Skip Menu |
 

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 73629
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL

People
Owner: Nobody in particular
Requestors: d.thomas [...] its.uq.edu.au
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: (no value)
Fixed in: (no value)



Subject: spurious 'uninitialized value in subroutine entry'
Download (untitled) / with headers
text/plain 4.4k
The warning doesn't mean what it says for XS code http://www.perlmonks.org/?node_id=415183 so it may really come from Net::SSLeay googling "Use of uninitialized value in subroutine entry" IO::Socket::SSL returns quite a few matches over the years happens on RHEL5,RHEL6, FreeBSD7.2 but only for a test of ldaps. The same perl/modules is used for https without generating the warning. I believe the LDAP server is running OpenLDAP. NB the perl is one I've built, e.g. without threads perl 5.14.2 IO-Socket-SSL-1.53.tar.gz Net-SSLeay-1.42.tar.gz perl-ldap-0.43.tar.gz currently I'm using a patch --- IO-Socket-SSL-1.53.orig/SSL.pm 2011-12-12 07:33:00.000000000 +1000 +++ IO-Socket-SSL-1.53/SSL.pm 2011-12-29 10:02:20.000000000 +1000 @@ -388,7 +388,9 @@ my $start = defined($timeout) && time(); for my $dummy (1) { #DEBUG( 'calling ssleay::connect' ); + no warnings 'uninitialized'; my $rv = Net::SSLeay::connect($ssl); + use warnings; DEBUG( 3,"Net::SSLeay::connect -> $rv" ); if ( $rv < 0 ) { unless ( $self->_set_rw_error( $ssl,$rv )) { FYI I only tried on one of my older versions of the perl I'd build: RHEL6, perl 5.10.1, IO::Socket::SSL 1.39, Net::SSLeay 1.36 It did not generate the warning However 5.10.1 with the same set of modules as 5.14.2 did produce the warning (only tried on rhel6) TEST CASE NB the host won't be accessible outside our network ============================= #!/opt/bin/perl -w use warnings; use strict; use Net::LDAP; my $ldap = Net::LDAP->new('tangelo.herston.uq.edu.au', 'port' => 636, 'scheme'=>'ldaps', 'timeout' => 10 ); CHANGES TO SSL.pm ============================= $DEBUG = 4; ... #DEBUG( 'calling ssleay::connect' ); printf "\$ssl = %s\n", $ssl; my $rv = Net::SSLeay::connect($ssl); DEBUG( 3,"Net::SSLeay::connect -> $rv" ); OUTPUT ============================= root@kolanut# /tmp/tt.pl DEBUG: .../IO/Socket/SSL.pm:1546: new ctx 214554528 DEBUG: .../IO/Socket/SSL.pm:334: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:336: socket connected DEBUG: .../IO/Socket/SSL.pm:349: ssl handsDEBUG: .../IO/Socket/SSL.pm:349: ssl handsDEBUG: .../IO/Socket/SSL.pm:349: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:379: set socket to non-blocking to enforce timeout=10 $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:403: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:413: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:433: socket ready, retrying connect $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:1534: ok=0 cert=214966672 Use of uninitialized value in subroutine entry at /opt/perl/uq.is.perl.rhel5-5.14.2- 20111214/lib/site_perl/5.14.2/IO/Socket/SSL.pm line 392, <DATA> line 522. DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:403: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:413: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:433: socket ready, retrying connect $ssl = 208979376 DEBUG: .../IO/Socket/SSL.pm:393: Net::SSLeay::connect -> 1 DEBUG: .../IO/Socket/SSL.pm:448: ssl handshake done DEBUG: .../IO/Socket/SSL.pm:1583: free ctx 214554528 open=214554528 DEBUG: .../IO/Socket/SSL.pm:1588: free ctx 214554528 callback DEBUG: .../IO/Socket/SSL.pm:1591: OK free ctx 214554528 OLDER VERSION ============================= DEBUG: .../IO/Socket/SSL.pm:1462: new ctx 36144960 DEBUG: .../IO/Socket/SSL.pm:332: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:334: socket connected DEBUG: .../IO/Socket/SSL.pm:347: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:377: set socket to non-blocking to enforce timeout=10 DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:400: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:410: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:430: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:400: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:410: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:430: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:390: Net::SSLeay::connect -> 1 DEBUG: .../IO/Socket/SSL.pm:445: ssl handshake done DEBUG: .../IO/Socket/SSL.pm:1498: free ctx 36144960 open=36144960 DEBUG: .../IO/Socket/SSL.pm:1506: OK free ctx 36144960
From: d.thomas [...] its.uq.edu.au
Download (untitled) / with headers
text/plain 340b
On Fri Dec 30 19:26:36 2011, d.thomas@its.uq.edu.au wrote: Show quoted text
> The warning doesn't mean what it says for XS code > http://www.perlmonks.org/?node_id=415183 > so it may really come from Net::SSLeay
so have logged a report against Net::SSLeay https://rt.cpan.org/Public/Bug/Display.html?id=73663 which is basically a link to this bug report
Download (untitled) / with headers
text/plain 399b
Hi, I see, that you use "perl -w", thus forcing all imported modules to behave like they enabled warnings themself. I don't consider this a good idea, you better use the warnings module to only enable warnings within your code, not within 3rd party modules you use. If the author of the 3rd party module considers his module safe against warnings he might enable warnings himself. Regards, Steffen
Download (untitled) / with headers
text/plain 840b
Hello, After careful investigation, it turns out this warning is due to the following line about 290 in IO::Socket::SSL.pm in the definition of SSL_verify_callback $ok or return; it should be $ok or return 0; The undefined return value from the verify callback is reported at the time the Net::SSLeay::connect returns I will reject the error report in https://rt.cpan.org/Public/Bug/Display.html?id=73663 Cheers. On Sun Jan 01 23:03:45 2012, d.thomas@its.uq.edu.au wrote: Show quoted text
> On Fri Dec 30 19:26:36 2011, d.thomas@its.uq.edu.au wrote:
> > The warning doesn't mean what it says for XS code > > http://www.perlmonks.org/?node_id=415183 > > so it may really come from Net::SSLeay
> so have logged a report against Net::SSLeay > https://rt.cpan.org/Public/Bug/Display.html?id=73663 > which is basically a link to this bug report
Subject: Re: [rt.cpan.org #73629] spurious 'uninitialized value in subroutine entry'
Date: Wed, 11 Jan 2012 07:40:17 +0000
To: "<bug-IO-Socket-SSL [...] rt.cpan.org>" <bug-IO-Socket-SSL [...] rt.cpan.org>
From: Danny Thomas <d.thomas [...] its.uq.edu.au>
Download (untitled) / with headers
text/plain 470b
On 07/01/2012, at 9:41 AM, MIKEM via RT wrote: Show quoted text
> After careful investigation, it turns out this warning is due to the > following line about 290 in IO::Socket::SSL.pm in the definition of > SSL_verify_callback > > $ok or return; > > it should be > $ok or return 0; > > The undefined return value from the verify callback is reported at the > time the Net::SSLeay::connect returns
I can confirm the warning from the test script stopped after making this change.
Thank you for the fix. I've applied it and released version 1.54. Regards, Steffen


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.