Skip Menu |
 

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 125218
Status: new
Priority: 0/
Queue: Net-SSLeay

People
Owner: Nobody in particular
Requestors: sebastian [...] breakpoint.cc
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: libnet-ssleay-perl/1.85: Testsuite fails against openssl 1.1.1 (current beta)
Date: Thu, 26 Apr 2018 22:21:16 +0200
To: bug-Net-SSLeay [...] rt.cpan.org
From: Sebastian Andrzej Siewior <sebastian [...] breakpoint.cc>
Download (untitled) / with headers
text/plain 3.1k
Hi, The testuite of libnet-ssleay-perl/1.85 fails against openssl 1.1.1 (current beta). This is t/local/07_sslecho.t I refer here to. The SSL_read() and SSL_write() wrapper need to handle a possible retry. The man-page for both function [0] says that it might need to be retried with the same arguments. With the following hunk: diff --git a/SSLeay.xs b/SSLeay.xs --- a/SSLeay.xs +++ b/SSLeay.xs @@ -1999,7 +1999,17 @@ SSL_read(s,max=32768) int got; PPCODE: New(0, buf, max, char); - got = SSL_read(s, buf, max); + + do { + int err; + + got = SSL_read(s, buf, max); + if (got > 0) + break; + err = SSL_get_error(s, got); + if (err != SSL_ERROR_WANT_READ) + break; + } while (1); /* If in list context, return 2-item list: * first return value: data gotten, or undef on error (got<0) @@ -2051,10 +2061,20 @@ SSL_write(s,buf) SSL * s PREINIT: STRLEN len; + int err; + int ret; INPUT: char * buf = SvPV( ST(1), len); CODE: - RETVAL = SSL_write (s, buf, (int)len); + do { + ret = SSL_write (s, buf, (int)len); + if (ret > 0) + break; + err = SSL_get_error(s, ret); + if (err != SSL_ERROR_WANT_WRITE) + break; + } while (1); + RETVAL = ret; OUTPUT: RETVAL @@ -2083,8 +2103,20 @@ SSL_write_partial(s,from,count,buf) if (len < 0) { croak("from beyound end of buffer"); RETVAL = -1; - } else - RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len); + } else { + int ret; + int err; + + do { + ret = SSL_write (s, &(buf[from]), (count<=len)?count:len); + if (ret > 0) + break; + err = SSL_get_error(s, ret); + if (err != SSL_ERROR_WANT_WRITE) + break; + } while (1); + RETVAL = ret; + } OUTPUT: RETVAL I was able to let the test-suite continue a little further. As per upstream [1] this was always the case it worked by coincidence before. The next thing is that step 24 within 07_sslecho.t blocks forever. As it turns out one side does "shutdown $s, 2;" (around line 170) while the other does a read+write operation. In "older" openssl is seems to just work but in the newer one SIGPIPE is received and this seems to stall/block the test case. By adding: index 5e16b04b55ea..c60afccc0051 100644 --- a/t/local/07_sslecho.t +++ b/t/local/07_sslecho.t @@ -14,6 +14,7 @@ BEGIN { } plan tests => 78; +$SIG{'PIPE'} = 'IGNORE'; my $sock; my $pid; ( it does not stall anymore but complains about the return value from write: ok 21 - get_cipher ok 22 - get_shared_ciphers ok 23 - ssl_read_all not ok 24 - ssl_write_all # Failed test 'ssl_write_all' # at t/local/07_sslecho.t line 88. ok 25 - new This should be okay since the other side never reads anything and just shutdowns the socket. Upstream recommends to use SSL_shutdown() instead of operating on sockets directly. I'm forwanding this from the Debian bug [2] I reported but received no feedback so far. [0] https://manpages.debian.org/stretch/libssl-doc/SSL_read.3ssl.en.html#WARNING [1] https://github.com/openssl/openssl/issues/5637#issuecomment-381364019 [2] https://bugs.debian.org/895959 Sebastian


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.