1Revision history for Crypt-SSLeay 2================================= 3 40.64 2012-08-06 01:23:30 5 6- Drastically simplify Makefile.PL to resolve RT bugs #61249, #61324, 7 #63553, #68208, and #68084. 8 9- Forgot to update Changes for 0.63, so this version overrides that. 10 11 120.61_05 2012-08-04 00:40:22 UTC 13 14- Trying to distinguish between good vs bad zero returns from underlying 15 SSL_read/SSL_write broke stuff (see RT bug #78695). Revert to previous 16 behavior. 17 18- Completely re-organize Makefile.PL. I hope these changes will help take 19 care of RT bugs #61324, #61249, #63553, and #68084 etc. This is not 20 necessarily finished, but I want to see what happens on CPAN Testers at 21 this point before making a few other minor changes. 22 230.60 2012-07-29 21:43:47 UTC 24 25- Release 0.59_03 as 0.60 so distributions can pick up various fixes. The most 26 important one seems to be bug RT #70565. This should take care of bug RT 27 #77167 28 29- SSL_read and SSL_write now try to handle incomplete reads/writes (see bug RT 30 RT #64054). The current test suite does is not very comprehensive, so caution 31 is recommended at this point. Also, if you have good test cases, I would love 32 to incorporate them into the distribution. 33 340.59_03 2012-03-10 00:45:28 UTC 35 36- Bump version number and upload to CPAN. 37 38 390.59_02 2012-03-08 16:16:03 UTC 40 41- Forgot to update Changes for 0.59_01. The following is a combined list of 42 the more important fixes incorporated in both. 43 44- Bug RT #64054: Handle incomplete reads/writes better 45 46- Bug RT #73754: Add LWP::Protocol::https to PREREQ_PM 47 48- Bug RT #73755: Crypt-SSLeay does not verify hosts (yet). Don't let that 49 cause a failure during tests. 50 51- Streamline t/02-live.t using Try::Tiny and done_testing 52 53- Plus assorted related small changes. 54 550.58_01 2010-09-08 19:11:39 UTC 56 57- L<text|scheme:...> is not supported in POD for 5.8.5 and earlier. 58- TODOs in POD should stand out 59- Add /boot/common/ssl and some other directories to unix_ssl_dirs (see bug 60 #60936). 61 620.58 2010-08-25 14:06:30 UTC 63 64- Bump version number for Crypt::SSLeay to 0.58 and Net::SSL to 2.85 in 65 preparation for release. 66- Fix typo in POD is SSLeay.pm s/PEM0encoded/PEM encoded/ (checked 67 http://github.com/gitpan/Crypt-SSLeay/blob/9a1582ee1e4d132ae7cf9497bb83144786425d73/SSLeay.pm) 68- Update Changes and TODO. Regenerate README and META.yml. Update package 69 author. Minor POD fixes. 70 710.57_05 2010-08-15 17:41:21 UTC 72 73- Fix for NO_PROXY support in Net::SSL (bug #57836) 74- Bump Net::SSL version number to 2.84_02 after changes 75- Fix file/dir permissions (bug #60338) 76- Review warnings when compiling SSLeay.xs against older versions of 77 OpenSSL: Warnings are due to OpenSSL. 78- Add clarification regarding $ENV{HTTPS_CA_FILE} and $ENV{HTTPS_CA_DIR} to 79 the POD. 80- Other POD related changes: 81 * Remove historic information in README about platforms where the package 82 was successfully built. 83 * Reformat acknowledgements. TODO: Add more people. 84 * Fix link to Net-SSLeay. 85 * Add note about the --live-tests command line option 86 * Generate README from POD. 87 * Formatting fixes. 88 * Update copyright notice. 89 900.57_04 2010-08-11 00:22:33 UTC 91 92- Reorganize Makefile.PL to break individual steps in to subroutines so as to 93 facilitate localized future modifications. Whether there was any point to 94 this remains to be seen. 95- In Makefile.PL, accommodate ActiveState+MingW configuration. 96- Pick the correct lib location for Strawberry Perl (bug #60230). 97- Apply fixes in bug reports #59312 and #33954 to Net/SSL.pm. 98- Bump version number in Net/SSL.pm to indicate development release. 99 1000.57_03 2010-08-09 20:12:30 UTC 101 102- If the last component of $inc_dir is 'openssl', set $inc_dir to its parent 103 and set $prefix to 'openssl'. Otherwise, leave $inc_dir as is and set $prefix 104 to '' (I hope this fixes bugs #28431, #28680, #32084, #43084, #54103 without 105 breaking anything). 106- Improved OpenSSL detection on Win32/Strawberry Perl (bug #49285). 107- Add MIME::Base64 as a prerequisite as Net::SSL needs it. 108- exit 0 if OpenSSL can't be found to avoid superfluous reports from CPAN 109 Testers. 110- Add \ to $opt_bench in eg/net-ssl-test (bugs #30931, #39363). 111 1120.57_02 2010-08-08 18:27:40 UTC 113 114- Refactor the version detection algorithm in Makefile.PL to handle all known 115 variations of version number encoding. Should fix bug #52408. 116 1170.57_01 2008-02-18 14:42:32 UTC 118 119- use #include <..> rather than #include "..." in 120 crypt_ssleay_version.h. 121- add command-line switch to avoid live tests (bug #30268). 122- skip tests in t/01-connect.t if 443 is already in use (bug #30985). 123- make code gcc -Wwrite-strings compatible (bug #31926). 124 1250.57 2007-09-17 20:45:20 UTC 126 127- Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in 128 Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois). 129- $@ construction used in Net::SSL::connect was messed up, which could 130 lead to sub-optimal error reporting. (Bug #29372 reported by Jan 131 Dubois). 132- Ensure no proxification is used in t/01-connect.t (which might be the 133 reason for all the spurious smoke failures). Bug #29373 reported by, 134 you guessed it, Jan Dubois). 135- Silence a dubious fopen() warning in SSLeay.xs. 136- s/Netware/NetWare/ in Net/SSL.pm platform check 137- Improvements to Makefile.PL for dealing with platforms where openssl 138 is installed with ./include and ./lib as sibling directories rather 139 than child directories. This should allow the code to configure and 140 build "out of the box" on Solaris (and probably other proprietary 141 platforms). 142- Don't carp in LICENSE key addition code in Makefile.PL 143 1440.56_01 2007-08-09 21:59:47 UTC 145 146- Various improvements to the Win32 configure code in Makefile.PL, 147 based on CPAN tickets #28431 and #28432, by Guenter Knauf, 148 notably to allow static linking and OpenSSL living in a relative 149 directory. 150- Net::SSL: alarm() is not implemented on Netware platform, so don't 151 try to set one there. (Guenter Knauf). 152- Should build on Solaris correctly (bug fix in include dir 153 specification). Based on fix suggested in CPAN bug #28680. 154 1550.56 2007-07-10 19:08:20 UTC 156 157- Purely a documentation issue raised by CPAN bug #27935. Users 158 of previous versions do not need to upgrade. 159 1600.55 2007-06-01 17:34:22 UTC 161 162- Added a blocking() method to Net::SSL (and bumped version to 163 2.81). 164 1650.54 2007-04-12 22:05:26 UTC 166 167- Rebadged 0.53_05, since no bugs appear to have surfaced. 168 1690.53_05 170 171- Fixed up incorrect LIBS key in WriteMakefile args. Thanks to 172 David Cantrell for giving me access to an OpenBSD box that 173 revealed this problem. 174- Added the list of modules that depend on Crypt::SSLeay to 175 the README, as per cpants.perl.org. (think: improvements 176 to the test suite). 177 1780.53_04 2007-03-06 09:39:01 UTC 179 180- add diag() info to determine possible reasons for failure as per 181 http://www.nntp.perl.org/group/perl.cpan.testers/2007/03/msg428964.html 182- Tweaks for Strawberry Perl detection. 183 1840.53_03 2007-03-04 18:30:06 UTC 185 186- Adjusted the typemap shims to silence the compiler warnings that 187 occur when sizeof(IV) is larger than sizeof(char *). 188- use XSLoader for faster loading if available, otherwise fall 189 back to DynaLoader. 190- Makefile.PL heavily reworked, lots of cruft removed. 191- Ask to see whether the live tests should be run. 192- renamed net_sst.t to 01-connect.t 193- added 02-live.t that performs live HTTPS requests. 194 1950.53_02 2007-01-29 10:02:34 UTC 196 197- don't proxy hosts in NO_PROXY environment variable (CPAN 198 bug #11078). 199- don't send user agent string to proxy unless 200 send_useragent_to_proxy is enabled. (CPAN bug #4759). 201- Net::SSL bumped to 2.80 202 2030.53_01 2007-01-24 22:21:09 UTC 204 205- patch for CPAN #12444 applied (Jeff Lavallee). Net::SSL bumped 206 tp 2.79. 207- example scripts moved into eg/ directory and the documentation 208 updated. 209- added a TODO to remind me of what needs to be done. 210 2110.53 2006-12-26 17:21:22 UTC 212 213- 0.52_02 deemed stable 214 2150.52_02 2006-12-20 19:29:01 UTC 216 217- improved VMS support (CPAN bug #19829). 218- add a test to see if cert file is readable in 219 Net::SSL::configure_certs (CPAN bug #8498) and Net::SSL version 220 to 2.78. 221- known working platforms list removed from documentation. Too old, 222 and CPAN Testers has the up-to-date information. 223- minor documentation improvements. 224 2250.52_01 2006-12-17 226 227- add call to SSL_library_init() in new() 228- maintenance taken over by brian d foy and David Landgren. 229 230$MODULE=Crypt::SSLeay; $VERSION = .51; $DATE="2003-06-10"; 231 232- fixed build problem for OpenSSL 0.9.6 and some builds 233 of perl 5.8.x which resulted in make error: 234 235 /usr/include/openssl/des.h:193: parse error before '&' token" 236 237 Thanks to Rob Brown for submitting a similar patch to cover this problem 238 239- bug fix from Dongqiang Bai when server using proxy cannot 240 resolve host name being connected to 241 242+ Added documentation for updating system OpenSSL libraries 243 for systems such has RedHat that have shared libraries built 244 Work sponsored by Stuart Horner of Core Communications, Inc. 245 246$MODULE=Crypt::SSLeay; $VERSION = .49; $DATE="2003-01-30"; 247 248+ Documentation updates, including new support address 249 for LWP issues, and $ENV{HTTPS_DEBUG} flag. 250 251+ Added c:/openssl in default search path on win32 machines 252 which is the recommended installation area in the openssl dist 253 254+ Added patch from Pavel Hlavnicka for freeing memory leaks 255 from SSL_CTX_use_pkcs12_file() whose functionality is triggered 256 by the $ENV{HTTPS_PKCS12_*} settings 257 258+ Set timeout to 15 seconds for ./net_ssl_test and lwp-ssl-test 259 sample scripts for better testing of timeout behavior 260 261+ Added alarm() during Net::SSL->read() to honor socket timeout setting 262 for more robust applications. read() will die_with_error() which 263 in consistent with previous semantics used during SSL read() failure 264 Thanks to Pavel Hlavnicka for prompting this change. 265 266+ Removed code that supported versions of SSLeay before version 0.8 267 I believe SSLeay v.8 was released back in 1998 268 269+ Added patch from Devin Heitmueller so that initial random seed 270 would be taken from /dev/urandom if available via RAND_load_file API 271 272$MODULE=Crypt::SSLeay; $VERSION = .45; $DATE="2002-08-01"; 273 274+ PKCS12 certificate support, patch submitted by Beni Takahashi, 275 author of patch Daisuke Kuroda 276 277+ Fixing compile warnings on Solaris 8/Sparc with Forte 7.0 about 278 implicit conversions and implicit declarations. Thanks to 279 Marek Rouchal for bug report. 280 281$MODULE=Crypt::SSLeay; $VERSION = .43; $DATE="2002-07-29"; 282 283- Removed unused dependency on URI::URL, thanks to Ric Steinberger 284 for pointing out this problem under perl 5.8.0 285 286$MODULE=Crypt::SSLeay; $VERSION = .41; $DATE="2002-07-07"; 287 288- fixed t/net_ssl.t to work on Windows NT 289 290$MODULE=Crypt::SSLeay; $VERSION = .40; $DATE="2002-07-03"; 291 292 + = improvement; - = bug fix 293 294- fixed Makefile.PL use of dirname() which could error for perl 5.8.x 295 Thanks to Chip Turner of RedHat for patch. 296 297$MODULE=Crypt::SSLeay; $VERSION = .39; $DATE="2002-06-23"; 298 299- Fixed a runtime error with Net::SSL->proxy for running under 300 perl warnings with no proxy defined, which t/net_ssl.t test case 301 revealed. 302 303+ Added t/net_ssl.t test for initializing a Net::SSL object 304 305+ Added build platform success note for ( thanks Christopher! ) 306 307 Solaris 2.8 Sparc ? 5.00503 .37 2002-05-31 Christopher Biow 308 309+ Added build auto-detect for 0.9.6+ and only then use OPENSSL_free 310 instead of free() since older OpenSSL like 0.9.4 did not have it. 311 312+ Added ./net_ssl_test -CAfile documentation, and root CA file from mod_ssl 313 distribution at certs/ca-bundle.crt that can be used for general root CA 314 peer certificate verification. 315 316+ Added build notes for 317 318 SunOS 4.1.4, Perl 5.004_04 - ld.so: Undefined symbol: _CRYPT_mem_ctrl 319 320 from Jeff Haferman. 321 322+ When Net::SSL->connect() being called from LWP::UserAgent in proxy mode, 323 will connect to the proxy passing the $ua->agent string as 324 325 CONNECT $peer_addr:$peer_port HTTP/1.0 326 User-Agent: $ua->agent 327 328+ Integrated Richard Chen's patches for exposing the Net::SSL 329 certificate dates via an API: 330 331 Crypt::SSLeay::X509::not_before 332 Crypt::SSLeay::X509::not_after 333 334 which can be gotten to by a call like... 335 336 Net::SSL->new(...)->get_peer_certificate->not_after; 337 338 These methods return a normal timestamp like: 2002-05-22 11:15:17 GMT 339 There is an example of its use in the ./net_ssl_test script. 340 341 The Crypt::SSLeay::* modules will continue to remain undocumented 342 because such functionality lies outside the scope of what this 343 module is geared for. Net::SSLeay provides a more general API for 344 OpenSSL functionality. 345 346$MODULE=Crypt::SSLeay; $VERSION = .37; $DATE="2002-01-08"; 347 348 + = improvement; - = bug fix 349 350- use OPENSSL_free() instead of free() to fix crashes with win32 perl 5.6.1 351 Thanks to Doug MacEachern for patch. 352 353+ added Makefile.PL Candidate() path for win32 builds of OpenSSL 354 Thanks to David Morse for patch. 355 356$MODULE=Crypt::SSLeay; $VERSION = .36; $DATE="2001-12-05"; 357 358- perl Makefile.PL C:/some_path should be picked up now ... 359 was doing case insensitive drive letter check before 360 361$MODULE=Crypt::SSLeay; $VERSION = .35; $DATE="2001-10-31"; 362 363+ Set local $SIG{PIPE} = \&die before $ssl->connect() 364 to capture the "broken pipe" error associated with connecting 365 to a computer that is not running a SSL web server, 366 when Crypt::SSLeay is built with OpenSSL 0.9.6a. This error did 367 not occur with OpenSSL 0.9.4 or OpenSSL 0.9.5a, but this fix should 368 be compatible with those versions too. 369 370$MODULE=Crypt::SSLeay; $VERSION = .33; $DATE="2001-10-31"; 371 372+ Documented differences / conflicts between LWP proxy support 373 and Crypt::SSLeay which seems to be a source of confusion for users. 374 375+ Added Net::SSL::get_peer_verify call so the warning header 376 from LWP that says: 377 378 Client-SSL-Warning: Peer certificate not verified 379 380 can be suppressed when HTTPS_CA_FILE & HTTPS_CA_DIR environment 381 variables are set to invoke peer certificate verification. 382 I will submit patch for perl-libwww 5.6 for this support 383 of get_peer_verify shortly. 384 385 Modified return values of $ctx->set_verify() to return 1 when 386 peer verification is enabled to support get_peer_verify() 387 388$MODULE=Crypt::SSLeay; $VERSION = .31; $DATE="2001-09-21"; 389 390+ $ENV{HTTPS_DEBUG} activates Crypt::SSLeay specific debugging, 391 so one can debug from LWP:: calls without using ./net_ssl_test script 392 393+ $ENV{CRYPT_SSLEAY_DEFAULT} may now be set to trigger --default 394 functionality for Makefile.PL 395 396+ Added --default switch to Makefile.PL which will pick 397 up the first OpenSSL distribution detected and use that 398 for building Crypt::SSLeay. Inspired by Doug MacEachern 399 400- removed exit from Makefile.PL, bug found by Doug MacEachern 401 402$MODULE=Crypt::SSLeay; $VERSION = .29; $DATE="2001-06-29"; 403 404+ Streamlined *CA* patches so only in $CTX->set_verify() 405 which gets called every time now. 406 407+ Throw error instead of return undef in Net::SSL->connect() 408 because we loose the errors otherwise. Applications 409 working with Net::SSL will have to trap calls around 410 Net::SSL->connect with eval {}. There are so many 411 kinds of errors now, especially with certificate 412 support that we really need to throw specific error 413 messages, and not let them get lost in $!. 414 415- Turn SSL_MODE_AUTO_RETRY on so clients can survive 416 changes in SSLVerifyClient changes in the modssl connection 417 418 Comment from source: 419 /* The set mode is necessary so the SSL connection can 420 * survive a renegotiated cipher that results from 421 * modssl VerifyClient config changing between 422 * VirtualHost & some other config block. At modssl 423 * this would be a [trace] ssl message: 424 * "Changed client verification type will force renegotiation" 425 #ifdef SSL_MODE_AUTO_RETRY 426 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); 427 #endif 428 429 Seems like openssl 0.9.4 didn't need this but 0.9.6 does, 430 not sure though. 431 432+ Integrated patches from Gamid Isayev for CA peer 433 verification. New settings include: 434 435 $ENV{HTTPS_CA_FILE} = "some_file"; 436 $ENV{HTTPS_CA_DIR} = "some_dir"; 437 438 Also create config switches for these in ./net_ssl_test, 439 -CAfile and -CAdir 440 441$MODULE=Crypt::SSLeay; $VERSION = .27; $DATE="TBA"; 442 443- Client certs weren't working correctly, setup certs 444 earlier in connection now, also create new CTX per 445 request, so cert settings don't remain sticky from 446 one request to the next. 447 448$MODULE=Crypt::SSLeay; $VERSION = .25; $DATE="2001-04-10"; 449 450+ update ./net_ssl_test to do smart parsing of host, where 451 host can now be of the form http://www.nodeworks.com:443/ 452 453+ integrated client cert patches provided by Tobias Manthey, 454 creating new config options: 455 456 $ENV{HTTPS_CERT_FILE} -- file of client certificate 457 $ENV{HTTPS_KEY_FILE} -- file of private key file 458 459 Also support for these options in ./net_ssl_test with these 460 options: 461 462 -cert client certificate file 463 -key private key file 464 465 like so: 466 467 ./net_ssl_test -cert=notacacert.pem -key=notacakeynopass.pem -d 468 469 To create simple test cert with openssl: 470 471 /usr/local/openssl/bin/openssl req -config /usr/local/openssl/openssl.cnf -new -days 365 -newkey rsa:1024 -x509 -keyout notacakey.pem -out notacacert.pem 472 /usr/local/openssl/bin/openssl rsa -in notacakey.pem -out notacakeynopass.pem 473 474$MODULE=Crypt::SSLeay; $VERSION = .24; $DATE="2001-03-09"; 475 476 + = improvement; - = bug fix 477 478- local $@ in Net::SSL::DESTROY so we don't kill real errors 479 480$MODULE=Crypt::SSLeay; $VERSION = .23; $DATE="2001-03-09"; 481 482+ added lwp-ssl-test file for showing LWP code use 483 484+ added -h/-help options & docs to ./net_ssl_test script 485 486+ updated alpha linux patch from Alex Rhomberg to what 487 he originally provided, as it covered -lots case better. 488 489- return undef in Net::SSL::connect() instead of die() 490 for better LWP support & error handling. Still set 491 $@ though, consistent with IO::Socket::INET 492 493+ alarm() on Unix platforms around ssl ctx connect, which 494 can hang for process for way too long when trying to 495 connect to dead https SSL servers. 496 497$MODULE=Crypt::SSLeay; $VERSION = .22; $DATE="2001-01-29"; 498 499- remove // style comments 500 501$MODULE=Crypt::SSLeay; $VERSION = .21; $DATE="2001-01-10"; 502 503- AIX build notes correction 504 505+ No reverse lookup for host done for proxying, more 506 efficient. Reuse of cached PeerAddr name from Net::SSL->new 507 508+ $ENV{HTTPS_VERSION} setting, so a SSL v3 connection can 509 be used first, instead of SSLv23. Documented in README,pod. 510 Added support for this to the test program as: 511 512 ./net_ssl_test -v[ersion] 3 513 514$MODULE=Crypt::SSLeay; $VERSION = .19; $DATE="2001-01-07"; 515 516+ Added runtime SSL debugging support, was compile time before. 517 Trigger with Net::SSL->new(..., SSL_Debug => 1) as in 518 the ./net_ssl_test script run with -d argument. No 519 API for debugging from LWP requests, just for https 520 debugging with ./net_ssl_test really. 521 522+ Added support for proxy via $ENV{HTTPS_PROXY} = 523 proxy_host:proxy_port. Thanks to Bryan Hart for the patch. 524 Also basic auth support added & documented. 525 526+ alpha linux ccc support with -lots library added for compile. 527 Patch from Alex Rhomberg. 528 529$MODULE=Crypt::SSLeay; $VERSION = .18; $DATE="2000-11-25"; 530 531- created perl/c destructors for the X509 cert for after its 532 fetched by Net::SSL. Crypt::SSLeay seems to run without 533 memory leaks now under LWP and Net::SSL. 534 535- Updated Net::SSL::VERSION, bad version last release. 536 537$MODULE=Crypt::SSLeay; $VERSION = .17; $DATE="2000-09-04"; 538 539- got rid of an implicit char* conversion compile warnings 540 for SSL_get_cipher 541 542+ random seeding now occurs with RAND_seed() on random data 543 from the C call stack, works more consistently than RAND_load_file 544 from Ben's patch. 545 546+ integrated patches from Ben Laurie for better error messaging 547 and random seed initialization 548 549+ set_cipher_list initialized from $ENV{CRYPT_SSLEAY_CIPHER} 550 where before it was initialized from $ENV{SSL_CIPHER}, patch 551 from Ben Laurie, so ENV setting not conflict with Apache-SSL 552 553+ tested POST LWP requests and updated documentation indicating 554 that such use is supported 555 556+ net_ssl_test now checks https://www.nodeworks.com by default 557 which has high uptime so should be fine. 558 559+ first argument to perl Makefile.pl must be an absolute path 560 for it to be used as default OpenSSL build path 561 562+ define PL_sv_undef symbols for older perls that don't support 563 it, alias to sv_undef 564 565$MODULE=Crypt::SSLeay; $VERSION = .16; $DATE="2000-02-25"; 566 567- changes sv_undef calls to PL_sv_undef, since sv_undef is no 568 longer supported under the latest dev releases of perl 5.0056 569 570$MODULE=Crypt::SSLeay; $VERSION = .15; $DATE="1999-11-23"; 571 572+ reordered header includes for ActiveState people, likely 573 for easier compiling with perl object. 574 575+ Added support for cranky SSLv3 sites. These are sites 576 that don't acknowledge SSLv23 requests, such as: 577 578 https://www.evergreen-funds.com 579 https://ecomm.sella.it 580 581 So now, the module will try connects to SSL servers in 582 this order: SSLv23, SSLv3, SSLv2 583 584 None of the sites that I tested required only SSLv2 connects, 585 but it is there just in case. 586 587+ using the call SSLeay_add_all_algorithms(); instead of 588 SSLeay_add_ssl_algorithms(), because the latter symbol 589 was not defined on one person's installation. 590 591$MODULE=Crypt::SSLeay; $VERSION = .14; $DATE="1999-10-03"; 592 593+ = improvement; - = bug fix 594 595+ added support for RSAref tweaked OpenSSL 596 597$MODULE=Crypt::SSLeay; $VERSION = .12; $DATE="1999-09-13"; 598 599+ Converted // style comments to /* */ for build 600 support of Sun's native cc 601 602$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-16"; 603 604+ New connection strategy suggested by OpenSSL list, 605 first try connecting with SSLv23. This negotiates 606 the more secure SSL3 first, and then downgrades to 607 SSLv2 if first unsuccessful. For buggy servers that 608 can't handle the SSLv23 negotiation, Net::SSL then 609 tries a raw SSLv2 connection. 610 611 This method works for all servers tested, and has 612 the advantage of tranmitting data via the most secure 613 SSL3 method if available. 614 615+ Connects to buggy SSLv2 sites as well as SSLv3 616 sites & normal SSLv2 sites. 617 618 Buggy SSLv2: https://banking.wellsfargo.com 619 SSLv3: https://www.accountonline.com/CB/MainMenu.idcl 620 SSLv2: https://www.nodeworks.com 621 622$MODULE=Crypt::SSLeay; $VERSION = .11; $DATE="1999-08-10"; 623 624+ Worked through __umoddi3 undef symbol error 625 for building on Solaris x86. See README build notes. 626 627+ I try to provide backwards compatible building 628 with SSLeay (< v.0.9.2) 629 630+ Will pick up ssl distributions installed at 631 /usr/local/openssl, and /usr/local/ssl ... openssl 632 headers should be at $SSL_DIR/include/openssl 633 for compilation to work, see README for installation hints. 634 635- Added SSL 3.0 support with SSLv3_client_method() 636 This method will autonegotiate SSL2 or SSL3, 637 and works for web sites that require SSL3 638 639+ Added build support in Makefile.PL for WinNT, MS Visual C++ 640 641+ Added support for OpenSSL v.0.9.4 642 6431998-10-13 Gisle Aas <aas@sn.no> 644 645 Release 0.07 646 647 Applied patch from Andreas Gustafsson <gson@araneus.fi> which 648 make this module compile on WinNT with ActivePerl and MS Visual C++. 649 For others that try to build on this platform, Andreas also said: 650 651 "In addition to making these source changes, I also had to 652 resort to editing the MakeMaker-generated makefile by hand to 653 fix various library paths. Unfortunately, I am not familiar 654 enough with either MakeMaker or NT to provide a clean fix for 655 this problem." 656 657 658 6591998-01-13 Gisle Aas <aas@sn.no> 660 661 Release 0.06 and 0.05 662 663 Fixed test script t/ssl_context.t 664 665 SSL->connect can return 0. Fixed bug in Net::SSL 666 667 668 6691998-01-12 Gisle Aas <aas@sn.no> 670 671 Release 0.04 672 673 Mention depreciation in the README. Eric's version of the SSLeay 674 glue will replace this module (as well as Sampo Kellomaki's Net::SSLeay). 675 676 677 6781998-01-11 Gisle Aas <aas@sn.no> 679 680 Release 0.03 681 682 Fixed this file 683 684 685 6861998-01-11 Gisle Aas <aas@sn.no> 687 688 Release 0.02 689 690 More text in the README 691 692 Renamed Crypt::SSLeay::Context to Crypt::SSLeay::MainContext 693 694 695 6961998-01-10 Gisle Aas <aas@sn.no> 697 698 Release 0.01 699 700 Initial release. 701