Navigation:
Browse pkgsrc
(this page)| 2017-01-16 10:28:46 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.043. 2.043 2017/01/06 - make t/session_ticket.t work with OpenSSL 1.1.0. With this version the session does not get reused any longer if it was not properly closed which is now done using an explicit close by the client which causes a proper SSL_shutdown 2.042 2017/01/05 - enable session ticket callback with Net::SSLeay>=1.80 |
| 2017-01-04 15:44:23 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.041. 2.041 2017/01/04 - leave session ticket callback off for now until the needed patch is included in Net::SSLeay. See https://rt.cpan.org/Ticket/Display.html?id=116118#txn-1696146 |
| 2016-12-19 10:32:48 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.040. 2.040 2016/12/17 - fix detection of default CA path for OpenSSL 1.1.x - Utils::CERT_asHash now includes the signature algorithm used - Utils::CERT_asHash can now deal with large serial numbers |
| 2016-11-28 14:00:16 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.039. 2.039 2016/11/20 - OpenSSL 1.1.0c changed the behavior of SSL_read so that it now returns -1 on EOF without proper SSL shutdown. Since it looks like that this behavior will be kept at least for 1.1.1+ adapt to the changed API by treating errno=NOERR on SSL_ERROR_SYSCALL as EOF. |
| 2016-09-19 00:03:10 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.038. 2.038 2016/09/17 - restrict session ticket callback to Net::SSLeay 1.79+ since version before contains bug. Add test for session reuse - extend SSL fingerprint to pubkey digest, i.e. 'sha1$pub$xxxxxx....' - fix t/external/ocsp.t to use different server (under my control) to check OCSP stapling |
| 2016-08-24 07:58:33 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.037. 2.037 2016/08/22 - fix session cache del_session: it freed the session but did not properly remove it from the cache. Further reuse causes crash. |
| 2016-08-19 17:26:23 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Updated p5-IO-Socket-SSL to 2.036.
Changes for 2.036 not documented.
2.035 2016/08/11
- fixes for issues introduced in 2.034
- return with error in configure_SSL if context creation failed. This
might otherwise result in an segmentation fault later.
- apply builtin defaults before any (user configurable) global settings
(i.e. done with set_defaults, set_default_context...) so that builtins
don't replace user settings
Thanks to joel[DOT]a[DOT]berger[AT]gmail[DOT]com for reporting
|
| 2016-08-09 00:33:26 by Makoto Fujiwara | Files touched by this commit (2) |
Log message: Updated security/p5-IO-Socket-SSL to 2.034 ------------------------------------------ 2.034 2016/08/08 - move handling of global SSL arguments into creation of context, so that these get also applied when creating a context only. |
| 2016-07-21 14:29:57 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.033. 2.033 2016/07/15 - support for session ticket reuse over multiple contexts and processes (if supported by Net::SSLeay) - small optimizations, like saving various Net::SSLeay constants into variables and access variables instead of calling the constant sub all the time - make t/dhe.t work with openssl 1.1.0 2.032 2016/07/12 - Set session id context only on the server side. Even if the documentation for SSL_CTX_set_session_id_context makes clear that this function is server side only it actually affects hndling of session reuse on the client side too and can result in error "SSL3_GET_SERVER_HELLO:attempt to reuse session in different context" at the client. 2.031 2016/07/08 - fix for bug in session handling introduced in 2.031, RT#115975 Thanks to paul[AT]city-fan[DOT]org for reporting 2.030 2016/07/08 - Utils::CERT_create - don't add given extensions again if they were already added. Firefox croaks with sec_error_extension_value_invalid if (specific?) extensions are given twice. - assume that Net::SSLeay::P_PKCS12_load_file will return the CA certificates with the reverse order as in the PKCS12 file, because that's what it does. - support for creating ECC keys in Utils once supported by Net::SSLeay - remove internal sub session_cache and access cache directly (faster) |
| 2016-06-30 19:44:18 by Thomas Klausner | Files touched by this commit (2) |
Log message: Updated p5-IO-Socket-SSL to 2.029. 2.029 2016/07/26 - fix del_session method in case a single item was in the cache - use SSL_session_key as the real key for the cache and not some derivate of it, so that it works to remove the entry using the same key 2.028 2016/07/26 - add del_session method to session cache |
New packages: