perl-Crypt-SMIME-0.28-11.fc41 fails to build in Fedora 41 for me because a test fails: + make test "/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- SMIME.bs blib/arch/auto/Crypt/SMIME/SMIME.bs 644 PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/*.t # Testing Crypt::SMIME 0.28, Perl 5.038002, /usr/bin/perl t/00-load.t ........... ok # Using `/usr/bin/openssl' to generate a keypair t/01-smime.t .......... ok # Using `/usr/bin/openssl' to generate a keypair t/02-smime.more.t ..... ok # Using `/usr/bin/openssl' to generate a keypair t/03-chained-certs.t .. ok # Using `/usr/bin/openssl' to generate a keypair # Failed test 'Load the default public key store' # at t/04-taint.t line 257. # died: Crypt::SMIME#setPublicKeyStore: failed to store the public cert at t/04-taint.t line 257. t/04-taint.t .......... Failed 2/7 subtests t/boilerplate.t ....... ok t/manifest.t .......... ok t/pod-coverage.t ...... ok t/pod.t ............... ok Test Summary Report ------------------- t/04-taint.t (Wstat: 139 (Signal: SEGV, dumped core) Tests: 5 Failed: 0) Non-zero wait status: 139 Parse errors: Bad plan. You planned 7 tests but ran 5. Files=9, Tests=72, 1 wallclock secs ( 0.04 usr 0.01 sys + 1.05 cusr 0.17 csys = 1.27 CPU) Result: FAIL Failed 1/9 test programs. 0/72 subtests failed. make: *** [Makefile:1072: test_dynamic] Error 255
This could be triggered by upgrading openssl from 3.1.4-4.fc40 to 3.2.1-2.fc40.
A backtrace from t/04-taint.t: Insecure dependency in kill while running with -t switch at /usr/lib64/perl5/vendor_perl/Test/Taint.pm line 241. Insecure dependency in kill while running with -t switch at /usr/lib64/perl5/vendor_perl/Test/Taint.pm line 241. not ok 12 - The decrypted message shall be tainted # Failed test 'The decrypted message shall be tainted' # at t/04-taint.t line 254. ok 13 - The decrypted message matches to the original not ok 14 - Load the default public key store # Failed test 'Load the default public key store' # at t/04-taint.t line 257. # died: Crypt::SMIME#setPublicKeyStore: failed to store the public cert at t/04-taint.t line 257. double free or corruption (!prev) Program received signal SIGABRT, Aborted. 0x00007ffff7aab134 in __pthread_kill_implementation () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff7aab134 in __pthread_kill_implementation () from /lib64/libc.so.6 #1 0x00007ffff7a5363e in raise () from /lib64/libc.so.6 #2 0x00007ffff7a3b8ff in abort () from /lib64/libc.so.6 #3 0x00007ffff7a3c764 in __libc_message_impl.cold () from /lib64/libc.so.6 #4 0x00007ffff7ab5165 in malloc_printerr () from /lib64/libc.so.6 #5 0x00007ffff7ab72ac in _int_free_merge_chunk () from /lib64/libc.so.6 #6 0x00007ffff7ab9dbe in free () from /lib64/libc.so.6 #7 0x00007ffff70613f5 in ossl_asn1_primitive_free[localalias] () from /lib64/libcrypto.so.3 #8 0x00007ffff7068c92 in ossl_asn1_template_free () from /lib64/libcrypto.so.3 #9 0x00007ffff706819d in ossl_asn1_item_embed_free () from /lib64/libcrypto.so.3 #10 0x00007ffff706836b in ASN1_item_free () from /lib64/libcrypto.so.3 #11 0x00007ffff70b01fb in CMS_add0_cert () from /lib64/libcrypto.so.3 #12 0x00007ffff75296d7 in sign (this=0x55555603c460, plaintext=<optimized out>, len=<optimized out>) at /home/test/fedora/perl-Crypt-SMIME/Crypt-SMIME-0.28/SMIME.xs:173 #13 XS_Crypt__SMIME__sign (my_perl=<optimized out>, cv=<optimized out>) at /home/test/fedora/perl-Crypt-SMIME/Crypt-SMIME-0.28/SMIME.xs:801 #14 0x00007ffff7d1288a in Perl_pp_entersub () from /lib64/libperl.so.5.38 #15 0x00007ffff7d03718 in Perl_runops_standard () from /lib64/libperl.so.5.38 #16 0x00007ffff7c47899 in perl_run () from /lib64/libperl.so.5.38 #17 0x0000555555555342 in main ()
The crashing test can be reduced to: #!/usr/bin/perl use strict; use warnings; use File::Spec; use File::Temp qw(tempfile); use Test::More; my ($key, $crt); do { my $OPENSSL = '/usr/bin/openssl'; my ($conf_fh, $conf_file) = tempfile(UNLINK => 1); print {$conf_fh} <<'EOF'; [ req ] distinguished_name = req_distinguished_name attributes = req_attributes prompt = no [ req_distinguished_name ] C = AU ST = Some-State L = Test Locality O = Organization Name OU = Organizational Unit Name CN = Common Name emailAddress = test [ req_attributes ] EOF close $conf_fh; my $DEVNULL = File::Spec->devnull(); my (undef, $key_file) = tempfile(UNLINK => 1); my (undef, $csr_file) = tempfile(UNLINK => 1); my (undef, $crt_file) = tempfile(UNLINK => 1); system(qq{$OPENSSL genrsa -out $key_file >$DEVNULL 2>&1}) and die $!; system(qq{$OPENSSL req -new -key $key_file -out $csr_file -config $conf_file >$DEVNULL 2>&1}) and die $!; system(qq{$OPENSSL x509 -in $csr_file -out $crt_file -req -signkey $key_file -set_serial 1 >$DEVNULL 2>&1}) and die $!; $key = do { local $/; open my $fh, '<', $key_file or die $!; scalar <$fh>; }; $crt = do { local $/; open my $fh, '<', $crt_file or die $!; scalar <$fh>; }; }; my $plain = q{From: alice To: bob Subject: Crypt::SMIME test This is a test mail. Please ignore... }; $plain =~ s/\r?\n|\r/\r\n/g; # ----------------------------------------------------------------------------- plan tests => 5; use Crypt::SMIME; my $smime = Crypt::SMIME->new(); ok($smime->setPrivateKey($key, $crt), 'Set an untainted keypair'); ok($smime->setPublicKey($crt), 'Set a tainted public key'); ok($smime->sign($plain), 'Sign an untainted message'); ok(eval {$smime->setPublicKeyStore()}, 'Load the default public key store'); ok($smime->sign($plain), 'Sign an untainted message');
Upstream claims this bug is fixed in a new Crypt-SMIME-0.29 release.
FEDORA-2024-e291ff3534 (perl-Crypt-SMIME-0.29-1.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-e291ff3534
FEDORA-2024-e291ff3534 has been pushed to the Fedora 40 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-e291ff3534` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-e291ff3534 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-e291ff3534 (perl-Crypt-SMIME-0.29-1.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.