diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/Net-SSLeay-1.90-openssl3.0.0-tests-disable_TLS1_and_TLS1_1.patch b/Net-SSLeay-1.90-openssl3.0.0-tests-disable_TLS1_and_TLS1_1.patch index 8cc220c..53c45dc 100644 --- a/Net-SSLeay-1.90-openssl3.0.0-tests-disable_TLS1_and_TLS1_1.patch +++ b/Net-SSLeay-1.90-openssl3.0.0-tests-disable_TLS1_and_TLS1_1.patch @@ -1,12 +1,12 @@ -diff -ru Net-SSLeay-1.90.orig/t/local/44_sess.t Net-SSLeay-1.90/t/local/44_sess.t ---- Net-SSLeay-1.90.orig/t/local/44_sess.t 2020-12-12 14:55:23.000000000 +0100 -+++ Net-SSLeay-1.90/t/local/44_sess.t 2021-06-04 18:50:09.733150048 +0200 -@@ -13,13 +13,13 @@ +diff -up Net-SSLeay-1.94/t/local/44_sess.t.orig Net-SSLeay-1.94/t/local/44_sess.t +--- Net-SSLeay-1.94/t/local/44_sess.t.orig 2024-06-17 15:55:57.760001634 +0200 ++++ Net-SSLeay-1.94/t/local/44_sess.t 2024-06-17 15:57:33.333795022 +0200 +@@ -15,13 +15,13 @@ use English qw( $EVAL_ERROR $OSNAME $PER if (not can_fork()) { plan skip_all => "fork() not supported on this system"; } else { -- plan tests => 58; -+ plan tests => 34; +- plan tests => 67; ++ plan tests => 39; } initialise_libssl(); @@ -17,15 +17,15 @@ diff -ru Net-SSLeay-1.90.orig/t/local/44_sess.t Net-SSLeay-1.90/t/local/44_sess. TLSv1.3-num-tickets-ctx-6 TLSv1.3-num-tickets-ctx-0 ); -diff -ru Net-SSLeay-1.90.orig/t/local/45_exporter.t Net-SSLeay-1.90/t/local/45_exporter.t ---- Net-SSLeay-1.90.orig/t/local/45_exporter.t 2020-12-12 14:55:23.000000000 +0100 -+++ Net-SSLeay-1.90/t/local/45_exporter.t 2021-06-04 18:50:13.931192784 +0200 -@@ -15,12 +15,12 @@ +diff -up Net-SSLeay-1.94/t/local/45_exporter.t.orig Net-SSLeay-1.94/t/local/45_exporter.t +--- Net-SSLeay-1.94/t/local/45_exporter.t.orig 2024-06-17 15:57:56.945991033 +0200 ++++ Net-SSLeay-1.94/t/local/45_exporter.t 2024-06-17 16:00:55.358499773 +0200 +@@ -16,12 +16,12 @@ if (not can_fork()) { } elsif (!defined &Net::SSLeay::export_keying_material) { plan skip_all => "No export_keying_material()"; } else { -- plan tests => 36; -+ plan tests => 18; +- plan tests => 37; ++ plan tests => 19; } initialise_libssl(); diff --git a/gating.yaml b/gating.yaml index c190bde..475371b 100644 --- a/gating.yaml +++ b/gating.yaml @@ -3,4 +3,5 @@ product_versions: - rhel-9 decision_context: osci_compose_gate rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} diff --git a/perl-Net-SSLeay.spec b/perl-Net-SSLeay.spec index e5550d8..e0405b9 100644 --- a/perl-Net-SSLeay.spec +++ b/perl-Net-SSLeay.spec @@ -5,10 +5,10 @@ %endif Name: perl-Net-SSLeay -Version: 1.92 -Release: 2%{?dist} +Version: 1.94 +Release: 1%{?dist} Summary: Perl extension for using OpenSSL -License: Artistic 2.0 +License: Artistic-2.0 URL: https://metacpan.org/release/Net-SSLeay Source0: https://cpan.metacpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz Patch1: Net-SSLeay-1.90-pkgconfig.patch @@ -24,7 +24,6 @@ BuildRequires: perl-devel BuildRequires: perl-generators BuildRequires: perl-interpreter BuildRequires: perl(constant) -BuildRequires: perl(Cwd) BuildRequires: perl(English) BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 BuildRequires: perl(ExtUtils::PkgConfig) @@ -38,34 +37,38 @@ BuildRequires: perl(utf8) # =========== Module Runtime ========================= BuildRequires: perl(AutoLoader) BuildRequires: perl(Carp) +BuildRequires: perl(Errno) BuildRequires: perl(Exporter) BuildRequires: perl(MIME::Base64) BuildRequires: perl(Socket) +BuildRequires: perl(vars) BuildRequires: perl(XSLoader) # =========== Test Suite ============================= +BuildRequires: perl(base) BuildRequires: perl(Config) +BuildRequires: perl(Cwd) BuildRequires: perl(File::Spec) BuildRequires: perl(FindBin) BuildRequires: perl(HTTP::Tiny) BuildRequires: perl(IO::Handle) BuildRequires: perl(IO::Socket::INET) BuildRequires: perl(lib) +BuildRequires: perl(Scalar::Util) +BuildRequires: perl(SelectSaver) BuildRequires: perl(Storable) BuildRequires: perl(strict) BuildRequires: perl(Test::Builder) BuildRequires: perl(Test::More) >= 0.61 BuildRequires: perl(threads) BuildRequires: perl(warnings) -# =========== Optional Test Suite ==================== +# =========== Optional Tests ========================= %if %{with perl_Net_SSLeay_enables_optional_test} -BuildRequires: perl(Test::Exception) +BuildRequires: perl(Crypt::OpenSSL::Bignum) # Test::Kwalitee 1.00 not used -BuildRequires: perl(Test::NoWarnings) -BuildRequires: perl(Test::Pod) >= 1.0 +BuildRequires: perl(Test::Pod) >= 1.41 # Test::Pod::Coverage 1.00 not used -BuildRequires: perl(Test::Warn) %endif -# =========== Module Runtime ========================= +# =========== Module Dependencies ==================== Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl(MIME::Base64) Requires: perl(XSLoader) @@ -73,6 +76,11 @@ Requires: perl(XSLoader) # Don't "provide" private Perl libs or the redundant unversioned perl(Net::SSLeay) provide %global __provides_exclude ^(perl\\(Net::SSLeay\\)$|SSLeay\\.so) +# Filter modules bundled for tests +%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir} +%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(Test::Net::SSLeay.*\\) +%global __requires_exclude %{__requires_exclude}|^perl\\(Net::PcapWriter\\) + %description This module offers some high level convenience functions for accessing web pages on SSL servers (for symmetry, same API is offered for @@ -80,26 +88,41 @@ accessing http servers, too), a sslcat() function for writing your own clients, and finally access to the SSL API of SSLeay/OpenSSL package so you can write servers or clients for more complicated applications. +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: perl-Test-Harness + +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". + %prep %setup -q -n Net-SSLeay-%{version} # Get libraries to link against from pkg-config # https://github.com/radiator-software/p5-net-ssleay/pull/127 -%patch1 +%patch -P1 # Disable TLS1 and TLS1_1 from tests -%patch2 -p1 +%patch -P2 -p1 # Fix permissions in examples to avoid bogus doc-file dependencies chmod -c 644 examples/* +# Help generators to recognize Perl scripts +for F in `find t -name *.t -o -name *.pl`; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F" + chmod +x "$F" +done + %build unset OPENSSL_PREFIX PERL_MM_USE_DEFAULT=1 perl Makefile.PL \ INSTALLDIRS=vendor \ NO_PACKLIST=1 \ NO_PERLLOCAL=1 \ - OPTIMIZE="%{optflags}" %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/sh +unset RELEASE_TESTING +cd %{_libexecdir}/%{name} && exec prove -I . -r -j "$(getconf _NPROCESSORS_ONLN)" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test + + %check unset RELEASE_TESTING OPENSSL_ENABLE_SHA1_SIGNATURES=1 make test @@ -125,7 +163,32 @@ OPENSSL_ENABLE_SHA1_SIGNATURES=1 make test %{_mandir}/man3/Net::SSLeay.3* %{_mandir}/man3/Net::SSLeay::Handle.3* +%files tests +%{_libexecdir}/%{name} + %changelog +* Mon Jun 17 2024 Jitka Plesnikova - 1.94-1 +- Resolves: RHEL-40758 +- Update to 1.94 + - Net::SSLeay now officially supports all stable releases of OpenSSL 3.1 and + 3.2, and LibreSSL 3.5-3.8 + - Many noisy compiler warnings have been silenced - if SSLeay.xs fails to + compile, it should now be much easier to identify the cause + - libcrypto's OPENSSL_init_crypto() function and libssl's OPENSSL_init_ssl() + function are now exposed, enabling fine-grained control over the + initialisation and configuration of both libraries + - libssl functions implementing TLS 1.3 PSK authentication are now exposed, + in particular SSL_CTX_set_psk_find_session_callback() (on the server side) + and SSL_CTX_set_psk_use_session_callback() (on the client side) + - libssl functions implementing server-side TLS 1.2 PSK authentication are + now exposed, in particular SSL_CTX_set_psk_server_callback() + - libssl's SSL_CTX_set_client_hello_cb() function is now exposed, allowing a + TLS server to set a callback function that is executed when the server + processes a ClientHello message + - Many more libcrypto/libssl constants and functions are now exposed; see the + release notes for the 1.93 developer releases for a full list +- Package tests + * Wed Jul 27 2022 Jitka Plesnikova - 1.92-2 - Enable using SHA1 for tests - Resolves: rhbz#2107670 diff --git a/plans/sanity.fmf b/plans/sanity.fmf new file mode 100644 index 0000000..a72ded4 --- /dev/null +++ b/plans/sanity.fmf @@ -0,0 +1,5 @@ +summary: Sanity tests +discover: + how: fmf +execute: + how: tmt diff --git a/sources b/sources index 9bb0820..599f61f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (Net-SSLeay-1.92.tar.gz) = e9d9161ebeb7be90f4c7a0ea98f1034892ce6d33aa72872683177b19daa1f4c5819f85ea9a052a076ec8d7c21705f6c344aef64680bc881bf3218d38e8b7b173 +SHA512 (Net-SSLeay-1.94.tar.gz) = f1461667269f3da56ff7e1724b5511b95c34582250f8336e9f93d30f3b30d4a5360eb27622b9730bba11df75e00d717c7f0cea2120d20206723db136a8509375 diff --git a/tests/upstream-tests.fmf b/tests/upstream-tests.fmf new file mode 100644 index 0000000..92dd8c2 --- /dev/null +++ b/tests/upstream-tests.fmf @@ -0,0 +1,15 @@ +summary: Upstream tests +contact: Jitka Plesnikova +component: perl-Net-SSLeay +require: perl-Net-SSLeay-tests +test: /usr/libexec/perl-Net-SSLeay/test +enabled: true +tag: + - rhel-buildroot + - TestCaseCopy + - Tier1 +tier: '1' +adjust: + - enabled: false + when: distro = rhel-9 or distro = centos-stream-9 + continue: false