3
- fixed startTLS support (socketToSSL) (Graham Barr <gbarr@pobox.com>)
2
- Makefile's error messages now correct if output is
3
redirected (patch from Ilya Zakharevich <ilya at
5
- Non-blocking connects/accepts now work (Problem found by
6
Uri Guttman <uri at stemsystems.com>).
7
- new_from_fd() now works.
8
- getline() and <> in scalar context now return undef
9
instead of '' when the read failed. (Problem found by
10
Christian Gilmore <cat at us.ibm.com>).
11
- Broken pipe signals are now ignored during socket close
12
to prevent a SSL shutdown message from killing the parent
13
program. (Problem found by Christian Gilmore).
14
- Tests should proceed much more quickly, and a semi-race was
15
fixed, meaning that on slow machines the tests should be
17
- Check for Scalar::Util and Weakref now uses default
18
$SIG{__DIE__} instead of a potentially user-altered one
19
(suggestion from Olaf Schneider <Olaf.Schneider at
20
iwr.fzk.de>). This only applies to Perl 5.6.0 & above.
21
- Session caching support (patch from Marko Asplund
22
<marko.asplund at kronodoc.fi>).
23
- set_default_context() added to alter the behavior of
24
modules that use IO::Socket::SSL from the main program.
25
- get_ssl_object() renamed to _get_ssl_object() to reflect
26
the fact that it's only supposed to be used internally
27
(not that you should have cared, of course).
28
- Added patch for Net::SSLeay to take advantage of
29
client-side session caching.
32
--- Old Versions --------------------------------------------------
35
- Changed PeerAddr in example/ssl_client.pl back to localhost.
36
- Update of examples to automatically switch to the proper
37
directory if they cannot find the necessary SSL certificates.
38
- Minor documentation update with more INET6 info.
39
- Corrected some error messages for IO::Socket::INET6.
40
- Better opened() behavior when sockets close unexpectedly.
41
- Added note about random number generators for Solaris users
42
(Problem found by Christian Gilmore <cag at us.ibm.com>).
43
- Added support for WeakRef and Scalar::Util to allow
44
IO::Socket::SSL objects to auto-destroy themselves when
46
- Added croak()ing for unimplemented send() and recv() methods
47
so they are not accidentally used to transmit unencrypted
48
data. The Perl builtin functions cannot be reliably trapped
49
and are still dangerous, a fact that the POD now reflects
50
(Problem noted by Michal Ludvig <michal at logix.cx>).
53
- Changed accept() to use inherited accept() instead of
54
IO::Socket::accept, so that IPv6 inheritance is possible.
55
- Added options to import() so that a user could specify
56
IPv6 or IPv4 mode of operation.
57
- Documentation fixes, esp. e-mail address.
60
- Fixed error-checking slip in connect_SSL() (Problem found by
61
Uri Guttman <uri at stemsystems.com>).
62
- All functions now return the empty list () on errors.
63
- Added note about the above change to appease Graham Barr
65
- Fixed Net::SSLeay giving warnings when arguments are undef;
66
in all cases, undef arguments may be set to '' without any
67
change in behavior except for removing the warnings.
68
(Problem found by Dominique Quatravaux <dom at idealx.com>)
69
- If accept() or connect() fails in SSL negotiation, the user
70
now has the option to print something to the failed socket
71
before it is closed. (error_trap option in new())
72
- Added support for CRLs (SSL_check_crl option in new()) for
73
versions of OpenSSL >= 0.9.7b (Original patch from
74
Brian Lindauer <jbl at sysd.com>)
75
- Finally added decent support for certificate callbacks.
76
(SSL_verify_callback option in new(), suggestion from
77
Dariush Pietrzak <eyck at ghost.anime.pl>).
78
- accept()/connect()/socket_to_SSL() now fail immediately if
79
the socket in question does not have a fileno.
80
- Added the kill_socket() method to guarantee that a socket dies.
81
- Fixed extra warning when printing errors in debug mode.
82
- Deprecated socket_to_SSL() in favor of the class method
83
start_SSL() (Class method suggestion from Graham Barr
84
<gbarr at pobox.com>).
85
- Added the class method start_SSL() to allow for cases when
86
the desired class of the socket is not IO::Socket::SSL
87
(Request from Dariush Pietrzak <eyck at ghost.anime.pl>)
88
- Changed socket_to_SSL to rebless socket to original class
89
if SSL negotiation failed (Request from Graham Barr
91
- Removed the daemon.pl example, as it did not work with the
92
standard distribution of HTTP::Daemon (use HTTP::Daemon::SSL
96
- Changed the fileno() function to support returning the fileno
97
of server sockets. (Problem found by Roland Giersig
98
<RGiersig at cpan.org>).
99
- Fixed SSL_version incorrectly defaulting to SSLv2 (patch from
100
Roland Alder <roland.alder at celeris.ch>).
103
- Added support for SSL_peek and SSL_pending (peek() and
104
pending()). Updated documentation, tests, etc. to reflect
108
- Fixed the warning that happens when sockets are not explicitly
109
closed() before the program terminates.
113
- This version is a complete rewrite of IO::Socket::SSL. It now
114
has about half the lines of code, twice the amount of documentation,
115
and a slightly more polished interface.
116
- IO::Socket::SSL now works properly with mod_perl and taint mode.
117
- Major documentation update.
118
- Update of the BUGS file to reflect changes made in the rewrite.
119
- Update of the test suite for Perl v5.8.0 (or, more precisely,
121
- Update of the test suite for Perl v5.00503 (or, more precisely,
122
for the lack of several nice features added in v5.6.0) (Marko
123
Asplund <aspa at kronodoc.fi>).
124
- New test suite that does not need the Internet to function.
125
- Update of all the files in example/ to use more current features
127
- Removal of SSL_SSL and X509_Certificate classes.
128
- There have been a few name changes (like socketToSSL ->
129
socket_to_SSL) for better consistency.
130
- The functionality of get_peer_certificate() and friends is deprecated.
131
- The functionality of want_write() and want_read() is deprecated.
132
- The functionality of context_init() is deprecated for normal use.
133
- Support for all SSL context options in the new() call.
134
- SSL contexts are no longer global. The SSL_reuse_ctx option
135
is provided for those who want to re-use a context.
136
- The default verify mode is now VERIFY_NONE.
137
- IO::Socket::SSL::DEBUG is now linked to Net::SSLeay::trace to
138
provide different levels of debugging information.
139
- There is a uniform interface for error reporting, so on error
140
all functions will return undef and the error will be available
142
- The dump_peer_certificate() and peer_certificate() functions
144
- sysread() will now behave correctly if the offset argument is
145
greater than the length of the read buffer. It also will truncate
146
the read buffer properly, according to the Perl documentation for
148
- getline(), getlines(), and getc() have been added.
149
- syswrite() now uses references to avoid copying large amounts of data.
150
- readline() uses ssl_read_all in array context for improved speed.
151
- close() now uses SSL_shutdown() to properly close an SSL connection,
152
unless you tell it not to.
153
- If you have Net::SSLeay version 1.18 or greater, X509 certificates
154
will be properly freed.
155
- All other known bugs have been fixed.
158
v0.81a (Not publically released)
159
- Added support for SSL_passwd_cb.
160
- Added accept() server socket support to socketToSSL().
163
- calling context_init twice destroyed global context. fix from
164
Jason Heiss <jheiss at ofb.net>.
165
- file handle tying interface implementation moved to a separate
166
class to prevent problems resulting from self-tying filehandles.
167
Harmon S. Nine <hnine at netarx.com>.
168
- docs/debugging.txt file added
169
- require Net::SSLeay v1.08
170
- preliminary support for non-blocking read/write
171
- socketToSSL() now respects context's SSL verify setting
172
reported by Uri Guttman <uri at stemsystems.com>.
175
- fixed startTLS support (socketToSSL) (Graham Barr <gbarr at pobox.com>)
4
176
- make accept() set fileno attribute on newly created IO::Socket::SSL
5
object (Martin Oldfield <m@mail.tc>).
177
object (Martin Oldfield <m at mail.tc>).
6
178
- certificate updates.
7
179
- use SSL_CTX_use_PrivateKey_file in SSL_Context::new.
10
182
- angle bracket readline operator support
11
(David Darville <david@dark.x.dtu.dk>).
183
(David Darville <david at dark.x.dtu.dk>).
12
184
- eliminate warnings in choosing SSL protocol version.
13
185
- implement our own opened method and make length parameter optional
14
in syswrite (Robert Bihlmeyer <robbe@orcus.priv.at>).
186
in syswrite (Robert Bihlmeyer <robbe at orcus.priv.at>).
17
189
- test script targets changed, certificate setup fixed
18
190
- support for TLS in SSL_version. SSL_version parameter values
19
191
changed from integer to string. NB: this is an incompatible change.
20
192
all SSL_version parameter values have to be changed. valid values
21
193
include: 'sslv2', 'sslv3', 'sslv23'. Stephen C. Koehler
22
<koehler@securecomputing.com>.
194
<koehler at securecomputing.com>.
23
195
- enable selecting SSL version for connections. patch from
24
Takanori Ugai <ugai@jp.fujitsu.com>.
196
Takanori Ugai <ugai at jp.fujitsu.com>.
25
197
- allow setting SSL_ca_file to ''. this is needed for being
26
able to use SSL_ca_path (Robert Bihlmeyer <robbe@orcus.priv.at>).
198
able to use SSL_ca_path (Robert Bihlmeyer <robbe at orcus.priv.at>).
27
199
- include the Apache CA bundle file in the distribution (my-ca.pem).
28
200
- BUGS file added.
31
203
- don't setup SSL CA verification unless cert verification is
32
204
actually used for the connections.
33
205
- default SSL protocol version selection in SSL.pm.
36
- patch from Kwok Chern Yue <chernyue@post1.com> for
208
- patch from Kwok Chern Yue <chernyue at post1.com> for
37
209
making IO::Socket::SSL work with HTTP::Daemon.
40
212
- IO::Socket::SSL should now work with perl v5.6.0
41
213
- demo/*.pl and t/*.t now turn module debugging on if
42
214
DEBUG command line argument is given
43
215
- default certificates changed
46
218
- Changes file added
47
- bugfix in IO::Socket::SSL::sysread() (zliu2@acsu.buffalo.edu)
219
- bugfix in IO::Socket::SSL::sysread() (zliu2 at acsu.buffalo.edu)
48
220
- libwww-perl and IO::Socket::SSL UML models added in docs
49
221
- URL changes in test scripts
50
222
- preliminary support for startTLS in IO::Socket::SSL::socketToSSL()