Commit | Line | Data |
---|---|---|
5fb205c6 MW |
1 | Work around a problem arising from the update to OpenSSL 1.0.2f, based on the |
2 | following upstream commit: | |
3 | ||
4 | https://github.com/noxxi/p5-io-socket-ssl/commit/6e23ee4a433f83f1065bd2467255eba5ee9b1ddd | |
5 | ||
6 | Attempting to update to IO-Socket-SSL-2.023, which includes this commit, | |
7 | caused other test failures. See: | |
8 | ||
9 | https://lists.gnu.org/archive/html/guix-devel/2016-01/msg01032.html | |
10 | ||
11 | Description from the upstream commit: | |
12 | ||
13 | OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS connection | |
14 | was not fully established (commit: f73c737c7ac908c5d6407c419769123392a3b0a9). | |
15 | This somehow resulted in Net::SSLeay::shutdown returning 0 (i.e. keep trying) | |
16 | which caused an endless loop. It will now ignore this result in case the TLS | |
17 | connection was not yet established and consider the TLS connection closed | |
18 | instead. | |
19 | ||
20 | --- IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm.orig 2014-10-21 16:51:16.000000000 -0400 | |
21 | +++ IO-Socket-SSL-2.002/lib/IO/Socket/SSL.pm 2016-01-31 15:07:14.971099894 -0500 | |
22 | @@ -1213,6 +1213,11 @@ | |
23 | # shutdown complete | |
24 | last; | |
25 | } | |
26 | + if ((${*$self}{'_SSL_opened'}||0) <= 0) { | |
27 | + # not really open, thus don't expect shutdown to return | |
28 | + # something meaningful | |
29 | + last; | |
30 | + } | |
31 | ||
32 | # initiate or complete shutdown | |
33 | local $SIG{PIPE} = 'IGNORE'; |