commit 12ec243a1d40126dffa5201d6e5819cb5d22b430 Author: Paul Howarth <paul@xxxxxxxxxxxx> Date: Fri Apr 4 18:41:23 2014 +0100 Update to 1.978 - New upstream release 1.978 - Added public prefix checking to verification of wildcard certificates, e.g. accept *.foo.com but not *.co.uk; see documentation of SSL_verifycn_publicsuffix and IO::Socket::SSL::PublicSuffix - Fix publicsuffix for IDNA, more tests with various IDNA libs (CPAN RT#94424) - Reuse result of IDN lib detection from PublicSuffix.pm in SSL.pm - Add more checks to external/usable_ca.t; now it is enough that at least one of the hosts verifies against the built-in CA store - Add openssl and Net::SSLeay version to diagnostics in load test - Switch preferred IDN back-end from Net::LibIDN to URI::_idna as per upstream, falling back to Net::IDN::Encode on older distributions - Add fix from upstream git to support building with Test::More < 0.88 f00f9c221fd7d92b715434b7d96b26b644c8398f.patch | 69 ++++++++++++++++++++++++ perl-IO-Socket-SSL.spec | 42 ++++++++++++-- sources | 2 +- 3 files changed, 106 insertions(+), 7 deletions(-) --- diff --git a/f00f9c221fd7d92b715434b7d96b26b644c8398f.patch b/f00f9c221fd7d92b715434b7d96b26b644c8398f.patch new file mode 100644 index 0000000..9da3ec1 --- /dev/null +++ b/f00f9c221fd7d92b715434b7d96b26b644c8398f.patch @@ -0,0 +1,69 @@ +From f00f9c221fd7d92b715434b7d96b26b644c8398f Mon Sep 17 00:00:00 2001 +From: Steffen Ullrich <Steffen_Ullrich@xxxxxxxx> +Date: Fri, 4 Apr 2014 17:55:49 +0200 +Subject: [PATCH] t/public_suffix_lib* - run test even if IDN lib cannot be + loaded, but skip IDN tests - don't use done_testing to work with older + Test::More + +--- + t/public_suffix_lib.pl | 20 +++++++++++++------- + 1 file changed, 13 insertions(+), 7 deletions(-) + +diff --git a/t/public_suffix_lib.pl b/t/public_suffix_lib.pl +index 6e6e3c5..66bdfe4 100644 +--- a/t/public_suffix_lib.pl ++++ b/t/public_suffix_lib.pl +@@ -5,17 +5,19 @@ + + my $ps; + sub run_with_lib { ++ my @idnlib = @_; + my %require = ( + 'URI::_idna' => 0, + 'Net::LibIDN' => 0, + 'Net::IDN::Encode' => 0, +- map { $_ => 1 } @_, ++ map { $_ => 1 } @idnlib, + ); + + my %block; ++ my $can_idn; + while ( my ($lib,$load) = each %require ) { + if ( $load ) { +- eval "require $lib" or plan skip_all => "cannot load $lib: $@"; ++ $can_idn = eval "require $lib"; + } else { + $lib =~s{::}{/}g; + $block{"$lib.pm"} = 1; +@@ -28,6 +30,8 @@ sub run_with_lib { + + require IO::Socket::SSL::PublicSuffix; + ++ plan tests => 83; ++ + + # all one-level, but co.uk two-level + $ps = IO::Socket::SSL::PublicSuffix->from_string("*\nco.uk"); +@@ -172,12 +176,14 @@ sub run_with_lib { + is public_suffix('www.test.k12.ak.us'), 'k12.ak.us'; + + # Domains and gTLDs with characters outside the ASCII range: +- if ( $ps->can_idn ) { +- is public_suffix('test.敎育.hk'), '敎育.hk'; +- is public_suffix('ਭਾਰਤ.ਭਾਰਤ'), 'ਭਾਰਤ'; ++ SKIP: { ++ if ( $can_idn ) { ++ is public_suffix('test.敎育.hk'), '敎育.hk'; ++ is public_suffix('ਭਾਰਤ.ਭਾਰਤ'), 'ਭਾਰਤ'; ++ } else { ++ skip "no IDN support with @idnlib",2 ++ } + } +- +- done_testing(); + } + + +-- +1.9.1 + diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec index 50d7037..b96e337 100644 --- a/perl-IO-Socket-SSL.spec +++ b/perl-IO-Socket-SSL.spec @@ -1,14 +1,16 @@ Name: perl-IO-Socket-SSL -Version: 1.975 +Version: 1.978 Release: 1%{?dist} Summary: Perl library for transparent SSL Group: Development/Libraries License: GPL+ or Artistic URL: http://search.cpan.org/dist/IO-Socket-SSL/ Source0: http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz +Patch0: https://github.com/noxxi/p5-io-socket-ssl/commit/f00f9c221fd7d92b715434b7d96b26b644c8398f.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildArch: noarch BuildRequires: openssl >= 0.9.8 +BuildRequires: perl BuildRequires: perl(Carp) BuildRequires: perl(constant) BuildRequires: perl(Data::Dumper) @@ -18,7 +20,6 @@ BuildRequires: perl(IO::Select) BuildRequires: perl(IO::Socket) BuildRequires: perl(IO::Socket::INET) BuildRequires: perl(IO::Socket::INET6) >= 2.62 -BuildRequires: perl(Net::LibIDN) BuildRequires: perl(Net::SSLeay) >= 1.46 BuildRequires: perl(Scalar::Util) BuildRequires: perl(Socket) @@ -33,9 +34,19 @@ Requires: perl(IO::Socket::IP) >= 0.20, perl(Socket) >= 1.95 Requires: perl(IO::Socket::INET6) >= 2.62, perl(Socket6) %endif Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) -Requires: perl(Net::LibIDN) Requires: openssl >= 0.9.8 +# IDN back-ends: URI::_idna (from URI ≥ 1.50) is preferred +# but Net::IDN::Encode (next pref) and Net::LibIDN are also tested +BuildRequires: perl(Net::IDN::Encode) +BuildRequires: perl(Net::LibIDN) +%if 0%{?fedora} > 10 || 0%{?rhel} > 6 +BuildRequires: perl(URI::_idna) +Requires: perl(URI::_idna) +%else +Requires: perl(Net::IDN::Encode) +%endif + %description This module is a true drop-in replacement for IO::Socket::INET that uses SSL to encrypt data before it is transferred to a remote server @@ -48,6 +59,9 @@ mod_perl. %prep %setup -q -n IO-Socket-SSL-%{version} +# Fix from upstream git to support building with Test::More < 0.88 +%patch0 -p1 + %build echo n | perl Makefile.PL INSTALLDIRS=vendor make %{?_smp_mflags} @@ -67,11 +81,27 @@ rm -rf %{buildroot} %files %doc BUGS Changes README docs/ certs/ example/ util/ %{perl_vendorlib}/IO/ -%{_mandir}/man3/IO::Socket::SSL.3pm* -%{_mandir}/man3/IO::Socket::SSL::Intercept.3pm* -%{_mandir}/man3/IO::Socket::SSL::Utils.3pm* +%{_mandir}/man3/IO::Socket::SSL.3* +%{_mandir}/man3/IO::Socket::SSL::Intercept.3* +%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3* +%{_mandir}/man3/IO::Socket::SSL::Utils.3* %changelog +* Fri Apr 4 2014 Paul Howarth <paul@xxxxxxxxxxxx> - 1.978-1 +- Update to 1.978 + - Added public prefix checking to verification of wildcard certificates, e.g. + accept *.foo.com but not *.co.uk; see documentation of + SSL_verifycn_publicsuffix and IO::Socket::SSL::PublicSuffix + - Fix publicsuffix for IDNA, more tests with various IDNA libs + (CPAN RT#94424) + - Reuse result of IDN lib detection from PublicSuffix.pm in SSL.pm + - Add more checks to external/usable_ca.t; now it is enough that at least one + of the hosts verifies against the built-in CA store + - Add openssl and Net::SSLeay version to diagnostics in load test +- Switch preferred IDN back-end from Net::LibIDN to URI::_idna as per upstream, + falling back to Net::IDN::Encode on older distributions +- Add fix from upstream git to support building with Test::More < 0.88 + * Wed Apr 2 2014 Paul Howarth <paul@xxxxxxxxxxxx> - 1.975-1 - Update to 1.975 - BEHAVIOR CHANGE: work around TEA misfeature on OS X built-in openssl, e.g. diff --git a/sources b/sources index d6c4604..1ee3f3d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -aff1da9c2bda589024c9147c6a3ae33a IO-Socket-SSL-1.975.tar.gz +72b0efa2b1a7777dde5ca88a069caf7e IO-Socket-SSL-1.978.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel