Skip Menu |

This queue is for tickets about the Net-Proxy CPAN distribution.

Report information
The Basics
Id: 89044
Status: new
Priority: 0/
Queue: Net-Proxy

People
Owner: Nobody in particular
Requestors: abi [...] grinser.de
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: [abi@grinser.de: Bug#467345: #467345: libnet-proxy-perl: FTBFS: hanging test]
Date: Mon, 30 Sep 2013 12:07:40 +0200
To: bug-Net-Proxy [...] rt.cpan.org
From: Michael Ablassmeier <abi [...] grinser.de>
hi, please see attachment from the original bugreport against the debian bugtracking system. The Tests of NET::Proxy will fail as more recent versions of IO::SOCKET:SSL have stricter behavior when it comes to check ssl certificates. ----- Forwarded message from Michael Ablassmeier <abi@grinser.de> ----- From: Michael Ablassmeier <abi@grinser.de> Date: Mon, 30 Sep 2013 11:24:23 +0200 To: Damyan Ivanov <dmn@debian.org>, 467345@bugs.debian.org Subject: Bug#467345: #467345: libnet-proxy-perl: FTBFS: hanging test Reply-To: Michael Ablassmeier <abi@grinser.de>, 467345@bugs.debian.org On Mon, Sep 23, 2013 at 12:17:58AM +0300, Damyan Ivanov wrote: Show quoted text
> # ports: 59669 53285 > > # Failed test 'Line received' > # at t/36ctssl_tcp.t line 103. > # got: '^V^C^C^@^D^N^@^@^@Brian Florence Dougal Ermintrude > # Zebedee > # ' > # expected: 'Brian Florence Dougal Ermintrude Zebedee > # ' > # Looks like you failed 1 test of 8. > t/36ctssl_tcp.t ......... > Dubious, test returned 1 (wstat 256, 0x100) > Failed 1/8 subtests > # Random seed 387049612 > # ports: 36571 35473 > 2013-09-22 21:12:00 SSL connect accept failed because of handshake problems error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca at /tmp/buildd/libnet-proxy-perl-0.12/blib/lib/Net/Proxy/Connector/ssl.pm line 72.
i think both failures are caused by a change of behavior in libio-socket-ssl-perl: Show quoted text
> 1.950 2013/7/3 > - MAJOR BEHAVIOR CHANGE: > ssl_verify_mode now defaults to verify_peer for client. > Until now it used verify_none, but loudly complained since 1.79 about it. > It will not complain any longer, but the connection might probably fail. > Please don't simply disable ssl verification, but instead set SSL_ca_file > etc so that verification succeeds! > - MAJOR BEHAVIOR CHANGE: > it will now complain if the builtin defaults of certs/my-ca.pem or ca/ > for CA and certs/{server,client}-{key,cert}.pem for cert and key are used, > e.g. no certificates are specified explicitly. > In the future these insecure (relative path!) defaults will be removed > and the CA replaced with the system defaults.
the package does not include ca file/the certificate is self signed and was created only for testing, so this is something upstream has to care about. The package builds without libio-socket-ssl-perl in Build-Depends just as fine (tests are skipped then) Will most likely remove it from the build-depends with the next upload to get this sorted. bye, - michael Show quoted text
----- End forwarded message -----