[Pkg-openssl-devel] Bug#813189: libio-socket-ssl-perl: FTBFS with current libssl1.0.2: t/startssl-failed.t hangs

Kurt Roeckx kurt at roeckx.be
Sun Jan 31 19:34:44 UTC 2016


On Sat, Jan 30, 2016 at 10:51:06PM +0100, Salvatore Bonaccorso wrote:
> Hi Niko,
> 
> On Sat, Jan 30, 2016 at 09:24:26PM +0200, Niko Tyni wrote:
> > On Sat, Jan 30, 2016 at 12:03:27PM +0200, Niko Tyni wrote:
> > > Package: libio-socket-ssl-perl
> > > Version: 2.022-1
> > > Severity: serious
> > > X-Debbugs-Cc: openssl at packages.debian.org
> > > 
> > > The libio-socket-ssl-perl started hanging in its test suite
> > > with libssl1.0.2 upgrade from 1.0.2e-1 to 1.0.2f-2.
> > > 
> > > The hanging test is t/startssl-failed.t, and running it
> > > manually shows
> > > 
> > >  perl t/startssl-failed.t
> > >  1..9
> > >  ok #Server Initialization
> > >  ok #client tcp connect
> > >  ok #tcp accept
> > >  ok #send non-ssl data
> > 
> > It's looping in IO::Socket::SSL::stop_SSL, repeatedly getting 0 from
> > Net::SSLeay::shutdown(), which seems to be just a thin wrapper for
> > the libssl SSL_shutdown().
> > 
> > Reverting
> >  https://github.com/openssl/openssl/commit/f73c737c7ac908c5d6407c419769123392a3b0a9
> > makes things work again.
> > 
> > Kurt, which one do you think is wrong?
> 
> FTR, Upstream has released a new version (I have imported in our git
> repo already):
> 
> 2.023 2016/01/30
> - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
>   was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
>   This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
>   which caused an endless loop. It will now ignore this result in case the TLS
>   connection was not yet established and consider the TLS connection closed
>   instead.
> 
> But this does not seem to fully resolve the issue yet. When I try to
> build the testsuite still get stuck.

So as I understand it, the problem is that the client just sends
crap, the server tells the client it sends crap, but then waits
for the client to properly terminate the question which it never
does?

It's at least not behaviour I can reproducing using s_server, the
server actually closes the connection for me.


Kurt




More information about the Pkg-openssl-devel mailing list