Log message:
Update to 2.023
---------------
2.023 2016/01/30
- OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
  was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
  This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
  which caused an endless loop. It will now ignore this result in case the TLS
  connection was not yet established and consider the TLS connection closed
  instead.

Log message:
Update p5-IO-Socket-SSL to 2.022:

2.022 2015/12/10
- fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash.
  Thanks to Mark.Martinec[AT]ijs[DOT]si for reporting in #110253

Log message:
Update p5-IO-Socket-SSL to 2.021:

2.021 2015/12/02
- Fixes for documentation and typos thanks to DavsX and jwilk.
- Update PublicSuffx with latest version from publicsuffix.org

Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Log message:
Update to 2.020:

2.020 2015/09/20
- support multiple directories in SSL_ca_path as proposed in RT#106711
  by dr1027[AT]evocat[DOT]ne. Directories can be given as array or as string
  with a path separator, see documentation.
- typos fixed thanks to jwilk https://github.com/noxxi/p5-io-socket-ssl/pull/34

Log message:
Update to 2.019
---------------
2.019 2015/09/01
- work around different behavior of getnameinfo from Socket and Socket6 by
  using a different wrapper depending on which module I use for IPv6.
  Thanks to bluhm for reporting.

Log message:
Update to 2.018:

2.018 2015/08/27
- RT#106687 - startssl.t failed on darwin with old openssl since server
  requested client certificate but offered also anon ciphers

Log message:
Update to 2.017:

2.017 2015/08/24
- checks for readability of files/dirs for certificates and CA no longer use
  -r because this is not safe when ACLs are used. Thanks to BBYRD, RT#106295
- new method sock_certificate similar to peer_certificate based on idea of
  Paul Evans, RT#105733
- get_fingerprint can now take optional certificate as argument and compute
  the fingerprint of it. Useful in connection with sock_certificate.
- check for both EWOULDBLOCK and EAGAIN since these codes are different on
  some platforms. Thanks to Andy Grundman, RT#106573
- enforce default verification scheme if none was specified, i.e. no longer
  just warn but accept. If really no verification is wanted a scheme of
  'none' must be explicitely specified.
- support different cipher suites per SNI hosts

Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Log message:
Update to 2.016:

2.016 2015/06/02
- add flag X509_V_FLAG_TRUSTED_FIRST by default if available in OpenSSL
  (since 1.02) and available with Net::SSLeay. RT#104759 (thanks GAAS)
- work around hanging prompt() with older perl in Makefile.PL RT#104731
- make t/memleak_bad_handshake.t work on cygwin and other systems having
  /proc/pid/statm, see RT#104659
- add better debugging based on patch from H.Merijn Brand