diff --git a/IO-Socket-SSL-2.073-use-system-default-SSL-version.patch b/IO-Socket-SSL-2.073-use-system-default-SSL-version.patch deleted file mode 100644 index 1a33b5d..0000000 --- a/IO-Socket-SSL-2.073-use-system-default-SSL-version.patch +++ /dev/null @@ -1,36 +0,0 @@ ---- lib/IO/Socket/SSL.pm -+++ lib/IO/Socket/SSL.pm -@@ -195,7 +195,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p - # global defaults - my %DEFAULT_SSL_ARGS = ( - SSL_check_crl => 0, -- SSL_version => 'SSLv23:!SSLv3:!SSLv2', # consider both SSL3.0 and SSL2.0 as broken -+ SSL_version => '', - SSL_verify_callback => undef, - SSL_verifycn_scheme => undef, # fallback cn verification - SSL_verifycn_publicsuffix => undef, # fallback default list verification -@@ -2383,7 +2383,7 @@ sub new { - - my $ssl_op = $DEFAULT_SSL_OP; - -- my $ver; -+ my $ver = ''; - for (split(/\s*:\s*/,$arg_hash->{SSL_version})) { - m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1(?:_?[123])?))$}i - or croak("invalid SSL_version specified"); ---- lib/IO/Socket/SSL.pod -+++ lib/IO/Socket/SSL.pod -@@ -1043,11 +1043,12 @@ All values are case-insensitive. Instea - 'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for - 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay - and openssl. -+The default SSL_version is defined by the underlying cryptographic library. - - Independent from the handshake format you can limit to set of accepted SSL - versions by adding !version separated by ':'. - --The default SSL_version is 'SSLv23:!SSLv3:!SSLv2' which means, that the -+For example, 'SSLv23:!SSLv3:!SSLv2' means that the - handshake format is compatible to SSL2.0 and higher, but that the successful - handshake is limited to TLS1.0 and higher, that is no SSL2.0 or SSL3.0 because - both of these versions have serious security issues and should not be used diff --git a/IO-Socket-SSL-2.073-use-system-default-cipher-list.patch b/IO-Socket-SSL-2.073-use-system-default-cipher-list.patch deleted file mode 100644 index a4d8674..0000000 --- a/IO-Socket-SSL-2.073-use-system-default-cipher-list.patch +++ /dev/null @@ -1,101 +0,0 @@ ---- lib/IO/Socket/SSL.pm -+++ lib/IO/Socket/SSL.pm -@@ -203,77 +203,17 @@ my %DEFAULT_SSL_ARGS = ( - SSL_npn_protocols => undef, # meaning depends whether on server or client side - SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1'] - -- # https://wiki.mozilla.org/Security/Server_Side_TLS, 2019/03/05 -- # "Old backward compatibility" for best compatibility -- # .. "Most ciphers that are not clearly broken and dangerous to use are supported" -- # slightly reordered to prefer AES since it is cheaper when hardware accelerated -- SSL_cipher_list => 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP', -+ # Use system-wide default cipher list to support use of system-wide -+ # crypto policy (#1076390, #1127577, CPAN RT#97816) -+ # https://fedoraproject.org/wiki/Changes/CryptoPolicy -+ SSL_cipher_list => 'PROFILE=SYSTEM', - ); - - my %DEFAULT_SSL_CLIENT_ARGS = ( - %DEFAULT_SSL_ARGS, - SSL_verify_mode => SSL_VERIFY_PEER, -- - SSL_ca_file => undef, - SSL_ca_path => undef, -- -- # older versions of F5 BIG-IP hang when getting SSL client hello >255 bytes -- # http://support.f5.com/kb/en-us/solutions/public/13000/000/sol13037.html -- # http://guest:guest@rt.openssl.org/Ticket/Display.html?id=2771 -- # Ubuntu worked around this by disabling TLSv1_2 on the client side for -- # a while. Later a padding extension was added to OpenSSL to work around -- # broken F5 but then IronPort croaked because it did not understand this -- # extension so it was disabled again :( -- # Firefox, Chrome and IE11 use TLSv1_2 but use only a few ciphers, so -- # that packet stays small enough. We try the same here. -- -- SSL_cipher_list => join(" ", -- -- # SSLabs report for Chrome 48/OSX. -- # This also includes the fewer ciphers Firefox uses. -- 'ECDHE-ECDSA-AES128-GCM-SHA256', -- 'ECDHE-RSA-AES128-GCM-SHA256', -- 'DHE-RSA-AES128-GCM-SHA256', -- 'ECDHE-ECDSA-CHACHA20-POLY1305', -- 'ECDHE-RSA-CHACHA20-POLY1305', -- 'ECDHE-ECDSA-AES256-SHA', -- 'ECDHE-RSA-AES256-SHA', -- 'DHE-RSA-AES256-SHA', -- 'ECDHE-ECDSA-AES128-SHA', -- 'ECDHE-RSA-AES128-SHA', -- 'DHE-RSA-AES128-SHA', -- 'AES128-GCM-SHA256', -- 'AES256-SHA', -- 'AES128-SHA', -- 'DES-CBC3-SHA', -- -- # IE11/Edge has some more ciphers, notably SHA384 and DSS -- # we don't offer the *-AES128-SHA256 and *-AES256-SHA384 non-GCM -- # ciphers IE/Edge offers because they look like a large mismatch -- # between a very strong HMAC and a comparably weak (but sufficient) -- # encryption. Similar all browsers which do SHA384 can do ECDHE -- # so skip the DHE*SHA384 ciphers. -- 'ECDHE-RSA-AES256-GCM-SHA384', -- 'ECDHE-ECDSA-AES256-GCM-SHA384', -- # 'ECDHE-RSA-AES256-SHA384', -- # 'ECDHE-ECDSA-AES256-SHA384', -- # 'ECDHE-RSA-AES128-SHA256', -- # 'ECDHE-ECDSA-AES128-SHA256', -- # 'DHE-RSA-AES256-GCM-SHA384', -- # 'AES256-GCM-SHA384', -- 'AES256-SHA256', -- # 'AES128-SHA256', -- 'DHE-DSS-AES256-SHA256', -- # 'DHE-DSS-AES128-SHA256', -- 'DHE-DSS-AES256-SHA', -- 'DHE-DSS-AES128-SHA', -- 'EDH-DSS-DES-CBC3-SHA', -- -- # Just to make sure, that we don't accidentally add bad ciphers above. -- # This includes dropping RC4 which is no longer supported by modern -- # browsers and also excluded in the SSL libraries of Python and Ruby. -- "!EXP !MEDIUM !LOW !eNULL !aNULL !RC4 !DES !MD5 !PSK !SRP" -- ) - ); - - # set values inside _init to work with perlcc, RT#95452 ---- lib/IO/Socket/SSL.pod -+++ lib/IO/Socket/SSL.pod -@@ -1069,12 +1069,8 @@ documentation (L 0, +- SSL_version => 'SSLv23:!SSLv3:!SSLv2', # consider both SSL3.0 and SSL2.0 as broken ++ SSL_version => '', + SSL_verify_callback => undef, + SSL_verifycn_scheme => undef, # fallback cn verification + SSL_verifycn_publicsuffix => undef, # fallback default list verification +@@ -2386,7 +2386,7 @@ sub new { + + my $ssl_op = $DEFAULT_SSL_OP; + +- my $ver; ++ my $ver = ''; + for (split(/\s*:\s*/,$arg_hash->{SSL_version})) { + m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1(?:_?[123])?))$}i + or croak("invalid SSL_version specified"); +--- lib/IO/Socket/SSL.pod ++++ lib/IO/Socket/SSL.pod +@@ -1043,11 +1043,12 @@ All values are case-insensitive. Instea + 'TLSv1_3' one can also use 'TLSv11', 'TLSv12', and 'TLSv13'. Support for + 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3' requires recent versions of Net::SSLeay + and openssl. ++The default SSL_version is defined by the underlying cryptographic library. + + Independent from the handshake format you can limit to set of accepted SSL + versions by adding !version separated by ':'. + +-The default SSL_version is 'SSLv23:!SSLv3:!SSLv2' which means, that the ++For example, 'SSLv23:!SSLv3:!SSLv2' means that the + handshake format is compatible to SSL2.0 and higher, but that the successful + handshake is limited to TLS1.0 and higher, that is no SSL2.0 or SSL3.0 because + both of these versions have serious security issues and should not be used diff --git a/IO-Socket-SSL-2.074-use-system-default-cipher-list.patch b/IO-Socket-SSL-2.074-use-system-default-cipher-list.patch new file mode 100644 index 0000000..4c08428 --- /dev/null +++ b/IO-Socket-SSL-2.074-use-system-default-cipher-list.patch @@ -0,0 +1,29 @@ +--- lib/IO/Socket/SSL.pm ++++ lib/IO/Socket/SSL.pm +@@ -205,8 +205,10 @@ my %DEFAULT_SSL_ARGS = ( + SSL_npn_protocols => undef, # meaning depends whether on server or client side + SSL_alpn_protocols => undef, # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1'] + +- # rely on system default but be sure to disable some definitely bad ones +- SSL_cipher_list => 'DEFAULT !EXP !MEDIUM !LOW !eNULL !aNULL !RC4 !DES !MD5 !PSK !SRP', ++ # Use system-wide default cipher list to support use of system-wide ++ # crypto policy (#1076390, #1127577, CPAN RT#97816) ++ # https://fedoraproject.org/wiki/Changes/CryptoPolicy ++ SSL_cipher_list => 'PROFILE=SYSTEM', + ); + + my %DEFAULT_SSL_CLIENT_ARGS = ( +--- lib/IO/Socket/SSL.pod ++++ lib/IO/Socket/SSL.pod +@@ -1070,9 +1070,8 @@ ciphers for TLS 1.2 and lower. See the O + for more details. + + Unless you fail to contact your peer because of no shared ciphers it is +-recommended to leave this option at the default setting, which uses the system +-default but disables some insecure ciphers which might still be enabled on older +-systems. ++recommended to leave this option at the default setting, which honors the ++system-wide PROFILE=SYSTEM cipher list. + + In case different cipher lists are needed for different SNI hosts a hash can be + given with the host as key and the cipher suite as value, similar to diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec index f4f7367..6d8a679 100644 --- a/perl-IO-Socket-SSL.spec +++ b/perl-IO-Socket-SSL.spec @@ -6,14 +6,14 @@ %bcond_without perl_IO_Socket_SSL_test_IO_Socket_INET6 Name: perl-IO-Socket-SSL -Version: 2.073 +Version: 2.074 Release: 1%{?dist} Summary: Perl library for transparent SSL License: (GPL+ or Artistic) and MPLv2.0 URL: https://metacpan.org/release/IO-Socket-SSL Source0: https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz -Patch0: IO-Socket-SSL-2.073-use-system-default-cipher-list.patch -Patch1: IO-Socket-SSL-2.073-use-system-default-SSL-version.patch +Patch0: IO-Socket-SSL-2.074-use-system-default-cipher-list.patch +Patch1: IO-Socket-SSL-2.074-use-system-default-SSL-version.patch # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch, # bug #1632660, requires openssl tool Patch2: IO-Socket-SSL-2.066-Test-client-performs-Post-Handshake-Authentication.patch @@ -126,6 +126,12 @@ make test %{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3* %changelog +* Sat Jan 8 2022 Paul Howarth - 2.074-1 +- Update to 2.074 + - Add SSL_ciphersuites option for TLS 1.3 ciphers + - No longer use own default for ciphers: instead, use system default but + disable some weak ciphers that might still be enabled on older systems + * Thu Dec 23 2021 Paul Howarth - 2.073-1 - Update to 2.073 - Fix behavior and tests for OpenSSL 3.0.1 diff --git a/sources b/sources index 7b0b390..688393a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (IO-Socket-SSL-2.073.tar.gz) = f6c7e089dbe4012bdaf3fdea2a5bea01d856736a86b1895466aa860de0b45535b8ff31be576e846f41b5e550865e82f479a2b9d3f05ee384c8e595496b874f45 +SHA512 (IO-Socket-SSL-2.074.tar.gz) = cafbf11a986b8fb5ce06bdf1e7a83741e2eef74d4bf054f0e0cd490959eddf54d32d3d4e786de52750dccc07139d8a1b5d5979080d0f1c1464e0004ccf98a6b0