r40678 - in /branches/upstream/libio-socket-ssl-perl/current: Changes META.yml SSL.pm
ansgar-guest at users.alioth.debian.org
ansgar-guest at users.alioth.debian.org
Fri Jul 24 18:47:02 UTC 2009
Author: ansgar-guest
Date: Fri Jul 24 18:46:37 2009
New Revision: 40678
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=40678
Log:
[svn-upgrade] Integrating new upstream version, libio-socket-ssl-perl (1.27)
Modified:
branches/upstream/libio-socket-ssl-perl/current/Changes
branches/upstream/libio-socket-ssl-perl/current/META.yml
branches/upstream/libio-socket-ssl-perl/current/SSL.pm
Modified: branches/upstream/libio-socket-ssl-perl/current/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/Changes?rev=40678&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/Changes (original)
+++ branches/upstream/libio-socket-ssl-perl/current/Changes Fri Jul 24 18:46:37 2009
@@ -1,4 +1,12 @@
+v1.27 2009.07.24
+- changed possible local/utf-8 depended \w in some regex against more
+ explicit [a-zA-Z0-9_]. Fixed one regex, where it assumed, that service
+ names can't have '-' inside
+- fixed bug https://rt.cpan.org/Ticket/Display.html?id=48131
+ where eli[AT]dvns[DOT]com reported warnings when perl -w was used.
+ While there made it more aware of errors in Net::ssl_write_all (return
+ undef not 0 in generic_write)
v1.26 2009.07.03
- SECURITY BUGFIX!
fix Bug in verify_hostname_of_cert where it matched only the prefix for
Modified: branches/upstream/libio-socket-ssl-perl/current/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/META.yml?rev=40678&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/META.yml (original)
+++ branches/upstream/libio-socket-ssl-perl/current/META.yml Fri Jul 24 18:46:37 2009
@@ -1,6 +1,6 @@
--- #YAML:1.0
name: IO-Socket-SSL
-version: 1.26
+version: 1.27
abstract: Nearly transparent SSL encapsulation for IO::Socket::INET.
license: ~
author:
Modified: branches/upstream/libio-socket-ssl-perl/current/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/branches/upstream/libio-socket-ssl-perl/current/SSL.pm?rev=40678&op=diff
==============================================================================
--- branches/upstream/libio-socket-ssl-perl/current/SSL.pm (original)
+++ branches/upstream/libio-socket-ssl-perl/current/SSL.pm Fri Jul 24 18:46:37 2009
@@ -66,7 +66,7 @@
}) {
@ISA = qw(IO::Socket::INET);
}
- $VERSION = '1.26';
+ $VERSION = '1.27';
$GLOBAL_CONTEXT_ARGS = {};
#Make $DEBUG another name for $Net::SSLeay::trace
@@ -253,7 +253,7 @@
my $host = $arg_hash->{SSL_verifycn_name};
if (not defined($host)) {
if ( $host = $arg_hash->{PeerAddr} || $arg_hash->{PeerHost} ) {
- $host =~s{:\w+$}{};
+ $host =~s{:[a-zA-Z0-9_\-]+$}{};
}
}
$host ||= ref($vcn_scheme) && $vcn_scheme->{callback} && 'unknown';
@@ -645,11 +645,14 @@
my $written;
if ( $write_all ) {
my $data = $length < $buf_len-$offset ? substr($$buffer, $offset, $length) : $$buffer;
- $written = Net::SSLeay::ssl_write_all($ssl, $data);
+ ($written, my $errs) = Net::SSLeay::ssl_write_all($ssl, $data);
+ # ssl_write_all returns number of bytes written
+ $written = undef if ! $written && $errs;
} else {
$written = Net::SSLeay::write_partial( $ssl,$offset,$length,$$buffer );
- }
- $written = undef if $written < 0; # Net::SSLeay::write returns -1 not undef on error
+ # write_partial does SSL_write which returns -1 on error
+ $written = undef if $written < 0;
+ }
if ( !defined($written) ) {
$self->_set_rw_error( $ssl,-1 )
|| $self->error("SSL write error");
@@ -1077,8 +1080,8 @@
# definitly no hostname, try IPv4
$ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
} else {
- # assume hostname
- if ( $identity !~m{^[\w\-\.]+$} ) {
+ # assume hostname, check for umlauts etc
+ if ( $identity =~m{[^a-zA-Z0-9_.\-]} ) {
$identity = idn_to_ascii($identity) or
croak "Warning: Given name '$identity' could not be converted to IDNA!";
}
@@ -1095,10 +1098,10 @@
# The RFCs are in this regard unspecific but we don't want to have to
# deal with certificates like *.com, *.co.uk or even *
# see also http://nils.toedtmann.net/pub/subjectAltName.txt
- if ( $wtyp eq 'anywhere' and $name =~m{^([\w\-]*)\*(.+)} ) {
- $pattern = qr{^\Q$1\E[\w\-]*\Q$2\E$}i;
+ if ( $wtyp eq 'anywhere' and $name =~m{^([a-zA-Z0-9_\-]*)\*(.+)} ) {
+ $pattern = qr{^\Q$1\E[a-zA-Z0-9_\-]*\Q$2\E$}i;
} elsif ( $wtyp eq 'leftmost' and $name =~m{^\*(\..+)$} ) {
- $pattern = qr{^[\w\-]*\Q$1\E$}i;
+ $pattern = qr{^[a-zA-Z0-9_\-]*\Q$1\E$}i;
} else {
$pattern = qr{^\Q$name\E$}i;
}
More information about the Pkg-perl-cvs-commits
mailing list