opened by
          s482dcaw.
        - Support for 64-bit Windows versions of OpenSSL from 1.0.0-beta1
          through to 1.0.0b has been withdrawn due to malfunctions occurring in
          Perl programs that use fork(). This mainly affects users of Strawberry
          Perl x64 5.12.3.20180709, which ships with OpenSSL 1.0.0-beta4.
          Affected users should build Net-SSLeay against OpenSSL 1.0.0c or
          above; users of Strawberry Perl x64 5.12.3.20180709 may instead find
          it easier to upgrade to Strawberry Perl x64 5.14.4.1 or above. See
          https://github.com/radiator-software/p5-net-ssleay/issues/189 for more
          information.

1.89_01 2020-03-22
        - Fix the repository URL in Makefile.PL (git:// rather than git@),
          which was preventing it from being added to META.json. Thanks to
          Dan Book.
        - When building Net-SSLeay, exit if an OpenSSL executable cannot be
          found in PATH. Fixes RT#131060. Thanks to Nigel Horne for the report.
        - Remove non-OCSP external tests, many of which unnecessarily duplicate
          local tests or fail for reasons outside of our control. Fixes
          RT#129542. Thanks to Andreas Vögele for the bug report that
          ultimately led to this change.
        - Add support for LibreSSL on Windows when built with Visual C++.
          Thanks to Graham Ollis for the patch.
        - In SSL_CTX_free() and SSL_free(), clean callback-related data from
          the global hash after freeing ctx, not before. This allows callbacks
          to be executed during freeing. Thanks to Steffen Ullrich for the
          patch.
        - t/local/07_sslecho.t started failing with OpenSSL 1.1.1e. Updated
          the test file with missing calls to Net::SSLeay::shutdown(). Also
          added one call in SSLeay.pm sslcat() function. Enabling SSLeay trace
          level 3 showed 'unexpected eof while reading' errors which were added
          to OpenSSL with commit db943f43. This fixes GitHub issue GH-160
          reported by Brett T. Warden.
        - t/local/01_pod.t now requires Test::Pod 1.41 to work with Pod syntax
          used with Net::SSLeay 1.88 and later. This fixes GitHub issue GH-147
          reported by Ulrik Haugen.

diffstat:

 security/p5-Net-SSLeay/Makefile |   5 ++---
 security/p5-Net-SSLeay/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diffs (29 lines):

diff -r ad6eaa4d391e -r 6ec54018d4d2 security/p5-Net-SSLeay/Makefile
--- a/security/p5-Net-SSLeay/Makefile   Tue Apr 27 12:15:32 2021 +0000
+++ b/security/p5-Net-SSLeay/Makefile   Tue Apr 27 12:17:13 2021 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.96 2020/08/31 18:11:19 wiz Exp $
+# $NetBSD: Makefile,v 1.97 2021/04/27 12:17:13 wiz Exp $
 
-DISTNAME=      Net-SSLeay-1.88
+DISTNAME=      Net-SSLeay-1.90
 PKGNAME=       p5-${DISTNAME}
-PKGREVISION=   1
 CATEGORIES=    security perl5
 MASTER_SITES=  ${MASTER_SITE_PERL_CPAN:=Net/}
 
diff -r ad6eaa4d391e -r 6ec54018d4d2 security/p5-Net-SSLeay/distinfo
--- a/security/p5-Net-SSLeay/distinfo   Tue Apr 27 12:15:32 2021 +0000
+++ b/security/p5-Net-SSLeay/distinfo   Tue Apr 27 12:17:13 2021 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.49 2020/03/22 21:15:30 nia Exp $
+$NetBSD: distinfo,v 1.50 2021/04/27 12:17:13 wiz Exp $
 
-SHA1 (Net-SSLeay-1.88.tar.gz) = ab4a63502433b91b9a54504475d9df2ae2887714
-RMD160 (Net-SSLeay-1.88.tar.gz) = 6a363d5d4eb73c3556e5ea77ddbb0cb8274e5512
-SHA512 (Net-SSLeay-1.88.tar.gz) = 37fc32ec003337f3dc18bf928139079a3127628c6fa0fccaed0c27b6bf3b216c2c5338ed1aaf9408b0add3be549df3218d3c5a6d6299793c1329d8a0813a1682
-Size (Net-SSLeay-1.88.tar.gz) = 436215 bytes
+SHA1 (Net-SSLeay-1.90.tar.gz) = 675c9df74163d48477ecf06601a589f3c3b096dd
+RMD160 (Net-SSLeay-1.90.tar.gz) = f4efc35e2b150b0bcfd84dfeceaec0d2c4860546
+SHA512 (Net-SSLeay-1.90.tar.gz) = 8a5f251b5ef1d8c2d619d984594a7a22ddeed2e5e726fe683a45f299d7878f4ca8ffab00480ebf5ef7a94ae1fcf6be05dfdaa68b8bfe2ad68443150765adb891
+Size (Net-SSLeay-1.90.tar.gz) = 534246 bytes