Skip Menu |

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 94532
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL
People
Owner: Nobody in particular
Requestors: paul [...] city-fan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 1.980
Fixed in: (no value)

History Show all quoted text
  Tue Apr 08 04:46:54 2014 paul [...] city-fan.org - Ticket created
Subject: ecdhe test fails on OpenSSL 1.0.1d 64-bit
Elliptic curve support is disabled on OpenSSL 1.0.1d 64-bit but the test doesn't know that, so it fails. Attached patch makes the test match the code and works for me.
Subject: IO-Socket-SSL-1.980-ecdhe-test.patch
--- t/ecdhe.t +++ t/ecdhe.t @@ -13,7 +13,11 @@ exit } -if ( ! defined &Net::SSLeay::CTX_set_tmp_ecdh ) { +if ( ! defined &Net::SSLeay::CTX_set_tmp_ecdh || ! + # There is a regression with elliptic curves on 1.0.1d with 64bit + # http://rt.openssl.org/Ticket/Display.html?id=2975 + ( Net::SSLeay::OPENSSL_VERSION_NUMBER() != 0x1000105f + || length(pack("P",0)) == 4 )) { print "1..0 # Skipped: no support for ecdh with this openssl/Net::SSLeay\n"; exit }
  Tue Apr 08 04:47:36 2014 paul [...] city-fan.org - Correspondence added
From: paul [...] city-fan.org
On Tue Apr 08 04:46:54 2014, paul@city-fan.org wrote: Show quoted text
> Elliptic curve support is disabled on OpenSSL 1.0.1d 64-bit but the > test doesn't know that, so it fails. Attached patch makes the test > match the code and works for me.
Also there was no entry in the Changes file for 1.980.
  Tue Apr 08 05:37:43 2014 paul [...] city-fan.org - Correspondence added
From: paul [...] city-fan.org
On Tue Apr 08 04:47:36 2014, paul@city-fan.org wrote: Show quoted text
> On Tue Apr 08 04:46:54 2014, paul@city-fan.org wrote:
> > Elliptic curve support is disabled on OpenSSL 1.0.1d 64-bit but the > > test doesn't know that, so it fails. Attached patch makes the test > > match the code and works for me.
Just noticed that the code is checking for openssl version 1.0.1e, but the affected openssl version is 1.0.1d.
  Tue Apr 08 07:10:03 2014 Steffen_Ullrich [...] genua.de - Correspondence added
Am Di 08. Apr 2014, 05:37:43, paul@city-fan.org schrieb: Show quoted text
> On Tue Apr 08 04:47:36 2014, paul@city-fan.org wrote:
> > On Tue Apr 08 04:46:54 2014, paul@city-fan.org wrote:
> > > Elliptic curve support is disabled on OpenSSL 1.0.1d 64-bit but the > > > test doesn't know that, so it fails. Attached patch makes the test > > > match the code and works for me.
> > Just noticed that the code is checking for openssl version 1.0.1e, but > the affected openssl version is 1.0.1d.
Just noticed it too. The issue should be fixed in 1.981, which was just released. Thanks for reporting all these bugs, Steffen
  Tue Apr 08 07:10:03 2014 The RT System itself - Status changed from 'new' to 'open'
  Tue Apr 08 07:10:06 2014 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'