1Revision history for Crypt-SSLeay
2=================================
3
40.70    2014-04-24 14:53:43 UTC
5
6- RT #94974: I forgot that `return` just returns from the code block for
7  `catch`, not the subroutine so `filter_libs` was still trying to link
8  against various libraries even when Devel::CheckLib was not installed.
9
100.68    2014-04-24 14:13:07 UTC
11
12- Previous release did not bump version number in Net::SSL even though there
13  was a minor change. Correct that oversight.
14
150.66    2014-04-24 14:00:42 UTC
16
17- Various minor fixes to C code
18- Various fixes to the distribution such as manifest files, additional
19  tests, bundled module etc
20- Address RT bugs #94828 and #79212
21
220.65_14 2014-04-16 23:55:42 UTC
23
24- REMINDER: make test WILL FAIL if your OpenSSL is vulnerable to Heartbleed.
25
26- Add additional functions exposing information that can be obtained via
27  SSLeay_version.
28
290.65_13 2014-04-15 22:22:43 UTC
30
31- Work in progress
32
33- Add ability to query OpenSSL version, add test whether OpenSSL library
34  being used is vulnerable to the Heartbleed bug.
35
36- Assorted fixes to Makefile.PL, most importantly to fix build problems with
37  Strawberry Perl.
38
390.65_08 2014-04-10 13:40:08 UTC
40
41- Work in progress
42
43- In Makefile.PL, use assert_lib to find the libraries against which we can
44  actually link rather than passing a big bowl of libs to WriteMakefile.
45  Bail out early if we can't link against any of the candidate libraries.
46
470.65_07 2014-04-10 12:38:06 UTC
48
49- Work in progres
50
51- Make sure t/02-live.t actually uses Net::SSL.
52
530.65_06 2014-04-10 10:35:14 UTC
54
55- Work in progress
56
57- Address RT bugs #88786, #88269, #78848, and #79477
58
59- Makefile.PL now respects live-tests and no-live-tests, and allows library
60  and header locations to be specified via the command line arguments
61  libpath and incpath, respectively.
62
63- These options can also be specified using the environment variables
64
65        CRYPT_SSLEAY_LIVE_TEST_WANTED
66        OPENSSL_LIB
67        OPENSSL_INC
68
69- Also fixed a number of embarrasing logic errors and typos in Makefile.PL
70  which were introduced in previous 0.65_xx versions.
71
720.65_05 2014-04-04 12:38:21 UTC
73
74- Work in progress
75
76- Reorganize Makefile.PL to allow incpath and libpath command line
77  arguments. This attempts to address RT #88786, #88269, #79477, and #78848.
78  This was supposed to be the next step immediately after drastically
79  specifying Makefile.PL. But never got done.
80
81- Also add encoded version number to openssl-version output.
82
830.65_04 2014-04-02 18:03:11 UTC
84
85- Work in progress
86
87- Address pull requests from GitHub and bug reports on RT. These address RT
88  issues #83764, #86425, #86819, #62133, #82715, #90803
89
900.64 2012-08-06 01:23:30
91
92- Drastically simplify Makefile.PL to resolve RT bugs #61249, #61324,
93  #63553, #68208, and #68084.
94
95- Forgot to update Changes for 0.63, so this version overrides that.
96
97
980.61_05 2012-08-04 00:40:22 UTC
99
100- Trying to distinguish between good vs bad zero returns from underlying
101  SSL_read/SSL_write broke stuff (see RT bug #78695). Revert to previous
102  behavior.
103
104- Completely re-organize Makefile.PL. I hope these changes will help take
105  care of RT bugs #61324, #61249, #63553, and #68084 etc. This is not
106  necessarily finished, but I want to see what happens on CPAN Testers at
107  this point before making a few other minor changes.
108
1090.60 2012-07-29 21:43:47 UTC
110
111- Release 0.59_03 as 0.60 so distributions can pick up various fixes. The most
112  important one seems to be bug RT #70565. This should take care of bug RT
113  #77167
114
115- SSL_read and SSL_write now try to handle incomplete reads/writes (see bug RT
116  RT #64054). The current test suite does is not very comprehensive, so caution
117  is recommended at this point. Also, if you have good test cases, I would love
118  to incorporate them into the distribution.
119
1200.59_03 2012-03-10 00:45:28 UTC
121
122- Bump version number and upload to CPAN.
123
124
1250.59_02 2012-03-08 16:16:03 UTC
126
127- Forgot to update Changes for 0.59_01. The following is a combined list of
128  the more important fixes incorporated in both.
129
130- Bug RT #64054: Handle incomplete reads/writes better
131
132- Bug RT #73754: Add LWP::Protocol::https to PREREQ_PM
133
134- Bug RT #73755: Crypt-SSLeay does not verify hosts (yet). Don't let that
135  cause a failure during tests.
136
137- Streamline t/02-live.t using Try::Tiny and done_testing
138
139- Plus assorted related small changes.
140
1410.58_01 2010-09-08 19:11:39 UTC
142
143- L<text|scheme:...> is not supported in POD for 5.8.5 and earlier.
144- TODOs in POD should stand out
145- Add /boot/common/ssl and some other directories to unix_ssl_dirs (see bug
146  #60936).
147
1480.58 2010-08-25 14:06:30 UTC
149
150- Bump version number for Crypt::SSLeay to 0.58 and Net::SSL to 2.85 in
151  preparation for release.
152- Fix typo in POD is SSLeay.pm s/PEM0encoded/PEM encoded/ (checked
153  http://github.com/gitpan/Crypt-SSLeay/blob/9a1582ee1e4d132ae7cf9497bb83144786425d73/SSLeay.pm)
154- Update Changes and TODO. Regenerate README and META.yml. Update package
155  author. Minor POD fixes.
156
1570.57_05 2010-08-15 17:41:21 UTC
158
159- Fix for NO_PROXY support in Net::SSL (bug #57836)
160- Bump Net::SSL version number to 2.84_02 after changes
161- Fix file/dir permissions (bug #60338)
162- Review warnings when compiling SSLeay.xs against older versions of
163  OpenSSL: Warnings are due to OpenSSL.
164- Add clarification regarding $ENV{HTTPS_CA_FILE} and $ENV{HTTPS_CA_DIR} to
165  the POD.
166- Other POD related changes:
167    * Remove historic information in README about platforms where the package
168      was successfully built.
169    * Reformat acknowledgements. TODO: Add more people.
170    * Fix link to Net-SSLeay.
171    * Add note about the --live-tests command line option
172    * Generate README from POD.
173    * Formatting fixes.
174    * Update copyright notice.
175
1760.57_04 2010-08-11 00:22:33 UTC
177
178- Reorganize Makefile.PL to break individual steps in to subroutines so as to
179  facilitate localized future modifications. Whether there was any point to
180  this remains to be seen.
181- In Makefile.PL, accommodate ActiveState+MingW configuration.
182- Pick the correct lib location for Strawberry Perl (bug #60230).
183- Apply fixes in bug reports #59312 and #33954 to Net/SSL.pm.
184- Bump version number in Net/SSL.pm to indicate development release.
185
1860.57_03 2010-08-09 20:12:30 UTC
187
188- If the last component of $inc_dir is 'openssl', set $inc_dir to its parent
189  and set $prefix to 'openssl'. Otherwise, leave $inc_dir as is and set $prefix
190  to '' (I hope this fixes bugs #28431, #28680, #32084, #43084, #54103 without
191  breaking anything).
192- Improved OpenSSL detection on Win32/Strawberry Perl (bug #49285).
193- Add MIME::Base64 as a prerequisite as Net::SSL needs it.
194- exit 0 if OpenSSL can't be found to avoid superfluous reports from CPAN
195  Testers.
196- Add \ to $opt_bench in eg/net-ssl-test (bugs #30931, #39363).
197
1980.57_02 2010-08-08 18:27:40 UTC
199
200- Refactor the version detection algorithm in Makefile.PL to handle all known
201  variations of version number encoding. Should fix bug #52408.
202
2030.57_01 2008-02-18 14:42:32 UTC
204
205- use #include <..> rather than #include "..." in
206  crypt_ssleay_version.h.
207- add command-line switch to avoid live tests (bug #30268).
208- skip tests in t/01-connect.t if 443 is already in use (bug #30985).
209- make code gcc -Wwrite-strings compatible (bug #31926).
210
2110.57 2007-09-17 20:45:20 UTC
212
213- Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in
214  Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois).
215- $@ construction used in Net::SSL::connect was messed up, which could
216  lead to sub-optimal error reporting. (Bug #29372 reported by Jan
217  Dubois).
218- Ensure no proxification is used in t/01-connect.t (which might be the
219  reason for all the spurious smoke failures). Bug #29373 reported by,
220  you guessed it, Jan Dubois).
221- Silence a dubious fopen() warning in SSLeay.xs.
222- s/Netware/NetWare/ in Net/SSL.pm platform check
223- Improvements to Makefile.PL for dealing with platforms where openssl
224  is installed with ./include and ./lib as sibling directories rather
225  than child directories. This should allow the code to configure and
226  build "out of the box" on Solaris (and probably other proprietary
227  platforms).
228- Don't carp in LICENSE key addition code in Makefile.PL
229
2300.56_01 2007-08-09 21:59:47 UTC
231
232- Various improvements to the Win32 configure code in Makefile.PL,
233  based on CPAN tickets #28431 and #28432, by Guenter Knauf,
234  notably to allow static linking and OpenSSL living in a relative
235  directory.
236- Net::SSL: alarm() is not implemented on Netware platform, so don't
237  try to set one there. (Guenter Knauf).
238- Should build on Solaris correctly (bug fix in include dir
239  specification). Based on fix suggested in CPAN bug #28680.
240
2410.56 2007-07-10 19:08:20 UTC
242
243- Purely a documentation issue raised by CPAN bug #27935. Users
244  of previous versions do not need to upgrade.
245
2460.55 2007-06-01 17:34:22 UTC
247
248- Added a blocking() method to Net::SSL (and bumped version to
249  2.81).
250
2510.54 2007-04-12 22:05:26 UTC
252
253- Rebadged 0.53_05, since no bugs appear to have surfaced.
254
2550.53_05
256
257- Fixed up incorrect LIBS key in WriteMakefile args. Thanks to
258  David Cantrell for giving me access to an OpenBSD box that
259  revealed this problem.
260- Added the list of modules that depend on Crypt::SSLeay to
261  the README, as per cpants.perl.org. (think: improvements
262  to the test suite).
263
2640.53_04 2007-03-06 09:39:01 UTC
265
266- add diag() info to determine possible reasons for failure as per
267  http://www.nntp.perl.org/group/perl.cpan.testers/2007/03/msg428964.html
268- Tweaks for Strawberry Perl detection.
269
2700.53_03 2007-03-04 18:30:06 UTC
271
272- Adjusted the typemap shims to silence the compiler warnings that
273  occur when sizeof(IV) is larger than sizeof(char *).
274- use XSLoader for faster loading if available, otherwise fall
275  back to DynaLoader.
276- Makefile.PL heavily reworked, lots of cruft removed.
277- Ask to see whether the live tests should be run.
278- renamed net_sst.t to 01-connect.t
279- added 02-live.t that performs live HTTPS requests.
280
2810.53_02 2007-01-29 10:02:34 UTC
282
283- don't proxy hosts in NO_PROXY environment variable (CPAN
284  bug #11078).
285- don't send user agent string to proxy unless
286  send_useragent_to_proxy is enabled. (CPAN bug #4759).
287- Net::SSL bumped to 2.80
288
2890.53_01 2007-01-24 22:21:09 UTC
290
291- patch for CPAN #12444 applied (Jeff Lavallee). Net::SSL bumped
292  tp 2.79.
293- example scripts moved into eg/ directory and the documentation
294  updated.
295- added a TODO to remind me of what needs to be done.
296
2970.53 2006-12-26 17:21:22 UTC
298
299- 0.52_02 deemed stable
300
3010.52_02 2006-12-20 19:29:01 UTC
302
303- improved VMS support (CPAN bug #19829).
304- add a test to see if cert file is readable in
305  Net::SSL::configure_certs (CPAN bug #8498) and Net::SSL version
306  to 2.78.
307- known working platforms list removed from documentation. Too old,
308  and CPAN Testers has the up-to-date information.
309- minor documentation improvements.
310
3110.52_01 2006-12-17
312
313- add call to SSL_library_init() in new()
314- maintenance taken over by brian d foy and David Landgren.
315
316$MODULE=Crypt::SSLeay; $VERSION = .51; $DATE="2003-06-10";
317
318- fixed build problem for OpenSSL 0.9.6 and some builds
319  of perl 5.8.x which resulted in make error:
320
321   /usr/include/openssl/des.h:193: parse error before '&' token"
322
323  Thanks to Rob Brown for submitting a similar patch to cover this problem
324
325- bug fix from Dongqiang Bai when server using proxy cannot
326  resolve host name being connected to
327
328+ Added documentation for updating system OpenSSL libraries
329  for systems such has RedHat that have shared libraries built
330  Work sponsored by Stuart Horner of Core Communications, Inc.
331
332$MODULE=Crypt::SSLeay; $VERSION = .49; $DATE="2003-01-30";
333
334+ Documentation updates, including new support address
335  for LWP issues, and $ENV{HTTPS_DEBUG} flag.
336
337+ Added c:/openssl in default search path on win32 machines
338  which is the recommended installation area in the openssl dist
339
340+ Added patch from Pavel Hlavnicka for freeing memory leaks
341  from SSL_CTX_use_pkcs12_file() whose functionality is triggered
342  by the $ENV{HTTPS_PKCS12_*} settings
343
344+ Set timeout to 15 seconds for ./net_ssl_test and lwp-ssl-test
345  sample scripts for better testing of timeout behavior
346
347+ Added alarm() during Net::SSL->read() to honor socket timeout setting
348  for more robust applications.  read() will die_with_error() which
349  in consistent with previous semantics used during SSL read() failure
350  Thanks to Pavel Hlavnicka for prompting this change.
351
352+ Removed code that supported versions of SSLeay before version 0.8
353  I believe SSLeay v.8 was released back in 1998
354
355+ Added patch from Devin Heitmueller so that initial random seed
356  would be taken from /dev/urandom if available via RAND_load_file API
357
358$MODULE=Crypt::SSLeay; $VERSION = .45; $DATE="2002-08-01";
359
360+ PKCS12 certificate support, patch submitted by Beni Takahashi,
361  author of patch Daisuke Kuroda
362
363+ Fixing compile warnings on Solaris 8/Sparc with Forte 7.0 about
364  implicit conversions and implicit declarations.  Thanks to
365  Marek Rouchal for bug report.
366
367$MODULE=Crypt::SSLeay; $VERSION = .43; $DATE="2002-07-29";
368
369- Removed unused dependency on URI::URL, thanks to Ric Steinberger
370  for pointing out this problem under perl 5.8.0
371
372$MODULE=Crypt::SSLeay; $VERSION = .41; $DATE="2002-07-07";
373
374- fixed t/net_ssl.t to work on Windows NT
375
376$MODULE=Crypt::SSLeay; $VERSION = .40; $DATE="2002-07-03";
377
378 + = improvement; - = bug fix
379
380- fixed Makefile.PL use of dirname() which could error for perl 5.8.x
381  Thanks to Chip Turner of RedHat for patch.
382
383$MODULE=Crypt::SSLeay; $VERSION = .39; $DATE="2002-06-23";
384
385- Fixed a runtime error with Net::SSL->proxy for running under
386  perl warnings with no proxy defined, which t/net_ssl.t test case
387  revealed.
388
389+ Added t/net_ssl.t test for initializing a Net::SSL object
390
391+ Added build platform success note for ( thanks Christopher! )
392
393  Solaris 2.8    Sparc	?		5.00503	 .37	2002-05-31	Christopher Biow
394
395+ Added build auto-detect for 0.9.6+ and only then use OPENSSL_free
396  instead of free() since older OpenSSL like 0.9.4 did not have it.
397
398+ Added ./net_ssl_test -CAfile documentation, and root CA file from mod_ssl
399  distribution at certs/ca-bundle.crt that can be used for general root CA
400  peer certificate verification.
401
402+ Added build notes for
403
404   SunOS 4.1.4, Perl 5.004_04 - ld.so: Undefined symbol: _CRYPT_mem_ctrl
405
406  from Jeff Haferman.
407
408+ When Net::SSL->connect() being called from LWP::UserAgent in proxy mode,
409  will connect to the proxy passing the $ua->agent string as
410
411   CONNECT $peer_addr:$peer_port HTTP/1.0
412   User-Agent: $ua->agent
413
414+ Integrated Richard Chen's patches for exposing the Net::SSL
415  certificate dates via an API:
416
417   Crypt::SSLeay::X509::not_before
418   Crypt::SSLeay::X509::not_after
419
420  which can be gotten to by a call like...
421
422   Net::SSL->new(...)->get_peer_certificate->not_after;
423
424  These methods return a normal timestamp like: 2002-05-22 11:15:17 GMT
425  There is an example of its use in the ./net_ssl_test script.
426
427  The Crypt::SSLeay::* modules will continue to remain undocumented
428  because such functionality lies outside the scope of what this
429  module is geared for.  Net::SSLeay provides a more general API for
430  OpenSSL functionality.
431
432$MODULE=Crypt::SSLeay; $VERSION = .37; $DATE="2002-01-08";
433
434 + = improvement; - = bug fix
435
436- use OPENSSL_free() instead of free() to fix crashes with win32 perl 5.6.1
437  Thanks to Doug MacEachern for patch.
438
439+ added Makefile.PL Candidate() path for win32 builds of OpenSSL
440  Thanks to David Morse for patch.
441
442$MODULE=Crypt::SSLeay; $VERSION = .36; $DATE="2001-12-05";
443
444- perl Makefile.PL C:/some_path should be picked up now ...
445  was doing case insensitive drive letter check before
446
447$MODULE=Crypt::SSLeay; $VERSION = .35; $DATE="2001-10-31";
448
449+ Set local $SIG{PIPE} = \&die before $ssl->connect()
450  to capture the "broken pipe" error associated with connecting
451  to a computer that is not running a SSL web server,
452  when Crypt::SSLeay is built with OpenSSL 0.9.6a.  This error did
453  not occur with OpenSSL 0.9.4 or OpenSSL 0.9.5a, but this fix should
454  be compatible with those versions too.
455
456$MODULE=Crypt::SSLeay; $VERSION = .33; $DATE="2001-10-31";
457
458+ Documented differences / conflicts between LWP proxy support
459  and Crypt::SSLeay which seems to be a source of confusion for users.
460
461+ Added Net::SSL::get_peer_verify call so the warning header
462  from LWP that says:
463
464    Client-SSL-Warning: Peer certificate not verified
465
466  can be suppressed when HTTPS_CA_FILE & HTTPS_CA_DIR environment
467  variables are set to invoke peer certificate verification.
468  I will submit patch for perl-libwww 5.6 for this support
469  of get_peer_verify shortly.
470
471  Modified return values of $ctx->set_verify() to return 1 when
472  peer verification is enabled to support get_peer_verify()
473
474$MODULE=Crypt::SSLeay; $VERSION = .31; $DATE="2001-09-21";
475
476+ $ENV{HTTPS_DEBUG} activates Crypt::SSLeay specific debugging,
477  so one can debug from LWP:: calls without using ./net_ssl_test script
478
479+ $ENV{CRYPT_SSLEAY_DEFAULT} may now be set to trigger --default
480  functionality for Makefile.PL
481
482+ Added --default switch to Makefile.PL which will pick
483  up the first OpenSSL distribution detected and use that
484  for building Crypt::SSLeay. Inspired by Doug MacEachern
485
486- removed exit from Makefile.PL, bug found by Doug MacEachern
487
488$MODULE=Crypt::SSLeay; $VERSION = .29; $DATE="2001-06-29";
489
490+ Streamlined *CA* patches so only in $CTX->set_verify()
491  which gets called every time now.
492
493+ Throw error instead of return undef in Net::SSL->connect()
494  because we loose the errors otherwise.  Applications
495  working with Net::SSL will have to trap calls around
496  Net::SSL->connect with eval {}.  There are so many
497  kinds of errors now, especially with certificate
498  support that we really need to throw specific error
499  messages, and not let them get lost in $!.
500
501- Turn SSL_MODE_AUTO_RETRY on so clients can survive
502  changes in SSLVerifyClient changes in the modssl connection
503
504  Comment from source:
505	   /* The set mode is necessary so the SSL connection can
506  	    * survive a renegotiated cipher that results from
507	    * modssl VerifyClient config changing between
508	    * VirtualHost & some other config block.  At modssl
509	    * this would be a [trace] ssl message:
510	    *  "Changed client verification type will force renegotiation"
511  #ifdef SSL_MODE_AUTO_RETRY
512	   SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
513  #endif
514
515  Seems like openssl 0.9.4 didn't need this but 0.9.6 does,
516  not sure though.
517
518+ Integrated patches from Gamid Isayev for CA peer
519  verification.  New settings include:
520
521  $ENV{HTTPS_CA_FILE} = "some_file";
522  $ENV{HTTPS_CA_DIR}  = "some_dir";
523
524  Also create config switches for these in ./net_ssl_test,
525  -CAfile and -CAdir
526
527$MODULE=Crypt::SSLeay; $VERSION = .27; $DATE="TBA";
528
529- Client certs weren't working correctly, setup certs
530  earlier in connection now, also create new CTX per
531  request, so cert settings don't remain sticky from
532  one request to the next.
533
534$MODULE=Crypt::SSLeay; $VERSION = .25; $DATE="2001-04-10";
535
536+ update ./net_ssl_test to do smart parsing of host, where
537  host can now be of the form http://www.nodeworks.com:443/
538
539+ integrated client cert patches provided by Tobias Manthey,
540  creating new config options:
541
542    $ENV{HTTPS_CERT_FILE}  -- file of client certificate
543    $ENV{HTTPS_KEY_FILE}   -- file of private key file
544
545  Also support for these options in ./net_ssl_test with these
546  options:
547
548  -cert  client certificate file
549  -key   private key file
550
551  like so:
552
553    ./net_ssl_test -cert=notacacert.pem -key=notacakeynopass.pem -d
554
555  To create simple test cert with openssl:
556
557     /usr/local/openssl/bin/openssl req -config /usr/local/openssl/openssl.cnf -new -days 365 -newkey rsa:1024 -x509 -keyout notacakey.pem -out notacacert.pem
558     /usr/local/openssl/bin/openssl rsa -in notacakey.pem -out notacakeynopass.pem
559
560$MODULE=Crypt::SSLeay; $VERSION = .24; $DATE="2001-03-09";
561
562 + = improvement; - = bug fix
563
564- local $@ in Net::SSL::DESTROY so we don't kill real errors
565
566$MODULE=Crypt::SSLeay; $VERSION = .23; $DATE="2001-03-09";
567
568+ added lwp-ssl-test file for showing LWP code use
569
570+ added -h/-help options & docs to ./net_ssl_test script
571
572+ updated alpha linux patch from Alex Rhomberg to what
573  he originally provided, as it covered -lots case better.
574
575- return undef in Net::SSL::connect() instead of die()
576  for better LWP support & error handling.  Still set
577  $@ though, consistent with IO::Socket::INET
578
579+ alarm() on Unix platforms around ssl ctx connect, which
580  can hang for process for way too long when trying to
581  connect to dead https SSL servers.
582
583$MODULE=Crypt::SSLeay; $VERSION = .22; $DATE="2001-01-29";
584
585- remove // style comments
586
587$MODULE=Crypt::SSLeay; $VERSION = .21; $DATE="2001-01-10";
588
589- AIX build notes correction
590
591+ No reverse lookup for host done for proxying, more
592  efficient.  Reuse of cached PeerAddr name from Net::SSL->new
593
594+ $ENV{HTTPS_VERSION} setting, so a SSL v3 connection can
595  be used first, instead of SSLv23.  Documented in README,pod.
596  Added support for this to the test program as:
597
598     ./net_ssl_test -v[ersion] 3
599
600$MODULE=Crypt::SSLeay; $VERSION = .19; $DATE="2001-01-07";
601
602+ Added runtime SSL debugging support, was compile time before.
603  Trigger with Net::SSL->new(..., SSL_Debug => 1) as in
604  the ./net_ssl_test script run with -d argument.  No
605  API for debugging from LWP requests, just for https
606  debugging with ./net_ssl_test really.
607
608+ Added support for proxy via $ENV{HTTPS_PROXY} =
609  proxy_host:proxy_port.  Thanks to Bryan Hart for the patch.
610  Also basic auth support added & documented.
611
612+ alpha linux ccc support with -lots library added for compile.
613  Patch from Alex Rhomberg.
614
615$MODULE=Crypt::SSLeay; $VERSION = .18; $DATE="2000-11-25";
616
617- created perl/c destructors for the X509 cert for after its
618  fetched by Net::SSL.  Crypt::SSLeay seems to run without
619  memory leaks now under LWP and Net::SSL.
620
621- Updated Net::SSL::VERSION, bad version last release.
622
623$MODULE=Crypt::SSLeay; $VERSION = .17; $DATE="2000-09-04";
624
625- got rid of an implicit char* conversion compile warnings
626  for SSL_get_cipher
627
628+ random seeding now occurs with RAND_seed() on random data
629  from the C call stack, works more consistently than RAND_load_file
630  from Ben's patch.
631
632+ integrated patches from Ben Laurie for better error messaging
633  and random seed initialization
634
635+ set_cipher_list initialized from $ENV{CRYPT_SSLEAY_CIPHER}
636  where before it was initialized from $ENV{SSL_CIPHER}, patch
637  from Ben Laurie, so ENV setting not conflict with Apache-SSL
638
639+ tested POST LWP requests and updated documentation indicating
640  that such use is supported
641
642+ net_ssl_test now checks https://www.nodeworks.com by default
643  which has high uptime so should be fine.
644
645+ first argument to perl Makefile.pl must be an absolute path
646  for it to be used as default OpenSSL build path
647
648+ define PL_sv_undef symbols for older perls that don't support
649  it, alias to sv_undef
650
651$MODULE=Crypt::SSLeay; $VERSION = .16; $DATE="2000-02-25";
652
653- changes sv_undef calls to PL_sv_undef, since sv_undef is no
654  longer supported under the latest dev releases of perl 5.0056
655
656$MODULE=Crypt::SSLeay; $VERSION = .15; $DATE="1999-11-23";
657
658+ reordered header includes for ActiveState people, likely
659  for easier compiling with perl object.
660
661+ Added support for cranky SSLv3 sites.  These are sites
662  that don't acknowledge SSLv23 requests, such as:
663
664	https://www.evergreen-funds.com
665	https://ecomm.sella.it
666
667  So now, the module will try connects to SSL servers in
668  this order: SSLv23, SSLv3, SSLv2
669
670  None of the sites that I tested required only SSLv2 connects,
671  but it is there just in case.
672
673+ using the call SSLeay_add_all_algorithms(); instead of
674  SSLeay_add_ssl_algorithms(), because the latter symbol
675  was not defined on one person's installation.
676
677$MODULE=Crypt::SSLeay; $VERSION = .14; $DATE="1999-10-03";
678
679+ = improvement; - = bug fix
680
681+ added support for RSAref tweaked OpenSSL
682
683$MODULE=Crypt::SSLeay; $VERSION = .12; $DATE="1999-09-13";
684
685+ Converted // style comments to /* */ for build
686  support of Sun's native cc
687
688$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-16";
689
690+ New connection strategy suggested by OpenSSL list,
691  first try connecting with SSLv23.  This negotiates
692  the more secure SSL3 first, and then downgrades to
693  SSLv2 if first unsuccessful.  For buggy servers that
694  can't handle the SSLv23 negotiation, Net::SSL then
695  tries a raw SSLv2 connection.
696
697  This method works for all servers tested, and has
698  the advantage of tranmitting data via the most secure
699  SSL3 method if available.
700
701+ Connects to buggy SSLv2 sites as well as SSLv3
702  sites & normal SSLv2 sites.
703
704  Buggy SSLv2:	https://banking.wellsfargo.com
705  SSLv3:	https://www.accountonline.com/CB/MainMenu.idcl
706  SSLv2:	https://www.nodeworks.com
707
708$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-10";
709
710+ Worked through __umoddi3 undef symbol error
711  for building on Solaris x86.  See README build notes.
712
713+ I try to provide backwards compatible building
714  with SSLeay (< v.0.9.2)
715
716+ Will pick up ssl distributions installed at
717  /usr/local/openssl, and /usr/local/ssl ... openssl
718  headers should be at $SSL_DIR/include/openssl
719  for compilation to work, see README for installation hints.
720
721- Added SSL 3.0 support with SSLv3_client_method()
722  This method will autonegotiate SSL2 or SSL3,
723  and works for web sites that require SSL3
724
725+ Added build support in Makefile.PL for WinNT, MS Visual C++
726
727+ Added support for OpenSSL v.0.9.4
728
7291998-10-13   Gisle Aas <aas@sn.no>
730
731   Release 0.07
732
733   Applied patch from Andreas Gustafsson <gson@araneus.fi> which
734   make this module compile on WinNT with ActivePerl and MS Visual C++.
735   For others that try to build on this platform, Andreas also said:
736
737      "In addition to making these source changes, I also had to
738      resort to editing the MakeMaker-generated makefile by hand to
739      fix various library paths.  Unfortunately, I am not familiar
740      enough with either MakeMaker or NT to provide a clean fix for
741      this problem."
742
743
744
7451998-01-13   Gisle Aas <aas@sn.no>
746
747   Release 0.06 and 0.05
748
749   Fixed test script t/ssl_context.t
750
751   SSL->connect can return 0.  Fixed bug in Net::SSL
752
753
754
7551998-01-12   Gisle Aas <aas@sn.no>
756
757   Release 0.04
758
759   Mention depreciation in the README.  Eric's version of the SSLeay
760   glue will replace this module (as well as Sampo Kellomaki's Net::SSLeay).
761
762
763
7641998-01-11   Gisle Aas <aas@sn.no>
765
766   Release 0.03
767
768   Fixed this file
769
770
771
7721998-01-11   Gisle Aas <aas@sn.no>
773
774   Release 0.02
775
776   More text in the README
777
778   Renamed Crypt::SSLeay::Context to Crypt::SSLeay::MainContext
779
780
781
7821998-01-10   Gisle Aas <aas@sn.no>
783
784   Release 0.01
785
786   Initial release.
787