Changes for version 1.56 - 2014-01-08

  • Fixed a typo in documentaiton of BEAST Attack, patched by gregor herrmann. Added LICENSE file copied form OpenSSL distribution to prevent complaints from various versions of kwalitee. Adjusted license: in META.yml to be 'openssl' Adds support for the basic operations necessary to support ECDH for PFS, e.g. EC_KEY_new_by_curve_name, EC_KEY_free and SSL_CTX_set_tmp_ecdh. Improvements to t/handle/external/50_external.t to handle the case when a test connection was not possible. Patched by Alexandr Ciornii. Added support for ALPN TLS extension. Patch from Lubomir Rintel. Tested with openssl-1.0.2-stable-SNAP-20131205. Fix an use-after-free error. Patch from Lubomir Rintel. Fixed a problem with Invalid comparison on OBJ_cmp result in t/local/36_verify.t. Contributed by paul. Added support for get_peer_cert_chain(). Patch by Markus Benning. Fixed a bug that could cause stack faults: mixed up PUTBACK with SPAGAIN in ssleay_RSA_generate_key_cb_invoke() a final PUTBACK is needed here. A second issue is also fixed: cb->data defaults to &PL_sv_undef but throught the code you do not check against &PL_sv_undef, just NULL. To avoid passing the 3rd optional arg at all, do not create it. This fixes all the cb->data checks and wrong refcounts on &PL_sv_undef. Patched by Reini Urban. Deleted support for SSL_get_tlsa_record_byname: it is not included in OpenSSL git master.

Modules

Perl extension for using OpenSSL
Perl module that lets SSL (HTTPS) sockets be handled as standard file handles.