From f606a25a80a37d5565fed6fc1ce1d8d241dab6c7 Mon Sep 17 00:00:00 2001

From: Steffen Ullrich <Steffen_Ullrich@genua.de>

Date: Mon, 14 Oct 2013 14:13:39 +0200

Subject: [PATCH 1/2] support for handshake protocol TLSv11, TLSv12

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Signed-off-by: Petr Písař <ppisar@redhat.com>

---

 lib/IO/Socket/SSL.pm | 14 +++++++++-----

 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/lib/IO/Socket/SSL.pm b/lib/IO/Socket/SSL.pm

index 3279391..a30ffb1 100644

--- a/lib/IO/Socket/SSL.pm

+++ b/lib/IO/Socket/SSL.pm

@@ -1603,9 +1603,11 @@ sub new {

     }

     my $ctx_new_sub =  UNIVERSAL::can( 'Net::SSLeay',

-	$ver eq 'SSLv2' ? 'CTX_v2_new' :

-	$ver eq 'SSLv3' ? 'CTX_v3_new' :

-	$ver eq 'TLSv1' ? 'CTX_tlsv1_new' :

+	$ver eq 'SSLv2'  ? 'CTX_v2_new' :

+	$ver eq 'SSLv3'  ? 'CTX_v3_new' :

+	$ver eq 'TLSv1'  ? 'CTX_tlsv1_new' :

+	$ver eq 'TLSv11' ? 'CTX_tlsv1_1_new' :

+	$ver eq 'TLSv12' ? 'CTX_tlsv1_2_new' :

 	'CTX_new'

     ) or return IO::Socket::SSL->error("SSL Version $ver not supported");

     my $ctx = $ctx_new_sub->() or return 

@@ -2063,8 +2065,10 @@ See section "SNI Support" for details of SNI the support.

 =item SSL_version

 Sets the version of the SSL protocol used to transmit data. 'SSLv23' auto-negotiates 

-between SSLv2 and SSLv3, while 'SSLv2', 'SSLv3' or 'TLSv1' restrict the protocol

-to the specified version. All values are case-insensitive.

+between SSLv2 and SSLv3, while 'SSLv2', 'SSLv3', 'TLSv1', 'TLSv11' or 'TLSv12'

+restrict the protocol to the specified version. All values are case-insensitive.

+Support for 'TLSv11' and 'TLSv12' requires recent versions of Net::SSLeay

+and openssl.

 You can limit to set of supported protocols by adding !version separated by ':'.

-- 

2.7.4