Skip Menu |

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 90221
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL
People
Owner: Nobody in particular
Requestors: paul [...] city-fan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Sun Nov 10 17:10:23 2013 paul [...] city-fan.org - Ticket created
Subject: t/core.t tests failing with openssl < 1.0.0
I'm seeing the same test failures with openssl 0.9.8n and anything earlier (all my 1.0.0 or later builds pass). Net::SSLeay is the same throughout. Here's a sample failure: $ cd IO-Socket-SSL-1.956 $ make test TEST_VERBOSE=1 TEST_FILES=t/core.t PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e" "test_harness(1, 'blib/lib', 'blib/arch')" t/core.t t/core....1..52 ok #Server Initialization ok #Server Fileno Check ok #Client non-SSL connection ok #Server non-SSL Client Check ok #Server Kill-client Check ok #Server Client Accept Check ok #Accept returning peer address check. ok #Client Initialization ok #Server Client Fileno Check ok #Client Fileno Check ok #Client Peer Certificate Check not ok #Client Peer Certificate Issuer Check ok #Client Cipher Check ok #Server Peek Check ok #Server Pending Check ok #Client Peek Check ok #Server Sysread Check ok #Server Getline Check ok #Server Getc Check ok #Server Getlines Check 1 ok #Server Getlines Check 2 ok #Server Getlines Check 3 ok #Server Getlines Check 4 ok #Server Getlines Check 5 ok #Client Sysread Check ok #Client Getline Check ok #Client Getc Check ok #Client Getlines Check 1 ok #Client Getlines Check 2 ok #Client Getlines Check 3 ok #Client Getlines Check 4 ok #Client Getlines Check 5 ok #Client Finished Reading Check ok #Second Client Initialization ok #Peer address check ok #Server Nonblocking Check 1 ok #Server Client Opened Check 1 ok #Client Init from Fileno Check ok #Server Client Opened Check 2 ok #Client (fileno) Readline Check ok #Server Nonblocking Check 2 ok #Client Nonblocking Check 1 ok #Server Nonblocking Check 3 ok #Client Nonblocking Check 2 FAILED tests 12, 45-52 Failed 9/52 tests, 82.69% okay Failed Test Stat Wstat Total Fail Failed List of Failed ------------------------------------------------------------------------------- t/core.t 52 9 17.31% 12 45-52 Failed 1/1 test scripts, 0.00% okay. 9/52 subtests failed, 82.69% okay. make: *** [test_dynamic] Error 255
  Mon Nov 11 03:47:22 2013 Steffen_Ullrich [...] genua.de - Correspondence added
Show quoted text
> not ok #Client Peer Certificate Issuer Check
Hi, because DH param are now given by default older openssl versions agree on anonymous authentication (ADH) when SSL_cipher_list is HIGH and thus no certificates gets exchaned. Fixed in 1.957 by setting cipher_list in test to HIGH:!aNULL. With the default ciphers set by IO::Socket::SSL the problem does not happen because these explicitly forbid anonymous authentication.
  Mon Nov 11 03:47:23 2013 The RT System itself - Status changed from 'new' to 'open'
  Mon Nov 11 03:47:23 2013 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'