Skip Menu |
 

This queue is for tickets about the Net-Server CPAN distribution.

Report information
The Basics
Id: 126923
Status: open
Priority: 0/
Queue: Net-Server

People
Owner: Nobody in particular
Requestors: ether [...] cpan.org
ppisar [...] redhat.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 2.009
Fixed in: (no value)

Attachments
Net-Server-2.009-Generate-2048-bit-keys-for-tests.patch



Subject: Tests fail with OpenSSL @SECLEVEL=2
Download (untitled) / with headers
text/plain 664b
Some software distributions are experimenting with OpenSSL configured with security level 2 <https://www.openssl.org/docs/man1.1.0/apps/ciphers.html> because NIST and ENISA recommend RSA keys not shorter than 2048 bits. The security level 2, Net-Server-2.009 tests fail like this: $ perl -Ilib t/SSL_test.t 1..5 ok 1 - Can fork on this platform ok 2 - Got needed ports (20200) ok 3 - Pipe works ok 4 - use Net::Server::Proto::SSL not ok 5 - Got the correct output from the server # failed at t/SSL_test.t line 117 # Error: Timeout This is caused by embedded certificates with 1024-bit keys. Attached patch replaces them with 2048-bit keys and SHA-256 digests.
Subject: Net-Server-2.009-Generate-2048-bit-keys-for-tests.patch
From 67249031d78dfa8ce4e0907f8161007aedd0659d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> Date: Wed, 22 Aug 2018 15:16:25 +0200 Subject: [PATCH] Generate 2048-bit keys for tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Distributions are experimenting with OpenSSL configured with security level 2. That requires at least 2048-bit RSA keys otherwise tests fail. Signed-off-by: Petr Písař <ppisar@redhat.com> --- t/SSLEAY_test.t | 69 ++++++++++++++++++++++++++++++++++++--------------------- t/SSL_test.t | 69 ++++++++++++++++++++++++++++++++++++--------------------- 2 files changed, 88 insertions(+), 50 deletions(-) diff --git a/t/SSLEAY_test.t b/t/SSLEAY_test.t index a1e33c6..b469d95 100644 --- a/t/SSLEAY_test.t +++ b/t/SSLEAY_test.t @@ -21,33 +21,52 @@ if (! eval { require Net::Server::Proto::SSLEAY }) { my $pem = << 'PEM'; # this certificate is invalid, please only use for testing -----BEGIN CERTIFICATE----- -MIICKTCCAZICCQDFxHnOjdmTTjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJB -VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 -cyBQdHkgTHRkMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMTIwMTE0MTgzMjMwWhcN -NzUxMTE0MTIwNDE0WjBZMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0 -ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYDVQQDDAls -b2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKLGfQantHdi/0cd -eoOHRbWKChpI/g84hU8SnwmrSMZR0x76vDLKMDYohISoKxRPx6j2M2x3P4K+kEJm -C5H9iGdD9p9ljGnRdkGp5yYeuwWfePRb4AOwP5qgQtEb0OctFIMjcAIIAw/lsnUs -hGnom0+uA9W2H63PgO0o4qiVAn7NAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEATDGA -dYRl5wpsYcpLgNzu0M4SENV0DAE2wNTZ4LIR1wxHbcxdgzMhjp0wwfVQBTJFNqWu -DbeIFt4ghPMsUQKmMc4+og2Zyll8qev8oNgWQneKjDAEKKpzdvUoRZyGx1ZocGzi -S4LDiMd4qhD+GGePcHwmR8x/okoq58xZO/+Qygc= +MIIDiDCCAnCgAwIBAgIJAPVJEbrzRwgTMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xODA4MjIxMzEz +MzFaFw0xODA5MjExMzEzMzFaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l +LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV +BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALAa +SQcC69qxf2FFKnNstKTxXaNtlr0hyx/CnYLxwkAjRZ4QeYEUvXBl9ta6HjmFUa5i +aWFsqcpVrQCZdbo6eeFddh5OBdj50TMN8hLbv85DN0X4Jos5tfQRDoLUVWTvsAJJ +b8uz/yih2QErO8rCoSmMEcx9TGn8wyfSdvvVpxWI9xCLPI+NIPu8fqaVI+UPQtxy +8qKbVJeRitXqKaZbQQ9zUR6IfTIPxhSmz0QfALJ/5vDYqN2U8c73UIhxWuHGrhhO +Yl0q+GWfP4Yh392L8KqiIe0gqgbY95UJG+KwqhzSOoKIc2UNhIVsllqiRJXtyLCc ++s6SEjlGC9JLU5TmAWcCAwEAAaNTMFEwHQYDVR0OBBYEFMHfZtqv3MIsf17OG0va +QcLRRusNMB8GA1UdIwQYMBaAFMHfZtqv3MIsf17OG0vaQcLRRusNMA8GA1UdEwEB +/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ0DWl7tr6ws3I3/VMOlOfBOjjne +wd+vnxAjGYGV4u4WyO8p05KyezO1BRZsUzMG9efFtYBVeN+RlI4DwSMap0GRp/TV +mQshTR7awFflP53FHOUQTiFLhtlu8JQsGvz3lnRw2JAeXGkx3E7CMh7zMnFWPdFO +rhpd1X7IvQ6Vf3Rs0MfJg6MELGYSC9EIcuQMgzAUS+zYisR1qbBHeSvo50KdQUIK +VMwW3Wh75KKAVwuWrFBHuqpR/eYjWXaY35zSFelozQUH/83RREEQy55BrjOilmZI +IjS/UCjWrFfyPbuKX6ksPj3IRHnDyMRql9jbSsHhnZ7u+MswLDplz2TO/Ec= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCixn0Gp7R3Yv9HHXqDh0W1igoaSP4POIVPEp8Jq0jGUdMe+rwy -yjA2KISEqCsUT8eo9jNsdz+CvpBCZguR/YhnQ/afZYxp0XZBqecmHrsFn3j0W+AD -sD+aoELRG9DnLRSDI3ACCAMP5bJ1LIRp6JtPrgPVth+tz4DtKOKolQJ+zQIDAQAB -AoGASXDmvhbyfJ8k8HAjc66XzBWxAzUFs9Zbh1aufM1UM259o8+bFAtXf0f+ql+5 -uBtaySf0Aa8374SNT/f8pmzOmpiXMvYRz8Z5Gc6JYpYd/PrCoSCGtP+NdCvk7Y5c -eUmmpiEto4+fgCAKrtqc5jm8eBWn/yNhQNDBVJ9qX+kXQOECQQDVBLvBZaECSMTm -djKuPlZ93cmyI7g+TURTl2N08fz4xQVVbo5+AV0GsEZupBpTgrHpLTk8gKP/nfdR -9KWZldbZAkEAw55+SqrVTv4cI0fMvC0t8Wl46zTkY9tK65TGnbO1DbTQh9qs+NwH -+v3uu47ef5w/73xLtDjQouz//0z5rgF3FQJAfrmOKQOYwY8g9CmlBNu5ALAM6Zku -ZoH4//G0DUJYyHYNMkHPK08MVIpRnEisELpTtPBeeIvfBJapJ2xvh+sIIQJASeY4 -I5EB4EOS8akQKQ6QSqDjs0dZ+HdBiFm95pmbDkB+frQXoDPPN/xyEZzZZS/r31b/ -amgEOWh7FUFJGXkoOQJBALfOgsiss0lASlOXAg1rwO4m2OaDiaEde01PLcSjIaKl -Qfbzc7ZYF+fGDsHHlD5Kgj1CGaWCVVHqCv4UHSrA/gM= +MIIEogIBAAKCAQEAsBpJBwLr2rF/YUUqc2y0pPFdo22WvSHLH8KdgvHCQCNFnhB5 +gRS9cGX21roeOYVRrmJpYWypylWtAJl1ujp54V12Hk4F2PnRMw3yEtu/zkM3Rfgm +izm19BEOgtRVZO+wAklvy7P/KKHZASs7ysKhKYwRzH1MafzDJ9J2+9WnFYj3EIs8 +j40g+7x+ppUj5Q9C3HLyoptUl5GK1eoppltBD3NRHoh9Mg/GFKbPRB8Asn/m8Nio +3ZTxzvdQiHFa4cauGE5iXSr4ZZ8/hiHf3YvwqqIh7SCqBtj3lQkb4rCqHNI6gohz +ZQ2EhWyWWqJEle3IsJz6zpISOUYL0ktTlOYBZwIDAQABAoIBABR/6tJbH7OEiAx9 +rbRkCh9NTZYxsqNvpKKc2BMfK3ql4HvG9S32iRrlc7eJUO1nPJvtLtE9ggJguNPi +CVdVaUy3wYFDmeCpLBYiYHSbihdrsap+eZYpcKnptmO6bfpjAH0zqUTwPhqvxIAj +VUGEKJiaipPgXh3UY69mC53DQED8UDd3EvwXW1ohGx3CEiG/IaLQST4CUJZdJjlC +2JvR0JOIk++mrlpikVSRJrhj5YIdAQPpUZloU46BCr7t6zjY7enkBF9H4LyOIxw7 +r8O+tlWlVQsV/GiMH+s64wmMEsg5S+BU0ZlIQDm/IBnF/eX+VoRR3vXEwwdMnfEa +A+5jBTkCgYEA3AD+Mi6B2KgFHzgyEr63nHe+py/kuvvChqwvLNvkjYYs1pnUJqMf +FowHf/CuLOTyEXRjR3tIEJCojYxLETZxOnkeVWRes0sAGB6GP3AwG7FwIw/zCETx +JmLsQs3xfAXh1sGHYX4y5uHPqEmfBP1FOjw8/ebGtlm5Ne0mDImB5sMCgYEAzOp2 +LHdyuKgg1OHhizu1dc5O4tf3lAyQ84FgdRFAw2WIZpQNbfp08Klj+RGEBl8rrYYL +W/2ZyrMHjA3yEb0uO4Wexva1hK2rR2el9khuUZbJRvZPkvmOrST/rb7W3BGAEuVj +qQkNgOGuHacKCawLw9IEZ1uSjhrSfXNTFKEv+I0CgYAyLD/MbfLK2Dai0gwJXlk9 +Y8mlEzUUt4m7cNUpY9SRugHLxzUswpK6b6DeOqNeNbBG7sYdbS4YKQVnkpEkEchs +z2ZtjwBR307cMUnoecte5W5vcJm6Tw639GNxMMpbwHOqqGQZhdBR+zmCZZfQaXo6 +N7apKNI0j+2/MKA2x71KRQKBgAygLaPTwEfMZCl5uXHgve+CRK4JbIG8vHmkcRMF +ex4O9XaMjL9H/UiOx1AjWiUiXAiXB8AlQgKRQVfJzC53n4+fTgcoUEragIEny7v+ +/n0cc05iAsklgzr72p0T8x0gHuoLJDbYDfLw9M9y6VVrOlZYbFkJ9V+4G1wLbQUK +YXBJAoGAFJ/MnhtPN8h9rGoEG0NjBFAh2R9kGuLrwUWS0zJZA4Sw37ePrNYCuW9U +gPYvm6cx9R/NSj7xfvQUteCmEgk6ybVPxBi6wOXZPBAEeGowo6EkIIY7M2YBJTmr +W+4/nn6L+JWwLrKAsxPy1S6z4t3ERTFL63CUn35UKxLl8GtcdAM= -----END RSA PRIVATE KEY----- PEM diff --git a/t/SSL_test.t b/t/SSL_test.t index 9aef205..fe7dc47 100644 --- a/t/SSL_test.t +++ b/t/SSL_test.t @@ -16,33 +16,52 @@ if (! eval { require File::Temp } my $pem = << 'PEM'; # this certificate is invalid, please only use for testing -----BEGIN CERTIFICATE----- -MIICKTCCAZICCQDFxHnOjdmTTjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJB -VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 -cyBQdHkgTHRkMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMTIwMTE0MTgzMjMwWhcN -NzUxMTE0MTIwNDE0WjBZMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0 -ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYDVQQDDAls -b2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKLGfQantHdi/0cd -eoOHRbWKChpI/g84hU8SnwmrSMZR0x76vDLKMDYohISoKxRPx6j2M2x3P4K+kEJm -C5H9iGdD9p9ljGnRdkGp5yYeuwWfePRb4AOwP5qgQtEb0OctFIMjcAIIAw/lsnUs -hGnom0+uA9W2H63PgO0o4qiVAn7NAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEATDGA -dYRl5wpsYcpLgNzu0M4SENV0DAE2wNTZ4LIR1wxHbcxdgzMhjp0wwfVQBTJFNqWu -DbeIFt4ghPMsUQKmMc4+og2Zyll8qev8oNgWQneKjDAEKKpzdvUoRZyGx1ZocGzi -S4LDiMd4qhD+GGePcHwmR8x/okoq58xZO/+Qygc= +MIIDiDCCAnCgAwIBAgIJAPVJEbrzRwgTMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xODA4MjIxMzEz +MzFaFw0xODA5MjExMzEzMzFaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l +LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV +BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALAa +SQcC69qxf2FFKnNstKTxXaNtlr0hyx/CnYLxwkAjRZ4QeYEUvXBl9ta6HjmFUa5i +aWFsqcpVrQCZdbo6eeFddh5OBdj50TMN8hLbv85DN0X4Jos5tfQRDoLUVWTvsAJJ +b8uz/yih2QErO8rCoSmMEcx9TGn8wyfSdvvVpxWI9xCLPI+NIPu8fqaVI+UPQtxy +8qKbVJeRitXqKaZbQQ9zUR6IfTIPxhSmz0QfALJ/5vDYqN2U8c73UIhxWuHGrhhO +Yl0q+GWfP4Yh392L8KqiIe0gqgbY95UJG+KwqhzSOoKIc2UNhIVsllqiRJXtyLCc ++s6SEjlGC9JLU5TmAWcCAwEAAaNTMFEwHQYDVR0OBBYEFMHfZtqv3MIsf17OG0va +QcLRRusNMB8GA1UdIwQYMBaAFMHfZtqv3MIsf17OG0vaQcLRRusNMA8GA1UdEwEB +/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ0DWl7tr6ws3I3/VMOlOfBOjjne +wd+vnxAjGYGV4u4WyO8p05KyezO1BRZsUzMG9efFtYBVeN+RlI4DwSMap0GRp/TV +mQshTR7awFflP53FHOUQTiFLhtlu8JQsGvz3lnRw2JAeXGkx3E7CMh7zMnFWPdFO +rhpd1X7IvQ6Vf3Rs0MfJg6MELGYSC9EIcuQMgzAUS+zYisR1qbBHeSvo50KdQUIK +VMwW3Wh75KKAVwuWrFBHuqpR/eYjWXaY35zSFelozQUH/83RREEQy55BrjOilmZI +IjS/UCjWrFfyPbuKX6ksPj3IRHnDyMRql9jbSsHhnZ7u+MswLDplz2TO/Ec= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCixn0Gp7R3Yv9HHXqDh0W1igoaSP4POIVPEp8Jq0jGUdMe+rwy -yjA2KISEqCsUT8eo9jNsdz+CvpBCZguR/YhnQ/afZYxp0XZBqecmHrsFn3j0W+AD -sD+aoELRG9DnLRSDI3ACCAMP5bJ1LIRp6JtPrgPVth+tz4DtKOKolQJ+zQIDAQAB -AoGASXDmvhbyfJ8k8HAjc66XzBWxAzUFs9Zbh1aufM1UM259o8+bFAtXf0f+ql+5 -uBtaySf0Aa8374SNT/f8pmzOmpiXMvYRz8Z5Gc6JYpYd/PrCoSCGtP+NdCvk7Y5c -eUmmpiEto4+fgCAKrtqc5jm8eBWn/yNhQNDBVJ9qX+kXQOECQQDVBLvBZaECSMTm -djKuPlZ93cmyI7g+TURTl2N08fz4xQVVbo5+AV0GsEZupBpTgrHpLTk8gKP/nfdR -9KWZldbZAkEAw55+SqrVTv4cI0fMvC0t8Wl46zTkY9tK65TGnbO1DbTQh9qs+NwH -+v3uu47ef5w/73xLtDjQouz//0z5rgF3FQJAfrmOKQOYwY8g9CmlBNu5ALAM6Zku -ZoH4//G0DUJYyHYNMkHPK08MVIpRnEisELpTtPBeeIvfBJapJ2xvh+sIIQJASeY4 -I5EB4EOS8akQKQ6QSqDjs0dZ+HdBiFm95pmbDkB+frQXoDPPN/xyEZzZZS/r31b/ -amgEOWh7FUFJGXkoOQJBALfOgsiss0lASlOXAg1rwO4m2OaDiaEde01PLcSjIaKl -Qfbzc7ZYF+fGDsHHlD5Kgj1CGaWCVVHqCv4UHSrA/gM= +MIIEogIBAAKCAQEAsBpJBwLr2rF/YUUqc2y0pPFdo22WvSHLH8KdgvHCQCNFnhB5 +gRS9cGX21roeOYVRrmJpYWypylWtAJl1ujp54V12Hk4F2PnRMw3yEtu/zkM3Rfgm +izm19BEOgtRVZO+wAklvy7P/KKHZASs7ysKhKYwRzH1MafzDJ9J2+9WnFYj3EIs8 +j40g+7x+ppUj5Q9C3HLyoptUl5GK1eoppltBD3NRHoh9Mg/GFKbPRB8Asn/m8Nio +3ZTxzvdQiHFa4cauGE5iXSr4ZZ8/hiHf3YvwqqIh7SCqBtj3lQkb4rCqHNI6gohz +ZQ2EhWyWWqJEle3IsJz6zpISOUYL0ktTlOYBZwIDAQABAoIBABR/6tJbH7OEiAx9 +rbRkCh9NTZYxsqNvpKKc2BMfK3ql4HvG9S32iRrlc7eJUO1nPJvtLtE9ggJguNPi +CVdVaUy3wYFDmeCpLBYiYHSbihdrsap+eZYpcKnptmO6bfpjAH0zqUTwPhqvxIAj +VUGEKJiaipPgXh3UY69mC53DQED8UDd3EvwXW1ohGx3CEiG/IaLQST4CUJZdJjlC +2JvR0JOIk++mrlpikVSRJrhj5YIdAQPpUZloU46BCr7t6zjY7enkBF9H4LyOIxw7 +r8O+tlWlVQsV/GiMH+s64wmMEsg5S+BU0ZlIQDm/IBnF/eX+VoRR3vXEwwdMnfEa +A+5jBTkCgYEA3AD+Mi6B2KgFHzgyEr63nHe+py/kuvvChqwvLNvkjYYs1pnUJqMf +FowHf/CuLOTyEXRjR3tIEJCojYxLETZxOnkeVWRes0sAGB6GP3AwG7FwIw/zCETx +JmLsQs3xfAXh1sGHYX4y5uHPqEmfBP1FOjw8/ebGtlm5Ne0mDImB5sMCgYEAzOp2 +LHdyuKgg1OHhizu1dc5O4tf3lAyQ84FgdRFAw2WIZpQNbfp08Klj+RGEBl8rrYYL +W/2ZyrMHjA3yEb0uO4Wexva1hK2rR2el9khuUZbJRvZPkvmOrST/rb7W3BGAEuVj +qQkNgOGuHacKCawLw9IEZ1uSjhrSfXNTFKEv+I0CgYAyLD/MbfLK2Dai0gwJXlk9 +Y8mlEzUUt4m7cNUpY9SRugHLxzUswpK6b6DeOqNeNbBG7sYdbS4YKQVnkpEkEchs +z2ZtjwBR307cMUnoecte5W5vcJm6Tw639GNxMMpbwHOqqGQZhdBR+zmCZZfQaXo6 +N7apKNI0j+2/MKA2x71KRQKBgAygLaPTwEfMZCl5uXHgve+CRK4JbIG8vHmkcRMF +ex4O9XaMjL9H/UiOx1AjWiUiXAiXB8AlQgKRQVfJzC53n4+fTgcoUEragIEny7v+ +/n0cc05iAsklgzr72p0T8x0gHuoLJDbYDfLw9M9y6VVrOlZYbFkJ9V+4G1wLbQUK +YXBJAoGAFJ/MnhtPN8h9rGoEG0NjBFAh2R9kGuLrwUWS0zJZA4Sw37ePrNYCuW9U +gPYvm6cx9R/NSj7xfvQUteCmEgk6ybVPxBi6wOXZPBAEeGowo6EkIIY7M2YBJTmr +W+4/nn6L+JWwLrKAsxPy1S6z4t3ERTFL63CUn35UKxLl8GtcdAM= -----END RSA PRIVATE KEY----- PEM -- 2.14.4
Download (untitled) / with headers
text/plain 199b
I encountered this after updating my openssl, and now I cannot install this module or anything depending on it (including Plack and Catalyst). Is it possible that this patch could be released please?


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.