Wednesday 3rd July 2013
Fedora Project
Updated perl-IO-Socket-SSL to 1.951 in Rawhide:
Major behaviour change:
ssl_verify_mode now defaults to verify_peer for client
Previously it used verify_none, but loudly complained since 1.79 about it
- It will not complain any longer, but the connection will probably fail
Please don't simply disable ssl verification; instead, set SSL_ca_file etc. so that verification succeeds!
Major behaviour change:
It will now complain if the built-in defaults of certs/my-ca.pem or ca/ for CA and certs/{server,client}-{key,cert}.pem for cert and key are used, i.e. no certificates are specified explicitly
- In the future these insecure (relative path!) defaults will be removed and the CA replaced with the system defaults
Use Net::SSLeay::SSL_CTX_set_default_verify_paths to use openssl's built-in defaults for CA unless CA path/file was given (or IO::Socket::SSL built-ins used)
Updated perl-Tree-DAG_Node to 1.12 in Rawhide:
Change text in README referring to licence to match text in body of source, since it was in conflict with the Artistic Licence V 2.0
Rename CHANGES to Changes as per CPAN::Changes::SPEC
- Various spelling fixes in the docs
Local Packages
Updated perl-IO-Socket-SSL to 1.951 as per the Fedora version
Updated perl-Tree-DAG_Node to 1.12 as per the Fedora version