Skip Menu |

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 73629
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL
People
Owner: Nobody in particular
Requestors: d.thomas [...] its.uq.edu.au
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Dec 30 19:26:36 2011 d.thomas [...] its.uq.edu.au - Ticket created
Subject: spurious 'uninitialized value in subroutine entry'
The warning doesn't mean what it says for XS code http://www.perlmonks.org/?node_id=415183 so it may really come from Net::SSLeay googling "Use of uninitialized value in subroutine entry" IO::Socket::SSL returns quite a few matches over the years happens on RHEL5,RHEL6, FreeBSD7.2 but only for a test of ldaps. The same perl/modules is used for https without generating the warning. I believe the LDAP server is running OpenLDAP. NB the perl is one I've built, e.g. without threads perl 5.14.2 IO-Socket-SSL-1.53.tar.gz Net-SSLeay-1.42.tar.gz perl-ldap-0.43.tar.gz currently I'm using a patch --- IO-Socket-SSL-1.53.orig/SSL.pm 2011-12-12 07:33:00.000000000 +1000 +++ IO-Socket-SSL-1.53/SSL.pm 2011-12-29 10:02:20.000000000 +1000 @@ -388,7 +388,9 @@ my $start = defined($timeout) && time(); for my $dummy (1) { #DEBUG( 'calling ssleay::connect' ); + no warnings 'uninitialized'; my $rv = Net::SSLeay::connect($ssl); + use warnings; DEBUG( 3,"Net::SSLeay::connect -> $rv" ); if ( $rv < 0 ) { unless ( $self->_set_rw_error( $ssl,$rv )) { FYI I only tried on one of my older versions of the perl I'd build: RHEL6, perl 5.10.1, IO::Socket::SSL 1.39, Net::SSLeay 1.36 It did not generate the warning However 5.10.1 with the same set of modules as 5.14.2 did produce the warning (only tried on rhel6) TEST CASE NB the host won't be accessible outside our network ============================= #!/opt/bin/perl -w use warnings; use strict; use Net::LDAP; my $ldap = Net::LDAP->new('tangelo.herston.uq.edu.au', 'port' => 636, 'scheme'=>'ldaps', 'timeout' => 10 ); CHANGES TO SSL.pm ============================= $DEBUG = 4; ... #DEBUG( 'calling ssleay::connect' ); printf "\$ssl = %s\n", $ssl; my $rv = Net::SSLeay::connect($ssl); DEBUG( 3,"Net::SSLeay::connect -> $rv" ); OUTPUT ============================= root@kolanut# /tmp/tt.pl DEBUG: .../IO/Socket/SSL.pm:1546: new ctx 214554528 DEBUG: .../IO/Socket/SSL.pm:334: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:336: socket connected DEBUG: .../IO/Socket/SSL.pm:349: ssl handsDEBUG: .../IO/Socket/SSL.pm:349: ssl handsDEBUG: .../IO/Socket/SSL.pm:349: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:379: set socket to non-blocking to enforce timeout=10 $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:403: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:413: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:433: socket ready, retrying connect $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:1534: ok=0 cert=214966672 Use of uninitialized value in subroutine entry at /opt/perl/uq.is.perl.rhel5-5.14.2- 20111214/lib/site_perl/5.14.2/IO/Socket/SSL.pm line 392, <DATA> line 522. DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:403: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:413: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:433: socket ready, retrying connect $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> 1 DEBUG: .../IO/Socket/SSL.pm:448: ssl handshake done DEBUG: .../IO/Socket/SSL.pm:1583: free ctx 214554528 open=214554528 DEBUG: .../IO/Socket/SSL.pm:1588: free ctx 214554528 callback DEBUG: .../IO/Socket/SSL.pm:1591: OK free ctx 214554528 OLDER VERSION ============================= DEBUG: .../IO/Socket/SSL.pm:1462: new ctx 36144960 DEBUG: .../IO/Socket/SSL.pm:332: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:334: socket connected DEBUG: .../IO/Socket/SSL.pm:347: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:377: set socket to non-blocking to enforce timeout=10 DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:400: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:410: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:430: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:400: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:410: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:430: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> 1 DEBUG: .../IO/Socket/SSL.pm:445: ssl handshake done DEBUG: .../IO/Socket/SSL.pm:1498: free ctx 36144960 open=36144960 DEBUG: .../IO/Socket/SSL.pm:1506: OK free ctx 36144960
  Sun Jan 01 23:03:45 2012 d.thomas [...] its.uq.edu.au - Correspondence added
From: d.thomas [...] its.uq.edu.au
On Fri Dec 30 19:26:36 2011, d.thomas@its.uq.edu.au wrote: Show quoted text
> The warning doesn't mean what it says for XS code > http://www.perlmonks.org/?node_id=415183 > so it may really come from Net::SSLeay
so have logged a report against Net::SSLeay https://rt.cpan.org/Public/Bug/Display.html?id=73663 which is basically a link to this bug report
  Mon Jan 02 14:18:23 2012 Steffen_Ullrich [...] genua.de - Correspondence added
Hi, I see, that you use "perl -w", thus forcing all imported modules to behave like they enabled warnings themself. I don't consider this a good idea, you better use the warnings module to only enable warnings within your code, not within 3rd party modules you use. If the author of the 3rd party module considers his module safe against warnings he might enable warnings himself. Regards, Steffen
  Mon Jan 02 14:18:24 2012 The RT System itself - Status changed from 'new' to 'open'
  Mon Jan 02 14:18:25 2012 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'rejected'
  Fri Jan 06 18:41:50 2012 MIKEM [...] cpan.org - Correspondence added
Hello, After careful investigation, it turns out this warning is due to the following line about 290 in IO::Socket::SSL.pm in the definition of SSL_verify_callback $ok or return; it should be $ok or return 0; The undefined return value from the verify callback is reported at the time the Net::SSLeay::connect returns I will reject the error report in https://rt.cpan.org/Public/Bug/Display.html?id=73663 Cheers. On Sun Jan 01 23:03:45 2012, d.thomas@its.uq.edu.au wrote: Show quoted text
> On Fri Dec 30 19:26:36 2011, d.thomas@its.uq.edu.au wrote:
> > The warning doesn't mean what it says for XS code > > http://www.perlmonks.org/?node_id=415183 > > so it may really come from Net::SSLeay
> so have logged a report against Net::SSLeay > https://rt.cpan.org/Public/Bug/Display.html?id=73663 > which is basically a link to this bug report
  Fri Jan 06 18:41:52 2012 The RT System itself - Status changed from 'rejected' to 'open'
  Wed Jan 11 02:40:29 2012 d.thomas [...] its.uq.edu.au - Correspondence added
Subject: Re: [rt.cpan.org #73629] spurious 'uninitialized value in subroutine entry'
Date: Wed, 11 Jan 2012 07:40:17 +0000
To: "<bug-IO-Socket-SSL [...] rt.cpan.org>" <bug-IO-Socket-SSL [...] rt.cpan.org>
From: Danny Thomas <d.thomas [...] its.uq.edu.au>
On 07/01/2012, at 9:41 AM, MIKEM via RT wrote: Show quoted text
> After careful investigation, it turns out this warning is due to the > following line about 290 in IO::Socket::SSL.pm in the definition of > SSL_verify_callback > > $ok or return; > > it should be > $ok or return 0; > > The undefined return value from the verify callback is reported at the > time the Net::SSLeay::connect returns
I can confirm the warning from the test script stopped after making this change.
  Wed Jan 11 03:14:04 2012 Steffen_Ullrich [...] genua.de - Correspondence added
Thank you for the fix. I've applied it and released version 1.54. Regards, Steffen
  Wed Jan 11 03:14:05 2012 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'