The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.
 / 
Net-SSLeay-1.93_01
River stage four • 176 direct dependents • 2191 total dependents

Changes for version 1.93_01 - 2022-03-20

  • LibreSSL 3.5.0 has removed access to internal data structures: Use X509_get0_tbs_sigalg() and OCSP_SINGLERESP_get0_id() like in OpenSSL 1.1. Also use RSA_get0... with RSA_get_key_parameters(). Thanks to Alexander Bluhm.
  • Expose SSL_CTX_get_min_proto_version(), SSL_CTX_get_max_proto_version(), SSL_get_min_proto_version() and SSL_get_max_proto_version() with LibresSSL 3.4.0 and later. Thanks to Alexander Bluhm.
  • Update tests 07_sslecho.t and 44_sess.t to work around failures seen on Windows with Perls earlier than 5.20. For the details, see GH-356 and look for CloseHandle() in Perl 5.20.0 changelog. Thanks to GitHub user twata1 for the report and additional help.
  • Alexander's recent work with RSA_get_key_parameters(), allows to make it available with all OpenSSL versions. It was already available with versions earlier than 1.1.0.
  • Expose BN_dup(), BN_clear(), BN_clear_free() and BN_free().
  • Use PTR2IV instead of direct cast to IV to fix compilation warning with SSLeay.xs internal function bn2sv().
  • Expose X509_CRL_get0_lastUpdate(), X509_CRL_get0_nextUpdate(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() that became available with OpenSSL 1.1.0 and LibreSSL 2.7.0. These, and the respective deprecated _get/set_ aliases, are available with all OpenSSL and LibreSSL versions. Fixes part of RT#124371.
  • Note in documentation that the X509_CRL_get* functions return a pointer to time structure that should be considered read-only.
  • Use ASN1_STRING_get0_data() instead of ASN1_STRING_data() to avoid compile time deprecation warnings. Partly fixes RT#124371.
  • Add the following constants from Current OpenSSL master branch:
    • SSL_ASYNC_PAUSED
    • SSL_ASYNC_NO_JOBS
    • SSL_CLIENT_HELLO_CB
    • SSL_ERROR_WANT_ASYNC
    • SSL_ERROR_WANT_ASYNC_JOB
    • SSL_ERROR_WANT_CLIENT_HELLO_CB
    • SSL_ERROR_WANT_RETRY_VERIFY
    • SSL_MODE_ASYNC
    • SSL_MODE_NO_AUTO_CHAIN
    • SSL_OP_ALLOW_CLIENT_RENEGOTIATION
    • SSL_OP_CLEANSE_PLAINTEXT
    • SSL_OP_DISABLE_TLSEXT_CA_NAMES
    • SSL_OP_ENABLE_KTLS
    • SSL_OP_IGNORE_UNEXPECTED_EOF
    • SSL_OP_NO_EXTENDED_MASTER_SECRET
    • SSL_RETRY_VERIFY
    • SSL_SESS_CACHE_UPDATE_TIME
    • X509_TRUST_DEFAULT
    • X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL
    • X509_V_ERR_CA_BCONS_NOT_CRITICAL
    • X509_V_ERR_CA_CERT_MISSING_KEY_USAGE
    • X509_V_ERR_EC_KEY_EXPLICIT_PARAMS
    • X509_V_ERR_EMPTY_SUBJECT_ALT_NAME
    • X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL
    • X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3
    • X509_V_ERR_ISSUER_NAME_EMPTY
    • X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA
    • X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER
    • X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER
    • X509_V_ERR_NO_ISSUER_PUBLIC_KEY
    • X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA
    • X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN
    • X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY
    • X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH
    • X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL
    • X509_V_ERR_SUBJECT_NAME_EMPTY
    • X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM
  • Expose X509_get0_notBefore(), X509_getm_notBefore() X509_get0_nextAfter() and X509_getm_nextAfter() that became available with OpenSSL 1.1.0 and LibreSSL 2.7.0. These, and the deprecated _get functions, are available, as aliases when needed, with all OpenSSL and LibreSSL versions. Fixes GH-367.
  • Only export the TLSv1*_method() functions when support for the respective TLS version is available in the underlying libssl library. This allows Net::SSLeay to be built against libssl libraries that were compiled without support for old TLS versions.

Modules

Net::SSLeay
Perl bindings for OpenSSL and LibreSSL
Net::SSLeay::Handle
Perl module that lets SSL (HTTPS) sockets be handled as standard file handles.

Examples

Other files