Skip Menu |
 

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 101484
Status: resolved
Priority: 0/
Queue: Net-SSLeay

People
Owner: chrisn [...] cpan.org
Requestors: TEAM [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Wishlist
Broken in: 1.66
Fixed in: 1.86_04

Attachments


Subject: OpenSSL 1.0.2-beta support (SSLv3_method deprecation)
Download (untitled) / with headers
text/plain 322b
Recent 1.0.2 betas have dropped the SSLv3_method function. This patch leaves out the function on newer versions, much the same as the SSLv2 deprecation is handled. It also fixes the ALPN test, which was incorrectly failing on OpenSSL due to the LibreSSL check (earlier versions bailed out before that line). cheers, Tom
Subject: net-ssleay-openssl-1.0.2.patch
diff --git a/SSLeay.xs b/SSLeay.xs index 4f55838..a2292b6 100644 --- a/SSLeay.xs +++ b/SSLeay.xs @@ -1413,6 +1413,9 @@ SSL_CTX_v2_new() #endif #endif +#ifndef OPENSSL_NO_SSL3 +#if OPENSSL_VERSION_NUMBER < 0x10002000L + SSL_CTX * SSL_CTX_v3_new() CODE: @@ -1420,6 +1423,9 @@ SSL_CTX_v3_new() OUTPUT: RETVAL +#endif +#endif + SSL_CTX * SSL_CTX_v23_new() CODE: @@ -3762,9 +3768,15 @@ SSLv2_method() #endif #endif +#ifndef OPENSSL_NO_SSL3 +#if OPENSSL_VERSION_NUMBER < 0x10002000L + const SSL_METHOD * SSLv3_method() +#endif +#endif + const SSL_METHOD * TLSv1_method() diff --git a/t/local/41_alpn_support.t b/t/local/41_alpn_support.t index ba984b5..87a0214 100644 --- a/t/local/41_alpn_support.t +++ b/t/local/41_alpn_support.t @@ -11,7 +11,7 @@ use Config; BEGIN { plan skip_all => "openssl 1.0.2 required" unless Net::SSLeay::SSLeay >= 0x10002000; - plan skip_all => "libressl not supported" if &Net::SSLeay::LIBRESSL_VERSION_NUMBER; + plan skip_all => "libressl not supported" if defined &Net::SSLeay::LIBRESSL_VERSION_NUMBER; plan skip_all => "fork() not supported on $^O" unless $Config{d_fork}; }
Subject: Re: [rt.cpan.org #101484] OpenSSL 1.0.2-beta support (SSLv3_method deprecation)
Date: Tue, 13 Jan 2015 15:48:53 +1000
To: bug-Net-SSLeay [...] rt.cpan.org
From: Mike McCauley <mikem [...] airspayce.com>
Download (untitled) / with headers
text/plain 1.1k
Hi Tom, thanks for the patches. They are now in SVN revision 431. If you would care to test that latest SVN version and it works for you I will make a new release. Cheers. On Monday, January 12, 2015 07:59:35 AM Tom Molesworth via RT wrote: Show quoted text
> Mon Jan 12 07:59:33 2015: Request 101484 was acted upon. > Transaction: Ticket created by TEAM > Queue: Net-SSLeay > Subject: OpenSSL 1.0.2-beta support (SSLv3_method deprecation) > Broken in: 1.66 > Severity: Wishlist > Owner: Nobody > Requestors: TEAM@cpan.org > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=101484 > > > > Recent 1.0.2 betas have dropped the SSLv3_method function. This patch leaves > out the function on newer versions, much the same as the SSLv2 deprecation > is handled. > > It also fixes the ALPN test, which was incorrectly failing on OpenSSL due to > the LibreSSL check (earlier versions bailed out before that line). > > cheers, > > Tom
-- Mike McCauley VK4AMM mikem@airspayce.com Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.airspayce.com Phone +61 7 5598-7474
From: paul [...] city-fan.org
Download (untitled) / with headers
text/plain 286b
On Mon Jan 12 07:59:33 2015, TEAM wrote: Show quoted text
> Recent 1.0.2 betas have dropped the SSLv3_method function. This patch > leaves out the function on newer versions, much the same as the SSLv2 > deprecation is handled.
The SSLv3_method function is still present in 1.0.2a. What happened there?
Download (untitled) / with headers
text/plain 795b
On Mon May 18 14:18:59 2015, paul@city-fan.org wrote: Show quoted text
> On Mon Jan 12 07:59:33 2015, TEAM wrote:
> > Recent 1.0.2 betas have dropped the SSLv3_method function. This patch > > leaves out the function on newer versions, much the same as the SSLv2 > > deprecation is handled.
> > The SSLv3_method function is still present in 1.0.2a. What happened there?
SSLv3_method was deprecated in OpenSSL 1.1.0-pre4, but hasn't yet been removed. The patch in this report was partially reverted in SVN revision 437 (now Git commit b2e2db3), but only the part affecting CTX_v3_new. It makes sense to re-add SSLv3_method in Net-SSLeay in the same way until SSLv3 support is removed upstream entirely. This should be fixed in 1.86_04. In the meantime: https://github.com/radiator-software/p5-net-ssleay/pull/15


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.