r54481 - in /trunk/libio-socket-ssl-perl: Changes META.yml SSL.pm debian/changelog debian/copyright t/memleak_bad_handshake.t

angelabad-guest at users.alioth.debian.org angelabad-guest at users.alioth.debian.org
Wed Mar 17 22:21:15 UTC 2010


Author: angelabad-guest
Date: Wed Mar 17 22:21:05 2010
New Revision: 54481

URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=54481
Log:
New upstream release 1.33

Modified:
    trunk/libio-socket-ssl-perl/Changes
    trunk/libio-socket-ssl-perl/META.yml
    trunk/libio-socket-ssl-perl/SSL.pm
    trunk/libio-socket-ssl-perl/debian/changelog
    trunk/libio-socket-ssl-perl/debian/copyright
    trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t

Modified: trunk/libio-socket-ssl-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/Changes?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/Changes (original)
+++ trunk/libio-socket-ssl-perl/Changes Wed Mar 17 22:21:05 2010
@@ -1,4 +1,10 @@
 
+v1.33 2010.03.17
+- attempt to make t/memleak_bad_handshake.t more stable, it fails 
+  for unknown reason on various systems
+- fix hostname checking: an IP should only be checked against 
+  subjectAltName GEN_IPADD, never against GEN_DNS or CN.
+  Thanks to rusch[AT]genua[DOT]de for bug report
 v1.32 2010.02.22
 - Makefile.PL: die if Scalar::Util has no dualvar support instead of
   only complaining. Thanks to w[DOT]phillip[DOT]moore[AT]gmail[DOT]com

Modified: trunk/libio-socket-ssl-perl/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/META.yml?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/META.yml (original)
+++ trunk/libio-socket-ssl-perl/META.yml Wed Mar 17 22:21:05 2010
@@ -1,14 +1,12 @@
 --- #YAML:1.0
 name:               IO-Socket-SSL
-version:            1.32
+version:            1.33
 abstract:           Nearly transparent SSL encapsulation for IO::Socket::INET.
 author:
     - Steffen Ullrich & Peter Behroozi & Marko Asplund
 license:            unknown
 distribution_type:  module
 configure_requires:
-    ExtUtils::MakeMaker:  0
-build_requires:
     ExtUtils::MakeMaker:  0
 requires:
     Net::SSLeay:   1.21
@@ -17,7 +15,7 @@
     directory:
         - t
         - inc
-generated_by:       ExtUtils::MakeMaker version 6.54
+generated_by:       ExtUtils::MakeMaker version 6.48
 meta-spec:
     url:      http://module-build.sourceforge.net/META-spec-v1.4.html
     version:  1.4

Modified: trunk/libio-socket-ssl-perl/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/SSL.pm?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/SSL.pm (original)
+++ trunk/libio-socket-ssl-perl/SSL.pm Wed Mar 17 22:21:05 2010
@@ -78,7 +78,7 @@
 	}) {
 		@ISA = qw(IO::Socket::INET);
 	}
-	$VERSION = '1.32';
+	$VERSION = '1.33';
 	$GLOBAL_CONTEXT_ARGS = {};
 
 	#Make $DEBUG another name for $Net::SSLeay::trace
@@ -1091,16 +1091,16 @@
 
 		# is the given hostname an IP address? Then we have to convert to network byte order [RFC791][RFC2460]
 
-		my ($ip4,$ip6);
+		my $ipn;
 		if ( $identity =~m{:} ) {
 			# no IPv4 or hostname have ':'	in it, try IPv6.
 			#  make sure that Socket6 was loaded properly
 			UNIVERSAL::can( __PACKAGE__, 'inet_pton' ) or croak
 				q[Looks like IPv6 address, make sure that Socket6 is loaded or make "use IO::Socket::SSL 'inet6'];
-			$ip6 = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname";
+			$ipn = inet_pton( $identity ) or croak "'$identity' is not IPv6, but neither IPv4 nor hostname";
 		} elsif ( $identity =~m{^\d+\.\d+\.\d+\.\d+$} ) {
 			 # definitly no hostname, try IPv4
-			$ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
+			$ipn = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
 		} else {
 			# assume hostname, check for umlauts etc
 			if ( $identity =~m{[^a-zA-Z0-9_.\-]} ) {
@@ -1134,15 +1134,12 @@
 		my $alt_dnsNames = 0;
 		while (@altNames) {
 			my ($type, $name) = splice (@altNames, 0, 2);
-			if ( $type == GEN_IPADD ) {
+			if ( $ipn and $type == GEN_IPADD ) {
 				# exakt match needed for IP
 				# $name is already packed format (inet_xton)
-				return 1 if 
-					$ip6 ? $ip6 eq $name : 
-					$ip4 ? $ip4 eq $name :
-					0;
-
-			} elsif ( $type == GEN_DNS ) {
+				return 1 if $ipn eq $name;
+
+			} elsif ( ! $ipn and $type == GEN_DNS ) {
 				$name =~s/\s+$//; $name =~s/^\s+//;
 				$alt_dnsNames++;
 				$check_name->($name,$identity,$scheme->{wildcards_in_alt})
@@ -1150,8 +1147,9 @@
 			}
 		}
 
-		if ( $scheme->{check_cn} eq 'always' or 
-			$scheme->{check_cn} eq 'when_only' and !$alt_dnsNames) {
+		if ( ! $ipn and (
+			$scheme->{check_cn} eq 'always' or 
+			$scheme->{check_cn} eq 'when_only' and !$alt_dnsNames)) {
 			$check_name->($commonName,$identity,$scheme->{wildcards_in_cn})
 				and return 1;
 		}

Modified: trunk/libio-socket-ssl-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/debian/changelog?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/debian/changelog (original)
+++ trunk/libio-socket-ssl-perl/debian/changelog Wed Mar 17 22:21:05 2010
@@ -1,3 +1,9 @@
+libio-socket-ssl-perl (1.33-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Angel Abad <angelabad at gmail.com>  Wed, 17 Mar 2010 23:20:42 +0100
+
 libio-socket-ssl-perl (1.32-1) UNRELEASED; urgency=low
 
   IGNORE-VERSION: 1.32-1

Modified: trunk/libio-socket-ssl-perl/debian/copyright
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/debian/copyright?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/debian/copyright (original)
+++ trunk/libio-socket-ssl-perl/debian/copyright Wed Mar 17 22:21:05 2010
@@ -11,8 +11,8 @@
 License: Artistic or GPL-1+
 
 Files: debian/*
-Copyright: 2000, Christian Surchi <csurchi at debian.org>
- 2000-2004, Davide Puricelli (evo) <evo at debian.org>
+Copyright: 2000-2004, Davide Puricelli (evo) <evo at debian.org>
+ 2000, Christian Surchi <csurchi at debian.org>
  2005-2007, Florian Ragwitz <rafl at debian.org>
  2008-2009, Ansgar Burchardt <ansgar at 43-1.org>
  2008-2009, gregor herrmann <gregoa at debian.org>

Modified: trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t?rev=54481&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t (original)
+++ trunk/libio-socket-ssl-perl/t/memleak_bad_handshake.t Wed Mar 17 22:21:05 2010
@@ -61,9 +61,18 @@
 }
 my $size200 = getsize($pid);
 
+for(200..300) {
+	IO::Socket::INET->new( $addr ) or next;
+}
+my $size300 = getsize($pid);
+if ($size100>$size200 or $size200<$size300) {;
+	print "1..0 # skipped  - do we measure the right thing?\n";
+	exit;
+}
+
 print "1..1\n";
-print "not " if $size100 != $size200;
-print "ok # check memleak failed handshake ($size100,$size200)\n";
+print "not " if $size100 < $size200 and $size200 < $size300;
+print "ok # check memleak failed handshake ($size100,$size200,$size300)\n";
 
 kill(9,$pid);
 wait;




More information about the Pkg-perl-cvs-commits mailing list