Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

grinder (1100)

grinder
  (email not shown publicly)
http://www.landgren.net/perl/
Yahoo! ID: perlgrinder (Add User, Send Message)

Editor of p5p summaries, member of the p5p peanut gallery.

Journal of grinder (1100)

Thursday December 14, 2006
07:22 AM

Crypt::SSLeay is broken and this is the fix (version 0.51)

[ #31910 ]

I just a spent considerable amount of time to get Crypt::SSLeay installed. Far too much time. At first I blamed myself, my host, my OpenSSL installation, perl, everything.

Finally I searched the web and found the following message:

http://mail-archives.apache.org/mod_mbox/httpd-test-dev/200301.mbox/%3c5.2.0.9.2 .20030130000312.028ea1b8@pop3.rowe-clan.net%3e

Turns out that there's a bug in the code, and a one-liner patch to SSLeay.xs fixes it. There's even an RT ticket on the matter. Grrr!

So, if you see the following warning in your build:

SSLeay.xs:252: warning: passing arg 2 of `SSL_set_info_callback' from incompatible pointer type

... and the test dumps core, then patch the source as follows:

--- SSLeay.xs.orig      2002-08-01 17:43:22.000000000 -0400
+++ SSLeay.xs   2003-01-29 21:41:17.000000000 -0500
@@ -109,6 +109,7 @@
                SSLeay_add_all_algorithms();
                SSL_load_error_strings();
                ERR_load_crypto_strings();
+               SSL_library_init();
               bNotFirstTime = 1;
         }
         RAND_seed(buf,sizeof buf);

And now it works, yay!

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • Hi,

    if you've already spent too much time tracking this down, then please go all the way and bug the author so he uploads a fixed release to CPAN. I do this all the time and I wholeheartedly think this is an important service to the community. I would guess Florian Ragwitz / rafl would be reasonably responsive. After all, he maintains much of the debian perl stuff if I am not mistaken.

    If he doesn't respond, you can always ask modules@perl.org to make you co-maintainer so you can upload a quick fix. (Provided
    • Steffen,

      It's already filed as a bug on RT. The patch was proposed three years ago. I posted this entry mainly for web searches as much as anything else. RT isn't crawled, so the usual search engines don't know abou it.

      This is a crucial module for anyone doing https work. If I were to take it over, I would be doing everyone a disservice, since I know I could not devote the required tuits. I do other stuff. But if someone reading wants to volunteer for a good cause, module-authors is the place to go. See

      • I'll stop bugging you to do anything. But let me explain myself first:

        Your logic has a bit of a flaw. Just because you do not have the time to adopt the module and make it one of your own, it may well be that you have the half-hour to apply the patch and make a .tar.gz. That would make the module *slightly* better without you becoming its new full-time maintainer.

        That being said, I know and understand ENOTENOUGHTUITS, so I'll stop labouring the point.
        • Nah, you have a point. I'll see if I can talk Joshua Chamas into making me co-maintainer. At least with that one line fix, the module would already be better than it is now.