01-online_test.patch:
* Refactored file name 't/online.enabled' into var.
* Moved unlink() to 'touch' logic to have everything related to this t
+ask
  in single place.
* Delete no-op:
    unless (defined $online_tests) {
* Replace global $online_tests with lexical.
* Removed needless '? 1 : 0' to have this line fit in 80 columns.
* Replaced global filehandle ENABLED with lexical $tmp.
* Replaced '|| die' with 'or die' which is generally more safe.


02-mxin_mxout_bugfix.patch:
* Typo fix.


03-mxfiles.patch:
* Added autogeneration of list with MatrixSSL object files to simplify
  upgrade to new MatrixSSL version (Linux only!).
* Old version of object files list for MatrixSSL 1-1-5 and 1-7-3 moved
  to separate files (probably they should be deleted?).

P.S. I don't sure is MY::postamble function needed - if not then it
should be removed too.


04-headers.patch:
* Updated matrixssl_win32_inline.
  Original code was written for MatrixSSL-1.2.5 which has single .h fi
+le:
  matrixSsl.h. Starting from version 1.7.3 MatrixSSL split matrixSsl.h
+ into
  two files: matrixSsl.h and matrixCommon.h. Part of code which
  matrixssl_win32_inline fixes was left in matrixSsl.h, but another pa
+rt of
  code was moved into matrixCommon.h.
  Also '#define SSLPUBLIC' was renamed to '#define MATRIXPUBLIC'.
  I've updated it to process both .h-files, and #include both .h-files
+ in .xs.
* Rewrite matrixssl_win32_inline documentation.
* Deleted mxSsl.h.


05-xs_no_pod.patch:
* Deleted all POD from .xs because:
  - this documentation out of date;
  - it isn't good place for such documentation in .xs;
  - I don't think we need duplicate of official .pdf in POD.


06-MAX_CHAIN_LENGTH.patch:
* Increase MAX_CHAIN_LENGTH constant to allow usage of big package wit
+h
  root CA certificates (about 120 certificates).


07-export_const.patch:
* All hardcoded constants replaced by real constants from .h-files, bo
+th
  in .pm and .xs!
* All MatrixSSL functions exported into user's package.
* All constants from .h-files wrapped in .xs into functions and then
  exported into read-only scalars into user's package in .pm.
  Constant names are equal to MatrixSSL original names, i.e. without
  prefix "mx".
* Hash %mxSSL_ALERT_CODES replaced by two hashes %SSL_alertLevel and
  %SSL_alertDescription and these hashes also exported into user's pac
+kage;
  constant 67/SSL_ALLOW_ANON_CONNECTION removed from hashes.
* Exporter module replaced by custom import() function in .pm (because
  Exporter is bloated, ugly, unable to export read-only scalars and it
+'s
  main feature "tags" isn't needed in this module).
* Line
    if(flags!=0) {flags=SSL_FLAGS_SERVER;sessionId=0;}
  deleted from matrixSslNewSession() in .xs. It's user responsibility 
+to use
  constant $SSL_FLAGS_SERVER and set $sessionId to 0.
* Added standard test: t/00.load.t
* Added test: t/export.t
* Added test: t/export-const.t
* Fixed test: t/Crypt-MatrixSSL.t to take advantage from exporting
  functions and constants.


08-export_const2.patch:
* Refactored constants added in 07-export_const.patch using ExtUtils::
+Constant.


09-xs_cleanup.patch:
* Small documentation typo fix in Makefile.PL.
* Export new constant SSL_MAX_PLAINTEXT_LEN because user need to know
  maximum length of message in matrixSslEncode() to split his huge
  message into many matrixSslEncode() calls and avoid SSL_ERROR/SSL_FU
+LL.
* Now all public MatrixSSL functions supported - added these:
    matrixSslGetAnonStatus
    matrixSslAssignNewKeys
    matrixSslSetResumptionFlag
    matrixSslGetResumptionFlag
* INCOMPATIBLE API CHANGES! Removed 'privPass' param from matrixSslRea
+dKeysMem()
  to have it interface compatible with MatrixSSL documentation.
* Added typemap to have perl support for MatrixSSL types ssl_t,
  sslKeys_t and sslSessionId_t. This make possible for perl/xsubpp to
  automatically generate _correct_ XS code for most functions without
  manual CODE: and OUTPUT: sections.
* Delete CODE: and/or OUTPUT: sections for all functions which can be
  automatically generated now.
* Renamed all function params to names used in MatrixSSL documentation
+:
    mxin    -> in
    mxout   -> out
    mxkeys  -> keys
    session -> ssl
    etc...
* Moved var declarations from CODE: to INIT: sections for ease reading
+.
* Functions order in .xs slightly changed to correspond with their ord
+er
  in MatrixSSL .pdf documentation - to ease comparing .xs and .pdf.
* Added new tests.

=========================
=== Unobvious changes ===
=========================
* Replaced hardcoded constants 18500 and 4100 for 'out' buffer size in
  matrixSslDecode() and matrixSslEncode*() functions to SSL_MAX_BUF_SI
+ZE.
    >>> Probably SSL_MAX_RECORD_LEN should be used instead, but I'm no
+t sure,
    >>> so I take SSL_MAX_BUF_SIZE which is 5 bytes larger...
* Use static 'out' buffer in matrixSslDecode() and matrixSslEncode*()
  instead of dirty sv_setpvn/SvCUR_set/SvGROW hacks on SV*.
* Removed all SvGROW() - AFAIK it isn't required and sv_{set,cat}pv*()
  will automatically grow SV* if needed.
* Replaced sv_setpvn() with sv_setpvn_mg() to support more perl magic.
    >>> I'm not sure, but I suppose this required for things like
    >>> Data::Alias which often used in proxy applications with in/out
    >>> buffers.
* INCOMPATIBLE CHANGES! Now matrixSslDecode() and matrixSslEncode*()
  functions will APPEND data into output buffer SV* instead of replaci
+ng it.
  This has sense for applications which use single output buffer both
  for sending data into socket and these functions.
* matrixSslReadKeys:
    * Changed params type from SV* to char*.
    * Removed logic which replace empty string with NULL.
* matrixSslReadKeysMem:
    * Removed logic which replace empty string with NULL.
* matrixSslFreeKeys:
    * Do not set 'keys' param to 0 after calling matrixSslFreeKeys().
* matrixSslDeleteSession:
    * Do not set 'ssl' param to 0 after calling matrixSslDeleteSession
+().
* matrixSslDecode:
    * Changed 'error', 'alertLevel' and 'alertDescription' params type
      from SV* to unsigned char*.
    * Removed logic which initialize 'error', 'alertLevel' and
      'alertDescription' to 0 before calling matrixSslDecode().
    * Bugfix: 'error', 'alertLevel' and 'alertDescription' was incorre
+ctly
      set as _signed_ values using sv_setiv() which them all _unsigned
+_.
    * Removed logic which silently "define" output SV*.
* matrixSslEncode:
    * Removed dirty hack which "define" input buffer because SvPV() wi
+ll
      make empty string from undef() automatically plus print warning.
    * Removed logic which silently "define" output SV*.
* matrixSslSetSessionOption:
    * Removed logic which forced 'arg' to NULL because it was needed
      only as workaround wrong 'arg' type char* (which magically conve
+rt
      undef to empty string and print warning).
* matrixSslSetCertValidator:
    * Bugfix: 'arg' type was int instead of void*.

About these changes. I sure it's good idea to do minimum operations in
+ XS
level (unless XS used for rewriting some slow perl code in C, of cours
+e).
Library wrappers like Crypt::MatrixSSL should stick to original librar
+y
interface where possible - it somebody wanna make C library interface 
+more
'cool and perlish' then it's much ease to do this in perl-level wrappe
+rs
in optional Crypt/MatrixSSL/Easy.pm module. With this patch only
difference from original MatrixSSL interface is in/out buffers in
matrixSslEncode*() and matrixSslDecode() functions - everything else w
+ork
exactly as described in MatrixSSL .pdf documentation.

1) Removed logic which replace empty string with NULL.
    >>> I've fixed XS so it will convert perl undef() into NULL and le
+ave
    >>> defined strings as-is, i.e. empty perl string will be empty C 
+string.
    >>> This happens not everythere, but only with params which CAN BE
    >>> NULL, according to MatrixSSL documentation. If user send undef
+()
    >>> as some other param, then he probably will see 'undefined' war
+ning.
2) Do not set 'XXX' param to 0 after calling matrixSsl{Free,Delete}XXX
+().
    >>> This changes original MatrixSSL interface and I don't see any
    >>> reason why this 'feature' needed.
3) Removed logic which initialize 'error', 'alertLevel' and
   'alertDescription' to 0 before calling matrixSslDecode().
    >>> To avoid senseless 'undefined' warning I convert undefined val
+ues
    >>> in these params into number 0, but if these params already def
+ined
    >>> numbers they will not be touched. If MatrixSSL doesn't initial
+ize
    >>> them, then this IS the MatrixSSL's interface!
4) Removed logic which silently "define" input/output SV* buffers.
    >>> This is sort of 'always use strict/warnings' idea. User should
+n't
    >>> use undefined input/output buffers, and if he using them then 
+he
    >>> will see 'undefined' warnings, which is GOOD THING.

P.S. In attach you'll see additional file 09-test_cert.tgz - it contai
+ns
certificates which I've created for new tests (some of these certifica
+tes
in binary format, so I can't include them inside .patch).
[download]