r24718 - in /trunk/libio-socket-ssl-perl: Changes SSL.pm debian/changelog

gregoa at users.alioth.debian.org gregoa at users.alioth.debian.org
Fri Aug 29 13:39:42 UTC 2008


Author: gregoa
Date: Fri Aug 29 13:39:39 2008
New Revision: 24718

URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=24718
Log:
New upstream release.

Modified:
    trunk/libio-socket-ssl-perl/Changes
    trunk/libio-socket-ssl-perl/SSL.pm
    trunk/libio-socket-ssl-perl/debian/changelog

Modified: trunk/libio-socket-ssl-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/Changes?rev=24718&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/Changes (original)
+++ trunk/libio-socket-ssl-perl/Changes Fri Aug 29 13:39:39 2008
@@ -1,3 +1,7 @@
+v1.15
+	- change internal behavior when SSL handshake failed (like when verify
+          callback returned an error) in the hope to fix spurios errors in 
+          t/auto_verify_hostname.t
 v1.14
 	- added support for verification of hostname from certificate
           including subjectAltNames, support for IDN etc based on patch and

Modified: trunk/libio-socket-ssl-perl/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/SSL.pm?rev=24718&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/SSL.pm (original)
+++ trunk/libio-socket-ssl-perl/SSL.pm Fri Aug 29 13:39:39 2008
@@ -51,7 +51,7 @@
 BEGIN {
 	# Declare @ISA, $VERSION, $GLOBAL_CONTEXT_ARGS
 	@ISA = qw(IO::Socket::INET);
-	$VERSION = '1.14';
+	$VERSION = '1.15';
 	$GLOBAL_CONTEXT_ARGS = {};
 
 	#Make $DEBUG another name for $Net::SSLeay::trace
@@ -225,9 +225,12 @@
 			$host or return $self->error( "Cannot determine peer hostname for verification" );
 
 			# verify name
-			DEBUG(2, "check $host with $vcn_scheme against $cert" );
 			my $x509 = Net::SSLeay::X509_STORE_CTX_get_current_cert($ctx_store);
-			return verify_hostname_of_cert( $host,$x509,$vcn_scheme );
+			my $rv = verify_hostname_of_cert( $host,$x509,$vcn_scheme );
+			# just do some code here against optimization because x509 has no
+			# increased reference and CRYPTO_add is not available from Net::SSLeay
+			DEBUG(99999,"don't to anything with $x509" );
+			return $rv;
 		};
 	}
 
@@ -326,7 +329,7 @@
 			unless ( $self->_set_rw_error( $ssl,$rv )) {
 				$self->error("SSL connect attempt failed with unknown error");
 				delete ${*$self}{'_SSL_opening'};
-				${*$self}{'_SSL_opened'} = 1;
+				${*$self}{'_SSL_opened'} = -1;
 				DEBUG(1, "fatal SSL error: $SSL_ERROR" );
 				return $self->fatal_ssl_error();
 			}
@@ -355,7 +358,7 @@
 				# failed because of timeout, return
 				$! ||= ETIMEDOUT;
 				delete ${*$self}{'_SSL_opening'};
-				${*$self}{'_SSL_opened'} = 1;
+				${*$self}{'_SSL_opened'} = -1;
 				$self->blocking(1); # was blocking before
 				return 
 			}
@@ -371,7 +374,7 @@
 			delete ${*$self}{'_SSL_opening'};
 			DEBUG(2,"connection failed - connect returned 0" );
 			$self->error("SSL connect attempt failed because of handshake problems" );
-			${*$self}{'_SSL_opened'} = 1;
+			${*$self}{'_SSL_opened'} = -1;
 			return $self->fatal_ssl_error();
 		}
 	}
@@ -481,7 +484,7 @@
 			unless ( $socket->_set_rw_error( $ssl,$rv )) {
 				$socket->error("SSL accept attempt failed with unknown error");
 				delete ${*$self}{'_SSL_opening'};
-				${*$socket}{'_SSL_opened'} = 1;
+				${*$socket}{'_SSL_opened'} = -1;
 				return $socket->fatal_ssl_error();
 			}
 
@@ -505,7 +508,7 @@
 				# failed because of timeout, return
 				$! ||= ETIMEDOUT;
 				delete ${*$self}{'_SSL_opening'};
-				${*$socket}{'_SSL_opened'} = 1;
+				${*$socket}{'_SSL_opened'} = -1;
 				$socket->blocking(1); # was blocking before
 				return 
 			}
@@ -519,7 +522,7 @@
 		} elsif ( $rv == 0 ) {
 			$socket->error("SSL connect accept failed because of handshake problems" );
 			delete ${*$self}{'_SSL_opening'};
-			${*$socket}{'_SSL_opened'} = 1;
+			${*$socket}{'_SSL_opened'} = -1;
 			return $socket->fatal_ssl_error();
 		}
 	}
@@ -740,7 +743,8 @@
 sub stop_SSL {
 	my $self = shift || return _invalid_object();
 	my $stop_args = (ref($_[0]) eq 'HASH') ? $_[0] : {@_};
-	return $self->error("SSL object already closed") unless (${*$self}{'_SSL_opened'});
+	return $self->error("SSL object already closed") 
+		unless (${*$self}{'_SSL_opened'} == 1);
 
 	if (my $ssl = ${*$self}{'_SSL_object'}) {
 		my $shutdown_done;
@@ -814,7 +818,7 @@
 sub kill_socket {
 	my $self = shift;
 	shutdown($self, 2);
-	$self->close(SSL_no_shutdown => 1) if (${*$self}{'_SSL_opened'});
+	$self->close(SSL_no_shutdown => 1) if (${*$self}{'_SSL_opened'} == 1);
 	delete(${*$self}{'_SSL_ctx'});
 	return;
 }
@@ -1137,7 +1141,8 @@
 
 sub DESTROY {
 	my $self = shift || return;
-	$self->close(_SSL_in_DESTROY => 1, SSL_no_shutdown => 1) if (${*$self}{'_SSL_opened'});
+	$self->close(_SSL_in_DESTROY => 1, SSL_no_shutdown => 1) 
+		if (${*$self}{'_SSL_opened'} == 1);
 	delete(${*$self}{'_SSL_ctx'});
 }
 
@@ -1173,7 +1178,7 @@
 
 sub opened {
 	my $self = shift;
-	return IO::Handle::opened($self) && ${*$self}{'_SSL_opened'};
+	return IO::Handle::opened($self) && ( ${*$self}{'_SSL_opened'} == 1 );
 }
 
 sub opening {

Modified: trunk/libio-socket-ssl-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libio-socket-ssl-perl/debian/changelog?rev=24718&op=diff
==============================================================================
--- trunk/libio-socket-ssl-perl/debian/changelog (original)
+++ trunk/libio-socket-ssl-perl/debian/changelog Fri Aug 29 13:39:39 2008
@@ -1,4 +1,4 @@
-libio-socket-ssl-perl (1.14-1) UNRELEASED; urgency=low
+libio-socket-ssl-perl (1.15-1) UNRELEASED; urgency=low
 
   PROBLEM: t/auto_verify_hostname.t fails
   QUESTION: should we bump the dependency on libnet-ssleay-perl to >= 1.33.01?




More information about the Pkg-perl-cvs-commits mailing list