pool/perl-Net-SSLeay
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 633049 from home:vitezslav_cizek:branches:devel:languages:perl

Browse Source 
- Add patches to support openssl 1.1.1 from Fedora
  * Net-SSLeay-1.85-Avoid-SIGPIPE-in-t-local-36_verify.t.patch
  * Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
  * Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
  * Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch

OBS-URL: https://build.opensuse.org/request/show/633049
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Net-SSLeay?expand=0&rev=40
This commit is contained in:
Dirk Stoecker 2018-09-05 08:29:59 +00:00 committed by Git OBS Bridge
parent 79c418d3ca
commit f7b5300fb7
6 changed files with 607 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

237
Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch Normal file
View File

@ -0,0 +1,237 @@
From b01291bf88dd84529c93973da7c275e0ffe5cc1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 3 Aug 2018 14:30:22 +0200
Subject: [PATCH] Adapt to OpenSSL 1.1.1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenSSL 1.1.1 defaults to TLS 1.3 that handles session tickets and
session shutdowns differently. This leads to failing various Net-SSLeay
tests that exhibits use cases that are not possible with OpenSSL 1.1.1
anymore or where the library behaves differently.
Since Net-SSLeay is a low-level wrapper, Net-SSLeay will be corrected
in tests. Higher-level code as IO::Socket::SSL and other Net::SSLeay
applications need to be adjusted on case-to-case basis.
This patche changes:
- Retry SSL_read() and SSL_write() (by sebastian [...] breakpoint.cc)
- Disable session tickets in t/local/07_sslecho.t.
- Adaps t/local/36_verify.t to a session end when Net::SSLeay::read()
returns undef.
https://rt.cpan.org/Public/Bug/Display.html?id=125218
https://github.com/openssl/openssl/issues/5637
https://github.com/openssl/openssl/issues/6904
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
SSLeay.xs | 56 ++++++++++++++++++++++++++++++++++++++++++++++++----
lib/Net/SSLeay.pod | 46 ++++++++++++++++++++++++++++++++++++++++++
t/local/07_sslecho.t | 15 ++++++++++++--
t/local/36_verify.t | 2 +-
4 files changed, 112 insertions(+), 7 deletions(-)
diff --git a/SSLeay.xs b/SSLeay.xs
index bf148c0..5aed4d7 100644
--- a/SSLeay.xs
+++ b/SSLeay.xs
@@ -1999,7 +1999,17 @@ SSL_read(s,max=32768)
int got;
PPCODE:
New(0, buf, max, char);
- got = SSL_read(s, buf, max);
+
+ do {
+ int err;
+
+ got = SSL_read(s, buf, max);
+ if (got > 0)
+ break;
+ err = SSL_get_error(s, got);
+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
+ break;
+ } while (1);
/* If in list context, return 2-item list:
* first return value: data gotten, or undef on error (got<0)
@@ -2051,10 +2061,20 @@ SSL_write(s,buf)
SSL * s
PREINIT:
STRLEN len;
+ int err;
+ int ret;
INPUT:
char * buf = SvPV( ST(1), len);
CODE:
- RETVAL = SSL_write (s, buf, (int)len);
+ do {
+ ret = SSL_write (s, buf, (int)len);
+ if (ret > 0)
+ break;
+ err = SSL_get_error(s, ret);
+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
+ break;
+ } while (1);
+ RETVAL = ret;
OUTPUT:
RETVAL
@@ -2083,8 +2103,20 @@ SSL_write_partial(s,from,count,buf)
if (len < 0) {
croak("from beyound end of buffer");
RETVAL = -1;
- } else
- RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len);
+ } else {
+ int ret;
+ int err;
+
+ do {
+ ret = SSL_write (s, &(buf[from]), (count<=len)?count:len);
+ if (ret > 0)
+ break;
+ err = SSL_get_error(s, ret);
+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
+ break;
+ } while (1);
+ RETVAL = ret;
+ }
OUTPUT:
RETVAL
@@ -6957,4 +6989,20 @@ SSL_export_keying_material(ssl, outlen, label, p)
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
+
+int
+SSL_CTX_set_num_tickets(SSL_CTX *ctx,size_t num_tickets)
+
+size_t
+SSL_CTX_get_num_tickets(SSL_CTX *ctx)
+
+int
+SSL_set_num_tickets(SSL *ssl,size_t num_tickets)
+
+size_t
+SSL_get_num_tickets(SSL *ssl)
+
+#endif
+
#define REM_EOF "/* EOF - SSLeay.xs */"
diff --git a/lib/Net/SSLeay.pod b/lib/Net/SSLeay.pod
index 2e1aae3..bca7be4 100644
--- a/lib/Net/SSLeay.pod
+++ b/lib/Net/SSLeay.pod
@@ -4437,6 +4437,52 @@ getticket($ssl,$ticket,$data) -> $return_value
This function is based on the OpenSSL function SSL_set_session_ticket_ext_cb.
+=item * CTX_set_num_tickets
+
+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
+
+Set number of session tickets that will be sent to a client.
+
+ my $rv = Net::SSLeay::CTX_set_num_tickets($ctx, $number_of_tickets);
+ # $ctx - value corresponding to openssl's SSL_CTX structure
+ # $number_of_tickets - number of tickets to send
+ # returns: 1 on success, 0 on failure
+
+Set to zero if you do not no want to support a session resumption.
+
+=item * CTX_get_num_tickets
+
+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
+
+Get number of session tickets that will be sent to a client.
+
+ my $number_of_tickets = Net::SSLeay::CTX_get_num_tickets($ctx);
+ # $ctx - value corresponding to openssl's SSL_CTX structure
+ # returns: number of tickets to send
+
+=item * set_num_tickets
+
+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
+
+Set number of session tickets that will be sent to a client.
+
+ my $rv = Net::SSLeay::set_num_tickets($ssl, $number_of_tickets);
+ # $ssl - value corresponding to openssl's SSL structure
+ # $number_of_tickets - number of tickets to send
+ # returns: 1 on success, 0 on failure
+
+Set to zero if you do not no want to support a session resumption.
+
+=item * get_num_tickets
+
+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
+
+Get number of session tickets that will be sent to a client.
+
+ my $number_of_tickets = Net::SSLeay::get_num_tickets($ctx);
+ # $ctx - value corresponding to openssl's SSL structure
+ # returns: number of tickets to send
+
=item * set_shutdown
Sets the shutdown state of $ssl to $mode.
diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
index 5e16b04..5dc946a 100644
--- a/t/local/07_sslecho.t
+++ b/t/local/07_sslecho.t
@@ -13,7 +13,8 @@ BEGIN {
plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
}
-plan tests => 78;
+plan tests => 79;
+$SIG{'PIPE'} = 'IGNORE';
my $sock;
my $pid;
@@ -61,6 +62,16 @@ Net::SSLeay::library_init();
ok(Net::SSLeay::CTX_set_cipher_list($ctx, 'ALL'), 'CTX_set_cipher_list');
my ($dummy, $errs) = Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
ok($errs eq '', "set_cert_and_key: $errs");
+ SKIP: {
+ skip 'Disabling session tickets requires OpenSSL >= 1.1.1', 1
+ unless (&Net::SSLeay::OPENSSL_VERSION_NUMBER >= 0x1010100f);
+ # TLS 1.3 server sends session tickets after a handhake as part of
+ # the SSL_accept(). If a client finishes all its job including closing
+ # TCP connectino before a server sends the tickets, SSL_accept() fails
+ # with SSL_ERROR_SYSCALL and EPIPE errno and the server receives
+ # SIGPIPE signal. <https://github.com/openssl/openssl/issues/6904>
+ ok(Net::SSLeay::CTX_set_num_tickets($ctx, 0), 'Session tickets disabled');
+ }
$pid = fork();
BAIL_OUT("failed to fork: $!") unless defined $pid;
@@ -351,7 +362,7 @@ waitpid $pid, 0;
push @results, [ $? == 0, 'server exited with 0' ];
END {
- Test::More->builder->current_test(51);
+ Test::More->builder->current_test(52);
for my $t (@results) {
ok( $t->[0], $t->[1] );
}
diff --git a/t/local/36_verify.t b/t/local/36_verify.t
index 92afc52..e55b138 100644
--- a/t/local/36_verify.t
+++ b/t/local/36_verify.t
@@ -282,7 +282,7 @@ sub run_server
# Termination request or other message from client
my $msg = Net::SSLeay::read($ssl);
- if ($msg eq 'end')
+ if (defined $msg and $msg eq 'end')
{
Net::SSLeay::write($ssl, 'end');
exit (0);
--
2.14.4

57
Net-SSLeay-1.85-Avoid-SIGPIPE-in-t-local-36_verify.t.patch Normal file
View File

@ -0,0 +1,57 @@
From 173cd9c1340f1f5231625a1dd4ecaea10c207622 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 14 Aug 2018 16:55:52 +0200
Subject: [PATCH] Avoid SIGPIPE in t/local/36_verify.t
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
t/local/36_verify.t fails randomly with OpenSSL 1.1.1:
# Failed test 'Verify callback result and get_verify_result are equal'
# at t/local/36_verify.t line 111.
# got: '-1'
# expected: '0'
# Failed test 'Verify result is X509_V_ERR_NO_EXPLICIT_POLICY'
# at t/local/36_verify.t line 118.
# got: '-1'
# expected: '43'
Bailout called. Further testing stopped: failed to connect to server: Connection refused
FAILED--Further testing stopped: failed to connect to server: Connection refused
I believe this because TLSv1.3 server can generate SIGPIPE if a client
disconnects too soon.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
t/local/36_verify.t | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/t/local/36_verify.t b/t/local/36_verify.t
index e55b138..2837288 100644
--- a/t/local/36_verify.t
+++ b/t/local/36_verify.t
@@ -266,10 +266,20 @@ sub run_server
return if $pid != 0;
+ $SIG{'PIPE'} = 'IGNORE';
my $ctx = Net::SSLeay::CTX_new();
Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
my $ret = Net::SSLeay::CTX_check_private_key($ctx);
BAIL_OUT("Server: CTX_check_private_key failed: $cert_pem, $key_pem") unless $ret == 1;
+ if (&Net::SSLeay::OPENSSL_VERSION_NUMBER >= 0x1010100f) {
+ # TLS 1.3 server sends session tickets after a handhake as part of
+ # the SSL_accept(). If a client finishes all its job including closing
+ # TCP connectino before a server sends the tickets, SSL_accept() fails
+ # with SSL_ERROR_SYSCALL and EPIPE errno and the server receives
+ # SIGPIPE signal. <https://github.com/openssl/openssl/issues/6904>
+ my $ret = Net::SSLeay::CTX_set_num_tickets($ctx, 0);
+ BAIL_OUT("Session tickets disabled") unless $ret;
+ }
while (1)
{
--
2.14.4

225
Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch Normal file
View File

@ -0,0 +1,225 @@
From e0b42b0120b941b5675e4071445424dc8a1230e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Wed, 15 Aug 2018 14:46:52 +0200
Subject: [PATCH] Move SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE retry from
read()/write() up
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Original OpenSSL 1.1.1 fix broke IO-Socket-SSL-2.058's t/core.t test
because it tests non-blocking socket operations and expects to see
SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE errors and to handle them
byt itself.
This patch purifies Net::SSLeay::{read,write}() to behave exactly as
underlying OpenSSL functions. The retry is moved to
Net::SSLeay::ssl_read_all. All relevant Net::SSLeay::{read,write}() calls in
tests are changed into Net::SSLea::ssl_{read,write}_all().
All applications should implement the retry themsleves or use
ssl_*_all() instead.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
SSLeay.xs | 28 +++++++---------------------
lib/Net/SSLeay.pm | 22 +++++++++++++++-------
t/local/07_sslecho.t | 12 ++++++------
t/local/36_verify.t | 9 +++++----
4 files changed, 33 insertions(+), 38 deletions(-)
diff --git a/SSLeay.xs b/SSLeay.xs
index 5aed4d7..7cb6eab 100644
--- a/SSLeay.xs
+++ b/SSLeay.xs
@@ -1997,19 +1997,13 @@ SSL_read(s,max=32768)
PREINIT:
char *buf;
int got;
+ int succeeded = 1;
PPCODE:
New(0, buf, max, char);
- do {
- int err;
-
- got = SSL_read(s, buf, max);
- if (got > 0)
- break;
- err = SSL_get_error(s, got);
- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
- break;
- } while (1);
+ got = SSL_read(s, buf, max);
+ if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got))
+ succeeded = 0;
/* If in list context, return 2-item list:
* first return value: data gotten, or undef on error (got<0)
@@ -2017,13 +2011,13 @@ SSL_read(s,max=32768)
*/
if (GIMME_V==G_ARRAY) {
EXTEND(SP, 2);
- PUSHs(sv_2mortal(got>=0 ? newSVpvn(buf, got) : newSV(0)));
+ PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0)));
PUSHs(sv_2mortal(newSViv(got)));
/* If in scalar or void context, return data gotten, or undef on error. */
} else {
EXTEND(SP, 1);
- PUSHs(sv_2mortal(got>=0 ? newSVpvn(buf, got) : newSV(0)));
+ PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0)));
}
Safefree(buf);
@@ -2066,15 +2060,7 @@ SSL_write(s,buf)
INPUT:
char * buf = SvPV( ST(1), len);
CODE:
- do {
- ret = SSL_write (s, buf, (int)len);
- if (ret > 0)
- break;
- err = SSL_get_error(s, ret);
- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
- break;
- } while (1);
- RETVAL = ret;
+ RETVAL = SSL_write (s, buf, (int)len);
OUTPUT:
RETVAL
diff --git a/lib/Net/SSLeay.pm b/lib/Net/SSLeay.pm
index 3adf12c..afc6c8f 100644
--- a/lib/Net/SSLeay.pm
+++ b/lib/Net/SSLeay.pm
@@ -579,14 +579,22 @@ sub debug_read {
sub ssl_read_all {
my ($ssl,$how_much) = @_;
$how_much = 2000000000 unless $how_much;
- my ($got, $errs);
+ my ($got, $rv, $errs);
my $reply = '';
while ($how_much > 0) {
- $got = Net::SSLeay::read($ssl,
+ ($got, $rv) = Net::SSLeay::read($ssl,
($how_much > 32768) ? 32768 : $how_much
);
- last if $errs = print_errs('SSL_read');
+ if (! defined $got) {
+ my $err = Net::SSLeay::get_error($ssl, $rv);
+ if ($err != Net::SSLeay::ERROR_WANT_READ() and
+ $err != Net::SSLeay::ERROR_WANT_WRITE()) {
+ $errs = print_errs('SSL_read');
+ last;
+ }
+ next;
+ }
$how_much -= blength($got);
debug_read(\$reply, \$got) if $trace>1;
last if $got eq ''; # EOF
@@ -839,14 +847,14 @@ sub ssl_read_until ($;$$) {
$found = index($match, $delim);
if ($found > -1) {
- #$got = Net::SSLeay::read($ssl, $found+$len_delim);
+ #$got = Net::SSLeay::ssl_read_all($ssl, $found+$len_delim);
#read up to the end of the delimiter
- $got = Net::SSLeay::read($ssl,
+ $got = Net::SSLeay::ssl_read_all($ssl,
$found + $len_delim
- ((blength($match)) - (blength($got))));
$done = 1;
} else {
- $got = Net::SSLeay::read($ssl, $peek_length);
+ $got = Net::SSLeay::ssl_read_all($ssl, $peek_length);
$done = 1 if ($peek_length == $max_length - blength($reply));
}
@@ -857,7 +865,7 @@ sub ssl_read_until ($;$$) {
}
} else {
while (!defined $max_length || length $reply < $max_length) {
- $got = Net::SSLeay::read($ssl,1); # one by one
+ $got = Net::SSLeay::ssl_read_all($ssl,1); # one by one
last if print_errs('SSL_read');
debug_read(\$reply, \$got) if $trace>1;
last if $got eq '';
diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
index 74e317a..7f19027 100644
--- a/t/local/07_sslecho.t
+++ b/t/local/07_sslecho.t
@@ -134,10 +134,10 @@ my @results;
push @results, [ Net::SSLeay::get_cipher($ssl), 'get_cipher' ];
- push @results, [ Net::SSLeay::write($ssl, $msg), 'write' ];
+ push @results, [ Net::SSLeay::ssl_write_all($ssl, $msg), 'write' ];
shutdown($s, 1);
- my ($got) = Net::SSLeay::read($ssl);
+ my $got = Net::SSLeay::ssl_read_all($ssl);
push @results, [ $got eq uc($msg), 'read' ];
Net::SSLeay::free($ssl);
@@ -177,7 +177,7 @@ my @results;
Net::SSLeay::set_fd($ssl, fileno($s));
Net::SSLeay::connect($ssl);
- Net::SSLeay::write($ssl, $msg);
+ Net::SSLeay::ssl_write_all($ssl, $msg);
shutdown $s, 2;
close $s;
@@ -231,15 +231,15 @@ my @results;
Net::SSLeay::set_fd($ssl3, $s3);
Net::SSLeay::connect($ssl1);
- Net::SSLeay::write($ssl1, $msg);
+ Net::SSLeay::ssl_write_all($ssl1, $msg);
shutdown $s1, 2;
Net::SSLeay::connect($ssl2);
- Net::SSLeay::write($ssl2, $msg);
+ Net::SSLeay::ssl_write_all($ssl2, $msg);
shutdown $s2, 2;
Net::SSLeay::connect($ssl3);
- Net::SSLeay::write($ssl3, $msg);
+ Net::SSLeay::ssl_write_all($ssl3, $msg);
shutdown $s3, 2;
close $s1;
diff --git a/t/local/36_verify.t b/t/local/36_verify.t
index 2837288..b04be13 100644
--- a/t/local/36_verify.t
+++ b/t/local/36_verify.t
@@ -252,8 +252,9 @@ sub client {
Net::SSLeay::set_fd($ssl, $cl);
Net::SSLeay::connect($ssl);
my $end = "end";
- Net::SSLeay::write($ssl, $end);
- ok($end eq Net::SSLeay::read($ssl), 'Successful termination');
+ Net::SSLeay::ssl_write_all($ssl, $end);
+ Net::SSLeay::shutdown($ssl);
+ ok($end eq Net::SSLeay::ssl_read_all($ssl), 'Successful termination');
return;
}
@@ -291,10 +292,10 @@ sub run_server
next unless $ret == 1;
# Termination request or other message from client
- my $msg = Net::SSLeay::read($ssl);
+ my $msg = Net::SSLeay::ssl_read_all($ssl);
if (defined $msg and $msg eq 'end')
{
- Net::SSLeay::write($ssl, 'end');
+ Net::SSLeay::ssl_write_all($ssl, 'end');
exit (0);
}
}
--
2.14.4

70
Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch Normal file
View File

@ -0,0 +1,70 @@
From 122c80853a9bd66f21699fc79a689b3028d00d3b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 17 Aug 2018 13:08:44 +0200
Subject: [PATCH] Move SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE retry from
write_partial()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Original OpenSSL 1.1.1 fix broke IO-Socket-SSL-2.058's t/nonblock.t test
because it tests non-blocking socket operations and expects to see
SSL_ERROR_WANT_WRITE errors and to handle them byt itself.
This patch purifies Net::SSLeay::write_partial() to behave exactly as
underlying OpenSSL SSL_write() function. The retry is already
presented in Net::SSLeay::ssl_write_all().
All applications should implement the retry themsleves or use
ssl_*_all() instead.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
SSLeay.xs | 16 ++--------------
lib/Net/SSLeay.pod | 3 ++-
2 files changed, 4 insertions(+), 15 deletions(-)
diff --git a/SSLeay.xs b/SSLeay.xs
index 7cb6eab..fc7677f 100644
--- a/SSLeay.xs
+++ b/SSLeay.xs
@@ -2089,20 +2089,8 @@ SSL_write_partial(s,from,count,buf)
if (len < 0) {
croak("from beyound end of buffer");
RETVAL = -1;
- } else {
- int ret;
- int err;
-
- do {
- ret = SSL_write (s, &(buf[from]), (count<=len)?count:len);
- if (ret > 0)
- break;
- err = SSL_get_error(s, ret);
- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
- break;
- } while (1);
- RETVAL = ret;
- }
+ } else
+ RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len);
OUTPUT:
RETVAL
diff --git a/lib/Net/SSLeay.pod b/lib/Net/SSLeay.pod
index bca7be4..8b5f738 100644
--- a/lib/Net/SSLeay.pod
+++ b/lib/Net/SSLeay.pod
@@ -4819,7 +4819,8 @@ Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_write.html|http://www.op
B<NOTE:> Does not exactly correspond to any low level API function
-Writes a fragment of data in $data from the buffer $data into the specified $ssl connection.
+Writes a fragment of data in $data from the buffer $data into the specified
+$ssl connection. This is a non-blocking function like L<Net::SSLeay::write()>.
my $rv = Net::SSLeay::write_partial($ssl, $from, $count, $data);
# $ssl - value corresponding to openssl's SSL structure
--
2.14.4

9
perl-Net-SSLeay.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Tue Sep 4 14:44:25 UTC 2018 - Vítězslav Čížek <vcizek@suse.com>
- Add patches to support openssl 1.1.1 from Fedora
* Net-SSLeay-1.85-Avoid-SIGPIPE-in-t-local-36_verify.t.patch
* Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
* Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
* Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
-------------------------------------------------------------------
Mon Aug 27 09:35:57 UTC 2018 - tchvatal@suse.com

9
perl-Net-SSLeay.spec
View File

@ -25,6 +25,14 @@ License: Artistic-2.0
Group: Development/Libraries/Perl
URL: http://search.cpan.org/dist/Net-SSLeay/
Source: http://www.cpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz
# Adapt to OpenSSL 1.1.1, bug RH#1614884, CPAN RT#125218
Patch0: Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
# Avoid SIGPIPE in t/local/36_verify.t, CPAN RT#125218
Patch2: Net-SSLeay-1.85-Avoid-SIGPIPE-in-t-local-36_verify.t.patch
# Revert retry in Net::SSLeay::{read,write}(), CPAN RT#125218
Patch3: Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
# Revert retry in Net::SSLeay::write_partial(), CPAN RT#125218
Patch4: Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
BuildRequires: libopenssl-devel
BuildRequires: openssl
BuildRequires: perl
@ -46,6 +54,7 @@ Net::SSLeay module basically comprise of:
%prep
%setup -q -n %{cpan_name}-%{version}
%autopatch -p1
# replace rest of /usr/local/bin/perl with /usr/bin/perl
for f in $(find . -type f -exec grep -l "%{_prefix}/local/bin/perl" {} \; ); do
sed -i -e "s@%{_prefix}/local/bin/perl@perl@g" $f