devel/p5-Sub-Install from 0.926nb2 to 0.927.
Upstream changes:
0.927 2013-10-15 22:46:38 America/New_York
rebuild using Dist::Zilla, update links to repo, metadata, etc.
typo fixes, thanks David Steinbrunner
devel/p5-ExtUtils-MakeMaker from 6.84 to 6.88.
pkgsrc changes:
- rewrite module using Packager::Utils
- cleanup dependecies
Upstream changes:
6.88 Fri Jan 31 20:49:13 GMT 2014
No changes from 6.87_05
6.87_05 Tue Jan 28 13:54:21 GMT 2014
Bug fixes:
* Synchronisation with blead to remove old cross-compilation model
6.87_04 Sun Jan 26 19:29:05 GMT 2014
Bug fixes:
* On Android, pass PERL_LIB through rel2abs().
6.87_03 Sun Jan 19 17:49:43 GMT 2014
Bug fixes:
* Get rid of unused printf arguments in dynamic_bs
6.87_02 Sat Jan 18 13:00:36 GMT 2014
Doc fixes:
* Update documentation for LICENSE attribute.
Bug fixes:
* Get rid of unused printf arguments in dir_target
6.87_01 Sun Jan 12 10:31:41 GMT 2014
Doc fixes:
* mention that TEST_REQUIRES is in v6.64 and above
6.86 Sat Jan 4 12:17:53 GMT 2014
No changes from 6.85_07
6.85_07 Wed Jan 1 18:55:22 GMT 2014
Bug fixes:
* Expanded test coverage for metafiles
Doc fixes:
* Documentation expanded to mention JSON metafiles
6.85_06 Mon Dec 30 23:14:37 GMT 2013
Bug fixes:
* Explicitly require dynaloader before using mod2fname
6.85_05 Sun Dec 29 11:25:00 GMT 2013
Bug fixes:
* Export 'configure' section of prereqs when meta-spec version 2
Doc fixes:
* Document BUILD_REQUIRES defaults
6.85_04 Mon Dec 23 15:00:14 GMT 2013
No changes since v6.85_03 fixing repo tags
6.85_03 Mon Dec 23 14:55:37 GMT 2013
Bug fixes:
* RT#91540 PREREQ_FATAL not recognised on command line
6.85_02 Tue Dec 17 10:13:28 GMT 2013
New features:
* Added PPM_UNINSTALL_EXEC and PPM_UNINSTALL_SCRIPT options
to PPD generation
6.85_01 Mon Dec 16 13:15:43 GMT 2013
Bug Fixes:
* harden xsubpp locating loop in MM_Unix
devel/p5-Test-Harness from 3.29 to 3.30.
Upstream changes:
3.30 2013-11-12
- Fix missing parent prereq in META.{yml,json} and NotBuild.PL
(Dagfinn Ilmari Mannsaker, #89650)
- Respect PERL5LIB in tainting source handler test (Dagfinn Ilmari Mannsaker,
Leon Timmermans)
- Use base instead of parent:
This dist is used for testing all other modules, so it should avoid
having any non-core prerequisites. Having parent as a prereq leads to a
circular dependency of parent -> Test::More -> Test::Harness. (Graham Knop)
- Various POD fixes (Nathan Gary Glenn)
- Don't localize all of %ENV in harness.t (Craig Berry)
- Give TAP::Harness::Beyond a unique NAME (Leon Timmermans)
from 1.8.10 to 2.000004.
pkgsrc changes:
- 1st upate done using Packager::Utils
- move homepage to MetaCPAN
- major version update allows follow upstream version scheme
- remove fix for "fixing CPAN.pm" - pretend we're cpanm >:-)
Upstream changes since 1.008010 (is 1.8.10):
2.000004 - 2014-01-03
- fix errors in PowerShell output when clearing nonexistant variables
- fix shell test to avoid extremely long lines
- fix shell test to avoid testing standard Win32 shells on Cygwin
- improved diagnostics in shell test
2.000003 - 2013-12-30
- releasing 2.000_002 as stable
2.000_002 - 2013-12-25
- fix CPAN setup error check in Makefile.PL
- fix install test warnings
- fix shell test to skip cmd/powershell startup scripts
2.000_001 - 2013-12-23
- fix shell output for old bourne shells
- fix various shell test issues
- note issues/workarounds when combining with PREFIX/--prefix options
2.000_000 - 2013-12-22
- significant refactor of internals, adding an object oriented interface
- add --no-create option to prevent directory creation on activation
- add support for powershell output
- add --shelltype option to specify shell instead of auto detecting
- document recommended use of $SHLVL
- document limitations regarding File::Spec
- avoid including empty path segments in output
- fix output for csh to allow direct use in eval
- improve taint handling test
- fix docs for build_environment_vars, install_base_bin_path
- use Distar instead of Module::Install for packaging
1.008026 - 2013-11-05
- drop perl prerequisite to 5.6, since everything works there.
1.008025 - 2013-11-01 (development release, unindexed)
- fix install test on cygwin
- fix stackable test on win32 and when external local::lib is set
- clarify errors in Makefile.PL about CPAN configuration
- adjust csh output to allow use directly by eval
- silence a possible warning in Makefile.PL
- add additional docs about combining local::lib with lib::core::only
- reverse order of PERL_LOCAL_LIB_ROOT. new local::libs are now added
to the beginning instead of the end, to match the order of other
similar environment variables.
1.008024 - 2013-10-28 (development release, unindexed)
- fix installation into directories with spaces or backslashes, as
well as Win32 test failures when Capture::Tiny is installed
- fix test breaking in some cases when an external local::lib is set
- fix test compatibility with old versions of Exporter
1.008023 - 2013-10-19
- stable release of 1.008022 (no code changes since 1.008012)
1.008022 - 2013-10-07 (development release, unindexed)
- see 1.008019 through 1.008021
1.008021 - 2013-10-04 (development release, unindexed)
- yet another attempt to overcome win32 testing issues (paths with
spaces, backslashes)
1.008020 - 2013-10-03 (development release, unindexed)
- yet another attempt to overcome win32 testing issues (paths with
spaces, backslashes)
1.008019 - 2013-09-29 (development release, unindexed)
- another attempt to overcome win32 testing issues (paths with spaces,
backslashes)
1.008018 - 2013-09-15
- print out actual paths in more test cases, for helping to diagnose
mysterious failures
1.008017 - 2013-09-14
- avoid "Unrecognized escape \s passed through" errors on win32
(again)
1.008016 - 2013-09-13
- avoid "Unrecognized escape \s passed through" errors on win32
1.008015 - 2013-09-12
- re-release 1.008014 to fix broken MANIFEST
1.008014 - 2013-09-12
- fix new test to use alternate path representations on windows, to
handle potential space issues (regression since 1.008012)
1.008013 - 2013-09-11
- fix undef value errors when not installing into a local::lib
1.008012 - 2013-09-11
- now handling using -Mlocal::lib in a taintperl environment, by
ensuring that all libs in PERL_LOCAL_LIB_ROOT are properly added to
@INC (RT#76661, Karen Etheridge)
1.008011 - 2013-07-26
- skip CPAN workaround if running via cpanminus (miyagawa, RT#85731)
Switch over to using the zero-pre-requisite netpgpverify sources by
using reachover infrastructure to make sure we have one set of
sources.
This also brings with it the benefit of being able to use SSH
public keys, as well as PGP pub keys, when verifying signatures.
Extend the package building mechanism so that it can be built using
libtool (the default), or without libtool, depending on whether
"BOOTSTRAP" is defined at package build time.
Update DEPENDS
Upstream changes:
1.22 Thu Feb 13 13:14:00 2014
- t/read.tree.t was still using File::Slurp :-(.
1.21 Thu Feb 13 11:14:00 2014
- Switch from File::Slurp to File::Slurp::Tiny, on the advice of Karen Etheridge. See RT#92976.
Upstream changes:
3.1.1 2014-01-24 07:50:52+0900
[DOCUMENTS]
- Fix some typos (#102)
- Add an explanation of `validate()` (#101)
[BUG FIXES]
- Fix a race condition on making cache dirs (#103)
Upstream changes:
4.81 2014-02-15
- Added direct array access for child nodes to Mojo::DOM.
- Improved Mojolicious::Routes::Pattern to normalize more route variations.
- Improved routes command to show which routes are using certain features
with flags.
4.80 2014-02-13
- Merged Mojo::DOM::Node into Mojo::DOM.
- Added next_sibling and previous_sibling methods to Mojo::DOM.
- Added last method to Mojo::Collection.
- Improved many methods in Mojo::DOM to work with all node types.
- Improved Mojo::DOM::HTML to handle slashes between attributes more
gracefully.
- Fixed list parsing bug in Mojo::DOM::HTML.
4.79 2014-02-11
- Improved not found page to show request information and the exact path
used for route matching.
4.78 2014-02-08
- Deprecated Mojo::Util::get_line.
- Fixed ";" handling in Mojo::Parameters to be compliant with the HTML
Living Standard.
- Fixed case sensitivity bug in Mojolicious::Types.
4.77 2014-02-06
- Deprecated Mojo::DOM::text_after and Mojo::DOM::text_before in favor of
Mojo::DOM::contents.
- Deprecated Mojo::DOM::content_xml and Mojo::DOM::replace_content in favor
of Mojo::DOM::content.
- Deprecated Mojo::DOM::to_xml in favor of Mojo::DOM::to_string.
- Added wrap_content method to Mojo::DOM.
- Added tablify function to Mojo::Util.
- Improved wrap method in Mojo::DOM to allow wrapping of the root node.
security/p5-IO-Socket-SSL from 1.953 to 1.967.
Upstream changes:
1.967 2014/02/06
- verify the hostname inside a certificate by default with a superset of
common verification schemes instead of not verifying identity at all.
For now it will only complain if name verification failed, in the future
it will fail certificate verification, forcing you to set the expected
SSL_verifycn_name if you want to accept the certificate.
- new option SSL_fingerprint and new methods get_fingerprint and
get_fingerprint_bin. Together they can be used to selectively accept
specific certificates which would otherwise fail verification, like
self-signed, outdated or from unknown CAs.
This makes another reason to disable verification obsolete.
- Utils:
- default RSA key length 2048
- digest algorithm to sign certificate in CERT_create can be given,
defaults to SHA-256
- CERT_create can now issue non-CA selfsigned certificate
- CERT_create add some more useful constraints to certificate
- spelling fixes, thanks to ville[dot]skytta[at]iki[dot]fi
1.966 2014/01/21
- fixed bug introduced in 1.964 - disabling TLSv1_2 worked no longer with
specifying !TLSv12, only !TLSv1_2 worked
- fixed leak of session objects in SessionCache, if another session
replaced an existing session (introduced in 1.965)
1.965 2014/01/16
- new key SSL_session_key to influence how sessions are inserted and looked
up in the clients session cache. This makes it possible to share sessions
over different ip:host (like required with some FTPS servers)
- t/core.t - handle case, were default loopback source is not 127.0.0.1, like
in FreeBSD jails
1.964 2014/01/15
- Disabling TLSv1_1 did not work, because the constant was wrong. Now it gets
the constants from calling Net::SSLeay::SSL_OP_NO_TLSv1_1 etc
- The new syntax for the protocols is TLSv1_1 instead of TLSv11. This matches
the syntax from OpenSSL. The old syntax continues to work in SSL_version.
- New functions get_sslversion and get_sslversion_int which get the SSL version
of the establish session as string or int.
- disable t/io-socket-inet6.t if Acme::Override::INET is installed
1.963 2014/01/13
- fix behavior of stop_SSL: for blocking sockets it now enough to call it
once, for non-blocking it should be called again as long as EAGAIN and
SSL_ERROR is set to SSL_WANT_(READ|WRITE).
- don't call blocking if start_SSL failed and downgraded socket has no
blocking method, thanks to tokuhirom
- documentation enhancements:
- special section for differences to IO::Socket
- describe problem with blocking accept on non-blocking socket
- describe arguments to new_from_fd and make clear, that for upgrading an
existing IO::Socket start_SSL should be used directly
1.962 2013/11/27
- work around problems with older F5 BIG-IP by offering fewer ciphers on the
client side by default, so that the client hello stays below 255 byte
1.961 2013/11/26
- IO::Socket::SSL::Utils::CERT_create can now create CA-certificates which
are not self-signed (by giving issuer_*)
1.960 2013/11/12
only documentation enhancements:
- clarify with text and example code, that within event loops not only
select/poll should be used, but also pending has to be called.
- better introduction into SSL, at least mention anonymous authentication as
something you don't want and should take care with the right cipher
- make it more clear, that user better does not change the cipher list, unless
he really know what he is doing
1.959 2013/11/12
- bugfix test core.t windows only
1.958 2013/11/11
- cleanup: remove workaround for old IO::Socket::INET6 but instead require at
least version 2.55 which is now 5 years old
- fix t/session.t #RT90240, thanks to paul[AT]city-fan[DOT]org
1.957 2013/11/11
- fixed t/core.t: test uses cipher_list of HIGH, which includes anonymous
authorization. With the DH param given by default since 1.956 old versions of
openssl (like 0.9.8k) used cipher ADH-AES256-SHA (e.g. anonymous
authorization) instead of AES256-SHA and thus the check for the peer
certificate failed (because ADH does not exchanges certificates).
Fixed by explicitly specifying HIGH:!aNULL as cipher
RT#90221, thanks to paul[AT]city-fan[DOT]org
- cleaned up tests:
- remove ssl_settings.req and 02settings.t, because all tests now create a
simple socket at 127.0.0.1 and thus global settings are no longer needed.
- some tests did not have use strict(!), fixed it.
- removed special handling for older Net::SSLeay versions, which are less than
our minimum requirement
- some syntax enhancements, removed some SSL_version and SSL_cipher_list
options where they were not really needed
1.956 2013/11/10
lots of behavior changes for more secure defaults:
- BEHAVIOR CHANGE: make default cipher list more secure, especially
- no longer support MD5 by default (broken)
- no longer support anonymous authentication by default (vulnerable to man in
the middle attacks)
- prefer ECDHE/DHE ciphers and add necessary ECDH curve and DH keys, so that
it uses by default forward secrecy, if underlying Net::SSLeay/openssl
supports it
- move RC4 at the end, e.g. 3DES is preferred (BEAST attack should hopefully
been fixed and now RC4 is considered less safe than 3DES)
- default SSL_honor_cipher_order to 1, e.g. when used as server it tries to
get the best cipher even if client prefers other ciphers
PLEASE NOTE that this might break connections with older, less secure
implementations. In this case revert to 'ALL:!LOW:!EXP:!aNULL' or so.
- BEHAVIOR CHANGE: SSL_cipher_list now gets set on context not SSL object and
thus gets reused if context gets reused. PLEASE NOTE that using
SSL_cipher_list together with SSL_reuse_ctx has no longer effect on the
ciphers of the context.
- rework hostname verification schemes
- add rfc names as scheme (e.g. 'rfc2818',...)
- add SIP, SNMP, syslog, netconf, GIST
- BEHAVIOR CHANGE: fix SMTP - now accept wildcards in CN and subjectAltName
- BEHAVIOR CHANGE: fix IMAP, POP3, ACAP, NNTP - now accept wildcards in CN
- BEHAVIOR CHANGE: anywhere wildcards like www* now match only 'www1', 'www2'..
but not 'www'
- anywhere wildcards like x* are no longer applied to IDNA names (which start
with 'xn--')
- fix crash of Utils::CERT_free
- support TLSv11, TLSv12 as handshake protocols
1.955 2013/10/11
- support for forward secrecy using ECDH, if the Net::SSLeay/openssl version
supports it.
1.954 2013/9/15
- accept older versions of ExtUtils::MakeMaker and add meta information
like link to repository only for newer versions.
security/p5-Net-SSLeay from 1.55nb1 to 1.58.
Upstream changes:
1.58 2014-01-15
Always use size_t for strlen() return value, requested by Alexander Bluhm.
t/external/20_cert_chain.t was missing from dist.
Version number in META.yml was incorrect
Improvements to test t/external/20_cert_chain.t to provoke following bug:
Fixed crash due to SSL_get_peer_cert_chain incorrectly free'ing the chain
after use.
Fixed a problem when compiling against openssl where OPENSSL_NO_EC is set.
1.57 2014-01-09
Fixed remaining problems with test suite: pod coverage and kwalitee tests
are only enabled with RELEASE_TESTING=1
1.56 2014-01-08
Fixed a typo in documentation of BEAST Attack, patched by gregor
herrmann.
Added LICENSE file copied form OpenSSL distribution to prevent complaints
from various versions of kwalitee.
Adjusted license: in META.yml to be 'openssl'
Adds support for the basic operations necessary to support ECDH for PFS,
e.g. EC_KEY_new_by_curve_name, EC_KEY_free and SSL_CTX_set_tmp_ecdh.
Improvements to t/handle/external/50_external.t to handle the case when a
test connection was not possible. Patched by Alexandr Ciornii.
Added support for ALPN TLS extension. Patch from Lubomir Rintel. Tested
with openssl-1.0.2-stable-SNAP-20131205.
Fix an use-after-free error. Patch from Lubomir Rintel.
Fixed a problem with Invalid comparison on OBJ_cmp result in
t/local/36_verify.t. Contributed by paul.
Added support for get_peer_cert_chain(). Patch by Markus Benning.
Fixed a bug that cold cause stack faults: mixed up PUTBACK with SPAGAIN
in ssleay_RSA_generate_key_cb_invoke()
a final PUTBACK is needed here. A second issue is also fixed:
cb->data defaults to &PL_sv_undef but throught the code you do not check
against &PL_sv_undef, just NULL.
To avoid passing the 3rd optional arg at all, do not create it. This fixes all the
cb->data checks and wrong refcounts on &PL_sv_undef. Patched by Reini Urban.
Deleted support for SSL_get_tlsa_record_byname: it is not included in
OpenSSL git master.
