Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/perl-Net-SSLeay.git#ebcaf5749f4556c561430d562f18434f4707e9f5
2021-01-22 09:08:35 +00:00 · 2021-01-22 09:08:35 +00:00 · a8ba4dee5c
commit a8ba4dee5c
parent 8180a33cac
4 changed files with 23 additions and 154 deletions
--- a/Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
+++ b/Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
@ -1,128 +0,0 @@
-From 25ae268277121eeecd29830dec6a0229e4f8fbcb Mon Sep 17 00:00:00 2001
-From: Heikki Vatiainen <hvn@radiatorsoftware.com>
-Date: Fri, 20 Mar 2020 10:49:35 +0200
-Subject: GH-160 Call Net::SSLeay::shutdown() from SSLeay::sslcat()
- and t/local/07_sslecho.t. (#161)
-
-Fix for GH-160 seems to require SSL_shutdown() calls which were missing from
-t/local/07_sslecho.t and Net::SSLeay::sslcat()
-
-These seem to relate to this change in OpenSSL
-'Detect EOF while reading in libssl':
-https://github.com/openssl/openssl/commit/db943f43a60d1b5b1277e4b5317e8f288e7a0a3a
-
-The newly added OpenSSL error message 'unexpected eof while reading' was seen
-before the SSL_shutdown() calls were added.
---
- lib/Net/SSLeay.pm    |  1 +
- t/local/07_sslecho.t | 30 ++++++++++++++++++++++++++++--
- 2 files changed, 29 insertions(+), 2 deletions(-)
-
-diff --git a/lib/Net/SSLeay.pm b/lib/Net/SSLeay.pm
-index 7f14519..2cf79ed 100644
--- a/lib/Net/SSLeay.pm
-+++ b/lib/Net/SSLeay.pm
-@@ -1120,6 +1120,7 @@ sub sslcat { # address, port, message, $crt, $key --> reply / (reply,errs,cert)
-     goto cleanup unless $written;
- 
-     sleep $slowly if $slowly;  # Closing too soon can abort broken servers
-+    Net::SSLeay::shutdown($ssl); # Useful starting with OpenSSL 1.1.1e
-     CORE::shutdown SSLCAT_S, 1;  # Half close --> No more output, send EOF to server
- 
-     warn "waiting for reply...\n" if $trace>2;
-diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
-index e876715..2ef4baf 100644
--- a/t/local/07_sslecho.t
-+++ b/t/local/07_sslecho.t
-@@ -13,7 +13,7 @@ BEGIN {
-   plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
- }
- 
-plan tests => 102;
-+plan tests => 122;
- $SIG{'PIPE'} = 'IGNORE';
- 
- my $sock;
-@@ -103,8 +103,28 @@ Net::SSLeay::library_init();
- 
-             my $got = Net::SSLeay::ssl_read_all($ssl);
-             is($got, $msg, 'ssl_read_all') if $_ < 7;
-+
-+	    is(Net::SSLeay::get_shutdown($ssl), Net::SSLeay::RECEIVED_SHUTDOWN(), 'shutdown from peer');
-             ok(Net::SSLeay::ssl_write_all($ssl, uc($got)), 'ssl_write_all');
- 
-+	    # With 1.1.1e and $Net::SSLeay::trace=3 you'll see these without shutdown:
-+	    # SSL_read 9740: 1 - error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
-+	    my $sret = Net::SSLeay::shutdown($ssl);
-+	    if ($sret < 0)
-+	    {
-+		# ERROR_SYSCALL seen on < 1.1.1, if so also print errno string
-+		my $err = Net::SSLeay::get_error($ssl, $sret);
-+		my $extra = ($err == Net::SSLeay::ERROR_SYSCALL()) ? "$err, $!" : "$err";
-+
-+		ok($err == Net::SSLeay::ERROR_ZERO_RETURN() ||
-+		   $err == Net::SSLeay::ERROR_SYSCALL(),
-+		    "server shutdown not success, but acceptable: $extra");
-+	    }
-+	    else
-+	    {
-+		pass('server shutdown success');
-+	    }
-+
-             Net::SSLeay::free($ssl);
-             close $ns;
-         }
-@@ -143,6 +163,7 @@ my @results;
-     push @results, [ Net::SSLeay::get_cipher($ssl), 'get_cipher' ];
- 
-     push @results, [ Net::SSLeay::ssl_write_all($ssl, $msg), 'write' ];
-+    push @results, [ Net::SSLeay::shutdown($ssl) >= 0, 'client side ssl shutdown' ];
-     shutdown($s, 1);
- 
-     my $got = Net::SSLeay::ssl_read_all($ssl);
-@@ -185,6 +206,7 @@ my @results;
- 
-             Net::SSLeay::ssl_write_all($ssl, $msg);
- 
-+	    push @results, [Net::SSLeay::shutdown($ssl) >= 0, 'verify: client side ssl shutdown' ];
-             shutdown $s, 2;
-             close $s;
-             Net::SSLeay::free($ssl);
-@@ -238,14 +260,17 @@ my @results;
- 
-             Net::SSLeay::connect($ssl1);
-             Net::SSLeay::ssl_write_all($ssl1, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl1) >= 0, 'client side ssl1 shutdown' ];
-             shutdown $s1, 2;
- 
-             Net::SSLeay::connect($ssl2);
-             Net::SSLeay::ssl_write_all($ssl2, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl2) >= 0, 'client side ssl2 shutdown' ];
-             shutdown $s2, 2;
- 
-             Net::SSLeay::connect($ssl3);
-             Net::SSLeay::ssl_write_all($ssl3, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl3) >= 0, 'client side ssl3 shutdown' ];
-             shutdown $s3, 2;
- 
-             close $s1;
-@@ -362,6 +387,7 @@ my @results;
-     my $written = Net::SSLeay::ssl_write_all($ssl, \$data);
-     push @results, [ $written == length $data, 'ssl_write_all' ];
- 
-+    push @results, [Net::SSLeay::shutdown($ssl) >= 0, 'client side aaa write ssl shutdown' ];
-     shutdown $s, 1;
- 
-     my $got = Net::SSLeay::ssl_read_all($ssl);
-@@ -377,7 +403,7 @@ waitpid $pid, 0;
- push @results, [ $? == 0, 'server exited with 0' ];
- 
- END {
-    Test::More->builder->current_test(73);
-+    Test::More->builder->current_test(87);
-     for my $t (@results) {
-         ok( $t->[0], $t->[1] );
-     }
-- 
-2.25.1
-
--- a/Net-SSLeay-1.86_09-pkgconfig.patch
+++ b/Net-SSLeay-1.86_09-pkgconfig.patch
@ -1,23 +1,15 @@
 --- Makefile.PL
 +++ Makefile.PL
-@@ -201,11 +201,16 @@ EOM
+@@ -209,7 +209,12 @@ EOM
         @{ $opts->{lib_links} } = map { $_ =~ s/32\b//g } @{ $opts->{lib_links} } if $Config{use64bitall};
     }
     else {
-        push @{ $opts->{lib_links} },
-             ($rsaref
-              ? qw( ssl crypto RSAglue rsaref z )
-              : qw( ssl crypto z )
-             );
+-        push @{ $opts->{lib_links} }, qw( ssl crypto z );
 +        if ( eval { require ExtUtils::PkgConfig; ExtUtils::PkgConfig->VERSION('1.16') } && ExtUtils::PkgConfig->exists('openssl') ) {
 +            push @{ $opts->{lib_links} }, map { s/^-l//; $_ } split(' ', ExtUtils::PkgConfig->libs_only_l('openssl'));
 +        }
 +        else {
-+            push @{ $opts->{lib_links} },
-+                 ($rsaref
-+                  ? qw( ssl crypto RSAglue rsaref z )
-+                  : qw( ssl crypto z )
-+                 );
+             push @{ $opts->{lib_links} }, qw( ssl crypto z );
 +        }
 
         if (($Config{cc} =~ /aCC/i) && $^O eq 'hpux') {
--- a/perl-Net-SSLeay.spec
+++ b/perl-Net-SSLeay.spec
@ -4,18 +4,14 @@
 %{bcond_with perl_Net_SSLeay_enables_optional_test}
 %endif

-# Provides/Requires filtering is different from rpm 4.9 onwards
-%global rpm49 %(rpm --version | perl -p -e 's/^.* (\\d+)\\.(\\d+).*/sprintf("%d.%03d",$1,$2) ge 4.009 ? 1 : 0/e' 2>/dev/null || echo 0)
-
 Name:		perl-Net-SSLeay
-Version:	1.88
-Release:	9%{?dist}
+Version:	1.90
+Release:	1%{?dist}
 Summary:	Perl extension for using OpenSSL
 License:	Artistic 2.0
 URL:		https://metacpan.org/release/Net-SSLeay
 Source0:	https://cpan.metacpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz
-Patch0:		Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
-Patch10:	Net-SSLeay-1.86_09-pkgconfig.patch
+Patch10:	Net-SSLeay-1.90-pkgconfig.patch
 # =========== Module Build ===========================
 BuildRequires:	coreutils
 BuildRequires:	findutils
@ -33,6 +29,7 @@ BuildRequires:	perl(ExtUtils::MM)
 BuildRequires:	perl(File::Basename)
 BuildRequires:	perl(File::Path)
 BuildRequires:	perl(Symbol)
+BuildRequires:	perl(utf8)
 # =========== Module Runtime =========================
 BuildRequires:	perl(AutoLoader)
 BuildRequires:	perl(Carp)
@ -80,12 +77,6 @@ so you can write servers or clients for more complicated applications.
 %prep
 %setup -q -n Net-SSLeay-%{version}

-# Add SSL_shutdown() calls in Net::SSLeay::sslcat() and t/local/07_sslecho.t
-# to fix compatibility with OpenSSL 1.1.1e
-# https://github.com/radiator-software/p5-net-ssleay/issues/160
-# https://github.com/radiator-software/p5-net-ssleay/pull/161
-%patch0 -p1
-
 # Get libraries to link against from pkg-config
 # https://github.com/radiator-software/p5-net-ssleay/pull/127
 %patch10
@ -93,7 +84,6 @@ so you can write servers or clients for more complicated applications.
 # Fix permissions in examples to avoid bogus doc-file dependencies
 chmod -c 644 examples/*

-
 %build
 unset OPENSSL_PREFIX
 PERL_MM_USE_DEFAULT=1 perl Makefile.PL \
@ -127,6 +117,21 @@ make test
 %{_mandir}/man3/Net::SSLeay::Handle.3*

 %changelog
+* Thu Jan 21 2021 Paul Howarth <paul@city-fan.org> - 1.90-1
+- Update to 1.90
+  - Formalised libssl version support policy: all stable versions of OpenSSL
+    in the 0.9.8-1.1.1 branches (with the exception of 0.9.8-0.9.8b) and all
+    stable releases of LibreSSL in the 2.0-3.1 series are supported
+  - The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3
+    implementation is not currently libssl-compatible
+  - Added support for LibreSSL on Windows when built with Visual C++
+  - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and
+    several stack functions
+  - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and
+    CTX_set_alpn_select_cb
+  - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as
+    OpenSSL security level 2 (the default on many Linux distributions)
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.88-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (Net-SSLeay-1.88.tar.gz) = 37fc32ec003337f3dc18bf928139079a3127628c6fa0fccaed0c27b6bf3b216c2c5338ed1aaf9408b0add3be549df3218d3c5a6d6299793c1329d8a0813a1682
+SHA512 (Net-SSLeay-1.90.tar.gz) = 8a5f251b5ef1d8c2d619d984594a7a22ddeed2e5e726fe683a45f299d7878f4ca8ffab00480ebf5ef7a94ae1fcf6be05dfdaa68b8bfe2ad68443150765adb891