Subject: CVS commit: pkgsrc/security/p5-IO-Socket-SSL
From: Hiramatsu Yoshifumi
Date: 2013-04-19 11:12:50
Message id: 20130419091251.0E900175DD@cvs.netbsd.org

Log Message:
Update p5-IO-Socket-SSL to 1.86.

Changes from previous:
----------------------
v1.86 2013.04.17
- RT#84686 - don't complain about SSL_verify_mode is SSL_reuse_ctx,
  thanks to CLEACH
v1.85 2013.04.14
- probe for available modules with local __DIE__ and __WARN__handlers.
  fixes RT#84574, thanks to FRAZER
- fix warning, when IO::Socket::IP is installed and inet6 support gets explictly
  requested. RT#84619, thanks to Prashant[DOT]Tekriwal[AT]netapp[DOT]com
v1.84 2013.02.15
- disabled client side SNI for openssl version < 1.0.0 because of RT#83289
- added functions can_client_sni, can_server_sni, can_npn to check avaibility
  of SNI and NPN features. Added more documentation for SNI and NPN.
v1.83_1 2013.02.14
- seperated documention of non-blocking I/O from error handling
- changed and documented behavior of readline to return the read
  data on EAGAIN/EWOULDBLOCK in case of non-blocking socket.
  See https://github.com/noxxi/p5-io-socket-ssl/issues/1, thanks to
  mytram
v1.83 2013.02.03
- Server Name Indication (SNI) support on the server side, inspired by
  patch provided by karel[DOT]miko[AT]gmail[DOT]com.
  https://rt.cpan.org/Ticket/Display.html?id=82761
- reworked part of the documentation, like providing better examples.
v1.82 2013.01.28
- sub error sets $SSL_ERROR etc only if there really is an error,
  otherwise it will keep the latest error. This causes
  IO::Socket::SSL->new.. to report the correct problem, even if
  the problem is deeper in the code (like in connect)
- correct spelling, rt#8270. Thanks to ETHER
v1.81 2012.12.06
- deprecated set_ctx_defaults, new name ist set_defaults (but old name
  still available)
- changed handling of default path for SSL_(ca|cert|key)* keys: either
  if one of these keys is user defined don't add defaults for the
  others, e.g.  don't mix user settings and defaults
- cleaner handling of module defaults vs. global settings vs. socket
  specific settings. Global and socket specific settings are both
  provided by the user, while module defaults not.
- make IO::Socket::INET6 and IO::Socket::IP specific tests run both,
  even if both modules are installed by faking a failed load of the
  other module.
v1.80 2012.11.30
- removed some warnings in test (missing SSL_verify_mode => 0) which
  caused tests to hang on Windows.
  https://rt.cpan.org/Ticket/Display.html?id=81493
v1.79 2012.11.25
- prepare transition to a more secure default for SSL_verify_mode.
  The use of the current default SSL_VERIFY_NONE will cause a big warning
  for clients, unless SSL_verify_mode was explicitly set inside the
  application to this insecure value.
  In the near future the default will be SSL_VERIFY_PEER, and thus
  causing verification failures in unchanged applications.
v1.78 2012.11.25
- use getnameinfo instead of unpack_sockaddr_in6 to get PeerAddr and
  PeerPort from sockaddr in _update_peer, because this provides scope
  too. Thanks to bluhm[AT]genua[DOT]de.
- work around systems which don't defined AF_INET6
  https://rt.cpan.org/Ticket/Display.html?id=81216
  Thanks to GAAS for reporting

Files:
RevisionActionfile
1.63modifypkgsrc/security/p5-IO-Socket-SSL/Makefile
1.45modifypkgsrc/security/p5-IO-Socket-SSL/distinfo