[Net-ssleay-devel] IO::Socket::SSL failures caused by Net::SSLeay
linked against openssl 0.9.8
Mike McCauley
mikem at open.com.au
Thu Dec 8 23:02:38 UTC 2005
Hello Florian,
I hope you got this email. I did not see a reply to it?
Cheers.
On Saturday 03 December 2005 16:33, Mike McCauley wrote:
> Hello again Florian,
>
> On Saturday 03 December 2005 13:36, Mike McCauley wrote:
> > Hello Florian.
> >
> > On Thursday 01 December 2005 22:35, Florian Ragwitz wrote:
> > > On Thu, Dec 01, 2005 at 04:59:57PM +1000, Mike McCauley wrote:
> > > > Hello Florian,
> > > >
> > > > On Thursday 01 December 2005 12:09, Florian Ragwitz wrote:
> > > > > On Thu, Dec 01, 2005 at 09:54:29AM +1000, Mike McCauley wrote:
> > > > > > Hmmm, tested OK here with
> > > > > >
> > > > > > Debian 3.1r0a
> > > > > > perl, v5.8.4 part of default deb install
> > > > > > openssl 0.9.8a compiled locally with all defaults
> > > > > > Net_SSLeay 1.25 compiled locally with all defaults
> > > > > > IO-Socket-SSL 0.97 compiled locally with all defaults:
> > > > >
> > > > > That's stable. Please try unstable with the packages for all those
> > > > > modules.
> > > >
> > > > OK, I have tried with latest etch beta1 i386, using the prepackaged
> > > > perl 5.8.7
> > >
> > > Well, it doesn't matter what installer you use. Simply change the
> > > sarge(stable) or etch(testing) in /etc/apt/sources.list to unstable and
> > > run apt-get update; apt-get dist-upgrade;
> > >
> > > Then you're on the development version.
> >
> > OK, I can reproduce this problem now.
> >
> > The problem seems to be in the code inside the fork in IO::Socket::SSL
> > t/compatibility.t
> >
> > The code expects $class to be of type MyClass, but on this deb, it ends
> > up as class IO::Socket::INET (which does not know about issuer_name.
> >
> > I cant yet see why it doesnt work on deb unstable (actually I cant even
> > see why it does work on other platforms :-)
> > Il keep looking.
>
> Getting closer now.
>
> IO::Socket::SSL::connect_SSL fails to connect to the test server with an
> error:
> SSL connect attempt failederror:140943FC:SSL routines:SSL3_READ_BYTES:sslv3
> alert bad record mac
>
> This causes IO::Socket::SSL::start_SSL to not bless the socket, which
> causes t/compatibility.t to get an error trying to call a virual function
> on a class that is not inherited from IO::Socket::SSL.
>
> So, the reason why connect_SSL fails?
>
> I dont know, but if I compile openssl 0.9.8 or 0.9.8a from official openssl
> source on this box, then build Net_SSLeay against it, there are no errors
> with IO::Socket::SSL
>
> Therefore I suspect its some sort of problem in the debian package of
> openssl0.9.8a.
>
> > BTW this email from you was delayed for 3 days. I only got it on
> > Saturday. I wonder why?
> >
> > Cheers.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.
More information about the Net-ssleay-devel
mailing list