From 5fb205c63854207a9216c6ffb9026ebb2734143f Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sun, 31 Jan 2016 15:22:17 -0500 Subject: gnu: perl-io-socket-ssl: Add workaround for OpenSSL-1.0.2f. * gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/web.scm (perl-io-socket-ssl)[source]: Add patch. --- gnu-system.am | 1 + .../perl-io-socket-ssl-openssl-1.0.2f-fix.patch | 33 ++++++++++++++++++++++ gnu/packages/web.scm | 7 +++-- 3 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch diff --git a/gnu-system.am b/gnu-system.am index 66cd039a7c..87ce88ada0 100644 --- a/gnu-system.am +++ b/gnu-system.am @@ -650,6 +650,7 @@ dist_patch_DATA = \ gnu/packages/patches/perl-deterministic-ordering.patch \ gnu/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \ gnu/packages/patches/perl-gd-options-passthrough-and-fontconfig.patch \ + gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch \ gnu/packages/patches/perl-net-amazon-s3-moose-warning.patch \ gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch \ gnu/packages/patches/perl-no-build-time.patch \ diff --git a/gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch b/gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch new file mode 100644 index 0000000000..f2166aebfd --- /dev/null +++ b/gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch @@ -0,0 +1,33 @@ +Work around a problem arising from the update to OpenSSL 1.0.2f, based on the +following upstream commit: + + https://github.com/noxxi/p5-io-socket-ssl/commit/6e23ee4a433f83f1065bd2467255eba5ee9b1ddd + +Attempting to update to IO-Socket-SSL-2.023, which includes this commit, +caused other test failures. See: + + https://lists.gnu.org/archive/html/guix-devel/2016-01/msg01032.html + +Description from the upstream commit: + + OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection + was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). + This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) + which caused an endless loop. It will now ignore this result in case the TLS + connection was not yet established and consider the TLS connection closed + instead. + +--- IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm.orig 2014-10-21 16:51:16.000000000 -0400 ++++ IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm 2016-01-31 15:07:14.971099894 -0500 +@@ -1213,6 +1213,11 @@ + # shutdown complete + last; + } ++ if ((${*$self}{'_SSL_opened'}||0) <= 0) { ++ # not really open, thus don't expect shutdown to return ++ # something meaningful ++ last; ++ } + + # initiate or complete shutdown + local $SIG{PIPE} = 'IGNORE'; diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index a4f4c021e4..516e623f10 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2013, 2015 Andreas Enge ;;; Copyright © 2013 Aljosha Papsch ;;; Copyright © 2014, 2015, 2016 Ludovic Courtès -;;; Copyright © 2014, 2015 Mark H Weaver +;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2015 Ricardo Wurmus ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2015, 2016 Eric Bavier @@ -2292,7 +2292,10 @@ and IPv6 sockets, intended as a replacement for IO::Socket::INET.") "IO-Socket-SSL-" version ".tar.gz")) (sha256 (base32 - "1mph52lw6x5v44wf8mw00llzi8pp6k5c4jnrnrvlacrlfv260jb8")))) + "1mph52lw6x5v44wf8mw00llzi8pp6k5c4jnrnrvlacrlfv260jb8")) + (patches + (list + (search-patch "perl-io-socket-ssl-openssl-1.0.2f-fix.patch"))))) (build-system perl-build-system) (propagated-inputs `(("perl-net-ssleay" ,perl-net-ssleay))) (synopsis "Nearly transparent SSL encapsulation for IO::Socket::INET") -- cgit v1.2.3