r65592 - in /branches/upstream/libio-socket-ssl-perl/current: Changes META.yml SSL.pm

carnil at users.alioth.debian.org carnil at users.alioth.debian.org
Wed Dec 8 21:34:04 UTC 2010


Author: carnil
Date: Wed Dec  8 21:33:42 2010
New Revision: 65592

URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=65592
Log:
[svn-upgrade] new version libio-socket-ssl-perl (1.36)

Modified:
    branches/upstream/libio-socket-ssl-perl/current/Changes
    branches/upstream/libio-socket-ssl-perl/current/META.yml
    branches/upstream/libio-socket-ssl-perl/current/SSL.pm

Modified: branches/upstream/libio-socket-ssl-perl/current/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/Changes?rev=65592&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/Changes (original)
+++ branches/upstream/libio-socket-ssl-perl/current/Changes Wed Dec  8 21:33:42 2010
@@ -1,4 +1,8 @@
 
+v1.36 2010.12.08
+- update documentation for SSL_verify_callback based on 
+  https://rt.cpan.org/Ticket/Display.html?id=63743
+  https://rt.cpan.org/Ticket/Display.html?id=63740
 v1.35 2010.12.06
 - if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
   verified as valid it will no longer fall back to VERIFY_NONE but throw

Modified: branches/upstream/libio-socket-ssl-perl/current/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/META.yml?rev=65592&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/META.yml (original)
+++ branches/upstream/libio-socket-ssl-perl/current/META.yml Wed Dec  8 21:33:42 2010
@@ -1,6 +1,6 @@
 --- #YAML:1.0
 name:               IO-Socket-SSL
-version:            1.35
+version:            1.36
 abstract:           Nearly transparent SSL encapsulation for IO::Socket::INET.
 author:
     - Steffen Ullrich & Peter Behroozi & Marko Asplund

Modified: branches/upstream/libio-socket-ssl-perl/current/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/SSL.pm?rev=65592&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/SSL.pm (original)
+++ branches/upstream/libio-socket-ssl-perl/current/SSL.pm Wed Dec  8 21:33:42 2010
@@ -78,7 +78,7 @@
 	}) {
 		@ISA = qw(IO::Socket::INET);
 	}
-	$VERSION = '1.35';
+	$VERSION = '1.36';
 	$GLOBAL_CONTEXT_ARGS = {};
 
 	#Make $DEBUG another name for $Net::SSLeay::trace
@@ -1722,18 +1722,40 @@
 (0x00) does no authentication.	You may combine 0x01 (verify peer), 0x02 (fail
 verification if no peer certificate exists; ignored for clients), and 0x04
 (verify client once) to change the default.
+
 See OpenSSL man page for SSL_CTX_set_verify for more information.
 
 =item SSL_verify_callback
 
 If you want to verify certificates yourself, you can pass a sub reference along
 with this parameter to do so.  When the callback is called, it will be passed:
-1) a true/false value that indicates what OpenSSL thinks of the certificate,
-2) a C-style memory address of the certificate store,
-3) a string containing the certificate's issuer attributes and owner attributes, and
-4) a string containing any errors encountered (0 if no errors).
+
+=over 4
+
+=item 1.
+a true/false value that indicates what OpenSSL thinks of the certificate,
+
+=item 2.
+a C-style memory address of the certificate store,
+
+=item 3.
+a string containing the certificate's issuer attributes and owner attributes, and
+
+=item 4.
+a string containing any errors encountered (0 if no errors).
+
+=item 5.
+a C-style memory address of the peer's own certificate (convertible to
+PEM form with Net::SSLeay::PEM_get_string_X509()).
+
+=back
+
 The function should return 1 or 0, depending on whether it thinks the certificate
 is valid or invalid.  The default is to let OpenSSL do all of the busy work.
+
+The callback will be called for each element in the certificate chain.
+
+See the OpenSSL documentation for SSL_CTX_set_verify for more information.
 
 =item SSL_verifycn_scheme
 




More information about the Pkg-perl-cvs-commits mailing list