71b2f161f6
1.953 2013/7/22 - fixes to IO::Socket::SSL::Utils, thanks to rurban[AT]x-ray[DOT]at, RT#87052 1.952 2013/7/11 - fix t/acceptSSL-timeout.t on Win32, RT#86862 1.951 2013/7/3 - better document builtin defaults for key,cert,CA and how they are depreceated - use Net::SSLeay::SSL_CTX_set_default_verify_paths to use openssl's builtin defaults for CA unless CA path/file was given (or IO::Socket::SSL builtins used) 1.950 2013/7/3 - MAJOR BEHAVIOR CHANGE: ssl_verify_mode now defaults to verify_peer for client. Until now it used verify_none, but loudly complained since 1.79 about it. It will not complain any longer, but the connection might probably fail. Please don't simply disable ssl verification, but instead set SSL_ca_file etc so that verification succeeds! - MAJOR BEHAVIOR CHANGE: it will now complain if the builtin defaults of certs/my-ca.pem or ca/ for CA and certs/{server,client}-{key,cert}.pem for cert and key are used, e.g. no certificates are specified explicitly. In the future these insecure (relative path!) defaults will be removed and the CA replaced with the system defaults. v1.94 2013.06.01 - Makefile.PL reported wrong version of openssl, if Net::SSLeay was not installed instead of reporting missing dependency to Net::SSLeay. v1.93 2013.05.31 - need at least OpenSSL version 0.9.8 now, since last 0.9.7 was released 6 years ago. Remove code to work around older releases. - changed AUTHOR in Makefile.PL from array back to string, because the array feature is not available in MakeMaker shipped with 5.8.9 (RT#85739) v1.92 2013.05.30 - Intercept: use sha1-fingerprint of original cert for id into cache unless otherwise given - Fix pod error in IO::Socket::SSL::Utils RT#85733 v1.91 2013.05.30 - added IO::Socket::SSL::Utils for easier manipulation of certificates and keys - moved SSL interception into IO::Socket::SSL::Intercept and simplified it using IO::Socket::SSL::Utils - enhance meta information in Makefile.PL v1.90 2013.05.27 - RT#85290, support more digest, especially SHA-2. Thanks to ujvari[AT]microsec[DOT]hu - added support for easy SSL interception (man in the middle) based on ideas found in mojo-mitm proxy (which was written by Karel Miko) - make 1.46 the minimal required version for Net::SSLeay, because it introduced lots of useful functions. v1.89 2013.05.14 - if IO::Socket::IP is used it should be at least version 0.20, otherwise we get problems with HTTP::Daemon::SSL and maybe others (RT#81932) - Spelling corrections, thanks to dsteinbrunner v1.88 2013.05.02 - consider a value of '' the same as undef for SSL_ca_(path|file), SSL_key* and SSL_cert* - some apps like Net::LDAP use it that way. Thanks to alexander[AT]kuehn[AT]nagilum[DOT]de for reporting the problem. v1.87 2013.04.24 - RT#84829 - complain if given SSL_(key|cert|ca)_(file|path) do not exist or if they are not readable. Thanks to perl[AT]minty[DOT]org - fix use of SSL_key|SSL_file objects instead of files, broken with 1.83 |
||
---|---|---|
.. | ||
DESCR | ||
distinfo | ||
Makefile |