Skip Menu |
 

This queue is for tickets about the Crypt-SSLeay CPAN distribution.

Report information
The Basics
Id: 79212
Status: resolved
Priority: 0/
Queue: Crypt-SSLeay

People
Owner: nanis [...] runu.moc.invalid
Requestors: jubk [...] magenta-aps.dk
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in:
  • 0.64
  • 0.65_02
Fixed in: 0.72



Subject: Bug in Net::SSL when reading reply to CONNECT from proxy server
Download (untitled) / with headers
text/plain 948b
I think I've found a bug in Net::SSL. On line 381 in Net/SSL.pm version 2.85 the regular expression that is used to match the reply from the server is missing a treat-string-as-single-line modifier. This means that it will never match if the server replies with multiple lines. Adding an "s" modifier to the regular expression should fix the problem: --- ../Crypt-SSLeay-0.64/lib/Net/SSL.pm 2012-07-30 23:56:24.000000000 +0200 +++ Net/SSL.pm 2012-08-24 20:34:32.915845000 +0200 @@ -378,7 +378,7 @@ # better) may actually make this problem go away, but either way, # there is no good reason to use \d when checking for 0-9 - while ($header !~ m{HTTP/[0-9][.][0-9]\s+200\s+.*$CRLF$CRLF}) { + while ($header !~ m{HTTP/[0-9][.][0-9]\s+200\s+.*$CRLF$CRLF}s) { $timeout = $self->timeout(5) unless length $header; my $n = $self->SUPER::sysread($header, 8192, length $header); last if $n <= 0; /jubk
Download (untitled) / with headers
text/plain 1.2k
Am Sa 25. Aug 2012, 09:43:46, jubk schrieb: Show quoted text
> I think I've found a bug in Net::SSL. On line 381 in Net/SSL.pm version > 2.85 the regular expression that is used to match the reply from the > server is missing a treat-string-as-single-line modifier. This means > that it will never match if the server replies with multiple lines. > Adding an "s" modifier to the regular expression should fix the problem: > > --- ../Crypt-SSLeay-0.64/lib/Net/SSL.pm 2012-07-30 23:56:24.000000000 > +0200 > +++ Net/SSL.pm 2012-08-24 20:34:32.915845000 +0200 > @@ -378,7 +378,7 @@ > # better) may actually make this problem go away, but either way, > # there is no good reason to use \d when checking for 0-9 > > - while ($header !~ m{HTTP/[0-9][.][0-9]\s+200\s+.*$CRLF$CRLF}) { > + while ($header !~ m{HTTP/[0-9][.][0-9]\s+200\s+.*$CRLF$CRLF}s) { > $timeout = $self->timeout(5) unless length $header; > my $n = $self->SUPER::sysread($header, 8192, length $header); > last if $n <= 0; > > /jubk
I want to confirm this bug and exactly the presented fix. The bug: I can't use a lwp-script to download "https://www.google.de" with our proxy in between with Crypt::SSLeay in 0.64 and 0.65_02. After that patch, Crypt::SSLeay 0.64/patched works fine.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.