Your message dated Sun, 02 Sep 2018 20:36:43 +0000
with message-id <e1fwz6x-0007lg...@fasolo.debian.org>
and subject line Bug#895959: fixed in libnet-ssleay-perl 1.85-2
has caused the Debian Bug report #895959,
regarding libnet-ssleay-perl: FTBFS with openssl 1.1.1 in exp
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
895959: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895959
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libnet-ssleay-perl
Version: 1.85-1
Severity: important
There is openssl 1.1.1-pre4 in experimental right now and
libnet-ssleay-perl fails the testsuite with it. I was playing with it
for the last month or so and already figured out a few things. This is
t/local/07_sslecho.t I refer here to.
The SSL_read() and SSL_write() wrapper need to handle a possible retry.
The man-page for both function [0] says that it might need to be retried
with the same arguments. With the following hunk:
diff --git a/SSLeay.xs b/SSLeay.xs
--- a/SSLeay.xs
+++ b/SSLeay.xs
@@ -1999,7 +1999,17 @@ SSL_read(s,max=32768)
int got;
PPCODE:
New(0, buf, max, char);
- got = SSL_read(s, buf, max);
+
+ do {
+ int err;
+
+ got = SSL_read(s, buf, max);
+ if (got > 0)
+ break;
+ err = SSL_get_error(s, got);
+ if (err != SSL_ERROR_WANT_READ)
+ break;
+ } while (1);
/* If in list context, return 2-item list:
* first return value: data gotten, or undef on error (got<0)
@@ -2051,10 +2061,20 @@ SSL_write(s,buf)
SSL * s
PREINIT:
STRLEN len;
+ int err;
+ int ret;
INPUT:
char * buf = SvPV( ST(1), len);
CODE:
- RETVAL = SSL_write (s, buf, (int)len);
+ do {
+ ret = SSL_write (s, buf, (int)len);
+ if (ret > 0)
+ break;
+ err = SSL_get_error(s, ret);
+ if (err != SSL_ERROR_WANT_WRITE)
+ break;
+ } while (1);
+ RETVAL = ret;
OUTPUT:
RETVAL
@@ -2083,8 +2103,20 @@ SSL_write_partial(s,from,count,buf)
if (len < 0) {
croak("from beyound end of buffer");
RETVAL = -1;
- } else
- RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len);
+ } else {
+ int ret;
+ int err;
+
+ do {
+ ret = SSL_write (s, &(buf[from]), (count<=len)?count:len);
+ if (ret > 0)
+ break;
+ err = SSL_get_error(s, ret);
+ if (err != SSL_ERROR_WANT_WRITE)
+ break;
+ } while (1);
+ RETVAL = ret;
+ }
OUTPUT:
RETVAL
I was able to let the test-suite continue a little further. As per
upstream [1] this was always the case it worked by coincidence before.
The next thing is that step 24 within 07_sslecho.t blocks forever. As it
turns out one side does "shutdown $s, 2;" (around line 170) while the
other does a read+write operation. In "older" openssl is seems to just
work but in the newer one SIGPIPE is received and this seems to
stall/block the test case. By adding:
index 5e16b04b55ea..c60afccc0051 100644
--- a/t/local/07_sslecho.t
+++ b/t/local/07_sslecho.t
@@ -14,6 +14,7 @@ BEGIN {
}
plan tests => 78;
+$SIG{'PIPE'} = 'IGNORE';
my $sock;
my $pid;
(
it does not stall anymore but complains about the return value from
write:
ok 21 - get_cipher
ok 22 - get_shared_ciphers
ok 23 - ssl_read_all
not ok 24 - ssl_write_all
# Failed test 'ssl_write_all'
# at t/local/07_sslecho.t line 88.
ok 25 - new
This should be okay since the other side never reads anything and just
shutdowns the socket.
Could you please take a look and forward it upstream?
[0] https://manpages.debian.org/stretch/libssl-doc/SSL_read.3ssl.en.html#WARNING
[1] https://github.com/openssl/openssl/issues/5637#issuecomment-381364019
Sebastian
--- End Message ---
--- Begin Message ---
Source: libnet-ssleay-perl
Source-Version: 1.85-2
We believe that the bug you reported is fixed in the latest version of
libnet-ssleay-perl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 895...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damyan Ivanov <d...@debian.org> (supplier of updated libnet-ssleay-perl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 02 Sep 2018 20:19:51 +0000
Source: libnet-ssleay-perl
Binary: libnet-ssleay-perl
Architecture: source
Version: 1.85-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org>
Changed-By: Damyan Ivanov <d...@debian.org>
Closes: 895959
Description:
libnet-ssleay-perl - Perl module for Secure Sockets Layer (SSL)
Changes:
libnet-ssleay-perl (1.85-2) unstable; urgency=medium
.
[ Damyan Ivanov ]
* patchwork to get Net::SSLeay to compile and pass its test suite with
OpenSSL 1.1.1 (Closes: #895959)
+ add five patches from fedora
+ patch openssl version check about SSL_CTX_set_num_tickets existence
+ fix default minimum protocol version in the absence of
/etc/crypto-policies/back-ends/opensslcnf.config
+ add SSL[_CTX]_(set|get)_security_level routines
+ tests: set security level to 1 when loading certificates with small keys
+ patch set_cert_and_key to not return error when none of the underlying
routines does
* update debian/copyright
* bump debhelper compatibility version to 11
* declare conformance with Policy 4.2.1 (no changes needed)
.
[ gregor herrmann ]
* Update debian/upstream/metadata
Checksums-Sha1:
583046431390f96a79103bf2e7c52925242fe539 2244 libnet-ssleay-perl_1.85-2.dsc
2c42c3b471bda86b53767797db8c5c2a867a925f 18500
libnet-ssleay-perl_1.85-2.debian.tar.xz
Checksums-Sha256:
1d90c1a6defa731bd4d52d9def0bdfe72ad1377589b88a84450e4183715d7b8c 2244
libnet-ssleay-perl_1.85-2.dsc
6fa6e2900659925adac09b554c97a5dce60960cde17c0594e93d0f9627f1b598 18500
libnet-ssleay-perl_1.85-2.debian.tar.xz
Files:
fdb2e70e86abcabec5b9320f81305cd7 2244 perl optional
libnet-ssleay-perl_1.85-2.dsc
c14f0b4d7e9f85ee0ef61f993d622547 18500 perl optional
libnet-ssleay-perl_1.85-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErqDETssFbpNjDZ0z276dTZnSoAQFAluMRjoACgkQ276dTZnS
oAS0Tw/+MYTB3zw7uTMBmIuTxpqf6oeuJ/wiNmQRuaCWYIhRLECu4A14ugoHqNlF
DpN1selsYXKgf8z6HQYnBSo4sXGTzr0zlDKDhbIxV9xW6aR8g4ragI1JvvfRrJVl
4AHiXj+11jwx0hF3R3oVqq1qHLT2OOh3QLsx3+jzjVuK9E0cjMgRjhvIGbIfId3Q
zb35NiQzxWnDf2oErxm2m47kRmKc8JXeKXDCGaJcORMryfsG3xxoWCz85gxuLHlp
LWZf9wEQCtAGPKkNnu7f1gSjJNoZ0DdRJSsa1qdheqHvvYbzBKrYv/PFfDbhKb1Q
5vufUHzbA1HUQUGtFhJ1SpPnrG4HEY8hYm5y0JOVA9qOCfWBTqCYB2eEYcZkcquK
DEA2lxTkUQq/cyBCr6Zm0QcOPE+FUuXalnOLhL4g6A09hmZy0xeu+XvZtzlThw+5
ONNSNS1GKn1GjHf1bKy7SB4EnjoFTC+rqlykiDhegBMMFwzGLYz60cBWcAmpEpvY
gztTaS0pKXdPxggp1J9eMmQ37uV+PbN964U3p/XayrNRnCDactE5nMEpVrKYfYlN
m10ZyPE3lM64tT9EG6bO5vaKbO7K8K1jX5Ko9whED55kb44E9k+4WUXzg+emLpzT
09qJlC7SEp0MW3RskEdIsLdYUQ0utgoG8thIjywOBI17Pzv3scY=
=XzZ7
-----END PGP SIGNATURE-----
--- End Message ---
