Friday 8th July 2016
Fedora Project
Updated perl-GDGraph to 1.53 in Rawhide:
Fix 'Illegal division by zero' when x_min_value and x_max_value are defined and x_tick_number set to 'auto' (CPAN RT#73185, GH#12)
Updated perl-IO-Socket-SSL to 2.031 in Rawhide:
Utils::CERT_create - don't add given extensions again if they were already added; Firefox croaks with sec_error_extension_value_invalid if (specific?) extensions are given twice
Assume that Net::SSLeay::P_PKCS12_load_file will return the CA certificates with the reverse order as in the PKCS12 file, because that's what it does
Support for creating ECC keys in Utils once supported by Net::SSLeay
Remove internal sub session_cache and access cache directly (faster)
Updated perl-YAML-LibYAML to 0.63 in Rawhide:
Fix memory leaks (GH#48)
Local Packages
Updated perl-IO-Socket-SSL to 2.031 as per the fedora version
Updated perl-Net-FTPSSL to 0.33:
- Behaviour change: Since many OpenSSL libraries are tightening their security, I'm adding a new option to preserve backwards compatibility:
- By default this module now reuses the context of the command channel when opening a data channel
If you need to revert back to the previous default of not reusing the context for data channels, you must now use option "DisableContext => 1" to do so; hopefully the need for this option will be rare
- See the POD for more details
- Behaviour change: Added support for SNI in the SSL handshake
Changed logic on how to detect if a default "SSL_verify_mode" value needed to be set to VERIFY_NONE() for the caller in new()
Can now pass SSL options directly to new():
You no longer need to use the "SSL_Client_Certificate" option to pass the hash reference of SSL options
Currently only recognises IO::Socket::SSL options that start with SSL_
- If any start with something else, they will be addressed in a future release
- Clarified some POD information on a few methods
Enhanced "size" function to use STAT if SIZE isn't available
- Fixed case where sometimes the login account used wasn't being masked in the response in the logs
- Now print the INET version in the log file
Reset $ERRSTR in new() in case previous call had errors
Fixed t/10-complex.t func run_stat_test() to test the "is_file" and "is_dir()" functions; some tests disable the "SIZE" command so it can test the new alternate size logic as well
New test program t/05-simple.t that does a simple read only test against the FTPS server
- Added so that you can run a simple test against servers you don't want to upload anything to during the tests
These tests are not as robust as the t/10-complex.t tests so failures here are not as meaningful; hence, run t/10-complex if you encounter any issues for more analysis
Added t/05-simple.t to the MANIFEST
Updated the Copyright in the README file, and reworded a few sections
Updated all t/*.t files to add a retry the 1st time they try to connect to a server via new(); added a hard coded "SSL_cipher_list" value if the defaults don't work (this kludge might not work for everyone)
Modified t/20-certificate.t to be a bit more robust
Note: Found a server where supported() doesn't completely work; that server fails to put a "*" after some of the commands it didn't implement
- Behaviour change: Since many OpenSSL libraries are tightening their security, I'm adding a new option to preserve backwards compatibility:
Updated perl-YAML-LibYAML to 0.63 as per the Fedora version