r54481 - in /trunk/libio-socket-ssl-perl: Changes META.yml SSL.pm debian/changelog debian/copyright t/memleak_bad_handshake.t
angelabad-guest at users.alioth.debian.org
angelabad-guest at users.alioth.debian.org
Wed Mar 17 22:21:15 UTC 2010
Author: angelabad-guest
Date: Wed Mar 17 22:21:05 2010
New Revision: 54481
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=54481
Log:
New upstream release 1.33
Modified:
trunk/libio-socket-ssl-perl/Changes
trunk/libio-socket-ssl-perl/META.yml
trunk/libio-socket-ssl-perl/SSL.pm
trunk/libio-socket-ssl-perl/debian/changelog
trunk/libio-socket-ssl-perl/debian/copyright
trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t
Modified: trunk/libio-socket-ssl-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/Changes?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/Changes (original)
+++ trunk/libio-socket-ssl-perl/Changes Wed Mar 17 22:21:05 2010
@@ -1,4 +1,10 @@
+v1.33 2010.03.17
+- attempt to make t/memleak_bad_handshake.t more stable, it fails
+ for unknown reason on various systems
+- fix hostname checking: an IP should only be checked against
+ subjectAltName GEN_IPADD, never against GEN_DNS or CN.
+ Thanks to rusch[AT]genua[DOT]de for bug report
v1.32 2010.02.22
- Makefile.PL: die if Scalar::Util has no dualvar support instead of
only complaining. Thanks to w[DOT]phillip[DOT]moore[AT]gmail[DOT]com
Modified: trunk/libio-socket-ssl-perl/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/META.yml?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/META.yml (original)
+++ trunk/libio-socket-ssl-perl/META.yml Wed Mar 17 22:21:05 2010
@@ -1,14 +1,12 @@
--- #YAML:1.0
name: IO-Socket-SSL
-version: 1.32
+version: 1.33
abstract: Nearly transparent SSL encapsulation for IO::Socket::INET.
author:
- Steffen Ullrich & Peter Behroozi & Marko Asplund
license: unknown
distribution_type: module
configure_requires:
- ExtUtils::MakeMaker: 0
-build_requires:
ExtUtils::MakeMaker: 0
requires:
Net::SSLeay: 1.21
@@ -17,7 +15,7 @@
directory:
- t
- inc
-generated_by: ExtUtils::MakeMaker version 6.54
+generated_by: ExtUtils::MakeMaker version 6.48
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.4.html
version: 1.4
Modified: trunk/libio-socket-ssl-perl/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/SSL.pm?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/SSL.pm (original)
+++ trunk/libio-socket-ssl-perl/SSL.pm Wed Mar 17 22:21:05 2010
@@ -78,7 +78,7 @@
}) {
@ISA = qw(IO::Socket::INET);
}
- $VERSION = '1.32';
+ $VERSION = '1.33';
$GLOBAL_CONTEXT_ARGS = {};
#Make $DEBUG another name for $Net::SSLeay::trace
@@ -1091,16 +1091,16 @@
# is the given hostname an IP address? Then we have to convert to network byte order [RFC791][RFC2460]
- my ($ip4,$ip6);
+ my $ipn;
if ( $identity =~m{:} ) {
# no IPv4 or hostname have ':' in it, try IPv6.
# make sure that Socket6 was loaded properly
UNIVERSAL::can( __PACKAGE__, 'inet_pton' ) or croak
q[Looks like IPv6 address, make sure that Socket6 is loaded or make "use IO::Socket::SSL 'inet6'];
- $ip6 = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname";
+ $ipn = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname";
} elsif ( $identity =~m{^\d+\.\d+\.\d+\.\d+$} ) {
# definitly no hostname, try IPv4
- $ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
+ $ipn = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
} else {
# assume hostname, check for umlauts etc
if ( $identity =~m{[^a-zA-Z0-9_.\-]} ) {
@@ -1134,15 +1134,12 @@
my $alt_dnsNames = 0;
while (@altNames) {
my ($type, $name) = splice (@altNames, 0, 2);
- if ( $type == GEN_IPADD ) {
+ if ( $ipn and $type == GEN_IPADD ) {
# exakt match needed for IP
# $name is already packed format (inet_xton)
- return 1 if
- $ip6 ? $ip6 eq $name :
- $ip4 ? $ip4 eq $name :
- 0;
-
- } elsif ( $type == GEN_DNS ) {
+ return 1 if $ipn eq $name;
+
+ } elsif ( ! $ipn and $type == GEN_DNS ) {
$name =~s/\s+$//; $name =~s/^\s+//;
$alt_dnsNames++;
$check_name->($name,$identity,$scheme->{wildcards_in_alt})
@@ -1150,8 +1147,9 @@
}
}
- if ( $scheme->{check_cn} eq 'always' or
- $scheme->{check_cn} eq 'when_only' and !$alt_dnsNames) {
+ if ( ! $ipn and (
+ $scheme->{check_cn} eq 'always' or
+ $scheme->{check_cn} eq 'when_only' and !$alt_dnsNames)) {
$check_name->($commonName,$identity,$scheme->{wildcards_in_cn})
and return 1;
}
Modified: trunk/libio-socket-ssl-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/debian/changelog?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/debian/changelog (original)
+++ trunk/libio-socket-ssl-perl/debian/changelog Wed Mar 17 22:21:05 2010
@@ -1,3 +1,9 @@
+libio-socket-ssl-perl (1.33-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Angel Abad <angelabad at gmail.com> Wed, 17 Mar 2010 23:20:42 +0100
+
libio-socket-ssl-perl (1.32-1) UNRELEASED; urgency=low
IGNORE-VERSION: 1.32-1
Modified: trunk/libio-socket-ssl-perl/debian/copyright
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/debian/copyright?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/debian/copyright (original)
+++ trunk/libio-socket-ssl-perl/debian/copyright Wed Mar 17 22:21:05 2010
@@ -11,8 +11,8 @@
License: Artistic or GPL-1+
Files: debian/*
-Copyright: 2000, Christian Surchi <csurchi at debian.org>
- 2000-2004, Davide Puricelli (evo) <evo at debian.org>
+Copyright: 2000-2004, Davide Puricelli (evo) <evo at debian.org>
+ 2000, Christian Surchi <csurchi at debian.org>
2005-2007, Florian Ragwitz <rafl at debian.org>
2008-2009, Ansgar Burchardt <ansgar at 43-1.org>
2008-2009, gregor herrmann <gregoa at debian.org>
Modified: trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t (original)
+++ trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t Wed Mar 17 22:21:05 2010
@@ -61,9 +61,18 @@
}
my $size200 = getsize($pid);
+for(200..300) {
+ IO::Socket::INET->new( $addr ) or next;
+}
+my $size300 = getsize($pid);
+if ($size100>$size200 or $size200<$size300) {;
+ print "1..0 # skipped - do we measure the right thing?\n";
+ exit;
+}
+
print "1..1\n";
-print "not " if $size100 != $size200;
-print "ok # check memleak failed handshake ($size100,$size200)\n";
+print "not " if $size100 < $size200 and $size200 < $size300;
+print "ok # check memleak failed handshake ($size100,$size200,$size300)\n";
kill(9,$pid);
wait;
More information about the Pkg-perl-cvs-commits
mailing list