Fix FTBFS with OpenSSL 1.1.1e

https://github.com/noxxi/p5-io-socket-ssl/issues/93

IO-Socket-SSL-2.067-openssl-1.1.1e.patch

@@ -0,0 +1,44 @@
+--- lib/IO/Socket/SSL.pm
++++ lib/IO/Socket/SSL.pm
+@@ -38,6 +38,7 @@ BEGIN {
+ # results from commonly used constant functions from Net::SSLeay for fast access
+ my $Net_SSLeay_ERROR_WANT_READ   = Net::SSLeay::ERROR_WANT_READ();
+ my $Net_SSLeay_ERROR_WANT_WRITE  = Net::SSLeay::ERROR_WANT_WRITE();
++my $Net_SSLeay_ERROR_SSL         = Net::SSLeay::ERROR_SSL();
+ my $Net_SSLeay_ERROR_SYSCALL     = Net::SSLeay::ERROR_SYSCALL();
+ my $Net_SSLeay_VERIFY_NONE       = Net::SSLeay::VERIFY_NONE();
+ my $Net_SSLeay_VERIFY_PEER       = Net::SSLeay::VERIFY_PEER();
+@@ -1196,6 +1197,11 @@ sub _generic_read {
+ 		    last;
+ 		}
+ 	    }
++	    if ($err == $Net_SSLeay_ERROR_SSL) {
++		# OpenSSL 1.1.1e+
++		$data = '';
++		last;
++	    }
+ 	    $self->error("SSL read error");
+ 	}
+ 	return;
+@@ -1274,6 +1280,11 @@ sub _generic_write {
+     }
+     if ( !defined($written) ) {
+ 	if ( my $err = $self->_skip_rw_error( $ssl,-1 )) {
++	    # if ERROR_SSL then make it look like it used to do
++	    if ( $err == $Net_SSLeay_ERROR_SSL ) {
++	        $err = $Net_SSLeay_ERROR_SYSCALL;
++	        $! = 0;
++	    }
+ 	    # if $! is not set with ERROR_SYSCALL then report as EPIPE
+ 	    $! ||= EPIPE if $err == $Net_SSLeay_ERROR_SYSCALL;
+ 	    $self->error("SSL write error ($err)");
+--- t/core.t
++++ t/core.t
+@@ -130,6 +130,7 @@ unless (fork) {
+ 		    4.0,
+ 		    ord("y"),
+ 		    "Test\nBeaver\nBeaver\n");
++    Net::SSLeay::shutdown($client->_get_ssl_object);
+     shutdown($client, 1);
+ 
+     my $buffer="\0\0aaaaaaaaaaaaaaaaaaaa";

IO-Socket-SSL-2.067-use-system-default-SSL-version.patch

@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -194,7 +194,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
+@@ -195,7 +195,7 @@ if ( defined &Net::SSLeay::CTX_set_min_p
  # global defaults
  my %DEFAULT_SSL_ARGS = (
      SSL_check_crl => 0,
@@ -9,7 +9,7 @@
      SSL_verify_callback => undef,
      SSL_verifycn_scheme => undef,  # fallback cn verification
      SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2383,7 +2383,7 @@ sub new {
+@@ -2394,7 +2394,7 @@ sub new {
  
      my $ssl_op = $DEFAULT_SSL_OP;
  

IO-Socket-SSL-2.067-use-system-default-cipher-list.patch

@@ -1,6 +1,6 @@
 --- lib/IO/Socket/SSL.pm
 +++ lib/IO/Socket/SSL.pm
-@@ -202,77 +202,17 @@ my %DEFAULT_SSL_ARGS = (
+@@ -203,77 +203,17 @@ my %DEFAULT_SSL_ARGS = (
      SSL_npn_protocols => undef,    # meaning depends whether on server or client side
      SSL_alpn_protocols => undef,   # list of protocols we'll accept/send, for example ['http/1.1','spdy/3.1']
  

perl-IO-Socket-SSL.spec

@@ -3,7 +3,7 @@
 
 Name:		perl-IO-Socket-SSL
 Version:	2.067
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	Perl library for transparent SSL
 License:	(GPL+ or Artistic) and MPLv2.0
 URL:		https://metacpan.org/release/IO-Socket-SSL
@@ -13,6 +13,7 @@ Patch1:		IO-Socket-SSL-2.067-use-system-default-SSL-version.patch
 # A test for Enable-Post-Handshake-Authentication-TLSv1.3-feature.patch,
 # bug #1632660, requires openssl tool
 Patch2:		IO-Socket-SSL-2.066-Test-client-performs-Post-Handshake-Authentication.patch
+Patch3:		IO-Socket-SSL-2.067-openssl-1.1.1e.patch
 BuildArch:	noarch
 # Module Build
 BuildRequires:	coreutils
@@ -79,6 +80,10 @@ mod_perl.
 %prep
 %setup -q -n IO-Socket-SSL-%{version}
 
+# Fix FTBFS with OpenSSL 1.1.1e
+# https://github.com/noxxi/p5-io-socket-ssl/issues/93
+%patch3
+
 # Use system-wide default cipher list to support use of system-wide
 # crypto policy (#1076390, #1127577, CPAN RT#97816)
 # https://fedoraproject.org/wiki/Changes/CryptoPolicy
@@ -122,6 +127,10 @@ make test
 %{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
 
 %changelog
+* Sat Mar 21 2020 Paul Howarth <paul@city-fan.org> - 2.067-2
+- Fix FTBFS with OpenSSL 1.1.1e
+  https://github.com/noxxi/p5-io-socket-ssl/issues/93
+
 * Sat Feb 15 2020 Paul Howarth <paul@city-fan.org> - 2.067-1
 - Update to 2.067
   - Fix memory leak on incomplete handshake (GH#92)