Bug 789447

Summary: Possible regression from 1.0.0g - perl-AnyEvent SSL test fails
Product: [Fedora] Fedora Reporter: Paul Howarth <paul>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: tgl, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-04-05 09:17:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Paul Howarth 2012-02-10 19:13:18 UTC 
I have a local build of perl-AnyEvent that runs a lot more of the test suite than the Fedora build. The spec can be found here:

http://www.city-fan.org/cfo-trac/browser/perl-AnyEvent/trunk/perl-AnyEvent.spec

If I build this package on a current Fedora 17 or Rawhide with openssl-1.0.1 the SSL test fails:

#   Failed test 'server_error <Protocol error>'
#   at t/80_ssltest.t line 37.
#   Failed test 'server_error <Protocol error>'
#   at t/80_ssltest.t line 37.
#   Failed test 'client_error <Broken pipe>'
#   at t/80_ssltest.t line 97.
#   Failed test 'server_error <Protocol error>'
#   at t/80_ssltest.t line 37.
#   Failed test 'client_error <Broken pipe>'
#   at t/80_ssltest.t line 97.
#   Failed test 'server_error <Protocol error>'
#   at t/80_ssltest.t line 37.
#   Failed test 'client_error <Broken pipe>'
#   at t/80_ssltest.t line 97.
#   Failed test 'server_error <Protocol error>'
#   at t/80_ssltest.t line 37.
#   Failed test 'client_error <Broken pipe>'
#   at t/80_ssltest.t line 97.
# Looks like you planned 415 tests but ran 26.
# Looks like you failed 9 tests of 26 run.
t/80_ssltest.t ..............
Dubious, test returned 9 (wstat 2304, 0x900)
Failed 398/415 subtests

However, if I exclude openssl-1.0.1 from the buildroot and force it to pick up 1.0.0g instead, the test passes, as it does with all older versions of openssl right back to the one in Fedora Core 1.

I'm not sure exactly what's happening here or how to debug it but it looks like an openssl regression to me.
Comment 1 Tom Lane 2012-02-11 17:36:36 UTC 
Possibly unrelated, but mysql is also not very happy with 1.0.1 --- see bug #789600
Comment 2 Paul Howarth 2012-02-20 15:59:35 UTC 
Similar story with perl-IO-Socket-SSL, which also uses perl-Net-SSLeay as its openssl interface, like perl-AnyEvent:

I ran this test suite with some debugging on and got this:

DEBUG: .../IO/Socket/SSL.pm:494: no socket yet
DEBUG: .../IO/Socket/SSL.pm:193: set domain to 2
DEBUG: .../IO/Socket/SSL.pm:334: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:336: socket connected
DEBUG: .../IO/Socket/SSL.pm:496: accept created normal socket IO::Socket::SSL=GLOB(0x8558278)
DEBUG: .../IO/Socket/SSL.pm:512: starting sslifying
DEBUG: .../IO/Socket/SSL.pm:354: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:1281: SSL accept attempt failed with unknown errorerror:04075070:rsa routines:RSA_sign:digest too big for rsa key
SSL error:  31249: 1 - error:1409B006:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP lib
DEBUG: .../IO/Socket/SSL.pm:445: connection failed - connect returned 0
t/dhe.t ....................
1..3
ok # [server] Server Initialization
not ok # [server] accept failed:
Failed 2/3 subtests

Same test passes with 1.0.0g:

DEBUG: .../IO/Socket/SSL.pm:494: no socket yet
DEBUG: .../IO/Socket/SSL.pm:193: set domain to 2
DEBUG: .../IO/Socket/SSL.pm:334: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:336: socket connected
DEBUG: .../IO/Socket/SSL.pm:496: accept created normal socket IO::Socket::SSL=GLOB(0x8cc2a0)
DEBUG: .../IO/Socket/SSL.pm:354: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:512: starting sslifying
DEBUG: .../IO/Socket/SSL.pm:600: handshake done, socket ready
DEBUG: .../IO/Socket/SSL.pm:500: accept_SSL ok
DEBUG: .../IO/Socket/SSL.pm:452: ssl handshake done
t/dhe.t ....................
1..3
ok # [server] Server Initialization
ok # [server] Server accepted
ok # [client] client connected
ok

Perhaps the "error:04075070:rsa routines:RSA_sign:digest too big for rsa key" diagnostic helps?
Comment 3 Fedora Update System 2012-02-29 09:03:28 UTC 
openssl-1.0.0g-2.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/openssl-1.0.0g-2.fc17
Comment 4 Tomas Mraz 2012-02-29 09:05:05 UTC 
This still needs to be fixed in rawhide where we will keep the 1.0.1 releases.
Comment 5 Paul Howarth 2012-02-29 09:20:43 UTC 
The perl-IO-Socket-SSL issue has been addressed upstream: the failing test uses a 384-bit key, which may be too short for the autonegotiated connection type. To work around this, the connection type is being specified explicitly as TLSv1 for openssl 1.0.1 onwards, and the problem no longer appears.

Upstream for perl-AnyEvent hasn't had a chance to look at this yet but I did suggest that they try the Fedora 17 alpha (perhaps in a VM) to look at it. I'd better tell them not to update it...
Comment 6 Fedora Update System 2012-03-06 20:28:32 UTC 
openssl-1.0.0g-4.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Paul Howarth 2012-04-05 08:56:27 UTC 
The problem with perl-AnyEvent was also a short key, which upstream believes is an openssl bug:

  "It seems openssl 1.0.1 enforces a minimum rsa key size, and the
   key is too short. Doubtlessly, this is a bug in openssl, and
   doubtlessly, they are not going to fix it, so I will generate a
   longer key."

The longer key has fixed the compatibility issue.