From 15fd2d14c8c9f7fd8ffc586dd516491f832726fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> Date: Mon, 18 May 2015 16:13:26 +0200 Subject: Do not use SSLv3 in tests
diff --git a/POE-Component-SSLify-1.012-Use-default-SSL-version-in-tests.patch b/POE-Component-SSLify-1.012-Use-default-SSL-version-in-tests.patch new file mode 100644 index 0000000..31e3039 --- /dev/null +++ b/POE-Component-SSLify-1.012-Use-default-SSL-version-in-tests.patch @@ -0,0 +1,274 @@ +From fab873b9e556bc64cdd9da87ee76332840ca87e9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> +Date: Mon, 18 May 2015 16:04:37 +0200 +Subject: [PATCH] Use default SSL version in tests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +OpenSSL or distributor will remove support for SSLv3 soon or later. +POE-Component-SSLify tests fail now because Net-SSLeay-0.68 has +already removed the support. + +The patch replaces hard-coding any specific procol version to +`default' value which should be future-proof. + +CPAN RT#104493 + +Signed-off-by: Petr Písař <ppi...@redhat.com> +--- + t/renegotiate_client.t | 6 +++--- + t/renegotiate_client_pings.t | 6 +++--- + t/renegotiate_server.t | 6 +++--- + t/simple.t | 6 +++--- + t/simple_large.t | 6 +++--- + t/simple_parallel.t | 6 +++--- + t/simple_parallel_large.t | 6 +++--- + t/simple_parallel_superbig.t | 6 +++--- + t/simple_superbig.t | 6 +++--- + t/upgrade.t | 6 +++--- + 10 files changed, 30 insertions(+), 30 deletions(-) + +diff --git a/t/renegotiate_client.t b/t/renegotiate_client.t +index 2673653..f140b07 100644 +--- a/t/renegotiate_client.t ++++ b/t/renegotiate_client.t +@@ -50,8 +50,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -113,7 +113,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/renegotiate_client_pings.t b/t/renegotiate_client_pings.t +index 23181dc..565c223 100644 +--- a/t/renegotiate_client_pings.t ++++ b/t/renegotiate_client_pings.t +@@ -52,8 +52,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -116,7 +116,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/renegotiate_server.t b/t/renegotiate_server.t +index 9e07aea..d7384ce 100644 +--- a/t/renegotiate_server.t ++++ b/t/renegotiate_server.t +@@ -50,8 +50,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -113,7 +113,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple.t b/t/simple.t +index 742f9e6..9225cd9 100644 +--- a/t/simple.t ++++ b/t/simple.t +@@ -47,8 +47,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -107,7 +107,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple_large.t b/t/simple_large.t +index f749880..01046fc 100644 +--- a/t/simple_large.t ++++ b/t/simple_large.t +@@ -49,8 +49,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -109,7 +109,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple_parallel.t b/t/simple_parallel.t +index f135b28..006ccd0 100644 +--- a/t/simple_parallel.t ++++ b/t/simple_parallel.t +@@ -47,8 +47,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -107,7 +107,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple_parallel_large.t b/t/simple_parallel_large.t +index fa4d3d6..d065748 100644 +--- a/t/simple_parallel_large.t ++++ b/t/simple_parallel_large.t +@@ -49,8 +49,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -107,7 +107,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple_parallel_superbig.t b/t/simple_parallel_superbig.t +index c4ca4ad..eba0efc 100644 +--- a/t/simple_parallel_superbig.t ++++ b/t/simple_parallel_superbig.t +@@ -58,8 +58,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -116,7 +116,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/simple_superbig.t b/t/simple_superbig.t +index 6c5eacd..c00a83c 100644 +--- a/t/simple_superbig.t ++++ b/t/simple_superbig.t +@@ -57,8 +57,8 @@ POE::Component::Server::TCP->new + }, + ClientPreConnect => sub + { +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; +@@ -119,7 +119,7 @@ POE::Component::Client::TCP->new + }, + PreConnect => sub + { +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +diff --git a/t/upgrade.t b/t/upgrade.t +index cd5fdb3..7795bbb 100644 +--- a/t/upgrade.t ++++ b/t/upgrade.t +@@ -54,8 +54,8 @@ POE::Component::Server::TCP->new + $heap->{client}->flush; # make sure we sent the pong + + # sslify it in-situ! +- eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; +- eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); ++ eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'default') }; ++ eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'default') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + my $socket = eval { Server_SSLify($heap->{client}->get_output_handle) }; + ok(!$@, "SERVER: Server_SSLify $@"); +@@ -124,7 +124,7 @@ POE::Component::Client::TCP->new + ok(1, "CLIENT: recv: $line"); + + # sslify it in-situ! +- my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; ++ my $ctx = eval { SSLify_ContextCreate(undef, undef, 'default') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($heap->{server}->get_output_handle, undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); +-- +2.1.0 + diff --git a/perl-POE-Component-SSLify.spec b/perl-POE-Component-SSLify.spec index 2b67e35..7968d7a 100644 --- a/perl-POE-Component-SSLify.spec +++ b/perl-POE-Component-SSLify.spec @@ -1,11 +1,14 @@ Name: perl-POE-Component-SSLify Version: 1.012 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Makes using SSL in the world of POE easy! License: GPL+ or Artistic Group: Development/Libraries URL: http://search.cpan.org/dist/POE-Component-SSLify/ Source0: http://search.cpan.org/CPAN/authors/id/A/AP/APOCAL/POE-Component-SSLify-%{version}.tar.gz +# Do not use SSLv3 in tests. It's not supported by Net-SSLeay-1.68 with +# OpenSSL-1.0.2a, bug #1222521, CPAN RT#104493 +Patch0: POE-Component-SSLify-1.012-Use-default-SSL-version-in-tests.patch BuildArch: noarch BuildRequires: perl BuildRequires: perl(Module::Build::Tiny) >= 0.039 @@ -48,6 +51,7 @@ This component represents the standard way to do SSL in POE. %prep %setup -q -n POE-Component-SSLify-%{version} +%patch0 -p1 %build perl Build.PL --installdirs=vendor @@ -70,6 +74,9 @@ AUTOMATED_TESTING=0 ./Build test %{_mandir}/man3/* %changelog +* Mon May 18 2015 Petr Pisar <ppi...@redhat.com> - 1.012-2 +- Do not use SSLv3 in tests + * Tue Nov 25 2014 Petr Pisar <ppi...@redhat.com> - 1.012-1 - 1.012 bump -- cgit v0.10.2 http://pkgs.fedoraproject.org/cgit/perl-POE-Component-SSLify.git/commit/?h=master&id=15fd2d14c8c9f7fd8ffc586dd516491f832726fd -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel