Skip Menu |

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 29279
Status: resolved
Worked: 30 min
Priority: 0/
Queue: Net-SSLeay
People
Owner: Nobody in particular
Requestors: Marek.Rouchal [...] gmx.net
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in: 1.32
Fixed in: (no value)

History Show all quoted text
  Mon Sep 10 08:26:39 2007 Marek.Rouchal [...] gmx.net - Ticket created
Subject: Error in 08_extrnal.t with proxy
Thank you for breathing new life into Net::SSLeay! I have one slight improvement suggestion, and one problem report. It would be nice if once could specify the OpenSSL root directory via a command line option to "perl Makefile.PL", or by an environment variable; please review the README, I think it has some references to the old Makefile.PL, and things do not work like that any more in Net-SSLeay- 1.32. Now for the problem: I have perl-5.8.8 (built on Solaris 8 and RedHat Enterprise Linux 3.0 Update 9, with gcc-4.1.2), OpenSSL 0.9.8e and Net- SSLeay-1.32; I am sitting behind a firewall and use a proxy server. I changed the 08_external.t like this to enable the proxy: diff -ruN Net-SSLeay-1.32/t/external/08_external.t Net-SSLeay- 1.32p1/t/external/08_external.t --- Net-SSLeay-1.32/t/external/08_external.t 2007-07-14 22:01:25.000000000 +0200 +++ Net-SSLeay-1.32p1/t/external/08_external.t 2007-09-10 13:58:20.000000000 +0200 @@ -6,12 +6,21 @@ use Test::More; use Net::SSLeay; +$Net::SSLeay::trace = 3; + +# use a proxy +my $prox = $ENV{SSLEAY_PROXY} || $ENV{HTTP_PROXY} || $ENV{http_proxy}; +if(defined $prox && $prox =~ m#^(?:http://|)(\S+):(\d+)/?$#) { + Net::SSLeay::set_proxy($1, $2); +} + my @sites = qw( www.cdw.com - banking.wellsfargo.com - perldition.org - alioth.debian.org ); +# banking.wellsfargo.com +# perldition.org +# alioth.debian.org +#); plan tests => @sites * 2; END-OF-DIFF The same code (set_proxy) makes the tests 10_destroy.t and 50_external.t work as expected, but not 08_external.t, which produces the following output with trace=3: $ perl -Mblib t/external/08_external.t 1..2 do_httpx3(GET,1,www.cdw.com:443) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/do_httpx3.al) line 2302. httpx_cat: usessl=1 (www.cdw.com:443) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/httpx_cat.al) line 2212. Connect via proxy: proxy.muc.infineon.com:81 at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/open_proxy_tcp_connection.al) line 1640. Opening connection to proxy.muc.infineon.com:81 (172.23.16.163) at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/open_tcp_connection.al) line 1615. Asking proxy to connect to www.cdw.com:443 at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/open_proxy_tcp_connection.al) line 1644. write_all VM at entry=vm_unknown to_write=36 written so far 36:36 bytes (VM=vm_unknown) got 1:0 bytes (VM=vm_unknown). got 1:1 bytes (VM=vm_unknown). got 1:2 bytes (VM=vm_unknown). got 1:3 bytes (VM=vm_unknown). got 1:4 bytes (VM=vm_unknown). got 1:5 bytes (VM=vm_unknown). got 1:6 bytes (VM=vm_unknown). got 1:7 bytes (VM=vm_unknown). got 1:8 bytes (VM=vm_unknown). got 1:9 bytes (VM=vm_unknown). got 1:10 bytes (VM=vm_unknown). got 1:11 bytes (VM=vm_unknown). got 1:12 bytes (VM=vm_unknown). got 1:13 bytes (VM=vm_unknown). got 1:14 bytes (VM=vm_unknown). got 1:15 bytes (VM=vm_unknown). got 1:16 bytes (VM=vm_unknown). got 1:17 bytes (VM=vm_unknown). got 1:18 bytes (VM=vm_unknown). got 1:19 bytes (VM=vm_unknown). got 1:20 bytes (VM=vm_unknown). got 1:21 bytes (VM=vm_unknown). got 1:22 bytes (VM=vm_unknown). got 1:23 bytes (VM=vm_unknown). got 1:24 bytes (VM=vm_unknown). got 1:25 bytes (VM=vm_unknown). got 1:26 bytes (VM=vm_unknown). got 1:27 bytes (VM=vm_unknown). got 1:28 bytes (VM=vm_unknown). got 1:29 bytes (VM=vm_unknown). got 1:30 bytes (VM=vm_unknown). got 1:31 bytes (VM=vm_unknown). got 1:32 bytes (VM=vm_unknown). got 1:33 bytes (VM=vm_unknown). got 1:34 bytes (VM=vm_unknown). got 1:35 bytes (VM=vm_unknown). got 1:36 bytes (VM=vm_unknown). Proxy response: HTTP/1.0 200 Connection established Creating SSL 0 context... Creating SSL connection (context was '167693264')... Setting fd (ctx 167693264, con 167695640)... Entering SSL negotiation phase... Cipher list: DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA, DHE-DSS-AES256- SHA, AES256-SHA, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA, DES-CBC3- SHA, DES-CBC3-MD5, DHE-RSA-AES128-S HA, DHE-DSS-AES128-SHA, AES128-SHA, IDEA-CBC-SHA, IDEA-CBC-MD5, RC2- CBC-MD5, RC4-SHA, RC4-MD5, RC4-MD5, EDH-RSA-DES-CBC-SHA, EDH-DSS-DES- CBC-SHA, DES-CBC-SHA, DES-CBC-MD5, E XP-EDH-RSA-DES-CBC-SHA, EXP-EDH-DSS-DES-CBC-SHA, EXP-DES-CBC-SHA, EXP- RC2-CBC-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5, EXP-RC4-MD5\n at blib/lib/Net/SSLeay.pm (autosplit into blib /lib/auto/Net/SSLeay/https_cat.al) line 2145. SSL_connect 17391: 1 - error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol ok 1 # skip could not connect ok 2 # skip could not connect END-OF-TRANSCRIPT Do you have any idea what could be wrong? Anything I could try? Please let me know if you need more debugging information. Again, all other tests pass OK, after I added the proxy setting to the "external" tests. Cheers, Marek
  Mon Sep 10 19:53:48 2007 MIKEM [...] cpan.org - Correspondence added
From: MIKEM [...] cpan.org
Hello Marek, thanks for reporting this. This was due to a bug in open_proxy_tcp_connection was stopping after the first \n from teh proxy, but instead should have looked for $CRLF . $CRLF to find the beginning of the SSL content Your log shows that none of the handshakes worked. I dont understand how this could have ever worked properly in the past, since all proxy servers should return CRLF CRLF after its headers. Anyway, I have uploadd a fix to SVN. Cheers. On Mon Sep 10 08:26:39 2007, MAREKR wrote: Show quoted text
> Thank you for breathing new life into Net::SSLeay! I have one slight > improvement suggestion, and one problem report. It would be nice if > once could specify the OpenSSL root directory via a command line > option to "perl Makefile.PL", or by an environment variable; please > review the README, I think it has some references to the old > Makefile.PL, and things do not work like that any more in
Net-SSLeay- Show quoted text
> 1.32. > Now for the problem: I have perl-5.8.8 (built on Solaris 8 and
RedHat Show quoted text
> Enterprise Linux 3.0 Update 9, with gcc-4.1.2), OpenSSL 0.9.8e and
Net- Show quoted text
> SSLeay-1.32; I am sitting behind a firewall and use a proxy server.
I Show quoted text
> changed the 08_external.t like this to enable the proxy: > > diff -ruN Net-SSLeay-1.32/t/external/08_external.t Net-SSLeay- > 1.32p1/t/external/08_external.t > --- Net-SSLeay-1.32/t/external/08_external.t 2007-07-14 > 22:01:25.000000000 +0200 > +++ Net-SSLeay-1.32p1/t/external/08_external.t 2007-09-10 > 13:58:20.000000000 +0200 > @@ -6,12 +6,21 @@ > use Test::More; > use Net::SSLeay; > > +$Net::SSLeay::trace = 3; > + > +# use a proxy > +my $prox = $ENV{SSLEAY_PROXY} || $ENV{HTTP_PROXY} ||
$ENV{http_proxy}; Show quoted text
> +if(defined $prox && $prox =~ m#^(?:http://|)(\S+):(\d+)/?$#) { > + Net::SSLeay::set_proxy($1, $2); > +} > + > my @sites = qw( > www.cdw.com > - banking.wellsfargo.com > - perldition.org > - alioth.debian.org > ); > +# banking.wellsfargo.com > +# perldition.org > +# alioth.debian.org > +#); > > plan tests => @sites * 2; > > END-OF-DIFF > > The same code (set_proxy) makes the tests 10_destroy.t and > 50_external.t work as expected, but not 08_external.t, which
produces Show quoted text
> the following output with trace=3: > > $ perl -Mblib t/external/08_external.t > 1..2 > do_httpx3(GET,1,www.cdw.com:443) at blib/lib/Net/SSLeay.pm
(autosplit Show quoted text
> into blib/lib/auto/Net/SSLeay/do_httpx3.al) line 2302. > httpx_cat: usessl=1 (www.cdw.com:443) at blib/lib/Net/SSLeay.pm > (autosplit into blib/lib/auto/Net/SSLeay/httpx_cat.al) line 2212. > Connect via proxy: proxy.muc.infineon.com:81 at
blib/lib/Net/SSLeay.pm Show quoted text
> (autosplit into
blib/lib/auto/Net/SSLeay/open_proxy_tcp_connection.al) Show quoted text
> line 1640. > Opening connection to proxy.muc.infineon.com:81 (172.23.16.163) at > blib/lib/Net/SSLeay.pm (autosplit into > blib/lib/auto/Net/SSLeay/open_tcp_connection.al) line 1615. > Asking proxy to connect to www.cdw.com:443 at blib/lib/Net/SSLeay.pm > (autosplit into
blib/lib/auto/Net/SSLeay/open_proxy_tcp_connection.al) Show quoted text
> line 1644. > write_all VM at entry=vm_unknown to_write=36 > written so far 36:36 bytes (VM=vm_unknown) > got 1:0 bytes (VM=vm_unknown). > got 1:1 bytes (VM=vm_unknown). > got 1:2 bytes (VM=vm_unknown). > got 1:3 bytes (VM=vm_unknown). > got 1:4 bytes (VM=vm_unknown). > got 1:5 bytes (VM=vm_unknown). > got 1:6 bytes (VM=vm_unknown). > got 1:7 bytes (VM=vm_unknown). > got 1:8 bytes (VM=vm_unknown). > got 1:9 bytes (VM=vm_unknown). > got 1:10 bytes (VM=vm_unknown). > got 1:11 bytes (VM=vm_unknown). > got 1:12 bytes (VM=vm_unknown). > got 1:13 bytes (VM=vm_unknown). > got 1:14 bytes (VM=vm_unknown). > got 1:15 bytes (VM=vm_unknown). > got 1:16 bytes (VM=vm_unknown). > got 1:17 bytes (VM=vm_unknown). > got 1:18 bytes (VM=vm_unknown). > got 1:19 bytes (VM=vm_unknown). > got 1:20 bytes (VM=vm_unknown). > got 1:21 bytes (VM=vm_unknown). > got 1:22 bytes (VM=vm_unknown). > got 1:23 bytes (VM=vm_unknown). > got 1:24 bytes (VM=vm_unknown). > got 1:25 bytes (VM=vm_unknown). > got 1:26 bytes (VM=vm_unknown). > got 1:27 bytes (VM=vm_unknown). > got 1:28 bytes (VM=vm_unknown). > got 1:29 bytes (VM=vm_unknown). > got 1:30 bytes (VM=vm_unknown). > got 1:31 bytes (VM=vm_unknown). > got 1:32 bytes (VM=vm_unknown). > got 1:33 bytes (VM=vm_unknown). > got 1:34 bytes (VM=vm_unknown). > got 1:35 bytes (VM=vm_unknown). > got 1:36 bytes (VM=vm_unknown). > Proxy response: HTTP/1.0 200 Connection established > Creating SSL 0 context... > Creating SSL connection (context was '167693264')... > Setting fd (ctx 167693264, con 167695640)... > Entering SSL negotiation phase... > Cipher list: DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA, DHE-DSS-AES256- > SHA, AES256-SHA, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA,
DES-CBC3- Show quoted text
> SHA, DES-CBC3-MD5, DHE-RSA-AES128-S > HA, DHE-DSS-AES128-SHA, AES128-SHA, IDEA-CBC-SHA, IDEA-CBC-MD5, RC2- > CBC-MD5, RC4-SHA, RC4-MD5, RC4-MD5, EDH-RSA-DES-CBC-SHA,
EDH-DSS-DES- Show quoted text
> CBC-SHA, DES-CBC-SHA, DES-CBC-MD5, E > XP-EDH-RSA-DES-CBC-SHA, EXP-EDH-DSS-DES-CBC-SHA, EXP-DES-CBC-SHA,
EXP- Show quoted text
> RC2-CBC-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5, EXP-RC4-MD5\n at > blib/lib/Net/SSLeay.pm (autosplit into blib > /lib/auto/Net/SSLeay/https_cat.al) line 2145. > SSL_connect 17391: 1 - error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > ok 1 # skip could not connect > ok 2 # skip could not connect > > END-OF-TRANSCRIPT > > Do you have any idea what could be wrong? Anything I could try?
Please Show quoted text
> let me know if you need more debugging information. Again, all other > tests pass OK, after I added the proxy setting to the "external"
tests. Show quoted text
> > Cheers, > > Marek
  Mon Sep 10 19:53:50 2007 The RT System itself - Status changed from 'new' to 'open'
  Mon Sep 10 19:55:02 2007 MIKEM [...] cpan.org - Correspondence added 30 min
Fix in SVN should now fix this
  Mon Sep 10 19:55:06 2007 MIKEM [...] cpan.org - Status changed from 'open' to 'resolved'
  Wed Sep 12 02:43:50 2007 Marek.Rouchal [...] gmx.net - Correspondence added
From: Marek.Rouchal [...] gmx.net
On Mo. 10. Sep. 2007, 19:55:02, MIKEM wrote: Show quoted text
> Fix in SVN should now fix this
This is just to confirm that the fix solves the error also here. Thank you for the very quick fix! -Marek
  Wed Sep 12 02:43:52 2007 The RT System itself - Status changed from 'resolved' to 'open'
  Thu Aug 14 07:54:00 2008 rafl [...] debian.org - Status changed from 'open' to 'resolved'