diff options
| author | schmonz <schmonz> | 2014-06-09 19:43:51 +0000 |
|---|---|---|
| committer | schmonz <schmonz> | 2014-06-09 19:43:51 +0000 |
| commit | 20a43ce6f920455c038e182b4f1fe70e44a96723 (patch) | |
| tree | f9ece1397b56a17522838d398854e49f621afba6 | |
| parent | 8998cbc4cc3863bfdd7b48bae16048ef48cf3b13 (diff) | |
| download | pkgsrc-20a43ce6f920455c038e182b4f1fe70e44a96723.tar.gz | |
Update to 1.992. From the changelog:
1.992 2014/06/01
- set $! to undef before doing IO (accept, read..). On Winwdows a connection
reset could cause SSL read error without setting $!, so make sure we don't
keep the old value and maybe thus run into endless loop.
1.991 2014/05/27
- new option SSL_OCSP_TRY_STAPLE to enforce staple request even if
VERIFY_NONE
- work around for RT#96013 in peer_certificates
1.990 2014/05/27
- added option SSL_ocsp_staple_callback to get the stapled OCSP response
and verify it somewhere else
- try to fix warnings on Windows again (#95967)
- work around temporary OCSP error in t/external/ocsp.t
1.989 2014/05/24
- fix #95881 (warnings on windows), thanks to TMHALL
1.988 2014/05/17
- add transparent support for DER and PKCS#12 files to specify cert and key,
e.g. it will autodetect the format
- if SSL_cert_file is PEM and no SSL_key_file is given it will check if
the key is in SSL_cert_file too
1.987 2014/05/17
- fix t/verify_hostname_standalone.t on systems without usable IDNA or IPv6
#95719, thanks srchulo
- enable IPv6 support only if we have a usable inet_pton
- remove stale entries from MANIFEST (thanks seen[AT]myfairpoint[DOT]net)
1.986 2014/05/16
- allow IPv4 in common name, because browsers allow this too. But only for
scheme www/http, not for rfc2818 (because RC2818 does not allow this).
In default scheme IPv6 and IPv4 are allowed in CN.
Thanks to heiko[DOT]hund[AT]sophos[DOT]com for reporting the problem.
- Fix handling of public suffix. Add exemption for *.googleapis.com
wildcard, which should be better not allowed according to public suffix
list but actually is used.
- Add hostname verification test based on older test of chromium. But change
some of the test expectations because we don't want to support IP as SAN
DNS and because we enforce a public suffix list (and thus *.co.uk should
not be allowed)
| -rw-r--r-- | security/p5-IO-Socket-SSL/Makefile | 5 | ||||
| -rw-r--r-- | security/p5-IO-Socket-SSL/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/security/p5-IO-Socket-SSL/Makefile b/security/p5-IO-Socket-SSL/Makefile index 04e8a07add8..779d285e02f 100644 --- a/security/p5-IO-Socket-SSL/Makefile +++ b/security/p5-IO-Socket-SSL/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.69 2014/05/29 23:37:24 wiz Exp $ +# $NetBSD: Makefile,v 1.70 2014/06/09 19:43:51 schmonz Exp $ -DISTNAME= IO-Socket-SSL-1.985 +DISTNAME= IO-Socket-SSL-1.992 PKGNAME= p5-${DISTNAME} -PKGREVISION= 1 SVR4_PKGNAME= p5iss CATEGORIES= security net perl5 MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=../../authors/id/S/SU/SULLR/} diff --git a/security/p5-IO-Socket-SSL/distinfo b/security/p5-IO-Socket-SSL/distinfo index c119a1f2d44..01d6b55cd33 100644 --- a/security/p5-IO-Socket-SSL/distinfo +++ b/security/p5-IO-Socket-SSL/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.48 2014/05/15 10:01:43 wiz Exp $ +$NetBSD: distinfo,v 1.49 2014/06/09 19:43:51 schmonz Exp $ -SHA1 (IO-Socket-SSL-1.985.tar.gz) = 49a1e1acb3eb2df5dbfcd34975ff2a6268ef12ce -RMD160 (IO-Socket-SSL-1.985.tar.gz) = 1eaeacf4ff37a7d4780085a3578f36f0fd684219 -Size (IO-Socket-SSL-1.985.tar.gz) = 166580 bytes +SHA1 (IO-Socket-SSL-1.992.tar.gz) = b0313bb650bc931b340ca50549bfe781d5b5baab +RMD160 (IO-Socket-SSL-1.992.tar.gz) = 31075269225912cc2d69a313018c74025558a55e +Size (IO-Socket-SSL-1.992.tar.gz) = 180052 bytes |