Skip Menu |

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 126987
Status: resolved
Priority: 0/
Queue: Net-SSLeay
People
Owner: chrisn [...] cpan.org
Requestors: dam [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 1.86_06

History Show all quoted text
  Wed Aug 29 16:19:41 2018 dam [...] cpan.org - Ticket created
From: dam [...] cpan.org
Subject: [PATCH] set security level to 1 in tests working with keys less than 2048 bits long
In Debian we are currently applying the following patch to Net-SSLeay. We thought you might be interested in it too. Description: set security level to 1 in tests working with keys less than 2048 bits long When openssl is built with default security level of 2 and above, all operations with RSA keys under 2048 bits are rejected. Setting the security level to 1 makes the test pass with the smaller keys. . Requires the patch adding security_level() routines. Author: Damyan Ivanov <dmn@debian.org> The patch is tracked in our Git repository at https://salsa.debian.org/perl-team/modules/packages/libnet-ssleay-perl/raw/master/debian/patches/test-with-security-level-1.patch Thanks for considering, Damyan Ivanov, Debian Perl Group
  Wed Aug 29 16:19:44 2018 dam [...] cpan.org - Correspondence added
Here's the patch.

Message body is not shown because sender requested not to inline it.

  Wed Aug 29 16:42:09 2018 chrisn [...] cpan.org - Correspondence added
On Wed Aug 29 21:19:41 2018, DAM wrote: Show quoted text
> In Debian we are currently applying the following patch to > Net-SSLeay. > We thought you might be interested in it too. > > Description: set security level to 1 in tests working with keys less > than 2048 bits long > When openssl is built with default security level of 2 and above, all > operations with RSA keys under 2048 bits are rejected. Setting the > security > level to 1 makes the test pass with the smaller keys. > . > Requires the patch adding security_level() routines.
Thanks, Damyan --- this is related to RT#126270, but I prefer this solution in the short term and RT#126270 in the long term. We'll apply this, conditional on the patch in RT#126986 being applied. [1] https://rt.cpan.org/Ticket/Display.html?id=126270
  Wed Aug 29 16:42:10 2018 The RT System itself - Status changed from 'new' to 'open'
  Mon Sep 03 12:23:42 2018 chrisn [...] cpan.org - Correspondence added
On Wed Aug 29 21:42:09 2018, CHRISN wrote: Show quoted text
> Thanks, Damyan --- this is related to RT#126270, but I prefer this > solution in the short term and RT#126270 in the long term. We'll apply > this, conditional on the patch in RT#126986 being applied.
Now that the patch in RT#126986 has been applied, I've applied this one too (with minor modifications to credit you in Changes): https://github.com/radiator-software/p5-net-ssleay/pull/53 This will be included in the next developer release (1.86_06) and the next stable release after that.
  Mon Sep 03 12:23:44 2018 chrisn [...] cpan.org - Status changed from 'open' to 'patched'
  Mon Sep 03 12:23:44 2018 chrisn [...] cpan.org - Taken
  Sun Dec 16 11:24:48 2018 chrisn [...] cpan.org - Status changed from 'patched' to 'resolved'
  Sun Dec 16 11:24:48 2018 chrisn [...] cpan.org - Fixed in 1.86_06 added