perl-Net-SSLeay-1.85-3.fc29 does not pass tests in Fedora 29 because of: (1) Changes in OpenSSL 1.1.1. See <https://rt.cpan.org/Ticket/Display.html?id=125218>. I've just finished a fix the passes with openssl-1.1.1-0.pre8.fc29. (2) Fedora changes added to openssl-1:1.1.1-0.pre8.2.fc29: # Failed test 'TLS_method CTX has automatic minimum version' # at t/local/09_ctx_new.t line 114. # got: '769' # expected: '0' # Failed test 'SSL from TLS_method CTX has automatic minimum version' # at t/local/09_ctx_new.t line 119. # got: '769' # expected: '0' # Looks like you failed 2 tests of 40. t/local/09_ctx_new.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/40 subtests These can be adjusted or disabled because Fedora system-wide crypto policy sets minimum version to 769 aka 0x0301 aka TLS1_VERSION. Thus SSL_CTX_get_min_proto_version() from the library reports a non-default minimum version (!= 0) is set. t/local/64_ticket_sharing.t ............ failed to use cert file t/data/cert.pem,t/data/key.pem at t/local/64_ticket_sharing.t line 184. # Looks like your test exited with 255 before it could output anything. t/local/64_ticket_sharing.t ............ Dubious, test returned 255 (wstat 65280, 0xff00) Failed 15/15 subtests The t/data/cert.pem certificate is 1024b RSA key with SHA1 hash. The test uses the certificate together with SSL_CTX_set_cipher_list('AES128-SHA'). I don't understand if it passes F29's crypto policy in /etc/crypto-policies/back-ends/openssl*: CipherString = @SECLEVEL=1:kEECDH:kRSA:kEDH:-aDSS:!EXP:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:!SSLv2:!ADH Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256 MinProtocol = TLSv1 @SECLEVEL=1:kEECDH:kRSA:kEDH:-aDSS:!EXP:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:!SSLv2:!ADH tmraz, could not enlighten us about the SSL_CTX_set_cipher_list('AES128-SHA') and F29 DEFAULT policy?
Created attachment 1475544 [details] Fix for t/local/09_ctx_new.t
The cipher AES128-SHA should be allowed by the policy. Could the failure be related to something else e.g., due to @SECLEVEL=1 (RSA or DH parameters < 2048 bits?)
@SECLEVEL=1 should allow 1024 bit RSA keys and it is also the default seclevel anyway. So this should not be the cause. Does the test pass if you override the policy with setting these environment variables OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file - this will override the PROFILE=SYSTEM cipherstring policy and OPENSSL_CONF='' - this will override loading the default OpenSSL config file which is now also used to set the ciphers and minimum TLS version. In general overriding the default policy for the build tests makes sense as the tests do not care about the system policy.
Setting OPENSSL_CONF='' helps. OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file does not help. It's triggered by "MinProtocol = TLSv1" line when calling SSL_CTX_use_PrivateKey_file() on a SSL_CTX created with SSL_CTX_new_with_method(TLSv1_method()). If I use SSLv23_method() or remove the "MinProtocol = TLSv1" line, it will pass. But that's strange because similar code is used in different tests that work. I will have to isolate the code to see what happens exactly.
The t/local/64_ticket_sharing.t Perl test checks SSL_CTX_use_PrivateKey_file() failure by traversing error queue with ERR_get_error() instead of checking SSL_CTX_use_PrivateKey_file() return value first. It reports "error:14187180:SSL routines:ssl_do_config:bad value". This seems to be openssl bug #1615098.
(In reply to Petr Pisar from comment #5) > The t/local/64_ticket_sharing.t Perl test checks > SSL_CTX_use_PrivateKey_file() failure by traversing error queue with > ERR_get_error() instead of checking SSL_CTX_use_PrivateKey_file() return > value first. It reports "error:14187180:SSL routines:ssl_do_config:bad > value". This seems to be openssl bug #1615098. Upgrade to openssl-1.1.1-0.pre8.3.fc29 fixed it.
Paul, I will push the patches to Fedora 29 if you don't mind. Later we (or upstream) should come with a proper OpenSSL 1.1.1 support like adding TLSv1.3 constants or using TLS_method() instead of deprecated SSv23_method() in Net::SSLeay::CTX_new().
Petr, please go ahead; I'm just back from vacation and catching up with things.