summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorast <ast@pkgsrc.org>2022-08-06 17:05:46 +0000
committerast <ast@pkgsrc.org>2022-08-06 17:05:46 +0000
commite8bc22ca214003abee26e6d7cf99e8ba292b50cc (patch)
tree2df20b23e351dfef11ac74ca220ccd1d44ba233a /security
parentebaec9127092b2087e6a35dea514a4216ccad645 (diff)
downloadpkgsrc-e8bc22ca214003abee26e6d7cf99e8ba292b50cc.tar.gz
security/p5-Net-SSLeay update to 1.92
Upstream changes: 1.92 2022-01-12 - New stable release incorporating all changes from developer releases 1.91_01 to 1.91_03. - Summary of major changes since version 1.90: - Net::SSLeay now supports stable releases of OpenSSL 3.0. - OpenSSL 3.0.0 introduces the concept of "providers", which contain cryptographic algorithm implementations. Many outdated, deprecated and/or insecure algorithms have been moved to the "legacy" provider, which may need to be loaded explicitly in order to use them with Net::SSLeay. See "Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the Net::SSLeay module documentation for details. - Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on algorithms that have moved to the legacy provider described above; if OpenSSL has been compiled without the legacy provider, the tests t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will fail when the test suite is run. - TLS 1.1 and below may only be used at security level 0 as of OpenSSL 3.0.0; if a minimum required security level is imposed (e.g. in an OpenSSL configuration file managed by the operating system), the tests t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite is run. - Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4 series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the Net::SSLeay module documentation for details). - The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are enabled by default, is not fully compatible with the libssl API and may not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS" in the Net::SSLeay module documentation for details. - A number of new libcrypto/libssl constants and functions are now exposed, including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(), which are helpful when debugging TLS handshakes. See the release notes for the 1.91 developer releases below for a full list of newly-exposed constants and functions. For details see https://metacpan.org/dist/Net-SSLeay/changes
Diffstat (limited to 'security')
-rw-r--r--security/p5-Net-SSLeay/Makefile7
-rw-r--r--security/p5-Net-SSLeay/distinfo10
-rw-r--r--security/p5-Net-SSLeay/patches/patch-SSLeay.xs15
-rw-r--r--security/p5-Net-SSLeay/patches/patch-t_local_43__misc__functions.t33
4 files changed, 6 insertions, 59 deletions
diff --git a/security/p5-Net-SSLeay/Makefile b/security/p5-Net-SSLeay/Makefile
index eed577a1cff..5446d0d7dc2 100644
--- a/security/p5-Net-SSLeay/Makefile
+++ b/security/p5-Net-SSLeay/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.100 2022/06/28 11:35:49 wiz Exp $
+# $NetBSD: Makefile,v 1.101 2022/08/06 17:05:46 ast Exp $
-DISTNAME= Net-SSLeay-1.90
+DISTNAME= Net-SSLeay-1.92
PKGNAME= p5-${DISTNAME}
-PKGREVISION= 2
CATEGORIES= security perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=Net/}
@@ -15,8 +14,6 @@ TEST_DEPENDS+= p5-Test-Exception-[0-9]*:../../devel/p5-Test-Exception
TEST_DEPENDS+= p5-Test-Warn-[0-9]*:../../devel/p5-Test-Warn
TEST_DEPENDS+= p5-Test-NoWarnings-[0-9]*:../../devel/p5-Test-NoWarnings
-USE_LANGUAGES= c
-
PERL5_PACKLIST= auto/Net/SSLeay/.packlist
MAKE_ENV+= OPENSSL_PREFIX=${SSLBASE}
MAKE_ENV+= PERL_MM_USE_DEFAULT=1 # avoid network question
diff --git a/security/p5-Net-SSLeay/distinfo b/security/p5-Net-SSLeay/distinfo
index 21169b6aa16..341b34e6ee1 100644
--- a/security/p5-Net-SSLeay/distinfo
+++ b/security/p5-Net-SSLeay/distinfo
@@ -1,7 +1,5 @@
-$NetBSD: distinfo,v 1.53 2021/10/26 11:17:33 nia Exp $
+$NetBSD: distinfo,v 1.54 2022/08/06 17:05:46 ast Exp $
-BLAKE2s (Net-SSLeay-1.90.tar.gz) = 882fd55d9216c31eddb69346ba98b0bceb1f0950fe9c168e40b65edd59711a09
-SHA512 (Net-SSLeay-1.90.tar.gz) = 8a5f251b5ef1d8c2d619d984594a7a22ddeed2e5e726fe683a45f299d7878f4ca8ffab00480ebf5ef7a94ae1fcf6be05dfdaa68b8bfe2ad68443150765adb891
-Size (Net-SSLeay-1.90.tar.gz) = 534246 bytes
-SHA1 (patch-SSLeay.xs) = f7937ae0c2dcf97462a44d6344ff20483cf07566
-SHA1 (patch-t_local_43__misc__functions.t) = 176e4993f9327237038312d2f23c5cfc065acc81
+BLAKE2s (Net-SSLeay-1.92.tar.gz) = 9b3c069a8ca4508f0ad613ded1c316da20e632103fe83df5a9754a392002376d
+SHA512 (Net-SSLeay-1.92.tar.gz) = e9d9161ebeb7be90f4c7a0ea98f1034892ce6d33aa72872683177b19daa1f4c5819f85ea9a052a076ec8d7c21705f6c344aef64680bc881bf3218d38e8b7b173
+Size (Net-SSLeay-1.92.tar.gz) = 555930 bytes
diff --git a/security/p5-Net-SSLeay/patches/patch-SSLeay.xs b/security/p5-Net-SSLeay/patches/patch-SSLeay.xs
deleted file mode 100644
index 6cdd30d49bb..00000000000
--- a/security/p5-Net-SSLeay/patches/patch-SSLeay.xs
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-SSLeay.xs,v 1.1 2021/10/16 14:02:56 schmonz Exp $
-
-Build with OpenBSD's LibreSSL (patch taken from OpenBSD ports).
-
---- SSLeay.xs.orig Thu Jan 21 15:14:11 2021
-+++ SSLeay.xs
-@@ -6172,7 +6172,7 @@ SSL_total_renegotiations(ssl)
- OUTPUT:
- RETVAL
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
- void
- SSL_SESSION_get_master_key(s)
- SSL_SESSION * s
diff --git a/security/p5-Net-SSLeay/patches/patch-t_local_43__misc__functions.t b/security/p5-Net-SSLeay/patches/patch-t_local_43__misc__functions.t
deleted file mode 100644
index b33805190f5..00000000000
--- a/security/p5-Net-SSLeay/patches/patch-t_local_43__misc__functions.t
+++ /dev/null
@@ -1,33 +0,0 @@
-$NetBSD: patch-t_local_43__misc__functions.t,v 1.1 2021/10/16 14:02:56 schmonz Exp $
-
-Patch taken from OpenBSD ports:
-
-LibreSSL uses different names for TLS 1.3 ciphers.
-
-LibreSSL does not define TLS1_3_VERSION, but test discovers TLS 1.3.
-
---- t/local/43_misc_functions.t.orig Thu Jan 21 15:14:11 2021
-+++ t/local/43_misc_functions.t
-@@ -40,6 +40,10 @@ our %tls_1_3_aead_cipher_to_keyblock_size = (
- 'TLS_AES_128_GCM_SHA256' => 56,
- 'TLS_AES_256_GCM_SHA384' => 88,
- 'TLS_CHACHA20_POLY1305_SHA256' => 88,
-+ # LibreSSL uses different names
-+ 'AEAD-AES128-GCM-SHA256' => 56,
-+ 'AEAD-AES256-GCM-SHA384' => 88,
-+ 'AEAD-CHACHA20-POLY1305-SHA256' => 88,
- );
-
- # Combine the AEAD hashes
-@@ -56,6 +60,11 @@ our %version_str2int =
- 'TLSv1.2' => sub {return eval {Net::SSLeay::TLS1_2_VERSION();}},
- 'TLSv1.3' => sub {return eval {Net::SSLeay::TLS1_3_VERSION();}},
- );
-+
-+# LibreSSL does not define TLS1_3_VERSION
-+if (Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER")) {
-+ $version_str2int{'TLSv1.3'} = sub {return 0x0304};
-+}
-
- # Tests that don't need a connection
- client_test_ciphersuites();