LWP-Protocol-https

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN

Release history for LWP-Protocol-https

6.14      2024-03-11 01:08:33Z
    - Inherit with 'use parent' instead of 'use base' (GH#78) (Marin Tsanov)

6.13      2024-02-06 01:00:50Z
    - Fix ssl upgrade for regular host names (GH#77) (Axel Burri)

6.12      2024-01-22 17:51:31Z
    - Enable MultiHomed for IO::Socket::SSL (GH#61) (ℕicolas ℝ.)
    - Making it possible to use IPv6 in https call through https proxy
      environment (in case of using CONNECT method to create a tunnel) (GH#74)
      (Dmitriy Shamatrin)

6.11      2023-07-09 15:10:30Z
    - Remove Authority section from dist.ini (GH#64) (Olaf Alders)
    - Add very basic diagnostic information via test (GH#73) (Olaf Alders)
    - CVE-2014-3230 - don't disable verification if only hostnames should not
      (GH#14) (Steffen Ullrich)
    - Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen

Changes  view on Meta::CPAN

    - Getopt::Long isn't actually used
    - Merge pull request #7 from noxxi/master
    - better diagnostics in case of failures in apache.t
    - Merge pull request #8 from cpansprout/patch-1
    - correct behavior for https_proxy, this goes together with change to
    - libwww-perl cb80c2ddb7, new method _upgrade_sock in LWP::Protocol::https
    - Typo fix: envirionment =~ s/io/o/
    - support for subjectAltName

6.04      2013-04-29
    - Fix IO::Socket::SSL warnings when not verifying hostname.
    - Doc spelling fix.

6.03      2012-02-18
    - Skip test if offline [RT#74163]
    - Typo fixes
    - Restore perl-5.8.1 compatibility.

6.02      2011-03-27
    - Initial release of LWP-Protocol-https as a separate distribution. There
      are no code changes besides setting the version number since

META.json  view on Meta::CPAN

            "Test::Pod" : "1.41",
            "Test::Pod::Coverage" : "1.08",
            "Test::Pod::Spelling::CommonMistakes" : "1.000",
            "Test::Portability::Files" : "0",
            "Test::Spelling" : "0.12",
            "Test::Version" : "1"
         }
      },
      "runtime" : {
         "requires" : {
            "IO::Socket::SSL" : "1.970",
            "LWP::Protocol::http" : "0",
            "LWP::UserAgent" : "6.06",
            "Net::HTTPS" : "6",
            "base" : "0",
            "perl" : "5.008001",
            "strict" : "0"
         }
      },
      "test" : {
         "recommends" : {
            "CPAN::Meta" : "2.120900"
         },
         "requires" : {
            "ExtUtils::MakeMaker" : "0",
            "File::Spec" : "0",
            "File::Temp" : "0",
            "IO::Select" : "0",
            "IO::Socket::INET" : "0",
            "IO::Socket::SSL" : "1.970",
            "IO::Socket::SSL::Utils" : "0",
            "LWP::UserAgent" : "6.06",
            "Socket" : "0",
            "Test::More" : "0.96",
            "Test::Needs" : "0.002010",
            "Test::RequiresInternet" : "0",
            "perl" : "5.008001",
            "warnings" : "0"
         }
      }
   },

META.yml  view on Meta::CPAN

---
abstract: 'Provide https support for LWP::UserAgent'
author:
  - 'Gisle Aas <gisle@activestate.com>'
build_requires:
  ExtUtils::MakeMaker: '0'
  File::Spec: '0'
  File::Temp: '0'
  IO::Select: '0'
  IO::Socket::INET: '0'
  IO::Socket::SSL: '1.970'
  IO::Socket::SSL::Utils: '0'
  LWP::UserAgent: '6.06'
  Socket: '0'
  Test::More: '0.96'
  Test::Needs: '0.002010'
  Test::RequiresInternet: '0'
  perl: '5.008001'
  warnings: '0'
configure_requires:
  ExtUtils::MakeMaker: '0'
  perl: '5.008001'

META.yml  view on Meta::CPAN

    - t
    - xt
provides:
  LWP::Protocol::https:
    file: lib/LWP/Protocol/https.pm
    version: '6.14'
  LWP::Protocol::https::Socket:
    file: lib/LWP/Protocol/https.pm
    version: '6.14'
requires:
  IO::Socket::SSL: '1.970'
  LWP::Protocol::http: '0'
  LWP::UserAgent: '6.06'
  Net::HTTPS: '6'
  base: '0'
  perl: '5.008001'
  strict: '0'
resources:
  IRC: irc://irc.perl.org/#lwp
  MailingList: mailto:libwww@perl.org
  bugtracker: https://github.com/libwww-perl/LWP-Protocol-https/issues

Makefile.PL  view on Meta::CPAN

  "ABSTRACT" => "Provide https support for LWP::UserAgent",
  "AUTHOR" => "Gisle Aas <gisle\@activestate.com>",
  "CONFIGURE_REQUIRES" => {
    "ExtUtils::MakeMaker" => 0
  },
  "DISTNAME" => "LWP-Protocol-https",
  "LICENSE" => "perl",
  "MIN_PERL_VERSION" => "5.008001",
  "NAME" => "LWP::Protocol::https",
  "PREREQ_PM" => {
    "IO::Socket::SSL" => "1.970",
    "LWP::Protocol::http" => 0,
    "LWP::UserAgent" => "6.06",
    "Net::HTTPS" => 6,
    "base" => 0,
    "strict" => 0
  },
  "TEST_REQUIRES" => {
    "ExtUtils::MakeMaker" => 0,
    "File::Spec" => 0,
    "File::Temp" => 0,
    "IO::Select" => 0,
    "IO::Socket::INET" => 0,
    "IO::Socket::SSL" => "1.970",
    "IO::Socket::SSL::Utils" => 0,
    "LWP::UserAgent" => "6.06",
    "Socket" => 0,
    "Test::More" => "0.96",
    "Test::Needs" => "0.002010",
    "Test::RequiresInternet" => 0,
    "warnings" => 0
  },
  "VERSION" => "6.14",
  "test" => {
    "TESTS" => "t/*.t"
  }
);

my %FallbackPrereqs = (
  "ExtUtils::MakeMaker" => 0,
  "File::Spec" => 0,
  "File::Temp" => 0,
  "IO::Select" => 0,
  "IO::Socket::INET" => 0,
  "IO::Socket::SSL" => "1.970",
  "IO::Socket::SSL::Utils" => 0,
  "LWP::Protocol::http" => 0,
  "LWP::UserAgent" => "6.06",
  "Net::HTTPS" => 6,
  "Socket" => 0,
  "Test::More" => "0.96",
  "Test::Needs" => "0.002010",
  "Test::RequiresInternet" => 0,
  "base" => 0,
  "strict" => 0,
  "warnings" => 0

cpanfile  view on Meta::CPAN

on 'configure' => sub {
    requires "ExtUtils::MakeMaker" => "0";
    requires "perl" => "5.008001";
};

on 'runtime' => sub {
    requires "base" => "0";
    requires "IO::Socket::SSL" => "1.970";
    requires "LWP::Protocol::http" => "0";
    requires "LWP::UserAgent" => "6.06";
    requires "Net::HTTPS" => "6";
    requires "perl" => "5.008001";
    requires "strict" => "0";
};

on 'test' => sub {
    requires "File::Temp" => "0";
    requires "IO::Select" => "0";
    requires "IO::Socket::INET" => "0";
    requires "IO::Socket::SSL" => "1.54";
    requires "IO::Socket::SSL::Utils" => "0";
    requires "LWP::UserAgent" => "6.06";
    requires "perl" => "5.008001";
    requires "Socket" => "0";
    requires "Test::More" => "0.96";
    requires "Test::Needs" => "0.002010";
    requires "Test::RequiresInternet" => "0";
    requires "warnings" => "0";
};

on 'develop' => sub {

lib/LWP/Protocol/https.pm  view on Meta::CPAN

    }
    else {
        if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
            $ssl_opts{SSL_verifycn_scheme} = '';
        } else {
            $ssl_opts{SSL_verifycn_scheme} = 'none';
        }
    }
    if ($ssl_opts{SSL_verify_mode}) {
        unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
            if ($Net::HTTPS::SSL_SOCKET_CLASS eq 'IO::Socket::SSL'
                && defined &IO::Socket::SSL::default_ca
                && IO::Socket::SSL::default_ca() ) {
                # IO::Socket::SSL has a usable default CA
            } elsif ( my $cafile = eval {
            require Mozilla::CA;
            Mozilla::CA::SSL_ca_file()
            }) {
            # use Mozilla::CA
            $ssl_opts{SSL_ca_file} = $cafile;
            } else {
                die <<'EOT';
Can't verify SSL peers without knowing which Certificate Authorities to trust.

lib/LWP/Protocol/https.pm  view on Meta::CPAN

	$res->push_header("Client-SSL-Warning" => "Peer certificate not verified");
    }
    elsif (!$self->{ssl_opts}{SSL_verifycn_scheme}) {
	$res->push_header("Client-SSL-Warning" => "Peer hostname match with certificate not verified");
    }
    $res->header("Client-SSL-Socket-Class" => $Net::HTTPS::SSL_SOCKET_CLASS);
}

# upgrade plain socket to SSL, used for CONNECT tunnel when proxying https
# will only work if the underlying socket class of Net::HTTPS is
# IO::Socket::SSL, but code will only be called in this case
if ( $Net::HTTPS::SSL_SOCKET_CLASS->can('start_SSL')) {
    *_upgrade_sock = sub {
	my ($self,$sock,$url) = @_;
    # SNI should be passed there only if it is not an IP address.
    # Details: https://github.com/libwww-perl/libwww-perl/issues/449#issuecomment-1896175509
	my $host = $url->host() =~ m/:|^[\d.]+$/s ? undef : $url->host();
	$sock = LWP::Protocol::https::Socket->start_SSL( $sock,
	    SSL_verifycn_name => $url->host,
	    SSL_hostname => $host,
	    $self->_extra_sock_opts,

lib/LWP/Protocol/https.pm  view on Meta::CPAN

alternative C<SSL_ca_file> or disable hostname verification.

This module used to be bundled with the libwww-perl, but it was unbundled in
v6.02 in order to be able to declare its dependencies properly for the CPAN
tool-chain.  Applications that need https support can just declare their
dependency on LWP::Protocol::https and will no longer need to know what
underlying modules to install.

=head1 SEE ALSO

L<IO::Socket::SSL>, L<Crypt::SSLeay>, L<Mozilla::CA>

=head1 COPYRIGHT & LICENSE

Copyright (c) 1997-2011 Gisle Aas.

This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.

=cut

t/00-report-prereqs.dd  view on Meta::CPAN

                                      'Test::Pod' => '1.41',
                                      'Test::Pod::Coverage' => '1.08',
                                      'Test::Pod::Spelling::CommonMistakes' => '1.000',
                                      'Test::Portability::Files' => '0',
                                      'Test::Spelling' => '0.12',
                                      'Test::Version' => '1'
                                    }
                    },
       'runtime' => {
                      'requires' => {
                                      'IO::Socket::SSL' => '1.970',
                                      'LWP::Protocol::http' => '0',
                                      'LWP::UserAgent' => '6.06',
                                      'Net::HTTPS' => '6',
                                      'base' => '0',
                                      'perl' => '5.008001',
                                      'strict' => '0'
                                    }
                    },
       'test' => {
                   'recommends' => {
                                     'CPAN::Meta' => '2.120900'
                                   },
                   'requires' => {
                                   'ExtUtils::MakeMaker' => '0',
                                   'File::Spec' => '0',
                                   'File::Temp' => '0',
                                   'IO::Select' => '0',
                                   'IO::Socket::INET' => '0',
                                   'IO::Socket::SSL' => '1.970',
                                   'IO::Socket::SSL::Utils' => '0',
                                   'LWP::UserAgent' => '6.06',
                                   'Socket' => '0',
                                   'Test::More' => '0.96',
                                   'Test::Needs' => '0.002010',
                                   'Test::RequiresInternet' => '0',
                                   'perl' => '5.008001',
                                   'warnings' => '0'
                                 }
                 }
     };

t/diag.t  view on Meta::CPAN

#!perl

use strict;
use warnings;

use IO::Select             ();
use IO::Socket::INET       ();
use IO::Socket::SSL        ();
use IO::Socket::SSL::Utils ();
use Socket                 ();
use Test::More import => [qw( diag done_testing pass subtest )];
use Test::Needs;
use Try::Tiny qw( try );

subtest 'openssl' => sub {
    test_needs 'Capture::Tiny';
    test_needs 'File::Which';
    my $openssl = File::Which::which('openssl');
    diag "path to openssl: $openssl";

t/diag.t  view on Meta::CPAN

            sprintf 'Net::SSLeay::LIBRESSL_VERSION_NUMBER() 0x%08x',
            Net::SSLeay::LIBRESSL_VERSION_NUMBER()
        );
    };
    pass('Net::SSLeay');
};

subtest 'modules' => sub {
    diag "IO::Select $IO::Select::VERSION";
    diag "IO::Socket::INET $IO::Socket::INET::VERSION";
    diag "IO::Socket::SSL $IO::Socket::SSL::VERSION";
    diag "IO::Socket::SSL::Utils $IO::Socket::SSL::Utils::VERSION";
    diag "Socket $Socket::VERSION";
    pass('modules');
};

done_testing();

t/example.t  view on Meta::CPAN

    is($x_died, undef, "no $h header");

    $h = 'Client-SSL-Socket-Class';
    my $socket_class = $res->header($h) || '';
    ok($socket_class =~ /\S/, "have header $h");

    SKIP: {
        $h = 'Client-SSL-Version';
        my $ssl_version = $res->header($h) || '';
        my $h_test = $ssl_version =~ /^(SSL|TLS)v\d/i;
        my $want_class = 'IO::Socket::SSL';
        $h_test
            or $socket_class eq $want_class
            or skip "header $h only guaranteed when using $want_class", 1;
        ok($h_test, "have header $h");
    }

    $h = 'Client-SSL-Cipher';
    my $ssl_cipher = $res->header($h) || '';
    ok($ssl_cipher =~ /\S/, "have header $h");

t/https_proxy.t  view on Meta::CPAN

use File::Temp 'tempfile';
use IO::Socket::INET;
use IO::Select;
use Socket 'MSG_PEEK';
use LWP::UserAgent;
use LWP::Protocol::https;

plan skip_all => "fork not implemented on this platform" if
    grep { $^O =~m{$_} } qw( MacOS VOS vmesa riscos amigaos );

eval { require IO::Socket::SSL }
    and $IO::Socket::SSL::VERSION >= 1.953
    and eval { require IO::Socket::SSL::Utils }
    or plan skip_all => "no recent version of IO::Socket::SSL::Utils";
IO::Socket::SSL::Utils->import;

# create CA -------------------------------------------------------------
my ($cacert,$cakey) = CERT_create( CA => 1 );
my $cafile = do {
    my ($fh,$fname) = tempfile( CLEANUP => 1 );
    print $fh PEM_cert2string($cacert);
    $fname
};

# create two web servers ------------------------------------------------

t/https_proxy.t  view on Meta::CPAN

if ( ! $pid ) {
    @childs = ();
    exit( _server());
}

# parent continues with closed server sockets
push @childs,$pid;
@server = ();

# check which SSL implementation Net::HTTPS uses
# Net::SSL behaves different than the default IO::Socket::SSL
my $netssl = $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL';

# do some tests ----------------------------------------------------------
my %ua;
$ua{noproxy} = LWP::UserAgent->new(
    keep_alive => 10, # size of connection cache
    # server does not know the expected name and returns generic certificate
    ssl_opts => {
	verify_hostname => 0,
	SSL_ca_file => $cafile,

t/https_proxy.t  view on Meta::CPAN

		    subject => { commonName => $ssl_host },
		    issuer_cert => $cacert,
		    issuer_key => $cakey,
		    # just reuse cakey as key for certificate
		    key => $cakey,
		);
		[ $c,$k ];
	    };
	};

	IO::Socket::SSL->start_SSL( $cl,
	    SSL_server => 1,
	    SSL_cert => $cert,
	    SSL_key  => $key,
	) or do {
	    diag("SSL handshake failed: ".IO::Socket::SSL->errstr);
	    exit(1);
	};
    }

    REQUEST:
    # read header
    my $req = '';
    while (<$cl>) {
	$_ eq "\r\n" and last;
	$req .= $_;



( run in 0.651 second using v1.01-cache-2.11-cpan-4d50c553e7e )