guix/gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch
Mark H Weaver 5fb205c638 gnu: perl-io-socket-ssl: Add workaround for OpenSSL-1.0.2f.
* gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-io-socket-ssl)[source]: Add patch.
2016-02-04 00:15:21 -05:00

33 lines
1.3 KiB
Diff

Work around a problem arising from the update to OpenSSL 1.0.2f, based on the
following upstream commit:
https://github.com/noxxi/p5-io-socket-ssl/commit/6e23ee4a433f83f1065bd2467255eba5ee9b1ddd
Attempting to update to IO-Socket-SSL-2.023, which includes this commit,
caused other test failures. See:
https://lists.gnu.org/archive/html/guix-devel/2016-01/msg01032.html
Description from the upstream commit:
OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection
was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9).
This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying)
which caused an endless loop. It will now ignore this result in case the TLS
connection was not yet established and consider the TLS connection closed
instead.
--- IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm.orig 2014-10-21 16:51:16.000000000 -0400
+++ IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm 2016-01-31 15:07:14.971099894 -0500
@@ -1213,6 +1213,11 @@
# shutdown complete
last;
}
+ if ((${*$self}{'_SSL_opened'}||0) <= 0) {
+ # not really open, thus don't expect shutdown to return
+ # something meaningful
+ last;
+ }
# initiate or complete shutdown
local $SIG{PIPE} = 'IGNORE';