Hello community, here is the log from the commit of package perl-IO-Socket-SSL for openSUSE:Factory checked in at Fri Mar 26 16:35:33 CET 2010. -------- --- perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes 2010-02-23 16:47:11.000000000 +0100 +++ perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes 2010-03-26 11:54:19.000000000 +0100 @@ -1,0 +2,9 @@ +Thu Mar 25 17:42:20 CET 2010 - anicka@suse.cz + +- update to 1.33 + * attempt to make t/memleak_bad_handshake.t more stable, it fails + for unknown reason on various systems + * fix hostname checking: an IP should only be checked against + subjectAltName GEN_IPADD, never against GEN_DNS or CN. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- IO-Socket-SSL-1.32.tar.bz2 New: ---- IO-Socket-SSL-1.33.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-IO-Socket-SSL.spec ++++++ --- /var/tmp/diff_new_pack.RimVXT/_old 2010-03-26 16:32:01.000000000 +0100 +++ /var/tmp/diff_new_pack.RimVXT/_new 2010-03-26 16:32:01.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package perl-IO-Socket-SSL (Version 1.32) +# spec file for package perl-IO-Socket-SSL (Version 1.33) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -20,7 +20,7 @@ Name: perl-IO-Socket-SSL BuildRequires: perl-Net-SSLeay perl-libwww-perl -Version: 1.32 +Version: 1.33 Release: 1 Provides: p_iossl Obsoletes: p_iossl ++++++ IO-Socket-SSL-1.32.tar.bz2 -> IO-Socket-SSL-1.33.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.32/Changes new/IO-Socket-SSL-1.33/Changes --- old/IO-Socket-SSL-1.32/Changes 2010-02-22 10:37:31.000000000 +0100 +++ new/IO-Socket-SSL-1.33/Changes 2010-03-17 13:48:59.000000000 +0100 @@ -1,4 +1,10 @@ +v1.33 2010.03.17 +- attempt to make t/memleak_bad_handshake.t more stable, it fails + for unknown reason on various systems +- fix hostname checking: an IP should only be checked against + subjectAltName GEN_IPADD, never against GEN_DNS or CN. + Thanks to rusch[AT]genua[DOT]de for bug report v1.32 2010.02.22 - Makefile.PL: die if Scalar::Util has no dualvar support instead of only complaining. Thanks to w[DOT]phillip[DOT]moore[AT]gmail[DOT]com diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.32/META.yml new/IO-Socket-SSL-1.33/META.yml --- old/IO-Socket-SSL-1.32/META.yml 2010-02-22 10:38:22.000000000 +0100 +++ new/IO-Socket-SSL-1.33/META.yml 2010-03-17 13:51:54.000000000 +0100 @@ -1,6 +1,6 @@ --- #YAML:1.0 name: IO-Socket-SSL -version: 1.32 +version: 1.33 abstract: Nearly transparent SSL encapsulation for IO::Socket::INET. author: - Steffen Ullrich & Peter Behroozi & Marko Asplund @@ -8,8 +8,6 @@ distribution_type: module configure_requires: ExtUtils::MakeMaker: 0 -build_requires: - ExtUtils::MakeMaker: 0 requires: Net::SSLeay: 1.21 Scalar::Util: 0 @@ -17,7 +15,7 @@ directory: - t - inc -generated_by: ExtUtils::MakeMaker version 6.54 +generated_by: ExtUtils::MakeMaker version 6.48 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: 1.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.32/SSL.pm new/IO-Socket-SSL-1.33/SSL.pm --- old/IO-Socket-SSL-1.32/SSL.pm 2010-02-22 10:34:50.000000000 +0100 +++ new/IO-Socket-SSL-1.33/SSL.pm 2010-03-17 13:46:00.000000000 +0100 @@ -78,7 +78,7 @@ }) { @ISA = qw(IO::Socket::INET); } - $VERSION = '1.32'; + $VERSION = '1.33'; $GLOBAL_CONTEXT_ARGS = {}; #Make $DEBUG another name for $Net::SSLeay::trace @@ -1091,16 +1091,16 @@ # is the given hostname an IP address? Then we have to convert to network byte order [RFC791][RFC2460] - my ($ip4,$ip6); + my $ipn; if ( $identity =~m{:} ) { # no IPv4 or hostname have ':' in it, try IPv6. # make sure that Socket6 was loaded properly UNIVERSAL::can( __PACKAGE__, 'inet_pton' ) or croak q[Looks like IPv6 address, make sure that Socket6 is loaded or make "use IO::Socket::SSL 'inet6']; - $ip6 = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname"; + $ipn = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname"; } elsif ( $identity =~m{^\d+\.\d+\.\d+\.\d+$} ) { # definitly no hostname, try IPv4 - $ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname"; + $ipn = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname"; } else { # assume hostname, check for umlauts etc if ( $identity =~m{[^a-zA-Z0-9_.\-]} ) { @@ -1134,15 +1134,12 @@ my $alt_dnsNames = 0; while (@altNames) { my ($type, $name) = splice (@altNames, 0, 2); - if ( $type == GEN_IPADD ) { + if ( $ipn and $type == GEN_IPADD ) { # exakt match needed for IP # $name is already packed format (inet_xton) - return 1 if - $ip6 ? $ip6 eq $name : - $ip4 ? $ip4 eq $name : - 0; + return 1 if $ipn eq $name; - } elsif ( $type == GEN_DNS ) { + } elsif ( ! $ipn and $type == GEN_DNS ) { $name =~s/\s+$//; $name =~s/^\s+//; $alt_dnsNames++; $check_name->($name,$identity,$scheme->{wildcards_in_alt}) @@ -1150,8 +1147,9 @@ } } - if ( $scheme->{check_cn} eq 'always' or - $scheme->{check_cn} eq 'when_only' and !$alt_dnsNames) { + if ( ! $ipn and ( + $scheme->{check_cn} eq 'always' or + $scheme->{check_cn} eq 'when_only' and !$alt_dnsNames)) { $check_name->($commonName,$identity,$scheme->{wildcards_in_cn}) and return 1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.32/t/memleak_bad_handshake.t new/IO-Socket-SSL-1.33/t/memleak_bad_handshake.t --- old/IO-Socket-SSL-1.32/t/memleak_bad_handshake.t 2009-09-02 07:50:49.000000000 +0200 +++ new/IO-Socket-SSL-1.33/t/memleak_bad_handshake.t 2010-03-17 13:35:24.000000000 +0100 @@ -61,9 +61,18 @@ } my $size200 = getsize($pid); +for(200..300) { + IO::Socket::INET->new( $addr ) or next; +} +my $size300 = getsize($pid); +if ($size100>$size200 or $size200<$size300) {; + print "1..0 # skipped - do we measure the right thing?\n"; + exit; +} + print "1..1\n"; -print "not " if $size100 != $size200; -print "ok # check memleak failed handshake ($size100,$size200)\n"; +print "not " if $size100 < $size200 and $size200 < $size300; +print "ok # check memleak failed handshake ($size100,$size200,$size300)\n"; kill(9,$pid); wait; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org