From b28bef7c19c39ebe21a5b2c8d3a6d33c356239d7 Mon Sep 17 00:00:00 2001
From: Slaven Rezic <slaven@rezic.de>
Date: Sun, 11 Sep 2016 20:13:44 +0200
Subject: [PATCH] combining the patches by Victor and Petr (RT #88998)

---
 Makefile.PL    |  2 ++
 t/testmodule.t | 41 ++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/Makefile.PL b/Makefile.PL
index 17fe591..b8927b2 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -10,5 +10,7 @@ WriteMakefile(
   'VERSION_FROM' => 'SSL.pm',
   'DISTNAME' => 'HTTP-Daemon-SSL',
   'PREREQ_PM' => { 'HTTP::Daemon' => 1.0, 'IO::Socket::SSL' => 0.93 },
+  'BUILD_REQUIRES' => { 'HTTP::Daemon' => 1.0, 'IO::Socket::SSL' => 0.93,
+      'IO::Socket::SSL::Utils' => 0 },
   'dist' => { COMPRESS => 'gzip', SUFFIX => 'gz', },
 );
diff --git a/t/testmodule.t b/t/testmodule.t
index d03aeef..fd351bb 100644
--- a/t/testmodule.t
+++ b/t/testmodule.t
@@ -4,10 +4,11 @@
 
 use HTTP::Daemon::SSL;
 use HTTP::Status;
+use IO::Socket::SSL::Utils;
 eval {require "t/ssl_settings.req";} ||
 eval {require "ssl_settings.req";};
 
-$numtests = 9;
+$numtests = 14;
 $|=1;
 $SIG{PIPE}='IGNORE';
 
@@ -22,6 +23,41 @@ print "1..$numtests\n";
 
 $test = 0;
 
+my ($ca_cert, $ca_key) = CERT_create(
+    subject => { commonName => 'Dummy IO::Socket::SSL Certificate Authority' },
+    CA => 1,
+);
+(defined $ca_cert and defined $ca_key) || print 'not ';
+&ok('authority certificate generated');
+
+my ($server_cert, $server_key) = CERT_create(
+    subject => { commonName => 'IO::Socket::SSL Dummy Server Certificate' },
+    CA => 0,
+    issuer_cert => $ca_cert,
+    issuer_key => $ca_key,
+);
+(defined $server_cert and defined $server_key) || print 'not ';
+&ok('server certificate generated');
+
+eval { PEM_cert2file($ca_cert, 'certs/test-ca.pem') };
+(!$@ and -s 'certs/test-ca.pem') || print 'not ';
+&ok('authority certificate saved');
+
+PEM_cert2file($server_cert, 'certs/server-cert.pem');
+(!$@ and -s 'certs/server-cert.pem') || print 'not ';
+&ok('server certificate saved');
+
+PEM_key2file($server_key, 'certs/server-key.pem');
+(!$@ and -s 'certs/server-key.pem') || print 'not ';
+&ok('server key saved');
+
+# freeing fails now <https://bugzilla.redhat.com/show_bug.cgi?id=1097640>
+#CERT_free($ca_cert);
+#KEY_free($ca_key);
+#CERT_free($server_cert);
+#KEY_free($server_key);
+
+
 unless (fork) {
     sleep 1;
 
@@ -57,8 +93,10 @@ my $server = new HTTP::Daemon::SSL(LocalPort => $SSL_SERVER_PORT,
 				   Listen => 5,
 				   Timeout => 30,
 				   ReuseAddr => 1,
+				   SSL_cipher_list => 'ALL:!LOW',
 				   SSL_verify_mode => 0x00,
 				   SSL_ca_file => "certs/test-ca.pem",
+				   SSL_key_file => "certs/server-key.pem",
 				   SSL_cert_file => "certs/server-cert.pem");
 
 if (!$server) {
@@ -84,6 +122,7 @@ if (!($conn = $server->accept)) {
 if ($conn = $server->accept) {
     &ok("valid request handled");
 } else {
+    warn $IO::Socket::SSL::ERROR;
     print "not ok $test # valid request did not return a socket\n";
 }
 
-- 
2.1.2