LWP-Protocol-https
view release on metacpan or search on metacpan
Release history for LWP-Protocol-https
6.14 2024-03-11 01:08:33Z
- Inherit with 'use parent' instead of 'use base' (GH#78) (Marin Tsanov)
6.13 2024-02-06 01:00:50Z
- Fix ssl upgrade for regular host names (GH#77) (Axel Burri)
6.12 2024-01-22 17:51:31Z
- Enable MultiHomed for IO::Socket::SSL (GH#61) (â„•icolas â„.)
- Making it possible to use IPv6 in https call through https proxy
environment (in case of using CONNECT method to create a tunnel) (GH#74)
(Dmitriy Shamatrin)
6.11 2023-07-09 15:10:30Z
- Remove Authority section from dist.ini (GH#64) (Olaf Alders)
- Add very basic diagnostic information via test (GH#73) (Olaf Alders)
- CVE-2014-3230 - don't disable verification if only hostnames should not
(GH#14) (Steffen Ullrich)
- Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen
- Getopt::Long isn't actually used
- Merge pull request #7 from noxxi/master
- better diagnostics in case of failures in apache.t
- Merge pull request #8 from cpansprout/patch-1
- correct behavior for https_proxy, this goes together with change to
- libwww-perl cb80c2ddb7, new method _upgrade_sock in LWP::Protocol::https
- Typo fix: envirionment =~ s/io/o/
- support for subjectAltName
6.04 2013-04-29
- Fix IO::Socket::SSL warnings when not verifying hostname.
- Doc spelling fix.
6.03 2012-02-18
- Skip test if offline [RT#74163]
- Typo fixes
- Restore perl-5.8.1 compatibility.
6.02 2011-03-27
- Initial release of LWP-Protocol-https as a separate distribution. There
are no code changes besides setting the version number since
"Test::Pod" : "1.41",
"Test::Pod::Coverage" : "1.08",
"Test::Pod::Spelling::CommonMistakes" : "1.000",
"Test::Portability::Files" : "0",
"Test::Spelling" : "0.12",
"Test::Version" : "1"
}
},
"runtime" : {
"requires" : {
"IO::Socket::SSL" : "1.970",
"LWP::Protocol::http" : "0",
"LWP::UserAgent" : "6.06",
"Net::HTTPS" : "6",
"base" : "0",
"perl" : "5.008001",
"strict" : "0"
}
},
"test" : {
"recommends" : {
"CPAN::Meta" : "2.120900"
},
"requires" : {
"ExtUtils::MakeMaker" : "0",
"File::Spec" : "0",
"File::Temp" : "0",
"IO::Select" : "0",
"IO::Socket::INET" : "0",
"IO::Socket::SSL" : "1.970",
"IO::Socket::SSL::Utils" : "0",
"LWP::UserAgent" : "6.06",
"Socket" : "0",
"Test::More" : "0.96",
"Test::Needs" : "0.002010",
"Test::RequiresInternet" : "0",
"perl" : "5.008001",
"warnings" : "0"
}
}
},
---
abstract: 'Provide https support for LWP::UserAgent'
author:
- 'Gisle Aas <gisle@activestate.com>'
build_requires:
ExtUtils::MakeMaker: '0'
File::Spec: '0'
File::Temp: '0'
IO::Select: '0'
IO::Socket::INET: '0'
IO::Socket::SSL: '1.970'
IO::Socket::SSL::Utils: '0'
LWP::UserAgent: '6.06'
Socket: '0'
Test::More: '0.96'
Test::Needs: '0.002010'
Test::RequiresInternet: '0'
perl: '5.008001'
warnings: '0'
configure_requires:
ExtUtils::MakeMaker: '0'
perl: '5.008001'
- t
- xt
provides:
LWP::Protocol::https:
file: lib/LWP/Protocol/https.pm
version: '6.14'
LWP::Protocol::https::Socket:
file: lib/LWP/Protocol/https.pm
version: '6.14'
requires:
IO::Socket::SSL: '1.970'
LWP::Protocol::http: '0'
LWP::UserAgent: '6.06'
Net::HTTPS: '6'
base: '0'
perl: '5.008001'
strict: '0'
resources:
IRC: irc://irc.perl.org/#lwp
MailingList: mailto:libwww@perl.org
bugtracker: https://github.com/libwww-perl/LWP-Protocol-https/issues
Makefile.PL view on Meta::CPAN
"ABSTRACT" => "Provide https support for LWP::UserAgent",
"AUTHOR" => "Gisle Aas <gisle\@activestate.com>",
"CONFIGURE_REQUIRES" => {
"ExtUtils::MakeMaker" => 0
},
"DISTNAME" => "LWP-Protocol-https",
"LICENSE" => "perl",
"MIN_PERL_VERSION" => "5.008001",
"NAME" => "LWP::Protocol::https",
"PREREQ_PM" => {
"IO::Socket::SSL" => "1.970",
"LWP::Protocol::http" => 0,
"LWP::UserAgent" => "6.06",
"Net::HTTPS" => 6,
"base" => 0,
"strict" => 0
},
"TEST_REQUIRES" => {
"ExtUtils::MakeMaker" => 0,
"File::Spec" => 0,
"File::Temp" => 0,
"IO::Select" => 0,
"IO::Socket::INET" => 0,
"IO::Socket::SSL" => "1.970",
"IO::Socket::SSL::Utils" => 0,
"LWP::UserAgent" => "6.06",
"Socket" => 0,
"Test::More" => "0.96",
"Test::Needs" => "0.002010",
"Test::RequiresInternet" => 0,
"warnings" => 0
},
"VERSION" => "6.14",
"test" => {
"TESTS" => "t/*.t"
}
);
my %FallbackPrereqs = (
"ExtUtils::MakeMaker" => 0,
"File::Spec" => 0,
"File::Temp" => 0,
"IO::Select" => 0,
"IO::Socket::INET" => 0,
"IO::Socket::SSL" => "1.970",
"IO::Socket::SSL::Utils" => 0,
"LWP::Protocol::http" => 0,
"LWP::UserAgent" => "6.06",
"Net::HTTPS" => 6,
"Socket" => 0,
"Test::More" => "0.96",
"Test::Needs" => "0.002010",
"Test::RequiresInternet" => 0,
"base" => 0,
"strict" => 0,
"warnings" => 0
on 'configure' => sub {
requires "ExtUtils::MakeMaker" => "0";
requires "perl" => "5.008001";
};
on 'runtime' => sub {
requires "base" => "0";
requires "IO::Socket::SSL" => "1.970";
requires "LWP::Protocol::http" => "0";
requires "LWP::UserAgent" => "6.06";
requires "Net::HTTPS" => "6";
requires "perl" => "5.008001";
requires "strict" => "0";
};
on 'test' => sub {
requires "File::Temp" => "0";
requires "IO::Select" => "0";
requires "IO::Socket::INET" => "0";
requires "IO::Socket::SSL" => "1.54";
requires "IO::Socket::SSL::Utils" => "0";
requires "LWP::UserAgent" => "6.06";
requires "perl" => "5.008001";
requires "Socket" => "0";
requires "Test::More" => "0.96";
requires "Test::Needs" => "0.002010";
requires "Test::RequiresInternet" => "0";
requires "warnings" => "0";
};
on 'develop' => sub {
lib/LWP/Protocol/https.pm view on Meta::CPAN
}
else {
if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
$ssl_opts{SSL_verifycn_scheme} = '';
} else {
$ssl_opts{SSL_verifycn_scheme} = 'none';
}
}
if ($ssl_opts{SSL_verify_mode}) {
unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
if ($Net::HTTPS::SSL_SOCKET_CLASS eq 'IO::Socket::SSL'
&& defined &IO::Socket::SSL::default_ca
&& IO::Socket::SSL::default_ca() ) {
# IO::Socket::SSL has a usable default CA
} elsif ( my $cafile = eval {
require Mozilla::CA;
Mozilla::CA::SSL_ca_file()
}) {
# use Mozilla::CA
$ssl_opts{SSL_ca_file} = $cafile;
} else {
die <<'EOT';
Can't verify SSL peers without knowing which Certificate Authorities to trust.
lib/LWP/Protocol/https.pm view on Meta::CPAN
$res->push_header("Client-SSL-Warning" => "Peer certificate not verified");
}
elsif (!$self->{ssl_opts}{SSL_verifycn_scheme}) {
$res->push_header("Client-SSL-Warning" => "Peer hostname match with certificate not verified");
}
$res->header("Client-SSL-Socket-Class" => $Net::HTTPS::SSL_SOCKET_CLASS);
}
# upgrade plain socket to SSL, used for CONNECT tunnel when proxying https
# will only work if the underlying socket class of Net::HTTPS is
# IO::Socket::SSL, but code will only be called in this case
if ( $Net::HTTPS::SSL_SOCKET_CLASS->can('start_SSL')) {
*_upgrade_sock = sub {
my ($self,$sock,$url) = @_;
# SNI should be passed there only if it is not an IP address.
# Details: https://github.com/libwww-perl/libwww-perl/issues/449#issuecomment-1896175509
my $host = $url->host() =~ m/:|^[\d.]+$/s ? undef : $url->host();
$sock = LWP::Protocol::https::Socket->start_SSL( $sock,
SSL_verifycn_name => $url->host,
SSL_hostname => $host,
$self->_extra_sock_opts,
lib/LWP/Protocol/https.pm view on Meta::CPAN
alternative C<SSL_ca_file> or disable hostname verification.
This module used to be bundled with the libwww-perl, but it was unbundled in
v6.02 in order to be able to declare its dependencies properly for the CPAN
tool-chain. Applications that need https support can just declare their
dependency on LWP::Protocol::https and will no longer need to know what
underlying modules to install.
=head1 SEE ALSO
L<IO::Socket::SSL>, L<Crypt::SSLeay>, L<Mozilla::CA>
=head1 COPYRIGHT & LICENSE
Copyright (c) 1997-2011 Gisle Aas.
This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
=cut
t/00-report-prereqs.dd view on Meta::CPAN
'Test::Pod' => '1.41',
'Test::Pod::Coverage' => '1.08',
'Test::Pod::Spelling::CommonMistakes' => '1.000',
'Test::Portability::Files' => '0',
'Test::Spelling' => '0.12',
'Test::Version' => '1'
}
},
'runtime' => {
'requires' => {
'IO::Socket::SSL' => '1.970',
'LWP::Protocol::http' => '0',
'LWP::UserAgent' => '6.06',
'Net::HTTPS' => '6',
'base' => '0',
'perl' => '5.008001',
'strict' => '0'
}
},
'test' => {
'recommends' => {
'CPAN::Meta' => '2.120900'
},
'requires' => {
'ExtUtils::MakeMaker' => '0',
'File::Spec' => '0',
'File::Temp' => '0',
'IO::Select' => '0',
'IO::Socket::INET' => '0',
'IO::Socket::SSL' => '1.970',
'IO::Socket::SSL::Utils' => '0',
'LWP::UserAgent' => '6.06',
'Socket' => '0',
'Test::More' => '0.96',
'Test::Needs' => '0.002010',
'Test::RequiresInternet' => '0',
'perl' => '5.008001',
'warnings' => '0'
}
}
};
#!perl
use strict;
use warnings;
use IO::Select ();
use IO::Socket::INET ();
use IO::Socket::SSL ();
use IO::Socket::SSL::Utils ();
use Socket ();
use Test::More import => [qw( diag done_testing pass subtest )];
use Test::Needs;
use Try::Tiny qw( try );
subtest 'openssl' => sub {
test_needs 'Capture::Tiny';
test_needs 'File::Which';
my $openssl = File::Which::which('openssl');
diag "path to openssl: $openssl";
sprintf 'Net::SSLeay::LIBRESSL_VERSION_NUMBER() 0x%08x',
Net::SSLeay::LIBRESSL_VERSION_NUMBER()
);
};
pass('Net::SSLeay');
};
subtest 'modules' => sub {
diag "IO::Select $IO::Select::VERSION";
diag "IO::Socket::INET $IO::Socket::INET::VERSION";
diag "IO::Socket::SSL $IO::Socket::SSL::VERSION";
diag "IO::Socket::SSL::Utils $IO::Socket::SSL::Utils::VERSION";
diag "Socket $Socket::VERSION";
pass('modules');
};
done_testing();
t/example.t view on Meta::CPAN
is($x_died, undef, "no $h header");
$h = 'Client-SSL-Socket-Class';
my $socket_class = $res->header($h) || '';
ok($socket_class =~ /\S/, "have header $h");
SKIP: {
$h = 'Client-SSL-Version';
my $ssl_version = $res->header($h) || '';
my $h_test = $ssl_version =~ /^(SSL|TLS)v\d/i;
my $want_class = 'IO::Socket::SSL';
$h_test
or $socket_class eq $want_class
or skip "header $h only guaranteed when using $want_class", 1;
ok($h_test, "have header $h");
}
$h = 'Client-SSL-Cipher';
my $ssl_cipher = $res->header($h) || '';
ok($ssl_cipher =~ /\S/, "have header $h");
t/https_proxy.t view on Meta::CPAN
use File::Temp 'tempfile';
use IO::Socket::INET;
use IO::Select;
use Socket 'MSG_PEEK';
use LWP::UserAgent;
use LWP::Protocol::https;
plan skip_all => "fork not implemented on this platform" if
grep { $^O =~m{$_} } qw( MacOS VOS vmesa riscos amigaos );
eval { require IO::Socket::SSL }
and $IO::Socket::SSL::VERSION >= 1.953
and eval { require IO::Socket::SSL::Utils }
or plan skip_all => "no recent version of IO::Socket::SSL::Utils";
IO::Socket::SSL::Utils->import;
# create CA -------------------------------------------------------------
my ($cacert,$cakey) = CERT_create( CA => 1 );
my $cafile = do {
my ($fh,$fname) = tempfile( CLEANUP => 1 );
print $fh PEM_cert2string($cacert);
$fname
};
# create two web servers ------------------------------------------------
t/https_proxy.t view on Meta::CPAN
if ( ! $pid ) {
@childs = ();
exit( _server());
}
# parent continues with closed server sockets
push @childs,$pid;
@server = ();
# check which SSL implementation Net::HTTPS uses
# Net::SSL behaves different than the default IO::Socket::SSL
my $netssl = $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL';
# do some tests ----------------------------------------------------------
my %ua;
$ua{noproxy} = LWP::UserAgent->new(
keep_alive => 10, # size of connection cache
# server does not know the expected name and returns generic certificate
ssl_opts => {
verify_hostname => 0,
SSL_ca_file => $cafile,
t/https_proxy.t view on Meta::CPAN
subject => { commonName => $ssl_host },
issuer_cert => $cacert,
issuer_key => $cakey,
# just reuse cakey as key for certificate
key => $cakey,
);
[ $c,$k ];
};
};
IO::Socket::SSL->start_SSL( $cl,
SSL_server => 1,
SSL_cert => $cert,
SSL_key => $key,
) or do {
diag("SSL handshake failed: ".IO::Socket::SSL->errstr);
exit(1);
};
}
REQUEST:
# read header
my $req = '';
while (<$cl>) {
$_ eq "\r\n" and last;
$req .= $_;
( run in 0.334 second using v1.01-cache-2.11-cpan-fd5d4e115d8 )