t/session_ticket.t fails with IO::Socket::SSL 2.040 and Net::SSLeay 1.79

noxxi / p5-io-socket-ssl

IO::Socket::SSL Perl Module

36 stars 59 forks source link

t/session_ticket.t fails with IO::Socket::SSL 2.040 and Net::SSLeay 1.79 #48

Closed stuartskelton closed 7 years ago

stuartskelton commented 7 years ago

Just a little head up,

sskelton:~/dev/test_foo [5.16.3]$ cpanm -Llocal IO::Socket::SSL -v

this fails at:

t/session_ticket.t ................ 1/6 # connect to 0: success reuse=1
# connect to 1: success reuse=1
# connect to 1: success reuse=0
# connect to 0: success reuse=1

#   Failed test 'reports non-reuse on server0 since got ticket with secret[1] in last step'
#   at t/session_ticket.t line 57.
#          got: '1'
#     expected: '0'
# connect to 0: success reuse=1
# Looks like you failed 1 test of 6.
t/session_ticket.t ................ Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/6 subtests

I am on MacOS, with clean perl brew 5.16.3, however this brought to my attention because it failed on our build server which is linux, same perl version,

noxxi commented 7 years ago

Unfortunately these information are not sufficient to analyze the problem. Please provide the version of IO::Socket::SSL, version of Net::SSLeay you use and the version of OpenSSL linked with this Net::SSLeay. You get the last two when running perl -Ilib t/01loadmodule.t

alambike commented 7 years ago

Same problem here, with This is perl 5, version 18, subversion 2 (v5.18.2) built for x86_64-linux-gnu-thread-multi (ubuntu 14.04)

# perl -I lib/ t/01loadmodule.t 
1..3
ok 1 - loaded
# openssl version=0x1000106f
# Net::SSLeay version=1.79
# parent IO::Socket::INET version=1.33
ok 2 - IO::Socket::SSL::DEBUG 1
ok 3 - Net::SSLeay::trace 1

The error occurs in same test:

not ok 5 - reports non-reuse on server0 since got ticket with secret[1] in last step
#   Failed test 'reports non-reuse on server0 since got ticket with secret[1] in last step'
#   at t/session_ticket.t line 57.
#          got: '1'
#     expected: '0'
access to server[0]
using current ticket secret
server[0] reused=1
# connect to 0: success reuse=1

This has been tested too with latest docker perl image (5.24.0) with the same results.

noxxi commented 7 years ago

It looks like that Net::SSLeay 1.79 was just released and contrary to my expectation it did not include the fix for session ticket reuse. See https://rt.cpan.org/Public/Bug/Display.html?id=116118#txn-1661159. This only means that the new feature to share session tickets between server processes does not work, everything else should still work. So if all other tests succeed you should not worry.

alambike commented 7 years ago

Therefore the recomended option is to install module without pass unit test, or with force flag, isn't it?

noxxi commented 7 years ago

I've just released 2.041 which disables the session ticket callback for now. I will release a new version once the features is fully implemented in Net::SSLeay.

alambike commented 7 years ago

OK, thanks!

stuartskelton commented 7 years ago

Cheers.