From e0b0ae04f5cdb41b1f29cb7d76c23abba7ac35e9 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 21 2020 16:03:40 +0000 Subject: import perl-IO-Socket-SSL-2.066-4.el8 --- diff --git a/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch b/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch index 4ae5f11..53681e3 100644 --- a/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch +++ b/SOURCES/IO-Socket-SSL-2.066-use-system-default-cipher-list.patch @@ -12,7 +12,7 @@ + # Use system-wide default cipher list to support use of system-wide + # crypto policy (#1076390, #1127577, CPAN RT#97816) + # https://fedoraproject.org/wiki/Changes/CryptoPolicy -+ SSL_cipher_list => 'DEFAULT', ++ SSL_cipher_list => 'PROFILE=SYSTEM', ); my %DEFAULT_SSL_CLIENT_ARGS = ( @@ -93,7 +93,7 @@ -To use the less secure OpenSSL builtin default (whatever this is) set -SSL_cipher_list to ''. +recommended to leave this option at the default setting, which honors the -+system-wide DEFAULT cipher list. ++system-wide PROFILE=SYSTEM cipher list. In case different cipher lists are needed for different SNI hosts a hash can be given with the host as key and the cipher suite as value, similar to diff --git a/SPECS/perl-IO-Socket-SSL.spec b/SPECS/perl-IO-Socket-SSL.spec index 3cd8582..549b8a7 100644 --- a/SPECS/perl-IO-Socket-SSL.spec +++ b/SPECS/perl-IO-Socket-SSL.spec @@ -1,10 +1,11 @@ Name: perl-IO-Socket-SSL Version: 2.066 -Release: 2%{?dist} +Release: 4%{?dist} Summary: Perl library for transparent SSL -License: GPL+ or Artistic +License: (GPL+ or Artistic) and MPLv2.0 URL: https://metacpan.org/release/IO-Socket-SSL Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz +# Default to a system-wide crypto-policy, bug #1775167 Patch0: IO-Socket-SSL-2.066-use-system-default-cipher-list.patch Patch1: IO-Socket-SSL-2.066-use-system-default-SSL-version.patch # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch, @@ -36,8 +37,6 @@ BuildRequires: perl(strict) BuildRequires: perl(vars) BuildRequires: perl(warnings) # Test Suite -# openssl for Test-client-performs-Post-Handshake-Authentication.patch -BuildRequires: openssl BuildRequires: perl(Data::Dumper) BuildRequires: perl(File::Temp) BuildRequires: perl(FindBin) @@ -109,18 +108,29 @@ find %{buildroot} -type f -name .packlist -delete make test %files +# GPL+ or Artistic %doc BUGS Changes README docs/ certs/ example/ %dir %{perl_vendorlib}/IO/ %dir %{perl_vendorlib}/IO/Socket/ +%dir %{perl_vendorlib}/IO/Socket/SSL/ %doc %{perl_vendorlib}/IO/Socket/SSL.pod %{perl_vendorlib}/IO/Socket/SSL.pm -%{perl_vendorlib}/IO/Socket/SSL/ +%{perl_vendorlib}/IO/Socket/SSL/Intercept.pm +%{perl_vendorlib}/IO/Socket/SSL/Utils.pm %{_mandir}/man3/IO::Socket::SSL.3* %{_mandir}/man3/IO::Socket::SSL::Intercept.3* -%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3* %{_mandir}/man3/IO::Socket::SSL::Utils.3* +# MPLv2.0 +%{perl_vendorlib}/IO/Socket/SSL/PublicSuffix.pm +%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3* %changelog +* Mon Nov 25 2019 Petr Pisar - 2.066-4 +- Default to PROFILE=SYSTEM cipher list (bug #1775167) + +* Wed Jun 26 2019 Paul Howarth - 2.066-3 +- PublicSuffix.pm is licensed MPLv2.0 (#1724434) + * Mon Jun 17 2019 Petr Pisar - 2.066-2 - Skip a PHA test if Net::SSLeay does not expose the PHA (bug #1633636)