[Pkg-openssl-devel] Bug#954371: Bug#954371: libio-socket-ssl-perl: FTBFS since openssl 1.1.1e

[Salvatore Bonaccorso]

Hi Kurt,

On Tue, Mar 31, 2020 at 06:46:44PM +0200, Kurt Roeckx wrote:
> On Tue, Mar 31, 2020 at 09:03:01AM +0200, Salvatore Bonaccorso wrote:
> > On Sat, Mar 21, 2020 at 08:31:21PM +0100, gregor herrmann wrote:
> > > On Fri, 20 Mar 2020 21:50:08 +0100, Sebastian Andrzej Siewior wrote:
> > > 
> > > > The package FTBFS since openssl has been updated to 1.1.1e because the
> > > > testsuite fails. The failure is due to commit db943f43a60d ("Detect EOF
> > > > while reading in libssl") [0] in openssl. There an issue ticket [1]
> > > > which introduced the changed behaviour.
> > > 
> > > There's a patch at
> > > https://github.com/noxxi/p5-io-socket-ssl/issues/93
> > > This also needs libnet-ssleay-perl_1.88-3 which I uploaded right now.
> > 
> > So I guess this should be threated as openssl issue and will reassign
> > it to it. Upstream for IO::Socket::SSL has released a new version
> > which will refuse to build with 1.1.1e:
> > 
> > 2.068 2020/03/31
> > - treat OpenSSL 1.1.1e as broken and refuse to build with it in order to
> >   prevent follow-up problems in tests and user code
> >   https://github.com/noxxi/p5-io-socket-ssl/issues/93
> >   https://github.com/openssl/openssl/issues/11388
> >   https://github.com/openssl/openssl/issues/11378
> 
> There might be a misunderstanding. First, in 3.0, we will
> reintroduce this new behaviour.
> 
> We always returned an error in case of an unexpected EOF. We
> changed the error code of that case. Applications should never
> trigger the unexpected EOF and should get fixed not to trigger it.

I see, but then I prefer to loop in Steffen Ullrich into the loop
(upstream of IO::Socket::SSL). Steffen, see the above comment from
Kurt in the Debian bug, so it looks we cannot close
https://github.com/noxxi/p5-io-socket-ssl/issues/93 by marking 1.1.1e
as broken only. What do you think?

Regards,
Salvatore