perl-IO-Socket-SSL

FIXME/perl-IO-Socket-SSL-make.test.log

@@ -0,0 +1,146 @@
+PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/*.t t/external/*.t
+# openssl version compiled=0x20000000 linked=0x20000000 -- LibreSSL 3.6.2
+# Net::SSLeay version=1.93_01
+# parent IO::Socket::IP version=0.41
+t/01loadmodule.t .................. ok
+t/acceptSSL-timeout.t ............. ok
+t/alpn.t .......................... ok
+t/auto_verify_hostname.t .......... ok
+t/cert_formats.t .................. ok
+t/cert_no_file.t .................. ok
+t/compatibility.t ................. ok
+t/connectSSL-timeout.t ............ ok
+t/core.t .......................... ok
+t/dhe.t ........................... ok
+t/ecdhe.t ......................... ok
+# tcp connect to www.chksum.de:443 ok
+# fingerprint matches
+# validation with default CA w/o OCSP ok
+# got stapled response as expected
+# validation with default CA with OCSP defaults ok
+# validation with default CA with OCSP full chain ok
+# tcp connect to www.bild.de:443 ok
+# tcp connect to revoked.grc.com:443 ok
+t/external/ocsp.t ................. ok
+# found 133 CA certs
+# have root CA for www.bild.de in store
+# 5 connections to www.bild.de ok
+# have root CA for www.yahoo.com in store
+# 5 connections to www.yahoo.com ok
+# have root CA for www.comdirect.de in store
+# 5 connections to www.comdirect.de ok
+# have root CA for meine.deutsche-bank.de in store
+# 5 connections to meine.deutsche-bank.de ok
+# fingerprint meine.deutsche-bank.de matches
+# have root CA for www.twitter.com in store
+# 5 connections to www.twitter.com ok
+# have root CA for www.facebook.com in store
+# 5 connections to www.facebook.com ok
+# have root CA for www.live.com in store
+# 5 connections to www.live.com ok
+# fingerprint www.live.com matches
+t/external/usable_ca.t ............ ok
+t/io-socket-inet6.t ............... skipped: no IO::Socket::INET6 available
+t/io-socket-ip.t .................. ok
+t/memleak_bad_handshake.t ......... ok
+t/mitm.t .......................... ok
+t/multiple-cert-rsa-ecc.t ......... ok
+t/nonblock.t ...................... ok
+t/npn.t ........................... skipped: NPN not available in Net::SSLeay
+# -- test: newINET start_SSL stop_SSL start_SSL
+# server accepted new client
+# wait for initial data from client
+# got 0x666f6f from client
+# server: got plain data at start of connection
+# server: TLS upgrade
+# server: TLS downgrade
+# server: TLS upgrade#2
+# -- test: newSSL stop_SSL connect_SSL
+# server accepted new client
+# wait for initial data from client
+# got 0x160301 from client
+# server: TLS upgrade
+# server: TLS downgrade
+# server: TLS upgrade#2
+# -- test: newSSL:0 connect_SSL stop_SSL connect_SSL
+# server accepted new client
+# wait for initial data from client
+# got 0x666f6f from client
+# server: got plain data at start of connection
+# server: TLS upgrade
+# server: TLS downgrade
+# server: TLS upgrade#2
+# -- test: newSSL:0 start_SSL stop_SSL connect_SSL
+# server accepted new client
+# wait for initial data from client
+# got 0x666f6f from client
+# server: got plain data at start of connection
+# server: TLS upgrade
+# server: TLS downgrade
+# server: TLS upgrade#2
+# server accepted new client
+# wait for initial data from client
+# got 0x656e64 from client
+# client requested end of tests
+t/plain_upgrade_downgrade.t ....... ok
+# looks like OpenSSL was compiled without SSLv3 support
+t/protocol_version.t .............. ok
+t/public_suffix_lib_encode_idn.t .. ok
+t/public_suffix_lib_libidn.t ...... ok
+t/public_suffix_lib_uri.t ......... ok
+t/public_suffix_ssl.t ............. ok
+t/readline.t ...................... ok
+t/session_cache.t ................. ok
+# listen at 127.0.0.1:45567
+# listen at 127.0.0.1:59683
+# connect to 0: success reuse=0 version=TLSv1_2
+# connect to 0: success reuse=1 version=TLSv1_2
+# connect to 1: success reuse=1 version=TLSv1_2
+# connect to 1: success reuse=0 version=TLSv1_2
+# connect to 0: success reuse=0 version=TLSv1_2
+# connect to 0: success reuse=1 version=TLSv1_2
+t/session_ticket.t ................ ok
+t/sessions.t ...................... ok
+t/set_curves.t .................... ok
+t/signal-readline.t ............... ok
+t/sni.t ........................... ok
+t/sni_verify.t .................... ok
+t/start-stopssl.t ................. ok
+t/startssl-failed.t ............... ok
+t/startssl.t ...................... ok
+t/sysread_write.t ................. ok
+t/verify_fingerprint.t ............ ok
+t/verify_hostname.t ............... ok
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='*.*'
+
+#   Failed test '0 != 1 |wwW.tESt.fr: cn=common.name san=DNS:*.*,DNS:*.test.de,DNS:*.test.FR,DNS:www'
+#   at t/verify_hostname_standalone.t line 55.
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='*..bar.foo.com'
+
+#   Failed test '1 != 0 |www.bar.foo.com: cn=www.bar.foo.com san=DNS:*.foo.com,DNS:*.*.foo.com,DNS:*.*.bar.foo.com,DNS:*..bar.foo.com'
+#   at t/verify_hostname_standalone.t line 55.
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='xn--*-9qae5a.com.br'
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='::6.7.8.9'
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='1*1.2.3.512'
+failure during X509V3_EXT_conf_nid() for nid=85
+140487475166272:error:22FFF077:X509 V3 routines:func(4095):reason(119):x509/x509_alt.c:675:name=DNS value='nocolonallowed:example'
+# Looks like you failed 2 tests of 78.
+t/verify_hostname_standalone.t .... 
+Dubious, test returned 2 (wstat 512, 0x200)
+Failed 2/78 subtests 
+t/verify_partial_chain.t .......... ok
+
+Test Summary Report
+-------------------
+t/verify_hostname_standalone.t  (Wstat: 512 (exited 2) Tests: 78 Failed: 2)
+  Failed tests:  6, 21
+  Non-zero exit status: 2
+Files=42, Tests=810, 51 wallclock secs ( 0.12 usr  0.02 sys +  5.13 cusr  0.35 csys =  5.62 CPU)
+Result: FAIL
+Failed 1/42 test programs. 2/810 subtests failed.
+make: *** [Makefile:855: test_dynamic] Error 255

SPECS/perl-IO-Socket-SSL.spec

@@ -0,0 +1,110 @@
+%global cpanname IO-Socket-SSL
+
+Name:     perl-%{cpanname}
+Version:  2.081
+Release:  %{?repo}0.rc1%{?dist}
+Summary:  SSL sockets with IO::Socket interface
+BuildArch:  noarch
+
+Group:    Development/Libraries
+License:  GPL-1.0-or-later or Artistic-1.0-Perl
+URL:      https://metacpan.org/dist/%{cpanname}
+Source0:  https://cpan.metacpan.org/authors/id/S/SU/SULLR/%{cpanname}-%{version}.tar.gz
+
+BuildRequires:  perl-devel
+BuildRequires:  perl(ExtUtils::MakeMaker) >= 6.76
+BuildRequires:  perl(Net::SSLeay) >= 1.59
+# for test
+%if 0%{?runtests:1} == 1
+BuildRequires:  perl(Test::More)
+#BuildRequires:  perl(Mozilla::CA)
+BuildRequires:  perl(Scalar::Util)
+%endif
+# runtime
+#Requires: perl(Mozilla::CA)
+Requires: perl(Net::SSLeay) >= 1.59
+Requires: perl(Scalar::Util)
+# /end runtime
+# Change both perl5_API below to perl5_ABI for binary packages
+%if 0%{?perl5_API:1} == 1
+Requires: %{perl5_API}
+%endif
+%if 0%{?perl5_cpanlic:1} == 1
+Requires: common-CPAN-licenses
+%endif
+
+%description
+IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary
+functionality into the familiar IO::Socket interface and providing secure
+defaults whenever possible. This way, existing applications can be made
+SSL-aware without much effort, at least if you do blocking I/O and don't
+use select or poll.
+
+But, under the hood, SSL is a complex beast. So there are lots of methods
+to make it do what you need if the default behavior is not adequate.
+Because it is easy to inadvertently introduce critical security bugs
+or just hard to debug problems, it is recommended you study the
+documentation carefully.
+
+%prep
+%setup -n %{cpanname}-%{version}
+
+
+%build
+PERL_MM_USE_DEFAULT=1 \
+perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="$RPM_OPT_FLAGS"
+make %{?_smp_mflags}
+
+%check
+%if 0%{?runtests:1} == 1
+make test > %{name}-make.test.log 2>&1 ||:
+%else
+echo "make test not run during package build." > %{name}-make.test.log
+%endif
+
+%install
+make install DESTDIR=%{buildroot}
+
+%if 0%{?perl5_cpanlic:1} == 1
+cat > Perl5-Licenses.txt << "EOF"
+This package specifies it uses the Perl 5 licenses but did not include
+them in the package source.
+
+They can be found in the following directory:
+
+  %{perl5_cpanlic}/Perl5/
+
+EOF
+%endif
+
+
+# if binary
+#%{_fixperms} %{buildroot}%{perl5_vendorarch}
+
+%files
+%defattr(-,root,root,-)
+%dir %{perl5_vendorlib}/IO
+%dir %{perl5_vendorlib}/IO/Socket
+%attr(0444,root,root) %{perl5_vendorlib}/IO/Socket/SSL.pm
+%attr(0444,root,root) %{perl5_vendorlib}/IO/Socket/SSL.pod
+%dir %{perl5_vendorlib}/IO/Socket/SSL
+%attr(0444,root,root) %{perl5_vendorlib}/IO/Socket/SSL/Intercept.pm
+%attr(0444,root,root) %{perl5_vendorlib}/IO/Socket/SSL/PublicSuffix.pm
+%attr(0444,root,root) %{perl5_vendorlib}/IO/Socket/SSL/Utils.pm
+%attr(0644,root,root) %{_mandir}/man3/IO::Socket::SSL.3*
+%attr(0644,root,root) %{_mandir}/man3/IO::Socket::SSL::Intercept.3*
+%attr(0644,root,root) %{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
+%attr(0644,root,root) %{_mandir}/man3/IO::Socket::SSL::Utils.3*
+%if 0%{?perl5_cpanlic:1} == 1
+%license Perl5-Licenses.txt
+%doc Changes README Perl5-Licenses.txt
+%else
+%doc Changes README
+%endif
+%doc %{name}-make.test.log docs example
+
+
+
+%changelog
+* Fri May 05 2023 Michael A. Peters <anymouseprophet@gmail.com> - 2.081-0.rc1
+- Initial spec file for YJL (RPM bootstrapping LFS/BLFS 11.3)