Source: ruby2.5 Version: 2.5.1-5 Severity: serious Tags: ftbfs Control: block 907015 by -1 X-Debbugs-CC: debian...@lists.debian.org, open...@packages.debian.org User: debian...@lists.debian.org Usertags: timeout
Dear ruby2.5 maintainers, Recently openssl was updated to upstream version 1.1.1. There have been multiple changes to increase security. As a result, some packages started to time out during autopkgtest and/or building of the package. Your package is one of them and does both: https://ci.debian.net/packages/r/ruby2.5/testing/amd64/ https://ci.debian.net/data/autopkgtest/testing/amd64/r/ruby2.5/865947/log.gz https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/ruby2.5.html The CI wiki [1] has an entry about time out: SSL_MODE_AUTO_RETRY is enabled by default. Applications that use blocking I/O in combination with something like select() or poll() will hang. This can be turned off again using SSL_CTX_clear_mode(). Many applications do not properly handle non-application data records, and TLS 1.3 sends more of such records. Setting SSL_MODE_AUTO_RETRY works around the problems in those applications, but can also break some. It's recommended to read the manpages about SSL_read(), SSL_write(), SSL_get_error(), SSL_shutdown(), SSL_CTX_set_mode() and SSL_CTX_set_read_ahead() again. Note: openssl is currently blocked from migration to testing for reverse (build) dependencies to catch up and to detect run time errors, such that the right versioned Breaks can be in place. Blocking the bug that tracks that by this bug. Paul [1] https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1
signature.asc
Description: OpenPGP digital signature
