Bug #127147 for Net-Server-Mail: [PATCH] use 4096-bit test certificate (fixes tests with openssl 1.1.1)

Wed Sep 19 15:24:28 2018 dam [...] cpan.org - Ticket created

From:	dam [...] cpan.org
Subject:	[PATCH] use 4096-bit test certificate (fixes tests with openssl 1.1.1)

In Debian we are currently applying the following patch to Net-Server-Mail. We thought you might be interested in it too. Description: use 4096-bit test certificate Openssl 1.1.1 raises its default security level from 1 to 2, which means it refuses to work with certificates with weak keys, which for RSA means at least 2048-bit keys. . The test certificate in t/certs uses a 1024-bit RSA key, which leads to the following error: . t/starttls.t .. 1/? # Error: TLS handshake failed SSL connect attempt failed error:1408F10B:SSL routines:ssl3_get_record:wrong version number at t/starttls.t line 116. . Re-creating the test certificate and key with: openssl req -x509 -newkey rsa:4096 -nodes \ -keyout t/certs/server-key.pem \ -out t/certs/server-cert.pem \ -days 5000 -text makes the test pass with openssl 1.1.1 Author: Damyan Ivanov <dmn@debian.org> The patch is tracked in our Git repository at https://salsa.debian.org/perl-team/modules/packages/libnet-server-mail-perl/raw/master/debian/patches/4096-bit-test-certificate.patch Thanks for considering, Damyan Ivanov, Debian Perl Group

Wed Sep 19 15:24:31 2018 dam [...] cpan.org - Correspondence added

Here's the patch.

Message body is not shown because sender requested not to inline it.

Wed Sep 19 15:46:45 2018 x.guimard [...] free.fr - Correspondence added

Fixed in 0.26, thanks !

Wed Sep 19 15:46:46 2018 The RT System itself - Status changed from 'new' to 'open'

Thu Sep 20 00:36:37 2018 x.guimard [...] free.fr - Correspondence added

0.26 released

Thu Sep 20 00:36:38 2018 x.guimard [...] free.fr - Status changed from 'open' to 'resolved'

Thu Sep 20 00:36:38 2018 x.guimard [...] free.fr - Fixed in 0.26 added