aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-09-01 13:42:45 -0300
committerKevin Daudt <kdaudt@alpinelinux.org>2019-09-26 20:13:44 +0000
commit3d3bea544432294245c33e3efa9a1807d89ab509 (patch)
treeb1114ffe17bd1b154c4a469b31de1c179a8748d7
parentf927663adebdaa6965ada2749e0b2d6907982220 (diff)
downloadaports-3d3bea544432294245c33e3efa9a1807d89ab509.tar.bz2
aports-3d3bea544432294245c33e3efa9a1807d89ab509.tar.xz
main/perl-net-ssleay: upgrade to 1.88
Closes GH-10808
-rw-r--r--main/perl-net-ssleay/APKBUILD21
-rw-r--r--main/perl-net-ssleay/Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch237
-rw-r--r--main/perl-net-ssleay/Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch42
-rw-r--r--main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch225
-rw-r--r--main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch70
5 files changed, 6 insertions, 589 deletions
diff --git a/main/perl-net-ssleay/APKBUILD b/main/perl-net-ssleay/APKBUILD
index 5651365a8f..e60e7fcb79 100644
--- a/main/perl-net-ssleay/APKBUILD
+++ b/main/perl-net-ssleay/APKBUILD
@@ -2,27 +2,22 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=perl-net-ssleay
_realname=Net-SSLeay
-pkgver=1.85
-pkgrel=6
+pkgver=1.88
+pkgrel=0
pkgdesc="Perl extension for using OpenSSL"
-url="http://search.cpan.org/dist/Net-SSLeay"
+url="https://metacpan.org/release/Net-SSLeay"
arch="all"
license="Artistic-2.0"
depends="perl"
makedepends="perl-dev openssl-dev zlib-dev"
checkdepends="perl-test-exception perl-test-warn perl-test-nowarnings"
subpackages="$pkgname-doc"
-source="http://search.cpan.org/CPAN/authors/id/M/MI/MIKEM/Net-SSLeay-$pkgver.tar.gz
- Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
- Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
- Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
- Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch
- "
+source="https://cpan.metacpan.org/authors/id/C/CH/CHRISN/Net-SSLeay-$pkgver.tar.gz"
builddir="$srcdir/$_realname-$pkgver"
build() {
cd "$builddir"
- PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor || return 1
+ PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor
make
}
@@ -39,8 +34,4 @@ package() {
find "$pkgdir" -name perllocal.pod -delete
}
-sha512sums="74e0f2f56b707f1ff845c78c1fa7ce26a71b8f943bb99e994d4e065d1f42259fe4cd1a6a17d333459727534158f9541f116dbc8515122380807d9450b0faa26b Net-SSLeay-1.85.tar.gz
-7abce82d34378c404bdfc1143a58b7f9eb9be197e4a8b5149ef5c0d28da8a8844e5fd9b0f287f1f01b31bbaa7658c1cb0fc22a1674283e1cbcb1a761b35c90bb Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
-776c925cb85df004b95f42b6cf83f8ebc5ab6b9a3048f4b1239bfddc255ad581d6698d43bae5ba0fd86bcbd77bfe36662698443bde8f8fac16e88e94dbc738a2 Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
-d227dd780caee32e2e4c48d7536b399bf26514b1e081c514f6a2a80194fd9ec13ed264d652c840dcfcd723021b5370deebeabdc86f77e79395329bb80b710c53 Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
-f767adcf6ffe72f1558b4bea115f742980c6e4e75bac8c43e94e781b3e1cbecb5522b8e1f395e7ee5369f59913b40b2cff6ced6c343ac19128fd8c4c8eb34267 Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch"
+sha512sums="37fc32ec003337f3dc18bf928139079a3127628c6fa0fccaed0c27b6bf3b216c2c5338ed1aaf9408b0add3be549df3218d3c5a6d6299793c1329d8a0813a1682 Net-SSLeay-1.88.tar.gz"
diff --git a/main/perl-net-ssleay/Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch b/main/perl-net-ssleay/Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
deleted file mode 100644
index b5b44e086b..0000000000
--- a/main/perl-net-ssleay/Net-SSLeay-1.85-Adapt-to-OpenSSL-1.1.1.patch
+++ /dev/null
@@ -1,237 +0,0 @@
-From b01291bf88dd84529c93973da7c275e0ffe5cc1f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Fri, 3 Aug 2018 14:30:22 +0200
-Subject: [PATCH] Adapt to OpenSSL 1.1.1
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-OpenSSL 1.1.1 defaults to TLS 1.3 that handles session tickets and
-session shutdowns differently. This leads to failing various Net-SSLeay
-tests that exhibits use cases that are not possible with OpenSSL 1.1.1
-anymore or where the library behaves differently.
-
-Since Net-SSLeay is a low-level wrapper, Net-SSLeay will be corrected
-in tests. Higher-level code as IO::Socket::SSL and other Net::SSLeay
-applications need to be adjusted on case-to-case basis.
-
-This patche changes:
-
-- Retry SSL_read() and SSL_write() (by sebastian [...] breakpoint.cc)
-- Disable session tickets in t/local/07_sslecho.t.
-- Adaps t/local/36_verify.t to a session end when Net::SSLeay::read()
- returns undef.
-
-https://rt.cpan.org/Public/Bug/Display.html?id=125218
-https://github.com/openssl/openssl/issues/5637
-https://github.com/openssl/openssl/issues/6904
-Signed-off-by: Petr Písař <ppisar@redhat.com>
----
- SSLeay.xs | 56 ++++++++++++++++++++++++++++++++++++++++++++++++----
- lib/Net/SSLeay.pod | 46 ++++++++++++++++++++++++++++++++++++++++++
- t/local/07_sslecho.t | 15 ++++++++++++--
- t/local/36_verify.t | 2 +-
- 4 files changed, 112 insertions(+), 7 deletions(-)
-
-diff --git a/SSLeay.xs b/SSLeay.xs
-index bf148c0..5aed4d7 100644
---- a/SSLeay.xs
-+++ b/SSLeay.xs
-@@ -1999,7 +1999,17 @@ SSL_read(s,max=32768)
- int got;
- PPCODE:
- New(0, buf, max, char);
-- got = SSL_read(s, buf, max);
-+
-+ do {
-+ int err;
-+
-+ got = SSL_read(s, buf, max);
-+ if (got > 0)
-+ break;
-+ err = SSL_get_error(s, got);
-+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-+ break;
-+ } while (1);
-
- /* If in list context, return 2-item list:
- * first return value: data gotten, or undef on error (got<0)
-@@ -2051,10 +2061,20 @@ SSL_write(s,buf)
- SSL * s
- PREINIT:
- STRLEN len;
-+ int err;
-+ int ret;
- INPUT:
- char * buf = SvPV( ST(1), len);
- CODE:
-- RETVAL = SSL_write (s, buf, (int)len);
-+ do {
-+ ret = SSL_write (s, buf, (int)len);
-+ if (ret > 0)
-+ break;
-+ err = SSL_get_error(s, ret);
-+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-+ break;
-+ } while (1);
-+ RETVAL = ret;
- OUTPUT:
- RETVAL
-
-@@ -2083,8 +2103,20 @@ SSL_write_partial(s,from,count,buf)
- if (len < 0) {
- croak("from beyound end of buffer");
- RETVAL = -1;
-- } else
-- RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len);
-+ } else {
-+ int ret;
-+ int err;
-+
-+ do {
-+ ret = SSL_write (s, &(buf[from]), (count<=len)?count:len);
-+ if (ret > 0)
-+ break;
-+ err = SSL_get_error(s, ret);
-+ if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-+ break;
-+ } while (1);
-+ RETVAL = ret;
-+ }
- OUTPUT:
- RETVAL
-
-@@ -6957,4 +6989,20 @@ SSL_export_keying_material(ssl, outlen, label, p)
-
- #endif
-
-+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
-+
-+int
-+SSL_CTX_set_num_tickets(SSL_CTX *ctx,size_t num_tickets)
-+
-+size_t
-+SSL_CTX_get_num_tickets(SSL_CTX *ctx)
-+
-+int
-+SSL_set_num_tickets(SSL *ssl,size_t num_tickets)
-+
-+size_t
-+SSL_get_num_tickets(SSL *ssl)
-+
-+#endif
-+
- #define REM_EOF "/* EOF - SSLeay.xs */"
-diff --git a/lib/Net/SSLeay.pod b/lib/Net/SSLeay.pod
-index 2e1aae3..bca7be4 100644
---- a/lib/Net/SSLeay.pod
-+++ b/lib/Net/SSLeay.pod
-@@ -4437,6 +4437,52 @@ getticket($ssl,$ticket,$data) -> $return_value
-
- This function is based on the OpenSSL function SSL_set_session_ticket_ext_cb.
-
-+=item * CTX_set_num_tickets
-+
-+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
-+
-+Set number of session tickets that will be sent to a client.
-+
-+ my $rv = Net::SSLeay::CTX_set_num_tickets($ctx, $number_of_tickets);
-+ # $ctx - value corresponding to openssl's SSL_CTX structure
-+ # $number_of_tickets - number of tickets to send
-+ # returns: 1 on success, 0 on failure
-+
-+Set to zero if you do not no want to support a session resumption.
-+
-+=item * CTX_get_num_tickets
-+
-+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
-+
-+Get number of session tickets that will be sent to a client.
-+
-+ my $number_of_tickets = Net::SSLeay::CTX_get_num_tickets($ctx);
-+ # $ctx - value corresponding to openssl's SSL_CTX structure
-+ # returns: number of tickets to send
-+
-+=item * set_num_tickets
-+
-+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
-+
-+Set number of session tickets that will be sent to a client.
-+
-+ my $rv = Net::SSLeay::set_num_tickets($ssl, $number_of_tickets);
-+ # $ssl - value corresponding to openssl's SSL structure
-+ # $number_of_tickets - number of tickets to send
-+ # returns: 1 on success, 0 on failure
-+
-+Set to zero if you do not no want to support a session resumption.
-+
-+=item * get_num_tickets
-+
-+B<COMPATIBILITY:> not available in Net-SSLeay-1.85 and before; requires at least OpenSSL 1.1.1
-+
-+Get number of session tickets that will be sent to a client.
-+
-+ my $number_of_tickets = Net::SSLeay::get_num_tickets($ctx);
-+ # $ctx - value corresponding to openssl's SSL structure
-+ # returns: number of tickets to send
-+
- =item * set_shutdown
-
- Sets the shutdown state of $ssl to $mode.
-diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
-index 5e16b04..5dc946a 100644
---- a/t/local/07_sslecho.t
-+++ b/t/local/07_sslecho.t
-@@ -13,7 +13,8 @@ BEGIN {
- plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
- }
-
--plan tests => 78;
-+plan tests => 79;
-+$SIG{'PIPE'} = 'IGNORE';
-
- my $sock;
- my $pid;
-@@ -61,6 +62,16 @@ Net::SSLeay::library_init();
- ok(Net::SSLeay::CTX_set_cipher_list($ctx, 'ALL'), 'CTX_set_cipher_list');
- my ($dummy, $errs) = Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
- ok($errs eq '', "set_cert_and_key: $errs");
-+ SKIP: {
-+ skip 'Disabling session tickets requires OpenSSL >= 1.1.1', 1
-+ unless (&Net::SSLeay::OPENSSL_VERSION_NUMBER >= 0x1010100f);
-+ # TLS 1.3 server sends session tickets after a handhake as part of
-+ # the SSL_accept(). If a client finishes all its job including closing
-+ # TCP connectino before a server sends the tickets, SSL_accept() fails
-+ # with SSL_ERROR_SYSCALL and EPIPE errno and the server receives
-+ # SIGPIPE signal. <https://github.com/openssl/openssl/issues/6904>
-+ ok(Net::SSLeay::CTX_set_num_tickets($ctx, 0), 'Session tickets disabled');
-+ }
-
- $pid = fork();
- BAIL_OUT("failed to fork: $!") unless defined $pid;
-@@ -351,7 +362,7 @@ waitpid $pid, 0;
- push @results, [ $? == 0, 'server exited with 0' ];
-
- END {
-- Test::More->builder->current_test(51);
-+ Test::More->builder->current_test(52);
- for my $t (@results) {
- ok( $t->[0], $t->[1] );
- }
-diff --git a/t/local/36_verify.t b/t/local/36_verify.t
-index 92afc52..e55b138 100644
---- a/t/local/36_verify.t
-+++ b/t/local/36_verify.t
-@@ -282,7 +282,7 @@ sub run_server
-
- # Termination request or other message from client
- my $msg = Net::SSLeay::read($ssl);
-- if ($msg eq 'end')
-+ if (defined $msg and $msg eq 'end')
- {
- Net::SSLeay::write($ssl, 'end');
- exit (0);
---
-2.14.4
-
diff --git a/main/perl-net-ssleay/Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch b/main/perl-net-ssleay/Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch
deleted file mode 100644
index 452e6e2355..0000000000
--- a/main/perl-net-ssleay/Net-SSLeay-1.85-Expose_SSL_CTX_set_post_handshake_auth.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-commit 6a6bcf3d96115a6ef62289838cea418c185d8c88
-Author: Paul Howarth <paul@city-fan.org>
-Date: Wed Sep 19 09:38:40 2018 +0100
-
- Expose SSL_CTX_set_post_handshake_auth
-
- TLS 1.3 removed renegotiation in favor of rekeying and post handshake
- authentication (PHA). With PHA, a server can request a client certificate from
- a client at some point after the handshake. The feature is commonly used by
- HTTP servers for conditional and path specific TLS client auth. For example, a
- server can decide to require a cert based on HTTP method and/or path. A client
- must announce support for PHA during the handshake.
-
- Apache mod_ssl uses PHA:
- https://github.com/apache/httpd/blob/trunk/modules/ssl/ssl_engine_kernel.c#L1207
-
- As of OpenSSL ticket https://github.com/openssl/openssl/issues/6933, TLS 1.3
- clients no longer send the PHA TLS extension by default. For on-demand auth,
- PHA extension must be enabled with SSL_CTX_set_post_handshake_auth(),
- https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_post_handshake_auth.html .
-
- This function is needed for the Apache httpd upstream test suite:
- https://bugzilla.redhat.com/show_bug.cgi?id=1630391 .
-
-diff --git a/SSLeay.xs b/SSLeay.xs
-index a4dcb0a..5777ffc 100644
---- a/SSLeay.xs
-+++ b/SSLeay.xs
-@@ -7291,4 +7291,13 @@ SSL_export_keying_material(ssl, outlen, label, p)
-
- #endif
-
-+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */
-+
-+void
-+SSL_CTX_set_post_handshake_auth(s,val)
-+ SSL_CTX * s
-+ int val
-+
-+#endif
-+
- #define REM_EOF "/* EOF - SSLeay.xs */"
diff --git a/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch b/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
deleted file mode 100644
index aa4b33864b..0000000000
--- a/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-.patch
+++ /dev/null
@@ -1,225 +0,0 @@
-From e0b42b0120b941b5675e4071445424dc8a1230e1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Wed, 15 Aug 2018 14:46:52 +0200
-Subject: [PATCH] Move SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE retry from
- read()/write() up
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Original OpenSSL 1.1.1 fix broke IO-Socket-SSL-2.058's t/core.t test
-because it tests non-blocking socket operations and expects to see
-SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE errors and to handle them
-byt itself.
-
-This patch purifies Net::SSLeay::{read,write}() to behave exactly as
-underlying OpenSSL functions. The retry is moved to
-Net::SSLeay::ssl_read_all. All relevant Net::SSLeay::{read,write}() calls in
-tests are changed into Net::SSLea::ssl_{read,write}_all().
-
-All applications should implement the retry themsleves or use
-ssl_*_all() instead.
-
-Signed-off-by: Petr Písař <ppisar@redhat.com>
----
- SSLeay.xs | 28 +++++++---------------------
- lib/Net/SSLeay.pm | 22 +++++++++++++++-------
- t/local/07_sslecho.t | 12 ++++++------
- t/local/36_verify.t | 9 +++++----
- 4 files changed, 33 insertions(+), 38 deletions(-)
-
-diff --git a/SSLeay.xs b/SSLeay.xs
-index 5aed4d7..7cb6eab 100644
---- a/SSLeay.xs
-+++ b/SSLeay.xs
-@@ -1997,19 +1997,13 @@ SSL_read(s,max=32768)
- PREINIT:
- char *buf;
- int got;
-+ int succeeded = 1;
- PPCODE:
- New(0, buf, max, char);
-
-- do {
-- int err;
--
-- got = SSL_read(s, buf, max);
-- if (got > 0)
-- break;
-- err = SSL_get_error(s, got);
-- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-- break;
-- } while (1);
-+ got = SSL_read(s, buf, max);
-+ if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got))
-+ succeeded = 0;
-
- /* If in list context, return 2-item list:
- * first return value: data gotten, or undef on error (got<0)
-@@ -2017,13 +2011,13 @@ SSL_read(s,max=32768)
- */
- if (GIMME_V==G_ARRAY) {
- EXTEND(SP, 2);
-- PUSHs(sv_2mortal(got>=0 ? newSVpvn(buf, got) : newSV(0)));
-+ PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0)));
- PUSHs(sv_2mortal(newSViv(got)));
-
- /* If in scalar or void context, return data gotten, or undef on error. */
- } else {
- EXTEND(SP, 1);
-- PUSHs(sv_2mortal(got>=0 ? newSVpvn(buf, got) : newSV(0)));
-+ PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, got) : newSV(0)));
- }
-
- Safefree(buf);
-@@ -2066,15 +2060,7 @@ SSL_write(s,buf)
- INPUT:
- char * buf = SvPV( ST(1), len);
- CODE:
-- do {
-- ret = SSL_write (s, buf, (int)len);
-- if (ret > 0)
-- break;
-- err = SSL_get_error(s, ret);
-- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-- break;
-- } while (1);
-- RETVAL = ret;
-+ RETVAL = SSL_write (s, buf, (int)len);
- OUTPUT:
- RETVAL
-
-diff --git a/lib/Net/SSLeay.pm b/lib/Net/SSLeay.pm
-index 3adf12c..afc6c8f 100644
---- a/lib/Net/SSLeay.pm
-+++ b/lib/Net/SSLeay.pm
-@@ -579,14 +579,22 @@ sub debug_read {
- sub ssl_read_all {
- my ($ssl,$how_much) = @_;
- $how_much = 2000000000 unless $how_much;
-- my ($got, $errs);
-+ my ($got, $rv, $errs);
- my $reply = '';
-
- while ($how_much > 0) {
-- $got = Net::SSLeay::read($ssl,
-+ ($got, $rv) = Net::SSLeay::read($ssl,
- ($how_much > 32768) ? 32768 : $how_much
- );
-- last if $errs = print_errs('SSL_read');
-+ if (! defined $got) {
-+ my $err = Net::SSLeay::get_error($ssl, $rv);
-+ if ($err != Net::SSLeay::ERROR_WANT_READ() and
-+ $err != Net::SSLeay::ERROR_WANT_WRITE()) {
-+ $errs = print_errs('SSL_read');
-+ last;
-+ }
-+ next;
-+ }
- $how_much -= blength($got);
- debug_read(\$reply, \$got) if $trace>1;
- last if $got eq ''; # EOF
-@@ -839,14 +847,14 @@ sub ssl_read_until ($;$$) {
- $found = index($match, $delim);
-
- if ($found > -1) {
-- #$got = Net::SSLeay::read($ssl, $found+$len_delim);
-+ #$got = Net::SSLeay::ssl_read_all($ssl, $found+$len_delim);
- #read up to the end of the delimiter
-- $got = Net::SSLeay::read($ssl,
-+ $got = Net::SSLeay::ssl_read_all($ssl,
- $found + $len_delim
- - ((blength($match)) - (blength($got))));
- $done = 1;
- } else {
-- $got = Net::SSLeay::read($ssl, $peek_length);
-+ $got = Net::SSLeay::ssl_read_all($ssl, $peek_length);
- $done = 1 if ($peek_length == $max_length - blength($reply));
- }
-
-@@ -857,7 +865,7 @@ sub ssl_read_until ($;$$) {
- }
- } else {
- while (!defined $max_length || length $reply < $max_length) {
-- $got = Net::SSLeay::read($ssl,1); # one by one
-+ $got = Net::SSLeay::ssl_read_all($ssl,1); # one by one
- last if print_errs('SSL_read');
- debug_read(\$reply, \$got) if $trace>1;
- last if $got eq '';
-diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
-index 74e317a..7f19027 100644
---- a/t/local/07_sslecho.t
-+++ b/t/local/07_sslecho.t
-@@ -134,10 +134,10 @@ my @results;
-
- push @results, [ Net::SSLeay::get_cipher($ssl), 'get_cipher' ];
-
-- push @results, [ Net::SSLeay::write($ssl, $msg), 'write' ];
-+ push @results, [ Net::SSLeay::ssl_write_all($ssl, $msg), 'write' ];
- shutdown($s, 1);
-
-- my ($got) = Net::SSLeay::read($ssl);
-+ my $got = Net::SSLeay::ssl_read_all($ssl);
- push @results, [ $got eq uc($msg), 'read' ];
-
- Net::SSLeay::free($ssl);
-@@ -177,7 +177,7 @@ my @results;
- Net::SSLeay::set_fd($ssl, fileno($s));
- Net::SSLeay::connect($ssl);
-
-- Net::SSLeay::write($ssl, $msg);
-+ Net::SSLeay::ssl_write_all($ssl, $msg);
-
- shutdown $s, 2;
- close $s;
-@@ -231,15 +231,15 @@ my @results;
- Net::SSLeay::set_fd($ssl3, $s3);
-
- Net::SSLeay::connect($ssl1);
-- Net::SSLeay::write($ssl1, $msg);
-+ Net::SSLeay::ssl_write_all($ssl1, $msg);
- shutdown $s1, 2;
-
- Net::SSLeay::connect($ssl2);
-- Net::SSLeay::write($ssl2, $msg);
-+ Net::SSLeay::ssl_write_all($ssl2, $msg);
- shutdown $s2, 2;
-
- Net::SSLeay::connect($ssl3);
-- Net::SSLeay::write($ssl3, $msg);
-+ Net::SSLeay::ssl_write_all($ssl3, $msg);
- shutdown $s3, 2;
-
- close $s1;
-diff --git a/t/local/36_verify.t b/t/local/36_verify.t
-index 2837288..b04be13 100644
---- a/t/local/36_verify.t
-+++ b/t/local/36_verify.t
-@@ -252,8 +252,9 @@ sub client {
- Net::SSLeay::set_fd($ssl, $cl);
- Net::SSLeay::connect($ssl);
- my $end = "end";
-- Net::SSLeay::write($ssl, $end);
-- ok($end eq Net::SSLeay::read($ssl), 'Successful termination');
-+ Net::SSLeay::ssl_write_all($ssl, $end);
-+ Net::SSLeay::shutdown($ssl);
-+ ok($end eq Net::SSLeay::ssl_read_all($ssl), 'Successful termination');
- return;
- }
-
-@@ -291,10 +292,10 @@ sub run_server
- next unless $ret == 1;
-
- # Termination request or other message from client
-- my $msg = Net::SSLeay::read($ssl);
-+ my $msg = Net::SSLeay::ssl_read_all($ssl);
- if (defined $msg and $msg eq 'end')
- {
-- Net::SSLeay::write($ssl, 'end');
-+ Net::SSLeay::ssl_write_all($ssl, 'end');
- exit (0);
- }
- }
---
-2.14.4
-
diff --git a/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch b/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
deleted file mode 100644
index 2f8a1d2511..0000000000
--- a/main/perl-net-ssleay/Net-SSLeay-1.85-Move-SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE-retry-from_write_partial.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From 122c80853a9bd66f21699fc79a689b3028d00d3b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Fri, 17 Aug 2018 13:08:44 +0200
-Subject: [PATCH] Move SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE retry from
- write_partial()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Original OpenSSL 1.1.1 fix broke IO-Socket-SSL-2.058's t/nonblock.t test
-because it tests non-blocking socket operations and expects to see
-SSL_ERROR_WANT_WRITE errors and to handle them byt itself.
-
-This patch purifies Net::SSLeay::write_partial() to behave exactly as
-underlying OpenSSL SSL_write() function. The retry is already
-presented in Net::SSLeay::ssl_write_all().
-
-All applications should implement the retry themsleves or use
-ssl_*_all() instead.
-
-Signed-off-by: Petr Písař <ppisar@redhat.com>
----
- SSLeay.xs | 16 ++--------------
- lib/Net/SSLeay.pod | 3 ++-
- 2 files changed, 4 insertions(+), 15 deletions(-)
-
-diff --git a/SSLeay.xs b/SSLeay.xs
-index 7cb6eab..fc7677f 100644
---- a/SSLeay.xs
-+++ b/SSLeay.xs
-@@ -2089,20 +2089,8 @@ SSL_write_partial(s,from,count,buf)
- if (len < 0) {
- croak("from beyound end of buffer");
- RETVAL = -1;
-- } else {
-- int ret;
-- int err;
--
-- do {
-- ret = SSL_write (s, &(buf[from]), (count<=len)?count:len);
-- if (ret > 0)
-- break;
-- err = SSL_get_error(s, ret);
-- if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
-- break;
-- } while (1);
-- RETVAL = ret;
-- }
-+ } else
-+ RETVAL = SSL_write (s, &(buf[from]), (count<=len)?count:len);
- OUTPUT:
- RETVAL
-
-diff --git a/lib/Net/SSLeay.pod b/lib/Net/SSLeay.pod
-index bca7be4..8b5f738 100644
---- a/lib/Net/SSLeay.pod
-+++ b/lib/Net/SSLeay.pod
-@@ -4819,7 +4819,8 @@ Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_write.html|http://www.op
-
- B<NOTE:> Does not exactly correspond to any low level API function
-
--Writes a fragment of data in $data from the buffer $data into the specified $ssl connection.
-+Writes a fragment of data in $data from the buffer $data into the specified
-+$ssl connection. This is a non-blocking function like L<Net::SSLeay::write()>.
-
- my $rv = Net::SSLeay::write_partial($ssl, $from, $count, $data);
- # $ssl - value corresponding to openssl's SSL structure
---
-2.14.4
-