Hi Kurt,
On Tue, Mar 31, 2020 at 06:46:44PM +0200, Kurt Roeckx wrote:
> On Tue, Mar 31, 2020 at 09:03:01AM +0200, Salvatore Bonaccorso wrote:
> > On Sat, Mar 21, 2020 at 08:31:21PM +0100, gregor herrmann wrote:
> > > On Fri, 20 Mar 2020 21:50:08 +0100, Sebastian Andrzej Siewior wrote:
> > >
> > > > The package FTBFS since openssl has been updated to 1.1.1e because the
> > > > testsuite fails. The failure is due to commit db943f43a60d ("Detect EOF
> > > > while reading in libssl") [0] in openssl. There an issue ticket [1]
> > > > which introduced the changed behaviour.
> > >
> > > There's a patch at
> > > https://github.com/noxxi/p5-io-socket-ssl/issues/93
> > > This also needs libnet-ssleay-perl_1.88-3 which I uploaded right now.
> >
> > So I guess this should be threated as openssl issue and will reassign
> > it to it. Upstream for IO::Socket::SSL has released a new version
> > which will refuse to build with 1.1.1e:
> >
> > 2.068 2020/03/31
> > - treat OpenSSL 1.1.1e as broken and refuse to build with it in order to
> > prevent follow-up problems in tests and user code
> > https://github.com/noxxi/p5-io-socket-ssl/issues/93
> > https://github.com/openssl/openssl/issues/11388
> > https://github.com/openssl/openssl/issues/11378
>
> There might be a misunderstanding. First, in 3.0, we will
> reintroduce this new behaviour.
>
> We always returned an error in case of an unexpected EOF. We
> changed the error code of that case. Applications should never
> trigger the unexpected EOF and should get fixed not to trigger it.
I see, but then I prefer to loop in Steffen Ullrich into the loop
(upstream of IO::Socket::SSL). Steffen, see the above comment from
Kurt in the Debian bug, so it looks we cannot close
https://github.com/noxxi/p5-io-socket-ssl/issues/93 by marking 1.1.1e
as broken only. What do you think?
Regards,
Salvatore
