1Revision history for Crypt-SSLeay 2================================= 3 40.70 2014-04-24 14:53:43 UTC 5 6- RT #94974: I forgot that `return` just returns from the code block for 7 `catch`, not the subroutine so `filter_libs` was still trying to link 8 against various libraries even when Devel::CheckLib was not installed. 9 100.68 2014-04-24 14:13:07 UTC 11 12- Previous release did not bump version number in Net::SSL even though there 13 was a minor change. Correct that oversight. 14 150.66 2014-04-24 14:00:42 UTC 16 17- Various minor fixes to C code 18- Various fixes to the distribution such as manifest files, additional 19 tests, bundled module etc 20- Address RT bugs #94828 and #79212 21 220.65_14 2014-04-16 23:55:42 UTC 23 24- REMINDER: make test WILL FAIL if your OpenSSL is vulnerable to Heartbleed. 25 26- Add additional functions exposing information that can be obtained via 27 SSLeay_version. 28 290.65_13 2014-04-15 22:22:43 UTC 30 31- Work in progress 32 33- Add ability to query OpenSSL version, add test whether OpenSSL library 34 being used is vulnerable to the Heartbleed bug. 35 36- Assorted fixes to Makefile.PL, most importantly to fix build problems with 37 Strawberry Perl. 38 390.65_08 2014-04-10 13:40:08 UTC 40 41- Work in progress 42 43- In Makefile.PL, use assert_lib to find the libraries against which we can 44 actually link rather than passing a big bowl of libs to WriteMakefile. 45 Bail out early if we can't link against any of the candidate libraries. 46 470.65_07 2014-04-10 12:38:06 UTC 48 49- Work in progres 50 51- Make sure t/02-live.t actually uses Net::SSL. 52 530.65_06 2014-04-10 10:35:14 UTC 54 55- Work in progress 56 57- Address RT bugs #88786, #88269, #78848, and #79477 58 59- Makefile.PL now respects live-tests and no-live-tests, and allows library 60 and header locations to be specified via the command line arguments 61 libpath and incpath, respectively. 62 63- These options can also be specified using the environment variables 64 65 CRYPT_SSLEAY_LIVE_TEST_WANTED 66 OPENSSL_LIB 67 OPENSSL_INC 68 69- Also fixed a number of embarrasing logic errors and typos in Makefile.PL 70 which were introduced in previous 0.65_xx versions. 71 720.65_05 2014-04-04 12:38:21 UTC 73 74- Work in progress 75 76- Reorganize Makefile.PL to allow incpath and libpath command line 77 arguments. This attempts to address RT #88786, #88269, #79477, and #78848. 78 This was supposed to be the next step immediately after drastically 79 specifying Makefile.PL. But never got done. 80 81- Also add encoded version number to openssl-version output. 82 830.65_04 2014-04-02 18:03:11 UTC 84 85- Work in progress 86 87- Address pull requests from GitHub and bug reports on RT. These address RT 88 issues #83764, #86425, #86819, #62133, #82715, #90803 89 900.64 2012-08-06 01:23:30 91 92- Drastically simplify Makefile.PL to resolve RT bugs #61249, #61324, 93 #63553, #68208, and #68084. 94 95- Forgot to update Changes for 0.63, so this version overrides that. 96 97 980.61_05 2012-08-04 00:40:22 UTC 99 100- Trying to distinguish between good vs bad zero returns from underlying 101 SSL_read/SSL_write broke stuff (see RT bug #78695). Revert to previous 102 behavior. 103 104- Completely re-organize Makefile.PL. I hope these changes will help take 105 care of RT bugs #61324, #61249, #63553, and #68084 etc. This is not 106 necessarily finished, but I want to see what happens on CPAN Testers at 107 this point before making a few other minor changes. 108 1090.60 2012-07-29 21:43:47 UTC 110 111- Release 0.59_03 as 0.60 so distributions can pick up various fixes. The most 112 important one seems to be bug RT #70565. This should take care of bug RT 113 #77167 114 115- SSL_read and SSL_write now try to handle incomplete reads/writes (see bug RT 116 RT #64054). The current test suite does is not very comprehensive, so caution 117 is recommended at this point. Also, if you have good test cases, I would love 118 to incorporate them into the distribution. 119 1200.59_03 2012-03-10 00:45:28 UTC 121 122- Bump version number and upload to CPAN. 123 124 1250.59_02 2012-03-08 16:16:03 UTC 126 127- Forgot to update Changes for 0.59_01. The following is a combined list of 128 the more important fixes incorporated in both. 129 130- Bug RT #64054: Handle incomplete reads/writes better 131 132- Bug RT #73754: Add LWP::Protocol::https to PREREQ_PM 133 134- Bug RT #73755: Crypt-SSLeay does not verify hosts (yet). Don't let that 135 cause a failure during tests. 136 137- Streamline t/02-live.t using Try::Tiny and done_testing 138 139- Plus assorted related small changes. 140 1410.58_01 2010-09-08 19:11:39 UTC 142 143- L<text|scheme:...> is not supported in POD for 5.8.5 and earlier. 144- TODOs in POD should stand out 145- Add /boot/common/ssl and some other directories to unix_ssl_dirs (see bug 146 #60936). 147 1480.58 2010-08-25 14:06:30 UTC 149 150- Bump version number for Crypt::SSLeay to 0.58 and Net::SSL to 2.85 in 151 preparation for release. 152- Fix typo in POD is SSLeay.pm s/PEM0encoded/PEM encoded/ (checked 153 http://github.com/gitpan/Crypt-SSLeay/blob/9a1582ee1e4d132ae7cf9497bb83144786425d73/SSLeay.pm) 154- Update Changes and TODO. Regenerate README and META.yml. Update package 155 author. Minor POD fixes. 156 1570.57_05 2010-08-15 17:41:21 UTC 158 159- Fix for NO_PROXY support in Net::SSL (bug #57836) 160- Bump Net::SSL version number to 2.84_02 after changes 161- Fix file/dir permissions (bug #60338) 162- Review warnings when compiling SSLeay.xs against older versions of 163 OpenSSL: Warnings are due to OpenSSL. 164- Add clarification regarding $ENV{HTTPS_CA_FILE} and $ENV{HTTPS_CA_DIR} to 165 the POD. 166- Other POD related changes: 167 * Remove historic information in README about platforms where the package 168 was successfully built. 169 * Reformat acknowledgements. TODO: Add more people. 170 * Fix link to Net-SSLeay. 171 * Add note about the --live-tests command line option 172 * Generate README from POD. 173 * Formatting fixes. 174 * Update copyright notice. 175 1760.57_04 2010-08-11 00:22:33 UTC 177 178- Reorganize Makefile.PL to break individual steps in to subroutines so as to 179 facilitate localized future modifications. Whether there was any point to 180 this remains to be seen. 181- In Makefile.PL, accommodate ActiveState+MingW configuration. 182- Pick the correct lib location for Strawberry Perl (bug #60230). 183- Apply fixes in bug reports #59312 and #33954 to Net/SSL.pm. 184- Bump version number in Net/SSL.pm to indicate development release. 185 1860.57_03 2010-08-09 20:12:30 UTC 187 188- If the last component of $inc_dir is 'openssl', set $inc_dir to its parent 189 and set $prefix to 'openssl'. Otherwise, leave $inc_dir as is and set $prefix 190 to '' (I hope this fixes bugs #28431, #28680, #32084, #43084, #54103 without 191 breaking anything). 192- Improved OpenSSL detection on Win32/Strawberry Perl (bug #49285). 193- Add MIME::Base64 as a prerequisite as Net::SSL needs it. 194- exit 0 if OpenSSL can't be found to avoid superfluous reports from CPAN 195 Testers. 196- Add \ to $opt_bench in eg/net-ssl-test (bugs #30931, #39363). 197 1980.57_02 2010-08-08 18:27:40 UTC 199 200- Refactor the version detection algorithm in Makefile.PL to handle all known 201 variations of version number encoding. Should fix bug #52408. 202 2030.57_01 2008-02-18 14:42:32 UTC 204 205- use #include <..> rather than #include "..." in 206 crypt_ssleay_version.h. 207- add command-line switch to avoid live tests (bug #30268). 208- skip tests in t/01-connect.t if 443 is already in use (bug #30985). 209- make code gcc -Wwrite-strings compatible (bug #31926). 210 2110.57 2007-09-17 20:45:20 UTC 212 213- Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in 214 Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois). 215- $@ construction used in Net::SSL::connect was messed up, which could 216 lead to sub-optimal error reporting. (Bug #29372 reported by Jan 217 Dubois). 218- Ensure no proxification is used in t/01-connect.t (which might be the 219 reason for all the spurious smoke failures). Bug #29373 reported by, 220 you guessed it, Jan Dubois). 221- Silence a dubious fopen() warning in SSLeay.xs. 222- s/Netware/NetWare/ in Net/SSL.pm platform check 223- Improvements to Makefile.PL for dealing with platforms where openssl 224 is installed with ./include and ./lib as sibling directories rather 225 than child directories. This should allow the code to configure and 226 build "out of the box" on Solaris (and probably other proprietary 227 platforms). 228- Don't carp in LICENSE key addition code in Makefile.PL 229 2300.56_01 2007-08-09 21:59:47 UTC 231 232- Various improvements to the Win32 configure code in Makefile.PL, 233 based on CPAN tickets #28431 and #28432, by Guenter Knauf, 234 notably to allow static linking and OpenSSL living in a relative 235 directory. 236- Net::SSL: alarm() is not implemented on Netware platform, so don't 237 try to set one there. (Guenter Knauf). 238- Should build on Solaris correctly (bug fix in include dir 239 specification). Based on fix suggested in CPAN bug #28680. 240 2410.56 2007-07-10 19:08:20 UTC 242 243- Purely a documentation issue raised by CPAN bug #27935. Users 244 of previous versions do not need to upgrade. 245 2460.55 2007-06-01 17:34:22 UTC 247 248- Added a blocking() method to Net::SSL (and bumped version to 249 2.81). 250 2510.54 2007-04-12 22:05:26 UTC 252 253- Rebadged 0.53_05, since no bugs appear to have surfaced. 254 2550.53_05 256 257- Fixed up incorrect LIBS key in WriteMakefile args. Thanks to 258 David Cantrell for giving me access to an OpenBSD box that 259 revealed this problem. 260- Added the list of modules that depend on Crypt::SSLeay to 261 the README, as per cpants.perl.org. (think: improvements 262 to the test suite). 263 2640.53_04 2007-03-06 09:39:01 UTC 265 266- add diag() info to determine possible reasons for failure as per 267 http://www.nntp.perl.org/group/perl.cpan.testers/2007/03/msg428964.html 268- Tweaks for Strawberry Perl detection. 269 2700.53_03 2007-03-04 18:30:06 UTC 271 272- Adjusted the typemap shims to silence the compiler warnings that 273 occur when sizeof(IV) is larger than sizeof(char *). 274- use XSLoader for faster loading if available, otherwise fall 275 back to DynaLoader. 276- Makefile.PL heavily reworked, lots of cruft removed. 277- Ask to see whether the live tests should be run. 278- renamed net_sst.t to 01-connect.t 279- added 02-live.t that performs live HTTPS requests. 280 2810.53_02 2007-01-29 10:02:34 UTC 282 283- don't proxy hosts in NO_PROXY environment variable (CPAN 284 bug #11078). 285- don't send user agent string to proxy unless 286 send_useragent_to_proxy is enabled. (CPAN bug #4759). 287- Net::SSL bumped to 2.80 288 2890.53_01 2007-01-24 22:21:09 UTC 290 291- patch for CPAN #12444 applied (Jeff Lavallee). Net::SSL bumped 292 tp 2.79. 293- example scripts moved into eg/ directory and the documentation 294 updated. 295- added a TODO to remind me of what needs to be done. 296 2970.53 2006-12-26 17:21:22 UTC 298 299- 0.52_02 deemed stable 300 3010.52_02 2006-12-20 19:29:01 UTC 302 303- improved VMS support (CPAN bug #19829). 304- add a test to see if cert file is readable in 305 Net::SSL::configure_certs (CPAN bug #8498) and Net::SSL version 306 to 2.78. 307- known working platforms list removed from documentation. Too old, 308 and CPAN Testers has the up-to-date information. 309- minor documentation improvements. 310 3110.52_01 2006-12-17 312 313- add call to SSL_library_init() in new() 314- maintenance taken over by brian d foy and David Landgren. 315 316$MODULE=Crypt::SSLeay; $VERSION = .51; $DATE="2003-06-10"; 317 318- fixed build problem for OpenSSL 0.9.6 and some builds 319 of perl 5.8.x which resulted in make error: 320 321 /usr/include/openssl/des.h:193: parse error before '&' token" 322 323 Thanks to Rob Brown for submitting a similar patch to cover this problem 324 325- bug fix from Dongqiang Bai when server using proxy cannot 326 resolve host name being connected to 327 328+ Added documentation for updating system OpenSSL libraries 329 for systems such has RedHat that have shared libraries built 330 Work sponsored by Stuart Horner of Core Communications, Inc. 331 332$MODULE=Crypt::SSLeay; $VERSION = .49; $DATE="2003-01-30"; 333 334+ Documentation updates, including new support address 335 for LWP issues, and $ENV{HTTPS_DEBUG} flag. 336 337+ Added c:/openssl in default search path on win32 machines 338 which is the recommended installation area in the openssl dist 339 340+ Added patch from Pavel Hlavnicka for freeing memory leaks 341 from SSL_CTX_use_pkcs12_file() whose functionality is triggered 342 by the $ENV{HTTPS_PKCS12_*} settings 343 344+ Set timeout to 15 seconds for ./net_ssl_test and lwp-ssl-test 345 sample scripts for better testing of timeout behavior 346 347+ Added alarm() during Net::SSL->read() to honor socket timeout setting 348 for more robust applications. read() will die_with_error() which 349 in consistent with previous semantics used during SSL read() failure 350 Thanks to Pavel Hlavnicka for prompting this change. 351 352+ Removed code that supported versions of SSLeay before version 0.8 353 I believe SSLeay v.8 was released back in 1998 354 355+ Added patch from Devin Heitmueller so that initial random seed 356 would be taken from /dev/urandom if available via RAND_load_file API 357 358$MODULE=Crypt::SSLeay; $VERSION = .45; $DATE="2002-08-01"; 359 360+ PKCS12 certificate support, patch submitted by Beni Takahashi, 361 author of patch Daisuke Kuroda 362 363+ Fixing compile warnings on Solaris 8/Sparc with Forte 7.0 about 364 implicit conversions and implicit declarations. Thanks to 365 Marek Rouchal for bug report. 366 367$MODULE=Crypt::SSLeay; $VERSION = .43; $DATE="2002-07-29"; 368 369- Removed unused dependency on URI::URL, thanks to Ric Steinberger 370 for pointing out this problem under perl 5.8.0 371 372$MODULE=Crypt::SSLeay; $VERSION = .41; $DATE="2002-07-07"; 373 374- fixed t/net_ssl.t to work on Windows NT 375 376$MODULE=Crypt::SSLeay; $VERSION = .40; $DATE="2002-07-03"; 377 378 + = improvement; - = bug fix 379 380- fixed Makefile.PL use of dirname() which could error for perl 5.8.x 381 Thanks to Chip Turner of RedHat for patch. 382 383$MODULE=Crypt::SSLeay; $VERSION = .39; $DATE="2002-06-23"; 384 385- Fixed a runtime error with Net::SSL->proxy for running under 386 perl warnings with no proxy defined, which t/net_ssl.t test case 387 revealed. 388 389+ Added t/net_ssl.t test for initializing a Net::SSL object 390 391+ Added build platform success note for ( thanks Christopher! ) 392 393 Solaris 2.8 Sparc ? 5.00503 .37 2002-05-31 Christopher Biow 394 395+ Added build auto-detect for 0.9.6+ and only then use OPENSSL_free 396 instead of free() since older OpenSSL like 0.9.4 did not have it. 397 398+ Added ./net_ssl_test -CAfile documentation, and root CA file from mod_ssl 399 distribution at certs/ca-bundle.crt that can be used for general root CA 400 peer certificate verification. 401 402+ Added build notes for 403 404 SunOS 4.1.4, Perl 5.004_04 - ld.so: Undefined symbol: _CRYPT_mem_ctrl 405 406 from Jeff Haferman. 407 408+ When Net::SSL->connect() being called from LWP::UserAgent in proxy mode, 409 will connect to the proxy passing the $ua->agent string as 410 411 CONNECT $peer_addr:$peer_port HTTP/1.0 412 User-Agent: $ua->agent 413 414+ Integrated Richard Chen's patches for exposing the Net::SSL 415 certificate dates via an API: 416 417 Crypt::SSLeay::X509::not_before 418 Crypt::SSLeay::X509::not_after 419 420 which can be gotten to by a call like... 421 422 Net::SSL->new(...)->get_peer_certificate->not_after; 423 424 These methods return a normal timestamp like: 2002-05-22 11:15:17 GMT 425 There is an example of its use in the ./net_ssl_test script. 426 427 The Crypt::SSLeay::* modules will continue to remain undocumented 428 because such functionality lies outside the scope of what this 429 module is geared for. Net::SSLeay provides a more general API for 430 OpenSSL functionality. 431 432$MODULE=Crypt::SSLeay; $VERSION = .37; $DATE="2002-01-08"; 433 434 + = improvement; - = bug fix 435 436- use OPENSSL_free() instead of free() to fix crashes with win32 perl 5.6.1 437 Thanks to Doug MacEachern for patch. 438 439+ added Makefile.PL Candidate() path for win32 builds of OpenSSL 440 Thanks to David Morse for patch. 441 442$MODULE=Crypt::SSLeay; $VERSION = .36; $DATE="2001-12-05"; 443 444- perl Makefile.PL C:/some_path should be picked up now ... 445 was doing case insensitive drive letter check before 446 447$MODULE=Crypt::SSLeay; $VERSION = .35; $DATE="2001-10-31"; 448 449+ Set local $SIG{PIPE} = \&die before $ssl->connect() 450 to capture the "broken pipe" error associated with connecting 451 to a computer that is not running a SSL web server, 452 when Crypt::SSLeay is built with OpenSSL 0.9.6a. This error did 453 not occur with OpenSSL 0.9.4 or OpenSSL 0.9.5a, but this fix should 454 be compatible with those versions too. 455 456$MODULE=Crypt::SSLeay; $VERSION = .33; $DATE="2001-10-31"; 457 458+ Documented differences / conflicts between LWP proxy support 459 and Crypt::SSLeay which seems to be a source of confusion for users. 460 461+ Added Net::SSL::get_peer_verify call so the warning header 462 from LWP that says: 463 464 Client-SSL-Warning: Peer certificate not verified 465 466 can be suppressed when HTTPS_CA_FILE & HTTPS_CA_DIR environment 467 variables are set to invoke peer certificate verification. 468 I will submit patch for perl-libwww 5.6 for this support 469 of get_peer_verify shortly. 470 471 Modified return values of $ctx->set_verify() to return 1 when 472 peer verification is enabled to support get_peer_verify() 473 474$MODULE=Crypt::SSLeay; $VERSION = .31; $DATE="2001-09-21"; 475 476+ $ENV{HTTPS_DEBUG} activates Crypt::SSLeay specific debugging, 477 so one can debug from LWP:: calls without using ./net_ssl_test script 478 479+ $ENV{CRYPT_SSLEAY_DEFAULT} may now be set to trigger --default 480 functionality for Makefile.PL 481 482+ Added --default switch to Makefile.PL which will pick 483 up the first OpenSSL distribution detected and use that 484 for building Crypt::SSLeay. Inspired by Doug MacEachern 485 486- removed exit from Makefile.PL, bug found by Doug MacEachern 487 488$MODULE=Crypt::SSLeay; $VERSION = .29; $DATE="2001-06-29"; 489 490+ Streamlined *CA* patches so only in $CTX->set_verify() 491 which gets called every time now. 492 493+ Throw error instead of return undef in Net::SSL->connect() 494 because we loose the errors otherwise. Applications 495 working with Net::SSL will have to trap calls around 496 Net::SSL->connect with eval {}. There are so many 497 kinds of errors now, especially with certificate 498 support that we really need to throw specific error 499 messages, and not let them get lost in $!. 500 501- Turn SSL_MODE_AUTO_RETRY on so clients can survive 502 changes in SSLVerifyClient changes in the modssl connection 503 504 Comment from source: 505 /* The set mode is necessary so the SSL connection can 506 * survive a renegotiated cipher that results from 507 * modssl VerifyClient config changing between 508 * VirtualHost & some other config block. At modssl 509 * this would be a [trace] ssl message: 510 * "Changed client verification type will force renegotiation" 511 #ifdef SSL_MODE_AUTO_RETRY 512 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); 513 #endif 514 515 Seems like openssl 0.9.4 didn't need this but 0.9.6 does, 516 not sure though. 517 518+ Integrated patches from Gamid Isayev for CA peer 519 verification. New settings include: 520 521 $ENV{HTTPS_CA_FILE} = "some_file"; 522 $ENV{HTTPS_CA_DIR} = "some_dir"; 523 524 Also create config switches for these in ./net_ssl_test, 525 -CAfile and -CAdir 526 527$MODULE=Crypt::SSLeay; $VERSION = .27; $DATE="TBA"; 528 529- Client certs weren't working correctly, setup certs 530 earlier in connection now, also create new CTX per 531 request, so cert settings don't remain sticky from 532 one request to the next. 533 534$MODULE=Crypt::SSLeay; $VERSION = .25; $DATE="2001-04-10"; 535 536+ update ./net_ssl_test to do smart parsing of host, where 537 host can now be of the form http://www.nodeworks.com:443/ 538 539+ integrated client cert patches provided by Tobias Manthey, 540 creating new config options: 541 542 $ENV{HTTPS_CERT_FILE} -- file of client certificate 543 $ENV{HTTPS_KEY_FILE} -- file of private key file 544 545 Also support for these options in ./net_ssl_test with these 546 options: 547 548 -cert client certificate file 549 -key private key file 550 551 like so: 552 553 ./net_ssl_test -cert=notacacert.pem -key=notacakeynopass.pem -d 554 555 To create simple test cert with openssl: 556 557 /usr/local/openssl/bin/openssl req -config /usr/local/openssl/openssl.cnf -new -days 365 -newkey rsa:1024 -x509 -keyout notacakey.pem -out notacacert.pem 558 /usr/local/openssl/bin/openssl rsa -in notacakey.pem -out notacakeynopass.pem 559 560$MODULE=Crypt::SSLeay; $VERSION = .24; $DATE="2001-03-09"; 561 562 + = improvement; - = bug fix 563 564- local $@ in Net::SSL::DESTROY so we don't kill real errors 565 566$MODULE=Crypt::SSLeay; $VERSION = .23; $DATE="2001-03-09"; 567 568+ added lwp-ssl-test file for showing LWP code use 569 570+ added -h/-help options & docs to ./net_ssl_test script 571 572+ updated alpha linux patch from Alex Rhomberg to what 573 he originally provided, as it covered -lots case better. 574 575- return undef in Net::SSL::connect() instead of die() 576 for better LWP support & error handling. Still set 577 $@ though, consistent with IO::Socket::INET 578 579+ alarm() on Unix platforms around ssl ctx connect, which 580 can hang for process for way too long when trying to 581 connect to dead https SSL servers. 582 583$MODULE=Crypt::SSLeay; $VERSION = .22; $DATE="2001-01-29"; 584 585- remove // style comments 586 587$MODULE=Crypt::SSLeay; $VERSION = .21; $DATE="2001-01-10"; 588 589- AIX build notes correction 590 591+ No reverse lookup for host done for proxying, more 592 efficient. Reuse of cached PeerAddr name from Net::SSL->new 593 594+ $ENV{HTTPS_VERSION} setting, so a SSL v3 connection can 595 be used first, instead of SSLv23. Documented in README,pod. 596 Added support for this to the test program as: 597 598 ./net_ssl_test -v[ersion] 3 599 600$MODULE=Crypt::SSLeay; $VERSION = .19; $DATE="2001-01-07"; 601 602+ Added runtime SSL debugging support, was compile time before. 603 Trigger with Net::SSL->new(..., SSL_Debug => 1) as in 604 the ./net_ssl_test script run with -d argument. No 605 API for debugging from LWP requests, just for https 606 debugging with ./net_ssl_test really. 607 608+ Added support for proxy via $ENV{HTTPS_PROXY} = 609 proxy_host:proxy_port. Thanks to Bryan Hart for the patch. 610 Also basic auth support added & documented. 611 612+ alpha linux ccc support with -lots library added for compile. 613 Patch from Alex Rhomberg. 614 615$MODULE=Crypt::SSLeay; $VERSION = .18; $DATE="2000-11-25"; 616 617- created perl/c destructors for the X509 cert for after its 618 fetched by Net::SSL. Crypt::SSLeay seems to run without 619 memory leaks now under LWP and Net::SSL. 620 621- Updated Net::SSL::VERSION, bad version last release. 622 623$MODULE=Crypt::SSLeay; $VERSION = .17; $DATE="2000-09-04"; 624 625- got rid of an implicit char* conversion compile warnings 626 for SSL_get_cipher 627 628+ random seeding now occurs with RAND_seed() on random data 629 from the C call stack, works more consistently than RAND_load_file 630 from Ben's patch. 631 632+ integrated patches from Ben Laurie for better error messaging 633 and random seed initialization 634 635+ set_cipher_list initialized from $ENV{CRYPT_SSLEAY_CIPHER} 636 where before it was initialized from $ENV{SSL_CIPHER}, patch 637 from Ben Laurie, so ENV setting not conflict with Apache-SSL 638 639+ tested POST LWP requests and updated documentation indicating 640 that such use is supported 641 642+ net_ssl_test now checks https://www.nodeworks.com by default 643 which has high uptime so should be fine. 644 645+ first argument to perl Makefile.pl must be an absolute path 646 for it to be used as default OpenSSL build path 647 648+ define PL_sv_undef symbols for older perls that don't support 649 it, alias to sv_undef 650 651$MODULE=Crypt::SSLeay; $VERSION = .16; $DATE="2000-02-25"; 652 653- changes sv_undef calls to PL_sv_undef, since sv_undef is no 654 longer supported under the latest dev releases of perl 5.0056 655 656$MODULE=Crypt::SSLeay; $VERSION = .15; $DATE="1999-11-23"; 657 658+ reordered header includes for ActiveState people, likely 659 for easier compiling with perl object. 660 661+ Added support for cranky SSLv3 sites. These are sites 662 that don't acknowledge SSLv23 requests, such as: 663 664 https://www.evergreen-funds.com 665 https://ecomm.sella.it 666 667 So now, the module will try connects to SSL servers in 668 this order: SSLv23, SSLv3, SSLv2 669 670 None of the sites that I tested required only SSLv2 connects, 671 but it is there just in case. 672 673+ using the call SSLeay_add_all_algorithms(); instead of 674 SSLeay_add_ssl_algorithms(), because the latter symbol 675 was not defined on one person's installation. 676 677$MODULE=Crypt::SSLeay; $VERSION = .14; $DATE="1999-10-03"; 678 679+ = improvement; - = bug fix 680 681+ added support for RSAref tweaked OpenSSL 682 683$MODULE=Crypt::SSLeay; $VERSION = .12; $DATE="1999-09-13"; 684 685+ Converted // style comments to /* */ for build 686 support of Sun's native cc 687 688$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-16"; 689 690+ New connection strategy suggested by OpenSSL list, 691 first try connecting with SSLv23. This negotiates 692 the more secure SSL3 first, and then downgrades to 693 SSLv2 if first unsuccessful. For buggy servers that 694 can't handle the SSLv23 negotiation, Net::SSL then 695 tries a raw SSLv2 connection. 696 697 This method works for all servers tested, and has 698 the advantage of tranmitting data via the most secure 699 SSL3 method if available. 700 701+ Connects to buggy SSLv2 sites as well as SSLv3 702 sites & normal SSLv2 sites. 703 704 Buggy SSLv2: https://banking.wellsfargo.com 705 SSLv3: https://www.accountonline.com/CB/MainMenu.idcl 706 SSLv2: https://www.nodeworks.com 707 708$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-10"; 709 710+ Worked through __umoddi3 undef symbol error 711 for building on Solaris x86. See README build notes. 712 713+ I try to provide backwards compatible building 714 with SSLeay (< v.0.9.2) 715 716+ Will pick up ssl distributions installed at 717 /usr/local/openssl, and /usr/local/ssl ... openssl 718 headers should be at $SSL_DIR/include/openssl 719 for compilation to work, see README for installation hints. 720 721- Added SSL 3.0 support with SSLv3_client_method() 722 This method will autonegotiate SSL2 or SSL3, 723 and works for web sites that require SSL3 724 725+ Added build support in Makefile.PL for WinNT, MS Visual C++ 726 727+ Added support for OpenSSL v.0.9.4 728 7291998-10-13 Gisle Aas <aas@sn.no> 730 731 Release 0.07 732 733 Applied patch from Andreas Gustafsson <gson@araneus.fi> which 734 make this module compile on WinNT with ActivePerl and MS Visual C++. 735 For others that try to build on this platform, Andreas also said: 736 737 "In addition to making these source changes, I also had to 738 resort to editing the MakeMaker-generated makefile by hand to 739 fix various library paths. Unfortunately, I am not familiar 740 enough with either MakeMaker or NT to provide a clean fix for 741 this problem." 742 743 744 7451998-01-13 Gisle Aas <aas@sn.no> 746 747 Release 0.06 and 0.05 748 749 Fixed test script t/ssl_context.t 750 751 SSL->connect can return 0. Fixed bug in Net::SSL 752 753 754 7551998-01-12 Gisle Aas <aas@sn.no> 756 757 Release 0.04 758 759 Mention depreciation in the README. Eric's version of the SSLeay 760 glue will replace this module (as well as Sampo Kellomaki's Net::SSLeay). 761 762 763 7641998-01-11 Gisle Aas <aas@sn.no> 765 766 Release 0.03 767 768 Fixed this file 769 770 771 7721998-01-11 Gisle Aas <aas@sn.no> 773 774 Release 0.02 775 776 More text in the README 777 778 Renamed Crypt::SSLeay::Context to Crypt::SSLeay::MainContext 779 780 781 7821998-01-10 Gisle Aas <aas@sn.no> 783 784 Release 0.01 785 786 Initial release. 787