++ed by:
9 non-PAUSE users
Author image Chris Novakovic
and 5 contributors

Changes for version 1.91_01 - 2021-10-24

  • Correct X509_STORE_CTX_init() return value to integer. Previous versions of Net::SSLeay return nothing.
  • Update tests to call close() to avoid problems seen with test 44_sess.t, and possibly other tests, running on older Windows Perl versions. Also add some missing calls in tests to shutdown and free ssl structures.
  • Fix multiple formatting errors in the documentation for Net::SSLeay. Thanks to John Jetmore.
  • Check for presence of libssl headers in Makefile.PL, and exit with an error instead of generating an invalid Makefile if they cannot be found. Fixes RT#105189. Thanks to James E Keenan for the report.
  • Added support for SSL_CTX_set_msg_callback/SSL_set_msg_callback Thanks to Tim Aerts.
  • Adjust time in ASN1_TIME_timet based on current offset to GMT to address GH-148. Thanks to Steffen Ullrich.
  • Multiple updates to tests to match OpenSSL 3.0 behaviour. Thanks to Michal Josef Špaček.
  • OpenSSL 3.0 related changes in tests include:
    • TLSv1 and TLSv1.1 require security level 0 starting with 3.0 alpha 5.
    • SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() ignore unknown ciphersuites starting with 3.0 alpha 11.
    • Error code and error string packing and formatting changes.
    • PEM_get_string_PrivateKey default algorithm requires legacy provider.
  • See OpenSSL manual page migration_guide(7) for more information about changes in OpenSSL 3.0.
  • Automatically detect OpenSSL installed via Homebrew on ARM-based macOS systems. Thanks to Graham Knop for the patch.
  • Account for the divergence in TLSv1.3 ciphersuite names between OpenSSL and LibreSSL, which was causing failures of some TLSv1.3 tests with LibreSSL.
  • In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.3.2 and above.
  • In 43_misc_functions.t, account for the fact that LibreSSL 3.2.0 and above implement TLSv1.3 without exposing a TLS1_3_VERSION constant.
  • Expose OpenSSL 3.0 functions OSSL_LIB_CTX_get0_global_default, OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload, OSSL_PROVIDER_available, OSSL_PROVIDER_do_all OSSL_PROVIDER_get0_name and OSSL_PROVIDER_self_test. Add test files 22_provider.t, 22_provider_try_load.t and 22_provider_try_load_zero_retain.t.
  • With OpenSSL 3.0 and later, the legacy provider is loaded in 33_x509_create_cert.t to allow PEM_get_string_PrivateKey to continue working until its default encryption method is updated. Fixes GH-272 and closes GH-273.
  • Remove the test suite's optional dependency on the non-core modules Test::Exception, Test::NoWarnings and Test::Warn. Tests that verify Net::SSLeay's behaviour when errors occur are now executed regardless of the availability of these modules.
  • Fully automate the process of changing the list of constants exported by Net::SSLeay. Fixes GH-313.
  • Perform function autoloading tests in the test suite. Fixes GH-311.
  • In 36_verify.t, account for the fact that the X509_V_FLAG_LEGACY_VERIFY flag (signalling the use of the legacy X.509 verifier) is no longer exposed as of LibreSSL 3.4.1. Fixes GH-324.


Perl extension for using OpenSSL
Perl module that lets SSL (HTTPS) sockets be handled as standard file handles.