Bug #126899 for IO-Socket-SSL: Tests fail with OpenSSL 1.1.1

Fri Aug 17 08:15:03 2018 ppisar [...] redhat.com - Ticket created

Subject:

Tests fail with OpenSSL 1.1.1

OpenSSL has released 1.1.1pre7 version, a preview of 1.1.1 version with default TLSv1.3 support. This needs a proper support in Net-SSLeay and then in IO-Socket-SSL. Net-SSLeay support is on the way (CPAN RT#125218) and with all its patches and some tweaks for IO-Socket-SSL, I was able to pass all IO-Socket-SSL tests except: t/npn.t -- NPN does not work for unknown reason t/session_ticket.t -- TLSv1.3 tickets needs to use SSL_CTX_sess_set_new_cb() that is not yet provided by Net-SSLeay. t/sni_verify.t -- server dies with SIGPIPE because tickets send to closes TCP socket, trivial to fix with a proper SSL_shutdown in t/sni_verify.t. Latest changes for IO-Socket-SSL are attached.

Subject:

0001-Adapt-to-OpenSSL-1.1.1.patch

From d432295468a1efa18e56c1fbb34e3a23bb07d1e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Thu, 16 Aug 2018 14:56:23 +0200 Subject: [PATCH] Adapt to OpenSSL 1.1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It needs patched Net-SSLeay (CPAN RT#125218). This patch introduces some TLSv1.3 identifiers but does not document them. This is to let the IO-Socket-SSL maintainer to define the API. This is not a final patch. We need to fix failures in: t/npn.t t/session_ticket.t t/sni_verify.t Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- lib/IO/Socket/SSL.pm | 17 +++++++++++++++-- t/ecdhe.t | 16 +++++++++++----- t/protocol_version.t | 4 ++-- t/session_ticket.t | 2 ++ 4 files changed, 30 insertions(+), 9 deletions(-) diff --git a/lib/IO/Socket/SSL.pm b/lib/IO/Socket/SSL.pm index 9c81ffc..5b43467 100644 --- a/lib/IO/Socket/SSL.pm +++ b/lib/IO/Socket/SSL.pm @@ -211,7 +211,8 @@ BEGIN{ # get constants for SSL_OP_NO_* now, instead calling the related functions # every time we setup a connection my %SSL_OP_NO; -for(qw( SSLv2 SSLv3 TLSv1 TLSv1_1 TLSv11:TLSv1_1 TLSv1_2 TLSv12:TLSv1_2 )) { +for(qw( SSLv2 SSLv3 TLSv1 TLSv1_1 TLSv11:TLSv1_1 TLSv1_2 TLSv12:TLSv1_2 + TLSv1_3 TLSv13:TLSv1_3 )) { my ($k,$op) = m{:} ? split(m{:},$_,2) : ($_,$_); my $sub = "Net::SSLeay::OP_NO_$op"; local $SIG{__DIE__}; @@ -1836,6 +1837,7 @@ sub get_sslversion { my $ssl = shift()->_get_ssl_object || return; my $version = Net::SSLeay::version($ssl) or return; return + $version == 0x0304 ? 'TLSv1_3' : $version == 0x0303 ? 'TLSv1_2' : $version == 0x0302 ? 'TLSv1_1' : $version == 0x0301 ? 'TLSv1' : @@ -2281,7 +2283,7 @@ sub new { my $ver = ''; for (split(/\s*:\s*/,$arg_hash->{SSL_version})) { - m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1(?:_?[12])?))$}i + m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1(?:_?[123])?))$}i or croak("invalid SSL_version specified"); my $not = $1; ( my $v = lc($2||$3) ) =~s{^(...)}{\U$1}; @@ -2329,6 +2331,17 @@ sub new { IO::Socket::SSL->error("SSL Context init failed"); $CTX_CREATED_IN_THIS_THREAD{$ctx} = 1 if $use_threads; + # There is no CTX_tlsv1_3_new(). Create TLSv1.3 only context using + # a flexible method. + if ($ver eq 'TLSv1_3') { + if (!Net::SSLeay::CTX_set_min_proto_version($ctx, + Net::SSLeay::TLS1_3_VERSION()) or + !Net::SSLeay::CTX_set_max_proto_version($ctx, + Net::SSLeay::TLS1_3_VERSION())) { + IO::Socket::SSL->error("TLSv1_3 context init failed"); + } + } + # SSL_OP_CIPHER_SERVER_PREFERENCE $ssl_op |= 0x00400000 if $arg_hash->{SSL_honor_cipher_order}; diff --git a/t/ecdhe.t b/t/ecdhe.t index 638d82b..1b229c5 100644 --- a/t/ecdhe.t +++ b/t/ecdhe.t @@ -53,12 +53,18 @@ if ( !defined $pid ) { }; ok( "client connected" ); - my $cipher = $to_server->get_cipher(); - if ( $cipher !~m/^ECDHE-/ ) { - notok("bad key exchange: $cipher"); - exit; + my $protocol = $to_server->get_sslversion; + if ($protocol eq 'TLSv1_3') { + # <https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/> + ok("# SKIP TLSv1.3 doesn't advertize key exchange in a chipher name"); + } else { + my $cipher = $to_server->get_cipher(); + if ( $cipher !~m/^ECDHE-/ ) { + notok("bad key exchange: $cipher"); + exit; + } + ok("ecdh key exchange: $cipher"); } - ok("ecdh key exchange: $cipher"); } else { ###### Server diff --git a/t/protocol_version.t b/t/protocol_version.t index e3853d8..3577720 100644 --- a/t/protocol_version.t +++ b/t/protocol_version.t @@ -13,7 +13,7 @@ plan skip_all => "Test::More has no done_testing" $|=1; my $XDEBUG = 0; -my @versions = qw(SSLv3 TLSv1 TLSv1_1 TLSv1_2); +my @versions = qw(SSLv3 TLSv1 TLSv1_1 TLSv1_2 TLSv1_3); my $server = IO::Socket::SSL->new( LocalAddr => '127.0.0.1', @@ -82,7 +82,7 @@ if ($pid == 0) { die "best protocol version server supports is $ver" if $supported{foo}; # Check if the OpenSSL was compiled without support for specific protocols - for(qw(SSLv3 TLSv1 TLSv1_1)) { + for(qw(SSLv3 TLSv1 TLSv1_1 TLSv1_2 TLSv1_3)) { if ( ! $check->($_,'')) { diag("looks like OpenSSL was compiled without $_ support"); delete $supported{$_}; diff --git a/t/session_ticket.t b/t/session_ticket.t index d3c15d9..bff6a86 100644 --- a/t/session_ticket.t +++ b/t/session_ticket.t @@ -73,6 +73,8 @@ my $client = sub { }; +# FIXME: TLSv1.3 requires to use SSL_CTX_sess_set_new_cb() by clients instead +# of SSL_get1_session(). Missing from Net::SSLeay. $client->(0,0,"no initial session -> no reuse"); $client->(0,1,"reuse with the next session and secret[0]"); $client->(1,1,"reuse even though server changed, since they share ticket secret"); -- 2.14.4

Fri Aug 17 08:16:46 2018 ppisar [...] redhat.com - Dependency on ticket #125218 added

Fri Aug 17 08:52:13 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> t/sni_verify.t -- server dies with SIGPIPE because tickets send to > closes TCP socket, trivial to fix with a proper SSL_shutdown in > t/sni_verify.t. >

Fix for t/sni_verify.t is attached.

Subject:

0001-Do-two-way-shutdown-in-t-sni_verify.t.patch

From 84a3bc6c273977bcd4b709e0d9a3d9fcdd58e36d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Fri, 17 Aug 2018 14:46:33 +0200 Subject: [PATCH] Do two-way shutdown in t/sni_verify.t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenSSL 1.1.1-pre7 sigipipes TLSv1.3 server if client does not shutdown TLS properly. <https://github.com/openssl/openssl/issues/6904> Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- t/sni_verify.t | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/t/sni_verify.t b/t/sni_verify.t index b3b299b..b5ac4bd 100644 --- a/t/sni_verify.t +++ b/t/sni_verify.t @@ -71,6 +71,13 @@ if ( $pid == 0 ) { $client->verify_hostname($host,'http') or print "not "; print "ok # client verify hostname in cert $host\n"; + + if ($client) { + # Shutdown TLS properly. Otherwise TLSv1.3 server will receive SIGPIPE + # in SSL_accept() and dies. + # <https://github.com/openssl/openssl/issues/6904>. + $client->close('SSL_fast_shutdown' => 0); + } } exit; } @@ -81,5 +88,8 @@ for my $host (@tests) { my $name = $csock->get_servername; print "not " if ! $name or $name ne $host; print "ok # server got SNI name $host\n"; + if ($csock) { + $csock->close('SSL_fast_shutdown' => 0); + } } wait; -- 2.14.4

Fri Aug 17 09:18:55 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> t/npn.t -- NPN does not work for unknown reason

It turned out TLSv1.3 does not support NPN <https://github.com/openssl/openssl/issues/3665>. Attached patch corrects the test.

Subject:

0001-NPN-is-unavailable-in-TLSv1.3.patch

From 94b0b52f05911bd8cfe579406248c8afe36004d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Fri, 17 Aug 2018 15:14:40 +0200 Subject: [PATCH] NPN is unavailable in TLSv1.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit TLSv1.3 does not support NPN. Application can use ALPN. This caused t/npn.t failures when TLSv1.3 was negotiated. This patch disables TLSv1.3 in the test. <https://github.com/openssl/openssl/issues/3665> Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- lib/IO/Socket/SSL.pod | 2 +- t/npn.t | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/IO/Socket/SSL.pod b/lib/IO/Socket/SSL.pod index 95401aa..363901b 100644 --- a/lib/IO/Socket/SSL.pod +++ b/lib/IO/Socket/SSL.pod @@ -1336,7 +1336,7 @@ as an array ref. See also method C<next_proto_negotiated>. Next Protocol Negotiation (NPN) is available with Net::SSLeay 1.46+ and -openssl-1.0.1+. +openssl-1.0.1+. NPN is unavailable in TLSv1.3 protocol. To check support you might call C<< IO::Socket::SSL->can_npn() >>. If you use this option with an unsupported Net::SSLeay/OpenSSL it will throw an error. diff --git a/t/npn.t b/t/npn.t index 8992a77..6ee6ca6 100644 --- a/t/npn.t +++ b/t/npn.t @@ -25,6 +25,8 @@ my $addr = '127.0.0.1'; my $server = IO::Socket::SSL->new( LocalAddr => $addr, Listen => 2, + SSL_version => 'SSLv23:!TLSv1_3', # NPN does not exist in TLSv1.3 + # https://github.com/openssl/openssl/issues/3665 SSL_cert_file => 'certs/server-cert.pem', SSL_key_file => 'certs/server-key.pem', SSL_npn_protocols => [qw(one two)], -- 2.14.4

Tue Aug 21 08:15:24 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> t/session_ticket.t -- TLSv1.3 tickets needs to use > SSL_CTX_sess_set_new_cb() that is not yet provided by Net-SSLeay.

It seems a proper support would need more than SSL_CTX_sess_set_new_cb() because the new API is quite rich including interaction with internal OpenSSL session cache. Attached patch excluded TLSv1.3 from the t/session_ticket.t.

Tue Aug 21 08:15:45 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> t/session_ticket.t -- TLSv1.3 tickets needs to use > SSL_CTX_sess_set_new_cb() that is not yet provided by Net-SSLeay.

It seems a proper support would need more than SSL_CTX_sess_set_new_cb() because the new API is quite rich including interaction with internal OpenSSL session cache. Attached patch excluded TLSv1.3 from the t/session_ticket.t.

Subject:

0001-Exclude-TLSv1.3-from-t-session_ticket.t.patch

From c332d19048735e32e2754685fa3c8654ca068b78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Tue, 21 Aug 2018 12:32:39 +0200 Subject: [PATCH] Exclude TLSv1.3 from t/session_ticket.t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The test fails with OpenSSL 1.1.1 because SSL_get1_session() is not reliable with TLSv1.3. A proper resumption support would need migration to SSL_CTX_sess_set_new_cb() API. This patch also performs full SSL_shutdown in the test becasue SSL_get1_session() manual documents that a connection must be properly SSL_shutdowned, otherwise the session will be removed from the (internal) session cache. Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- t/session_ticket.t | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/t/session_ticket.t b/t/session_ticket.t index bff6a86..69cbc96 100644 --- a/t/session_ticket.t +++ b/t/session_ticket.t @@ -69,7 +69,7 @@ my $client = sub { diag("connect to $i: ". ($cl ? "success reuse=$reuse" : "error: $!,$SSL_ERROR")); is($reuse,$expect_reuse,$desc); - close($cl); + $cl->close('SSL_fast_shutdown' => 0); }; @@ -123,6 +123,11 @@ sub _server { SSL_verify_mode => SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_ticket_keycb => $get_ticket_key, SSL_session_id_context => 'foobar', + SSL_version => 'SSLv23:!TLSv1_3', # TLSv1.3 sends session tickes after + # a handshake, this SSL_get1_session() is not reliable anymore. + # Exclude TLSv1.3 from tests. Proper TLSv1.3 session resumption + # will need SSL_CTX_sess_set_new_cb(). + # <https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/> ) or die "failed to create SSL context: $SSL_ERROR"; } @@ -158,7 +163,7 @@ sub _server { print "rotate secrets\n"; push @secrets, shift(@secrets); } - close($cl); + $cl->close('SSL_fast_shutdown' => 0); alarm(0); last; } -- 2.14.4

Tue Aug 21 10:13:26 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> t/sni_verify.t -- server dies with SIGPIPE because tickets send to > closes TCP socket, trivial to fix with a proper SSL_shutdown in > t/sni_verify.t. >

Similar bug is n t/sni.t. But here instead of SIGPIPE the accept simply failed and undefined client socket lead to run-time exception when invoking a method on it. Attached patch fixes it. Maybe IO::Socket::SSL should default to 'SSL_fast_shutdown' => 0 in globally. Otherwise many application will be surprised.

Subject:

0001-Do-two-way-shutdown-in-t-sni.t.patch

From 1d19a7d01960fd8dc00bb3929a1ffaee186470fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Tue, 21 Aug 2018 16:02:19 +0200 Subject: [PATCH] Do two-way shutdown in t/sni.t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit TLSv1.3 performs more reading and writing in SSL_accept(). If a client disconnects after the handshake but before the server finishes SSL_accept(), the t/sni.t test would fail because accept() could fail with ECONNRESET. This happened randomly. Failed accept() lead to undef->get_servername() call that triggered a run-time exception and that caused a client being stucked and the test script never exited. This fixes both these issues. Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- t/sni.t | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/t/sni.t b/t/sni.t index de0f06e..91206de 100644 --- a/t/sni.t +++ b/t/sni.t @@ -68,15 +68,31 @@ if ( $pid == 0 ) { $client->verify_hostname($host,'http') or print "not "; print "ok # client verify hostname in cert $host\n"; + # Shutdown TLS properly. Otherwise TLSv1.3 $server->accept() fails with + # ECONNRESET when a client disconnects too early. + $client->close('SSL_fast_shutdown' => 0); } exit; } +# If the server dies, a client can get stuck in read(2) while Perl interpreter +# is collecting children status in the die handler using wait4(2). +$SIG{__DIE__} = sub { + STDERR->print("Server died. Killing client with $pid PID.\n"); + kill(9, $pid); +}; for my $host (@tests) { - my $csock = $server->accept or print "not "; - print "ok # server accept\n"; + my $csock = $server->accept; + if (!$csock) { + print "not ok # server accept SSL_ERROR='$SSL_ERROR', errno='$!'"; + } else { + print "ok # server accept\n"; + } my $name = $csock->get_servername; print "not " if ! $name or $name ne $host; print "ok # server got SNI name $host\n"; + # Shutdown TLS properly. Otherwise TLSv1.3 $server->accept() fails with + # ECONNRESET when a client disconnects too early. + $csock->close('SSL_fast_shutdown' => 0); } wait; -- 2.14.4

Tue Aug 21 11:10:45 2018 ppisar [...] redhat.com - Correspondence added

Dne Pá 17.srp.2018 08:15:03, ppisar napsal(a): Show quoted text

> Latest changes for IO-Socket-SSL are attached.

Adapt-to-OpenSSL-1.1.1.patch added TLSv1_3 constant and implemented TLSv1.3 only contexts using Net::SSLeay::TLS1_3_VERSION(). Using this constant-subroutine blasts if Net::SSLeay was built on a system with old OpenSSL without TLSv1.3 support. Attached patch fixes Net::SSLeay::TLS1_3_VERSION() use so that it's possible to build and pass all tests on systems with and without OpenSSL 1.1.1

Subject:

0001-Fix-building-on-systems-without-TLSv1.3-support.patch

From 12ff43c81b10446bd74cc719f0a6913040598c58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Tue, 21 Aug 2018 16:34:39 +0200 Subject: [PATCH] Fix building on systems without TLSv1.3 support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If OpenSSL does not support TLSv1.3, Net::SSLeay does not have TLS1_3_VERSION() and t/protocol_version.t fails with: # Failed test 'Your vendor has not defined SSLeay macro TLS1_3_VERSION at /home/test/fedora/perl-IO-Socket-SSL/IO-Socket-SSL-2.059/blib/lib/IO/Socket/SSL.pm line 2337. # ' # at ./t/testlib.pl line 39. This patch fixes creating IO::Socket:SSL context for TLSv1.3 by checking whether it's supported by Net::SSLeay. Signed-off-by: Petr PÃsaÅ <ppisar@redhat.com> --- lib/IO/Socket/SSL.pm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/IO/Socket/SSL.pm b/lib/IO/Socket/SSL.pm index 5b43467..7138ab0 100644 --- a/lib/IO/Socket/SSL.pm +++ b/lib/IO/Socket/SSL.pm @@ -2334,6 +2334,10 @@ sub new { # There is no CTX_tlsv1_3_new(). Create TLSv1.3 only context using # a flexible method. if ($ver eq 'TLSv1_3') { + if (!eval {Net::SSLeay::TLS1_3_VERSION()}) { + return IO::Socket::SSL->_internal_error( + "SSL Version $ver not supported",9); + } if (!Net::SSLeay::CTX_set_min_proto_version($ctx, Net::SSLeay::TLS1_3_VERSION()) or !Net::SSLeay::CTX_set_max_proto_version($ctx, -- 2.14.4

Fri Aug 24 10:04:43 2018 RADIATOR [...] cpan.org - Correspondence added

On pe 17.elokuu 2018 08:15:03, ppisar wrote: Show quoted text

> t/session_ticket.t -- TLSv1.3 tickets needs to use > SSL_CTX_sess_set_new_cb() that is not yet provided by Net-SSLeay.

Github issue now exists to track this: https://github.com/radiator-software/p5-net-ssleay/issues/38 -- Heikki

Fri Aug 24 10:04:44 2018 The RT System itself - Status changed from 'new' to 'open'

Fri Aug 24 18:32:55 2018 gregoa [...] cpan.org - Cc GREGOA added

Wed Aug 29 12:15:14 2018 Steffen_Ullrich [...] genua.de - Correspondence added

Thanks for the input so far. From my perspective support in Perl for TLS 1.3 with OpenSSL 1.1.1 seems to be not really stable right now - there seem to be still changes needed in Net::SSLeay before TLS 1.3 can be fully integrated, tested and supported by IO::Socket::SSL. While your changes look fine in general I'm not really comfortable with the necessary SSL_fast_shutdown on various places in the tests, since this also means that end users might face and address these problems themselves in their own code when moving to the new OpenSSL version. If possible I would prefer if you take these changes to github since its easier to handle larger changes there instead of extracting all patches and hopefully only the latest from this issuer tracker. Regards, Steffen

Wed Aug 29 12:15:15 2018 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'new'

Tue Sep 04 08:09:58 2018 ppisar [...] redhat.com - Correspondence added

Subject:	Re: [rt.cpan.org #126899] Tests fail with OpenSSL 1.1.1
Date:	Tue, 4 Sep 2018 14:01:52 +0200
To:	Steffen Ullrich via RT <bug-IO-Socket-SSL [...] rt.cpan.org>
From:	Petr Pisar <ppisar [...] redhat.com>

On Wed, Aug 29, 2018 at 12:15:15PM -0400, Steffen Ullrich via RT wrote: Show quoted text

> While your changes look fine in general I'm not really comfortable with the > necessary SSL_fast_shutdown on various places in the tests, since this also > means that end users might face and address these problems themselves in > their own code when moving to the new OpenSSL version. >

I agree with you. I was only worried about non-blocking mode that cannot change default SSL shutdown to full two-way shutdown because of the nature of the non-blocking mode. Therefore blocking and non-blocking mode would behave differently. Fortunately OpenSSL commited a change <https://github.com/openssl/openssl/commit/f273ff953abfafbb5fc4d68904469f862fbeae8a> that allows SSL_accept() to survive a half-closed TCP connection without reporting an error. The only deficiency is that a server still has to actively ignore SIGPIPE signal. I will retest IO-Socket-SSL with the OpenSSL change. Probably won't need the SSL_fast_shutdown anymore. Show quoted text

> If possible I would prefer if you take these changes to github since its > easier to handle larger changes there instead of extracting all patches and > hopefully only the latest from this issuer tracker. >

Here it is <https://github.com/ppisar/p5-io-socket-ssl/commits/TLSv1.3>. I was reluctant to use the github repository as it lack behined the IO-Socket-SSL-2.059 CPAN release. -- Petr

Download signature.asc
application/pgp-signature 228b

Message body not shown because it is not plain text.

Tue Sep 04 08:31:05 2018 Steffen_Ullrich [...] genua.de - Correspondence added

Show quoted text

>.... I was > reluctant to use the github repository as it lack behined the > IO-Socket-SSL-2.059 CPAN release. >

It looks like I forgot to push the changes. github should now be up-to-date.

Tue Sep 04 08:31:05 2018 The RT System itself - Status changed from 'new' to 'open'

Sat Sep 15 09:49:13 2018 kurt [...] roeckx.be - Correspondence added

Subject:	Re: [rt.cpan.org #126899] Tests fail with OpenSSL 1.1.1
Date:	Sat, 15 Sep 2018 15:41:05 +0200
To:	bug-IO-Socket-SSL [...] rt.cpan.org
From:	Kurt Roeckx <kurt [...] roeckx.be>

With OpenSSL 1.1.1, when acting as client, I suggest that you turn SSL_fast_shutdown into a 2 way shutdown. This has the following advantages: - This will prevent the server from getting an EPIPE. - You can resume sessions, assuming you ask them at the right time. The disadvantage is that you of course need to wait for the reply of the server.

Sun Sep 16 15:22:36 2018 Steffen_Ullrich [...] genua.de - Correspondence added

Am Sa 15. Sep 2018, 09:49:13, kurt@roeckx.be schrieb: Show quoted text

> With OpenSSL 1.1.1, when acting as client, I suggest that you turn > SSL_fast_shutdown into a 2 way shutdown. > > This has the following advantages: > - This will prevent the server from getting an EPIPE. > - You can resume sessions, assuming you ask them at the right > time. > > The disadvantage is that you of course need to wait for the reply > of the server.

The expectation with close on IO::Socket objects is that it returns immediately. I would like to fullfill this expectation and not have it behave differently depending on the version of OpenSSL. But I think that users of IO::Socket::SSL must be more aware on how much different a SSL socket from a "normal" socket can behave. It was actually possible even before OpenSSL 1.1.1 that a a signal PIPE might have been triggered during accept (i.e. SSL_accept) or close (i.e. SSL_shutdown) since both functions send data to the peer and the peer might already have been closed at the TCP level. It is only more likely that this happens now, but it is not actually new. Therefore I added PIPE handling to the tests and also updated the documentation in 2.060 to specifically point out these problems.

Sun Sep 16 15:27:20 2018 Steffen_Ullrich [...] genua.de - Correspondence added

Am Di 04. Sep 2018, 08:31:05, SULLR schrieb: Show quoted text

>

> >.... I was > > reluctant to use the github repository as it lack behined the > > IO-Socket-SSL-2.059 CPAN release. > >

> > It looks like I forgot to push the changes. github should now be up-to-date.

Thanks, I just release 2.060 which should be compatible with TLS 1.3 and OpenSSL 1.1.1. I've incorporated some of your changes but also did some things different than you did. Session resume is not yet done for TLS 1.3 but the tests should now all succeed so I close this issue.

Mon Sep 17 06:35:26 2018 dam [...] cpan.org - Correspondence added

На 16 септ. 2018, нд 22:27:20, SULLR написа: Show quoted text

> I just release 2.060 which should be compatible with TLS 1.3 and > OpenSSL 1.1.1. I've incorporated some of your changes but also did > some things different than you did. Session resume is not yet done for > TLS 1.3 but the tests should now all succeed so I close this issue.

Thanks for the new release! The Debian package of 2.060 still managed to fail a couple of tests, see https://buildd.debian.org/status/fetch.php?pkg=libio-socket-ssl-perl&arch=all&ver=2.060-1&stamp=1537167776&raw=0 Locally I also made t/startssl.t fail by running it in a loop and loading the CPU. I wonder if it would be appropriate to ignore SIGPIPE in all tests that involve forking. -- dam

Mon Sep 17 06:36:49 2018 dam [...] cpan.org - Cc DAM added

Mon Sep 17 07:54:39 2018 dam [...] cpan.org - Correspondence added

На 17 септ. 2018, пн 13:35:26, DAM написа: Show quoted text

> I wonder if it would be appropriate to ignore SIGPIPE in all tests > that involve forking.

Here's the list of the tests that still fail in 2.060 when run in a loop on my system with overloaded CPU: - t/alpn.t - t/compatibility.t - t/dhe.t - t/ecdhe.t - t/io-socket-inet6.t - t/io-socket-ip.t - t/public_suffix_ssl.t - t/sessions.t - t/startssl.t - t/verify_fingerprint.t - t/verify_hostname.t The symptom is Wstatus=13. Ignoring SIGPIPE seems to make them to pass under the same conditions. Attaching more-sigpipe-ignore.patch - a convenience patch adding $SIG{'PIPE'} = "IGNORE" to them.

Subject:

more-sigpipe-ignore.patch

Description: ignore SIGPIPE in more tests These are the tests which failed (killed with SIGPIPE, Wstat=13) when run continuously on a CPU-loaded system. Author: Damyan Ivanov <dmn@debian.org> --- a/t/compatibility.t +++ b/t/compatibility.t @@ -14,6 +14,7 @@ Test::More->builder->use_numbers(0); Test::More->builder->no_ending(1); $SIG{'CHLD'} = "IGNORE"; +$SIG{'PIPE'} = "IGNORE"; IO::Socket::SSL::context_init(SSL_verify_mode => 0x01); --- a/t/verify_hostname.t +++ b/t/verify_hostname.t @@ -14,6 +14,7 @@ my $can_idn = eval { require Encode } & || eval { require URI; URI->VERSION(1.50) } ); +$SIG{'PIPE'} = "IGNORE"; $|=1; my $max = 42; $max+=3 if $can_idn; --- a/t/startssl.t +++ b/t/startssl.t @@ -8,6 +8,8 @@ use IO::Socket::SSL; use IO::Select; do './testlib.pl' || do './t/testlib.pl' || die "no testlib"; +$SIG{'PIPE'} = "IGNORE"; + $|=1; print "1..21\n"; --- a/t/dhe.t +++ b/t/dhe.t @@ -11,6 +11,7 @@ use Socket; use IO::Socket::SSL; do './testlib.pl' || do './t/testlib.pl' || die "no testlib"; +$SIG{'PIPE'} = "IGNORE"; $|=1; print "1..3\n"; --- a/t/ecdhe.t +++ b/t/ecdhe.t @@ -14,6 +14,7 @@ if ( ! IO::Socket::SSL->can_ecdh ) { exit } +$SIG{'PIPE'} = "IGNORE"; $|=1; print "1..4\n"; --- a/t/alpn.t +++ b/t/alpn.t @@ -17,6 +17,7 @@ if ( ! IO::Socket::SSL->can_alpn ) { exit; } +$SIG{'PIPE'} = "IGNORE"; print "1..5\n"; # first create simple ssl-server --- a/t/io-socket-ip.t +++ b/t/io-socket-ip.t @@ -29,6 +29,8 @@ unless( IO::Socket::SSL->CAN_IPV6 eq "IO exit } +$SIG{'PIPE'} = "IGNORE"; + my $addr = '::1'; # check if we can use ::1, e.g. if the computer has IPv6 enabled if ( ! IO::Socket::IP->new( --- a/t/io-socket-inet6.t +++ b/t/io-socket-inet6.t @@ -37,6 +37,8 @@ unless( IO::Socket::SSL->CAN_IPV6 eq "IO exit } +$SIG{'PIPE'} = "IGNORE"; + my $addr = '::1'; # check if we can use ::1, e.g. if the computer has IPv6 enabled if ( ! IO::Socket::INET6->new( --- a/t/public_suffix_ssl.t +++ b/t/public_suffix_ssl.t @@ -34,6 +34,7 @@ my @tests = qw( ok:www.foo.nodomain|*.foo.nodomain ); +$SIG{'PIPE'} = "IGNORE"; $|=1; plan tests => 0+@tests; --- a/t/sessions.t +++ b/t/sessions.t @@ -9,6 +9,7 @@ use Socket; use IO::Socket::SSL; do './testlib.pl' || do './t/testlib.pl' || die "no testlib"; +$SIG{'PIPE'} = "IGNORE"; $|=1; my $numtests = 35; print "1..$numtests\n"; --- a/t/verify_fingerprint.t +++ b/t/verify_fingerprint.t @@ -8,6 +8,8 @@ do './testlib.pl' || do './t/testlib.pl' plan tests => 13; +$SIG{'PIPE'} = "IGNORE"; + my ($ca1,$cakey1) = CERT_create( CA => 1, subject => { CN => 'ca1' }); my ($cert1,$key1) = CERT_create( subject => { CN => 'cert1' },

Mon Sep 17 08:12:30 2018 Steffen_Ullrich [...] genua.de - Correspondence added

Am Mo 17. Sep 2018, 07:54:39, DAM schrieb: Show quoted text

> На 17 септ. 2018, пн 13:35:26, DAM написа:

> > I wonder if it would be appropriate to ignore SIGPIPE in all tests > > that involve forking.

I think this is a good idea. I made the relevant change to t/testlib.pl since this is used by all tests which fork. See https://github.com/noxxi/p5-io-socket-ssl/commit/e96b1c9e394011de4ee181cfa42b8021796bf7d4.

Mon Sep 24 09:33:19 2018 ppisar [...] redhat.com - Correspondence added

Dne Ne 16.zář.2018 15:27:20, SULLR napsal(a): Show quoted text

> I just release 2.060 which should be compatible with TLS 1.3 and > OpenSSL 1.1.1.

I sent you documentation update <https://github.com/noxxi/p5-io-socket-ssl/pull/75> for TLSv1_3 SSL_protocol.

Sat Mar 02 11:42:57 2019 Steffen_Ullrich [...] genua.de - Correspondence added

Support for OpenSSL 1.1.1 and TLS 1.3 is included in IO::Socket::SSL 2.061 but it needs Net::SSLeay 1.86 (not released yet, 1.86_07 works).

Sat Mar 02 11:42:59 2019 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'