[Pkg-openssl-devel] Bug#813189: Bug#813189: libio-socket-ssl-perl: FTBFS with current libssl1.0.2: t/startssl-failed.t hangs
Salvatore Bonaccorso
carnil at debian.org
Mon Feb 1 15:16:52 UTC 2016
Hi Kurt,
On Sun, Jan 31, 2016 at 08:34:44PM +0100, Kurt Roeckx wrote:
> On Sat, Jan 30, 2016 at 10:51:06PM +0100, Salvatore Bonaccorso wrote:
> > Hi Niko,
> >
> > On Sat, Jan 30, 2016 at 09:24:26PM +0200, Niko Tyni wrote:
> > > On Sat, Jan 30, 2016 at 12:03:27PM +0200, Niko Tyni wrote:
> > > > Package: libio-socket-ssl-perl
> > > > Version: 2.022-1
> > > > Severity: serious
> > > > X-Debbugs-Cc: openssl at packages.debian.org
> > > >
> > > > The libio-socket-ssl-perl started hanging in its test suite
> > > > with libssl1.0.2 upgrade from 1.0.2e-1 to 1.0.2f-2.
> > > >
> > > > The hanging test is t/startssl-failed.t, and running it
> > > > manually shows
> > > >
> > > > perl t/startssl-failed.t
> > > > 1..9
> > > > ok #Server Initialization
> > > > ok #client tcp connect
> > > > ok #tcp accept
> > > > ok #send non-ssl data
> > >
> > > It's looping in IO::Socket::SSL::stop_SSL, repeatedly getting 0 from
> > > Net::SSLeay::shutdown(), which seems to be just a thin wrapper for
> > > the libssl SSL_shutdown().
> > >
> > > Reverting
> > > https://github.com/openssl/openssl/commit/f73c737c7ac908c5d6407c419769123392a3b0a9
> > > makes things work again.
> > >
> > > Kurt, which one do you think is wrong?
> >
> > FTR, Upstream has released a new version (I have imported in our git
> > repo already):
> >
> > 2.023 2016/01/30
> > - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
> > was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
> > This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
> > which caused an endless loop. It will now ignore this result in case the TLS
> > connection was not yet established and consider the TLS connection closed
> > instead.
> >
> > But this does not seem to fully resolve the issue yet. When I try to
> > build the testsuite still get stuck.
>
> So as I understand it, the problem is that the client just sends
> crap, the server tells the client it sends crap, but then waits
> for the client to properly terminate the question which it never
> does?
>
> It's at least not behaviour I can reproducing using s_server, the
> server actually closes the connection for me.
JFTR, the additional problem is unrelated to the OpenSSL change. I
(and as well Gregor) was able to reproduce it in the pbuilder setup
when using the default USENETWORK=no (but not if switching to
USENETWORK=yes). So #813189 on its own can be considered resolved.
Should openssl maybe have a Breaks for the older libio-socket-ssl-perl
version?
Regards,
Salvatore
More information about the Pkg-openssl-devel
mailing list