Skip Menu |
 

This queue is for tickets about the Crypt-SSLeay CPAN distribution.

Report information
The Basics
Id: 70565
Status: resolved
Priority: 0/
Queue: Crypt-SSLeay

People
Owner: nanis [...] runu.moc.invalid
Requestors: ANDK [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in:
  • 0.58
  • 0.58_01
Fixed in: 0.59_02



Subject: SSLv2_method seems to have gone from upstream
Download (untitled) / with headers
text/plain 793b
Net::SSLeay has the same problem on my debian box. The linker complains about missing SSLv2_method. The following patch works for me: --- SSLeay.xs~ 2011-08-29 07:25:46.000000000 +0200 +++ SSLeay.xs 2011-08-29 07:29:04.000000000 +0200 @@ -125,13 +125,9 @@ if(ssl_version == 23) { ctx = SSL_CTX_new(SSLv23_client_method()); } - else if(ssl_version == 3) { + else { ctx = SSL_CTX_new(SSLv3_client_method()); } - else { - /* v2 is the default */ - ctx = SSL_CTX_new(SSLv2_client_method()); - } SSL_CTX_set_options(ctx,SSL_OP_ALL|0); SSL_CTX_set_default_verify_paths(ctx); SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); HTH, Thanks && Regards,
I can confirm that Ubuntu 11.10 also requires this patch. Cheers, Leon.
Download (untitled) / with headers
text/plain 187b
Not sure if this is the case everywhere, but at least on Ubuntu 11.10, OPENSSL_NO_SSL2 is defined if SSLv2 support has been removed. In that case, the patch can be done this way instead.
Subject: nossl2.patch
Download nossl2.patch
text/x-diff 641b
diff --git a/SSLeay.xs b/SSLeay.xs index 9df9f58..8c26155 100644 --- a/SSLeay.xs +++ b/SSLeay.xs @@ -129,9 +129,15 @@ SSL_CTX_new(packname, ssl_version) ctx = SSL_CTX_new(SSLv3_client_method()); } else { +#ifndef OPENSSL_NO_SSL2 /* v2 is the default */ ctx = SSL_CTX_new(SSLv2_client_method()); +#else + /* v3 is the default */ + ctx = SSL_CTX_new(SSLv3_client_method()); +#endif } + SSL_CTX_set_options(ctx,SSL_OP_ALL|0); SSL_CTX_set_default_verify_paths(ctx); SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
Download (untitled) / with headers
text/plain 683b
On Mon Oct 17 22:44:34 2011, MSCHOUT wrote: Show quoted text
> Not sure if this is the case everywhere, but at least on Ubuntu 11.10, > OPENSSL_NO_SSL2 is defined if SSLv2 support has been removed. In that > case, the patch can be done this way instead.
Hi there! Thanks for maintaining Crypt::SSLeay. I'm sure it's a lot of work and wanted you to know I really appreciate it. I had the very same issue and can confirm this patch works perfectly on kubuntu 11.10 as well. The #ifndef patch sounds pretty harmless and straightforward. Please update this module as soon as possible so it works with the newer OpenSSL 1.0.0 (which has v2 disabled by default). Thanks again for such a great module!!
I did my patch (Debian Testing) with + /* openssl-1.0.x does not support that anymore */ +#if SSLEAY_VERSION_NUMBER < 10000000 else { /* v2 is the default */ ctx = SSL_CTX_new(SSLv2_client_method()); } +#endif but OPENSSL_NO_SSL2 looks better to me. On Sat Oct 22 00:05:55 2011, GARU wrote: Show quoted text
> On Mon Oct 17 22:44:34 2011, MSCHOUT wrote:
> > Not sure if this is the case everywhere, but at least on Ubuntu
11.10, Show quoted text
> > OPENSSL_NO_SSL2 is defined if SSLv2 support has been removed. In
that Show quoted text
> > case, the patch can be done this way instead.
> > Hi there! Thanks for maintaining Crypt::SSLeay. I'm sure it's a lot of > work and wanted you to know I really appreciate it. > > I had the very same issue and can confirm this patch works perfectly
on Show quoted text
> kubuntu 11.10 as well. > > The #ifndef patch sounds pretty harmless and straightforward. Please > update this module as soon as possible so it works with the newer > OpenSSL 1.0.0 (which has v2 disabled by default). > > Thanks again for such a great module!!
-- Reini Urban
I can confirm this patch works fine for me as well on Ubuntu 11.10 with Perl 5.14.2
I confirm that the patch also works in Debian wheezy, Perl 5.14.2
Download (untitled) / with headers
text/plain 302b
https://rt.cpan.org/Public/Bug/Display.html?id=70565 I applied the changes and uploaded 0.59_02 to CPAN which should be available soon. You can also download it from https://github.com/nanis/Crypt-SSLeay/tags Please let me know if this change fixes the issue. Thank you for your patience. -- Sinan
Download (untitled) / with headers
text/plain 436b
On Thu Mar 08 11:35:40 2012, NANIS wrote: Show quoted text
> https://rt.cpan.org/Public/Bug/Display.html?id=70565 > > I applied the changes and uploaded 0.59_02 to CPAN which should be > available soon. You can also download it from > > https://github.com/nanis/Crypt-SSLeay/tags > > Please let me know if this change fixes the issue. Thank you for your > patience.
It appears to work. I hope to see a stable release soon. Regards, David Golden
Download (untitled) / with headers
text/plain 444b
On Fri Mar 09 09:39:33 2012, DAGOLDEN wrote: Show quoted text
> On Thu Mar 08 11:35:40 2012, NANIS wrote:
> > https://rt.cpan.org/Public/Bug/Display.html?id=70565 > > > > I applied the changes and uploaded 0.59_02 to
... Show quoted text
> It appears to work. I hope to see a stable release soon.
Yup, I want to fix Makefile.PL so it is not such a Hodge-podge. That's going to take care of a lot of outstanding tickets. Then I can focus on the remaining issues. -- Sinan


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.