Hello community, here is the log from the commit of package perl-IO-Socket-SSL for openSUSE:Factory checked in at Wed Dec 8 14:24:03 CET 2010. -------- --- perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes 2010-12-01 14:47:26.000000000 +0100 +++ perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes 2010-12-07 15:04:24.000000000 +0100 @@ -1,0 +2,8 @@ +Tue Dec 7 15:02:25 CET 2010 - anicka@suse.cz + +- update to 1.35 (fixes bnc#657907) + * if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot + be verified as valid it will no longer fall back to VERIFY_NONE + but throw an error. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- IO-Socket-SSL-1.34.tar.bz2 New: ---- IO-Socket-SSL-1.35.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-IO-Socket-SSL.spec ++++++ --- /var/tmp/diff_new_pack.XSCjpp/_old 2010-12-08 14:23:51.000000000 +0100 +++ /var/tmp/diff_new_pack.XSCjpp/_new 2010-12-08 14:23:51.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package perl-IO-Socket-SSL (Version 1.34) +# spec file for package perl-IO-Socket-SSL (Version 1.35) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -21,8 +21,8 @@ Name: perl-IO-Socket-SSL %define cpan_name IO-Socket-SSL Summary: Nearly transparent SSL encapsulation for IO::Socket::INET -Version: 1.34 -Release: 3 +Version: 1.35 +Release: 1 License: GPL+ or Artistic Group: Development/Libraries/Perl Url: http://search.cpan.org/dist/IO-Socket-SSL/ ++++++ IO-Socket-SSL-1.34.tar.bz2 -> IO-Socket-SSL-1.35.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.34/Changes new/IO-Socket-SSL-1.35/Changes --- old/IO-Socket-SSL-1.34/Changes 2010-11-01 09:53:16.000000000 +0100 +++ new/IO-Socket-SSL-1.35/Changes 2010-12-06 08:57:39.000000000 +0100 @@ -1,4 +1,10 @@ +v1.35 2010.12.06 +- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be + verified as valid it will no longer fall back to VERIFY_NONE but throw + an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for + pointing out the problem, see also + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058 v1.34 2010.11.01 - schema http for certificate verification changed to wildcards_in_cn=1, because according to rfc2818 this is valid and diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.34/META.yml new/IO-Socket-SSL-1.35/META.yml --- old/IO-Socket-SSL-1.34/META.yml 2010-11-01 09:54:35.000000000 +0100 +++ new/IO-Socket-SSL-1.35/META.yml 2010-12-06 08:59:17.000000000 +0100 @@ -1,6 +1,6 @@ --- #YAML:1.0 name: IO-Socket-SSL -version: 1.34 +version: 1.35 abstract: Nearly transparent SSL encapsulation for IO::Socket::INET. author: - Steffen Ullrich & Peter Behroozi & Marko Asplund @@ -17,7 +17,7 @@ directory: - t - inc -generated_by: ExtUtils::MakeMaker version 6.54 +generated_by: ExtUtils::MakeMaker version 6.55_02 meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: 1.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/IO-Socket-SSL-1.34/SSL.pm new/IO-Socket-SSL-1.35/SSL.pm --- old/IO-Socket-SSL-1.34/SSL.pm 2010-11-01 09:53:27.000000000 +0100 +++ new/IO-Socket-SSL-1.35/SSL.pm 2010-12-06 08:58:28.000000000 +0100 @@ -78,7 +78,7 @@ }) { @ISA = qw(IO::Socket::INET); } - $VERSION = '1.34'; + $VERSION = '1.35'; $GLOBAL_CONTEXT_ARGS = {}; #Make $DEBUG another name for $Net::SSLeay::trace @@ -1366,12 +1366,7 @@ if ( $verify_mode != Net::SSLeay::VERIFY_NONE() and ! Net::SSLeay::CTX_load_verify_locations( $ctx, $arg_hash->{SSL_ca_file} || '',$arg_hash->{SSL_ca_path} || '') ) { - if ( ! $arg_hash->{SSL_ca_file} && ! $arg_hash->{SSL_ca_path} ) { - carp("No certificate verification because neither SSL_ca_file nor SSL_ca_path known"); - $verify_mode = Net::SSLeay::VERIFY_NONE(); - } else { - return IO::Socket::SSL->error("Invalid certificate authority locations"); - } + return IO::Socket::SSL->error("Invalid certificate authority locations"); } if ($arg_hash->{'SSL_check_crl'}) { ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org