./net/p5-Net-FTPSSL, Perl FTP over SSL/TLS class

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.35, Package name: p5-Net-FTPSSL-0.35, Maintainer: pkgsrc-users

Net::FTPSSL is an object oriented Perl module which implements a
simple FTP client over a Secure Shell Layer (SSL) connection written
following the directives described in RFC959 and RFC2228.


Required to run:
[lang/perl5] [security/p5-IO-Socket-SSL] [security/p5-Net-SSLeay]

Required to build:
[pkgtools/cwrappers]

Master sites: (Expand)

SHA1: 52f6f9794b82952c1d0c15a6d8e39682c6a9d2c2
RMD160: a807d23448fccbc65d1bc833d07f66184256b208
Filesize: 102.602 KB

Version history: (Expand)


CVS history: (Expand)


   2016-11-09 14:43:32 by Makoto Fujiwara | Files touched by this commit (2) | Package updated
Log message:
Updated net/p5-Net-FTPSSL to 0.35
---------------------------------
0.35 2016/11/03 08:30:00
  - Minor POD updates.
  - Added catastrophic failure protection to _croak_or_return() by adding
    local $SIG{PIPE} = "IGNORE"; before connection termination logic.  \ 
Limits
    the scope to just this one code block.

0.34 2016/07/27 08:30:00
  - BEHAVIOR CHANGE - Added fix_supported() as a way to make corrections to
    supported().  Editing the returned hash reference of _help() no longer
    works!  This new method does both additions & removals.
  - BEHAVIOUR CHANGE - Modified _mfmt() & _mdtm() to be able to handle localtime
    vs gmtime based on changes to how PreserveTimestamp work.  As an alternate
    way, the behavior can be overriden by a new $local_flag option.  The
    default behavior is still GMT time.  See the POD for a description of how
    PreserveTimestamp now works.
  - Made POD clarification & other comment updates.
  - Increased TRACE_MOD from 5 to 10 blocks.
  - Added BEGIN block to detect if IPv6 support is possible.  It does this by
    asking IO::Socket::SSL instead of reinventing the wheel.
  - Moved the generation of the Debug log header info for CPAN support to BEGIN
    as well so that this info gets centralized instead of repeated.
  - Added Domain/Family as a new option for choosing IPv4 vs IPv6.
  - Added OverrideHELP => -1 option to use FEAT instead, when HELP is broken!
  - Updated quot() to recognize that MLSD also requires a data channel.
    Also improved the disable HELP logic used here.
  - Broke up _feat() into _feat() & feat().  Also added feat() to the POD.
    Done since under some circumstances the feature list can be dynamic!
    Also changed logic on how to tell if OPTS is supported or not.
    Finally drops HELP from the list of FEAT commands returned if OverrideHELP
    was used.
  - Rewrote _help() to make it less confusing.  Adding OverrideHELP=>-1 made it
    clear it was too messy to support ongoing.  Much more understandable now.
    Also made it more reliable to get the list of site commands supported.
  - Fixed PreserveTimestamp bug in transfer() & xtransfer().
  - Added new option xWait for use by xput() & xtransfer().  Some servers won't
    honor the rename of the scratch file to it's final name without instituting
    a delay.  So this option allows you to specify one.
  - README - Added more notes about turning on/off SSL logging.  Newer
    versions allow for dynamic turning on/off.  Also updated comments on the
    naming of the trace logs.
  - t/10-complex.t - Changes to the main test script!
    * Now uses fix_supported() in it's is_file() tests since these test cases
      hit some lies told by some servers!
    * Fixed so it's main logs are named after this test program like the other
      test cases do.
    * Added new test to verify if the MDTM command correctly uses GMT time
      instead of local time.  (Assumes MFMT will use the same time zone!) Did
      this test early enough so that the last connection used the correct
      PreserveTimestamp settings for tests depending on it!
    * Added xWait of 1 second to deal with problem FTP/S servers that require
      a wait for the xput & xtransfer tests to work.
  - t/05-readonly.t - Renamed 05-simple to 05-readonly to more acurately
    describe the types of tests this test script does!  Updated in MANIFEST &
    README as well.
   2016-08-01 14:47:49 by Makoto Fujiwara | Files touched by this commit (2) | Package updated
Log message:
Updated net/p5-Net-FTPSSL 0.26 to 0.33
--------------------------------------
0.33 2016/07/06 08:30:00
  - BEHAVIOUR CHANGE - Since many openssl libraries are tightening their
    security, I'm adding a new option to preserve backwards compatibility.
    By default this module now reuses the context of the command channel
    when opening a data channel.  If you need to revert back to the previous
    default of not reusing the context for data channels, you must now use
    option "DisableContext => 1" to do so.  But hopefully the need \ 
for this
    option will be rare.  See the POD for more details.
  - BEHAVIOUR CHANGE - Added support for SNI in the SSL handshake.
  - Changed logic on how to detect if a default "SSL_verify_mode" \ 
value needed
    to be set to VERIFY_NONE() for the caller in new().
  - Can now pass SSL options directly to new().  You no longer need to use the
    "SSL_Client_Certificate" option to pass the hash reference of SSL \ 
options.
    Currently only recognises IO::Socket::SSL options that start with SSL_.
    If any start with something else, I'll address in a future release.
  - Clarified some POD information on a few methods.
  - Enhanced "size" function to use STAT if SIZE wasn't available!
  - Fixed case where sometimes the login account used wasn't being masked in
    the response in the logs.
  - Now prints the INET version in the log file.
  - Resets $ERRSTR gets reset in new() in case previous call had errors!
  - Fixed t/10-complex.t func run_stat_test() to test the "is_file" \ 
& "is_dir()"
    functions.  Some tests disable the "SIZE" command so it can test \ 
the new
    alternate size logic as well.
  - New test program t/05-simple.t that does a simple read only test against
    the FTPS server.  Added so that you can run a simple test against servers
    you don't want to upload anything to during the tests.  These tests are
    not as robust as the t/10-complex.t tests so failures here are not as
    meaningfull.  So run t/10-complex if you encounter any issues for more
    analysis.
  - Added t/05-simple.t to the MANIFEST.
  - Updated the Copyright in the README file.  And reworded a few sections.
  - Updated all t/*.t files to add a retry the 1st time they try to connect
    to a server via new().  Added a hard coded "SSL_cipher_list" value if
    the defaults don't work.  This kludge might not work for everyone.
  - Modified t/20-certificate.t to be a bit more robust.
  NOTE: Found a server where supported() doesn't completely work.  That server
        fails to put a "*" after some of the commands it didn't implement.

0.32 2016/06/14 08:30:00
  - Clarified some POD information on a few methods.
  - Bug ID: 115296 - Changed the use_ssl test when providing custom SSL_Version
    settings via the SSL_Client_Certificate option.  Now does a positive test
    for SSL instead of a negative test.
  - Modified t/10-complex.t to do a better uput test.  Put into its own test
    function so that I could also validate the filename returned instead of just
    assuming it was correct!
  - Added additional test cases for files with spaces in their names.
  - Added run_stat_test() for future tests for "is_..." functions.

0.31 2016/03/30 08:30:00
  - Updated the Copyright.
  - Fixed issue where "uput" cmd generated "Invalid number of \ 
parameters" error.
    Fix is to call STOU a 2nd time with no file name.  But if this happens and
    the server doesn't return the file name, uput now returns "?" \ 
instead of
    making what it knows is a very flawed guess! (since it doesn't use the hint)
  - Implemented mdtm() server bug fix.  Some rare servers do (19xxx) instead of
    (20xx) for the year part of the timestamp returned.  So implemented
    autodetection & fix for this server issue!
  - Added undocumented Debug value to supress printing out the HELP information
    during login.  It got in the way of debugging via add-hock perl scripts.
  - Added is_file() to validate if the given name is a regular file!
  - Added is_dir() to validate if the given name is a directory!
  - Fixed bug in t/10-complex.t that made it look like "make test" \ 
succeeded
    when in fact it encountered a fatal error forcing it to skip over all the
    other deeper tests.  Affected call to config func: check_for_pasv_issue()
  - Fixed some undef warnings in "uput() test" in t/10-complex.t when \ 
talking
    to buggy windows FTPS servers that says it supports "uput" but \ 
handles it
    really strangely or not at all.  Now also handles new "?" return \ 
value in
    the strange case.
  - Fixed bug in t/10-complex.t in test_log_redirection() failing a EPSV test
    when the destination server didn't support this functionality.
  - Modified t/10-complex.t to print the "OK" results to the log file.
    Makes it a bit easier to associate failures to what's in the log file!
  - Fixed some typoes in the POD.

0.30 2015/08/13 08:30:00
  - INCOMPATIBILITY WARNING!  If you've been hacking internal undocumented
    variables referenced by my module, your code is most likely broken with this
    release!  If you've been doing "$ftps = new (...);  $x = \ 
${*$ftps}{abc};",
    it's now "$x = ${*$ftps}{_FTPSSL_arguments}->{abc};" for a lot \ 
of them.
    This change was made to make it less likely I'll accidentaly step on a
    IO::Socket::SSL variable in a future release of either module.  It also
    helps me with error log traces & some future plans if they ever happen.
  - Changed t/00-basic.t so it no longer needs to call uc().  Also now uses
    __PACKAGE__ keyword instead of hard coded text.
  - Fixed error message bug in _get_data_channel().  Got SSL_version from wrong
    hash.
  - Reorganized the order of some functions in the POD.
  - Fixed minor bug in the masking of the user id when writing to a log file!
  - Looks like the sysread() call in response() is sometimes spurriously setting
    the special variable "$!" for Perl 5.10.1 on AIX 7.1.  So if the \ 
command
    looks complete I'm going to ignore the error message returned in "$!".
    I'm probably going to have to figure out a better test for this later on!
  ######
  - EXPERIMENTAL: Added 2 new functions set_dc_from_hash() and copy_cc_to_dc().
    They provide two different ways to micro manage the SSL options used to
    manage the Data Channel without the need to hack the code base.  There are
    more SSL options than I know what to do with so hopefully this will help
    with managing the data channel.

0.29 2015/07/06 08:30:00
  - Fixed typo that broke reuse session.  Bug was overwriting key value!
  - Fixed uc() warning in t/00-basic.t for Perl 12 & above.

0.28 2015/07/01 08:30:00
  - Updated README file with info on how to turn on SSL tracing so that I can
    more easily find that information again.
  - Fixed log display issue if there was no username and/or password passed
    to login().
  - In quot() fixed pattern match bug when setting $cmd2.  (\S* to \S+)
  - Added LICENSE file to my package (+ Manifest).   Kwaltiee Experimental # 3.
  - Rewrote Makefile.PL to support optional parameters so I could add
    conditional Kwaltiee Score variables.
  - Added MIN_PERL_VERSION tag to Makefile.PL   Extra Kwaltiee Metric # 1.
    Enforced Ver. 5.6.1, since that is the earliest perl my module was tested
    against by the smoke testers.  But it was last tested that way with v0.11.
    Version 5.8.8 is the oldest version of Perl I test against regularly.
  - Added LICENSE tag to Makefile.PL            Extra Kwaltiee Metric # 2.
  - Added Net::SSLeay as a fake dependancy to Makefile.PL & as a test case in
    t/00-basic.t for the benifit of some Smoke Testers who fail my module due
    to this indirect dependancy not working.  I don't use this module, but it's
    obviously a dependancy of IO::Socket::SSL.  But it looks like it might
    not be a declared dependancy since it's failing to load for a smoke tester
    while he's testing my module.
  - Fixed _print_LOG() to support multiple arguments.  So no longer have to
    concatinate everything before using.
  - Rewrote _debug_print_hash() to be able to handle hashes of any depth.
    It's now recursive with infinite loop detection.
  - Added logic to support reusing the session instead of just the context.
    This is via the new option "ReuseSession=>1".
    Thanks Forrest Tiffany for your patch!  (Bug Ids 76108 & 105507)

0.27 2015/03/28 08:30:00
  - Fixed Bug Id # 102680.  Bad "supported" test in xput/xtransfer with
    regard to OverrideHELP=>1.  (All other OverrideHELP options worked fine.)
  - Added "all_supported()" to assist fixing the above bug & put \ 
into the POD.
  - Some minor POD corrections.
  - Added check to quot("HELP") to see if HELP was overriden.  Required
    a minor change in new() to support this logic.  We know help is broken if
    OverrideHELP was used!
  - Added the INTERPRETING THE LOGS section in the POD text.
   2016-06-08 21:25:20 by Thomas Klausner | Files touched by this commit (2236) | Package updated
Log message:
Bump PKGREVISION for perl-5.24.
   2015-11-04 01:35:47 by Alistair G. Crooks | Files touched by this commit (748)
Log message:
Add SHA512 digests for distfiles for net category

Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152)
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
   2015-02-20 16:00:09 by Makoto Fujiwara | Files touched by this commit (2) | Package updated
Log message:
Update 0.22 to 0.26
-------------------
0.26 2015/02/10 08:30:00
  - The deprecialted SSL_Advanced option now causes new() to call croak.
    I'll remove any remaining reference to it in v0.27 or v0.28.
  - The POD text no longer mentions the SSL_Advanced option at all.
  - Added to README the new environment variable created for the test scripts
    in the previous release.
  - The RFC links in the SEE ALSO section had all expired.  Located replacement
    links for all referenced documents.  Looks like they were just moved to
    another location on the same web site.  A victim of web-site remodeling.
  - Enhanced _debug_print_hash().  It originally worked with just GLOBs, but
    now works with regular hashes as well.  Also fixed to follow SCALAR
    references.
  - Now dumps to the log file the contents of the SSL_Client_Certificate
    hash if provided.  Was difficult to debug logic when it wasn't logged.
  - Bug Id # 101388, reusing SSL_Client_Certificate options on the data channel.
    Added additional options to go with SSL_reuse_ctx to resolve this issue.
    I checked the IO-Socket-SSL docs & all variables in the bug id are by
    default part of SSL_reuse_ctx.  So some low level code isn't resolving
    the context correctly.  This is a work arround.  (Certificates were not
    being used here.  Just using the context for strict hostname verification.)
    May be a case that when certificates are not used, the context isn't
    fully used either.

0.25 2014/09/05 08:30:00
  WARNING: This is a major upgrade & may not be 100% backwards compatible with
           existing code.  Also the response() redesign may not work for all
           FTPS servers!  It's a work in progress!  So comments are welcome!
  - Upgraded the minimum version of IO-Socket-SSL required from v1.08 to v1.26
    so that I could remove the warnings in the POD for ccc().  But it should
    still work with the earlier versions if you hack the code.  But don't rely
    on this in future releases.  (minus the ccc command)
  - Modified the Synopsis to use Croak since no one was reading my comments
    about using it too closely anyway.
  - Added a new pattern for uput() to check for file names with.
    Also fixed to guarentee it will never return any path info, just the
    base file name itself.  [ This change may break existing programs. ]
  - Another hack to recover from a garbled CCC response.  This hack just
    prevents unnecessary warnings.
  - Hit a weird FTP server that requiers me to flip flop the binary/ASCII
    settings on the server/client.  See mixedModeAI() & mixedModeIA().
  - Added a way to print Perl warnings to the log file. (trapWarn)  It will
    chain things if warnings were already trapped.  Even between multiple open
    Net::FTPSSL object logs.  This is only usefull as a debugging tool when
    reporting on errors via CPAN.  It helps provide context to the warnings
    that affect this code base.
  - Added get_log_filehandle() to allow someone to gain access to the open
    filehandle used to write to the log file generated when Debug is turned on
    and you specified a log file via DebugLogFile.
  - Now allows DebugLogFile to be an open file handle (GLOB).
  - Fixed quot() to echo the command if it's one of those dissallowed.
    Also now strips off any leading spaces from the command before using it.
  - Found out use "sub DESTROY" rather than "sub END" for \ 
objects. (Just a FYI)
    Surprise, Surprise!  Sometimes END is called before DESTROY is!
  - Moved some logic out of quit() into the new DESTROY() method.  No longer
    need to hack object termination logic via quit().
  - Added END to handle final clean up for trapWarn().
  - Fixed warnings in function _feat() caused by strange server returns.
  - Fixed warnings in function _help() caused by strange server returns.
  - Fixed 20-certificate.t bug where $ENV{HOME} is not defined for all OS.
  - Fixed 10-complex.t to use the new warning logic.
  - Fixed 20-certificate.t to use the new warning logic.
  - Fixed t/10-complex.t & t/20-certificate.t to use a 30 second Timeout
    instead of using the default 2 minutes.
  - Reworked response() with regard to Bug # 97608. (related to Bug # 73115)
    Had to redesign how this method worked.  It was getting too convoluted
    to patch any further.  Was the only way to properly fix _help & _feat.
  - Second issue for Bug # 9706 was an issue with very long login messsages
    hit an unexpected Timeout issue (last release enhancement).  Turns out the
    Timeout logic in response() didn't always work properly if you didn't read
    in the entire response via a single call to sysread().  Had two options,
    make the buffer huge for the login response or make the logic more complex,
    to only check for Timeouts on the command channel for new commands.  Turns
    out select() & sysread() don't actually compare notes.  Hense another reason
    to redesign how things worked.
  - This rewrite of response() broke the ccc() hack.  So had to redesign how
    this hack worked as well.  [May break existing programs using CCC!]
  - Added special case Debug=>99 for more detailed logging for debugging
    the new response code base in the future.
  - Added new environment variable (FTPSSL_DEBUG_LEVEL) to t/10-complex.t to
    enable low level debugging of the new response() code.  There is no prompt
    to turn on this feature.  Added more as a reminder that it can be done!
  - Updated the SSL_Advanced depreciated warning that it will soon be removed
    in a future release.  It was depreciated in v0.18 way back in 2011, so I
    feel it's about time to have it removed.  Just giving fair warning here!
    I'll remove it in v0.26 or v0.27.

0.24 2014/06/30 08:30:00
  - Makefile.PL fix, only asks question if Net::HTTPTunel isn't present!
    Also now defaults to "N" instead of "Y" if module not \ 
present.
  - Fixed bug in supported().  Unsupported commands are followed with "*"
    in help.  Most do "CMD*", but found some servers doing "CMD \ 
*" instead.
  - Fixed bug in 20-certificate.t where we were getting a false failure
    on nlst().  Fixed to explicitly check the response code instead of
    assuming an error when nothing was found.  Fixed list() as well.
  - Same fix in 10-complex.t, even though tests designed to always return
    something.
  - Added transfer() to transfer files from one system to another system
    without the need to make a local copy of the file.
  - Added xtransfer() as well.
  - Added transfer & xtransfer validation to 10-complex.t to test things out.
  - Added a new environment variable default for *.t prompts.
  - Bug # 95411 - Patch provided by ian@iansramblings.com.  Fixes hang issue
    when the command channel unexpectedly drops.  Does this by implementing
    a timeout in response().
    #-------  (Should I do this for the many data channel sysreads as well?)

0.23 2013/08/01 08:30:00
  - Added clarification to use of SSL_Client_Certificate option in pod text.
  - Added Bug Id 82094 to support tunneling through a proxy server via the
    ProxyArgs option.  Supports both proxy servers that require a password as
    well as those that don't.  This option requires Net::HTTPTunnel to use.
    But this new module isn't required if you don't use tunneling.
    (perl Makefile.PL will ask.)
  - Added optional proxy server questions if Net::HTTPTunnel is installed for
    the test scripts (t/*.t).  It warns you if it's missing during the test.
  - Fixed bug in login() so the call to help() only happens if the login is
    successfull.
  - Bug Id 84376 uncoverd bug in IO-Socket-SSL versions 1.79 to 1.85 when
    using Certificats for the Data Channel & getting a Man-In-The-Middle (MITM)
    warning that didn't apply.  So skip those releases.
  - Bug Id 85420 same MITM warning as the other bug, but this time without using
    Certificates in the command channel.  This required a code change in new()
    to fix.
  - Fixed masking issue when writing to the log file when the value that needed
    to be masked contained regex special chars.
  - Added clarification that any warnings printed below the 10-complex.t tests
    are just that.  Warnings, not errors preventing things from working.  They
    are collected so the developer can be notified about them for fixing in
    furture releases.  They are also written to the end of the log now as well.
   2014-10-09 16:07:17 by Thomas Klausner | Files touched by this commit (1163)
Log message:
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
   2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049)
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.