Your message dated Sun, 02 Sep 2018 20:36:43 +0000 with message-id <[email protected]> and subject line Bug#895959: fixed in libnet-ssleay-perl 1.85-2 has caused the Debian Bug report #895959, regarding libnet-ssleay-perl: FTBFS with openssl 1.1.1 in exp to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 895959: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895959 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libnet-ssleay-perl Version: 1.85-1 Severity: important There is openssl 1.1.1-pre4 in experimental right now and libnet-ssleay-perl fails the testsuite with it. I was playing with it for the last month or so and already figured out a few things. This is t/local/07_sslecho.t I refer here to. The SSL_read() and SSL_write() wrapper need to handle a possible retry. The man-page for both function [0] says that it might need to be retried with the same arguments. With the following hunk: diff --git a/SSLeay.xs b/SSLeay.xs --- a/SSLeay.xs +++ b/SSLeay.xs @@ -1999,7 +1999,17 @@ SSL_read(s,max=32768) int got; PPCODE: New(0, buf, max, char); - got = SSL_read(s, buf, max); + + do { + int err; + + got = SSL_read(s, buf, max); + if (got > 0) + break; + err = SSL_get_error(s, got); + if (err != SSL_ERROR_WANT_READ) + break; + } while (1); /* If in list context, return 2-item list: * first return value: data gotten, or undef on error (got<0) @@ -2051,10 +2061,20 @@ SSL_write(s,buf) SSL * s PREINIT: STRLEN len; + int err; + int ret; INPUT: char * buf = SvPV( ST(1), len); CODE: - RETVAL = SSL_write (s, buf, (int)len); + do { + ret = SSL_write (s, buf, (int)len); + if (ret > 0) + break; + err = SSL_get_error(s, ret); + if (err != SSL_ERROR_WANT_WRITE) + break; + } while (1); + RETVAL = ret; OUTPUT: RETVAL @@ -2083,8 +2103,20 @@ SSL_write_partial(s,from,count,buf) if (len < 0) { croak("from beyound end of buffer"); RETVAL = -1; - } else - RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len); + } else { + int ret; + int err; + + do { + ret = SSL_write (s, &(buf[from]), (count<=len)?count:len); + if (ret > 0) + break; + err = SSL_get_error(s, ret); + if (err != SSL_ERROR_WANT_WRITE) + break; + } while (1); + RETVAL = ret; + } OUTPUT: RETVAL I was able to let the test-suite continue a little further. As per upstream [1] this was always the case it worked by coincidence before. The next thing is that step 24 within 07_sslecho.t blocks forever. As it turns out one side does "shutdown $s, 2;" (around line 170) while the other does a read+write operation. In "older" openssl is seems to just work but in the newer one SIGPIPE is received and this seems to stall/block the test case. By adding: index 5e16b04b55ea..c60afccc0051 100644 --- a/t/local/07_sslecho.t +++ b/t/local/07_sslecho.t @@ -14,6 +14,7 @@ BEGIN { } plan tests => 78; +$SIG{'PIPE'} = 'IGNORE'; my $sock; my $pid; ( it does not stall anymore but complains about the return value from write: ok 21 - get_cipher ok 22 - get_shared_ciphers ok 23 - ssl_read_all not ok 24 - ssl_write_all # Failed test 'ssl_write_all' # at t/local/07_sslecho.t line 88. ok 25 - new This should be okay since the other side never reads anything and just shutdowns the socket. Could you please take a look and forward it upstream? [0] https://manpages.debian.org/stretch/libssl-doc/SSL_read.3ssl.en.html#WARNING [1] https://github.com/openssl/openssl/issues/5637#issuecomment-381364019 Sebastian
--- End Message ---
--- Begin Message ---Source: libnet-ssleay-perl Source-Version: 1.85-2 We believe that the bug you reported is fixed in the latest version of libnet-ssleay-perl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Damyan Ivanov <[email protected]> (supplier of updated libnet-ssleay-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 02 Sep 2018 20:19:51 +0000 Source: libnet-ssleay-perl Binary: libnet-ssleay-perl Architecture: source Version: 1.85-2 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group <[email protected]> Changed-By: Damyan Ivanov <[email protected]> Closes: 895959 Description: libnet-ssleay-perl - Perl module for Secure Sockets Layer (SSL) Changes: libnet-ssleay-perl (1.85-2) unstable; urgency=medium . [ Damyan Ivanov ] * patchwork to get Net::SSLeay to compile and pass its test suite with OpenSSL 1.1.1 (Closes: #895959) + add five patches from fedora + patch openssl version check about SSL_CTX_set_num_tickets existence + fix default minimum protocol version in the absence of /etc/crypto-policies/back-ends/opensslcnf.config + add SSL[_CTX]_(set|get)_security_level routines + tests: set security level to 1 when loading certificates with small keys + patch set_cert_and_key to not return error when none of the underlying routines does * update debian/copyright * bump debhelper compatibility version to 11 * declare conformance with Policy 4.2.1 (no changes needed) . [ gregor herrmann ] * Update debian/upstream/metadata Checksums-Sha1: 583046431390f96a79103bf2e7c52925242fe539 2244 libnet-ssleay-perl_1.85-2.dsc 2c42c3b471bda86b53767797db8c5c2a867a925f 18500 libnet-ssleay-perl_1.85-2.debian.tar.xz Checksums-Sha256: 1d90c1a6defa731bd4d52d9def0bdfe72ad1377589b88a84450e4183715d7b8c 2244 libnet-ssleay-perl_1.85-2.dsc 6fa6e2900659925adac09b554c97a5dce60960cde17c0594e93d0f9627f1b598 18500 libnet-ssleay-perl_1.85-2.debian.tar.xz Files: fdb2e70e86abcabec5b9320f81305cd7 2244 perl optional libnet-ssleay-perl_1.85-2.dsc c14f0b4d7e9f85ee0ef61f993d622547 18500 perl optional libnet-ssleay-perl_1.85-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErqDETssFbpNjDZ0z276dTZnSoAQFAluMRjoACgkQ276dTZnS oAS0Tw/+MYTB3zw7uTMBmIuTxpqf6oeuJ/wiNmQRuaCWYIhRLECu4A14ugoHqNlF DpN1selsYXKgf8z6HQYnBSo4sXGTzr0zlDKDhbIxV9xW6aR8g4ragI1JvvfRrJVl 4AHiXj+11jwx0hF3R3oVqq1qHLT2OOh3QLsx3+jzjVuK9E0cjMgRjhvIGbIfId3Q zb35NiQzxWnDf2oErxm2m47kRmKc8JXeKXDCGaJcORMryfsG3xxoWCz85gxuLHlp LWZf9wEQCtAGPKkNnu7f1gSjJNoZ0DdRJSsa1qdheqHvvYbzBKrYv/PFfDbhKb1Q 5vufUHzbA1HUQUGtFhJ1SpPnrG4HEY8hYm5y0JOVA9qOCfWBTqCYB2eEYcZkcquK DEA2lxTkUQq/cyBCr6Zm0QcOPE+FUuXalnOLhL4g6A09hmZy0xeu+XvZtzlThw+5 ONNSNS1GKn1GjHf1bKy7SB4EnjoFTC+rqlykiDhegBMMFwzGLYz60cBWcAmpEpvY gztTaS0pKXdPxggp1J9eMmQ37uV+PbN964U3p/XayrNRnCDactE5nMEpVrKYfYlN m10ZyPE3lM64tT9EG6bO5vaKbO7K8K1jX5Ko9whED55kb44E9k+4WUXzg+emLpzT 09qJlC7SEp0MW3RskEdIsLdYUQ0utgoG8thIjywOBI17Pzv3scY= =XzZ7 -----END PGP SIGNATURE-----
--- End Message ---
