Net-FTPSSL
view release on metacpan or search on metacpan
Revision history for Perl extension Net::FTPSSL.
TODO:
- Implement a "find" function similar to Unix's find command.
- Support IPv6 as well as IPv4. (Started, I can detect if IPv6 is supported
by IO::Socket::SSL.) [I don't have access to a IPv6 network to test with.]
- Fix so Trace isn't so verbose. Such as making freqency a function of file
size & block size.
Version - YYYY/MM/DD
--------------------
0.42 2019/09/30 08:30:00
- Changed the copyright from 2018 to 2019 in all files.
- Removed L<http://search.cpan.org/~cleach/Net-FTPSSL-0.42/FTPSSL.pm> link
from the POD since that link seems to be in the process of being depreciated
supported(). Editing the returned hash reference of _help() no longer
works! This new method does both additions & removals.
- BEHAVIOUR CHANGE - Modified _mfmt() & _mdtm() to be able to handle localtime
vs gmtime based on changes to how PreserveTimestamp work. As an alternate
way, the behavior can be overriden by a new $local_flag option. The
default behavior is still GMT time. See the POD for a description of how
PreserveTimestamp now works.
- Made POD clarification & other comment updates.
- Increased TRACE_MOD from 5 to 10 blocks.
- Added BEGIN block to detect if IPv6 support is possible. It does this by
asking IO::Socket::SSL instead of reinventing the wheel.
- Moved the generation of the Debug log header info for CPAN support to BEGIN
as well so that this info gets centralized instead of repeated.
- Added Domain/Family as a new option for choosing IPv4 vs IPv6.
- Added OverrideHELP => -1 option to use FEAT instead, when HELP is broken!
- Updated quot() to recognize that MLSD also requires a data channel.
Also improved the disable HELP logic used here.
- Broke up _feat() into _feat() & feat(). Also added feat() to the POD.
Done since under some circumstances the feature list can be dynamic!
Also changed logic on how to tell if OPTS is supported or not.
Finally drops HELP from the list of FEAT commands returned if OverrideHELP
default of not reusing the context for data channels, you must now use
option "DisableContext => 1" to do so. But hopefully the need for this
option will be rare. See the POD for more details.
- BEHAVIOUR CHANGE - Added support for SNI in the SSL handshake. Always
does it if supported.
- Changed logic on how to detect if a default "SSL_verify_mode" value needed
to be set to VERIFY_NONE() for the caller in new(). Now checks for specific
SSL_* options before setting.
- Can now pass SSL options directly to new(). You no longer need to use the
"SSL_Client_Certificate" option to pass the hash reference of SSL options.
Currently only recognises IO::Socket::SSL options that start with SSL_.
If any start with something else, I'll address in a future release.
- Clarified some POD information on a few methods.
- Enhanced "size" function to use STAT if SIZE wasn't available!
- Fixed case where sometimes the login account used wasn't being masked in
the response in the logs.
- Now prints the INET version in the log file.
- Resets $ERRSTR to default in new() in case previous call had errors!
- Fixed t/10-complex.t func run_stat_test() to test the "is_file" & "is_dir"
functions. Some tests disable the "SIZE" command so it can test the new
alternate size logic as well.
- Modified t/10-complex.t to print the "OK" results to the log file.
Makes it a bit easier to associate failures to what's in the log file!
- Fixed some typoes in the POD.
0.30 2015/08/13 08:30:00
- INCOMPATIBILITY WARNING! If you've been hacking internal undocumented
variables referenced by my module, your code is most likely broken with this
release! If you've been doing "$ftps = new (...); $x = ${*$ftps}{abc};",
it's now "$x = ${*$ftps}{_FTPSSL_arguments}->{abc};" for a lot of them.
This change was made to make it less likely I'll accidentaly step on a
IO::Socket::SSL variable in a future release of either module. It also
helps me with error log traces & some future plans if they ever happen.
- Changed t/00-basic.t so it no longer needs to call uc(). Also now uses
__PACKAGE__ keyword instead of hard coded text.
- Fixed error message bug in _get_data_channel(). Got SSL_version from wrong
hash.
- Reorganized the order of some functions in the POD.
- Fixed minor bug in the masking of the user id when writing to a log file!
- Looks like the sysread() call in response() is sometimes spurriously setting
the special variable "$!" for Perl 5.10.1 on AIX 7.1. So if the command
looks complete I'm going to ignore the error message returned in "$!".
- Rewrote Makefile.PL to support optional parameters so I could add
conditional Kwaltiee Score variables.
- Added MIN_PERL_VERSION tag to Makefile.PL Extra Kwaltiee Metric # 1.
Enforced Ver. 5.6.1, since that is the earliest perl my module was tested
against by the smoke testers. But it was last tested that way with v0.11.
Version 5.8.8 is the oldest version of Perl I test against regularly.
- Added LICENSE tag to Makefile.PL Extra Kwaltiee Metric # 2.
- Added Net::SSLeay as a fake dependancy to Makefile.PL & as a test case in
t/00-basic.t for the benifit of some Smoke Testers who fail my module due
to this indirect dependancy not working. I don't use this module, but it's
obviously a dependancy of IO::Socket::SSL. But it looks like it might
not be a declared dependancy since it's failing to load for a smoke tester
while he's testing my module.
- Fixed _print_LOG() to support multiple arguments. So no longer have to
concatinate everything before using.
- Rewrote _debug_print_hash() to be able to handle hashes of any depth.
It's now recursive with infinite loop detection.
- Added logic to support reusing the session instead of just the context.
This is via the new option "ReuseSession=>1".
Thanks Forrest Tiffany for your patch! (Bug Ids 76108 & 104407)
- Fixing the above bug uncovered an infinite loop if Croak was also turned on.
Now _croak_or_return() doesn't try to close the connection if called by
command() or response() or if recursion was detected.
- Fixed quot() to no longer upshift the command to upper case. Discovered
case where lower case was required. So it's now up the the caller to
put in upper case if it's required! Also no longer checks if the command
is valid according to HELP. Some servers attempt to be sneeky by not
advertising all available commands.
0.14 2010/01/04 08:30:00
- Added minimum requirement of IO::Socket::SSL v1.08, since I just got word
that v0.97 caused Net-FTPSSL to hang! And v1.08 was the release I
originally developed Net::FTPSSL with & is easily available for Windows
users as a pre-built release. But that release is still pretty old.
(IO::Socket::SSL is currently at v1.31 as of this writting.)
- Fixed bug in _common_put() where it didn't actually test the final status
message when closing the data connection. So missed a rare failure case.
- Fixed similar bugs in list() & get() as well.
- Caught more list() & nlst() error conditions that returned undef instead of
the empty list as documented.
- Added the Server/Port to start of trace file after the version # since not
all servers returned this info in their log messagse.
0.13 2009/11/01 08:30:00
- Decided to skip unlucky release # 13!
- Added size() per request # 49377.
- Minor fixes to 10-complex.t to support new functionality.
- Reorged some older code to make it easier to maintain. Making some blocks
of code much smaller and less awkward.
- Fixed xput & xget to delete the dest file before renaming the scratch file.
Avoids rare file permission issues when the dest file already exists and the
file recognizer is down.
0.11 2009/07/19 08:30:00
- Added ccc() to end of 10-complex.t test script.
- Updated the ccc() docs on issues with older IO::Socket::SSL versions.
- Provided solution to Tkt # 47659, problems with CCC - RFC 4217 Section 12.3.
Where CCC behaves differently for different FTPS servers.
- Added Debug option to allow writing to DebugLogFile in append mode instead
of creating a new log file every time. So can use same log file when
serially making FTPS connections.
- Now allows overriding of the IMP_CRYPT port 990 to something else. Found a
server that allowed me to change the implicit port # for this. Tkt # 46851.
0.10 2009/06/30 08:30:00
- Updated the Port vs IMP_CRYPT documentation to state you can't override
# Revision: -Id: FTPSSL.pm,v 1.24 2005/10/23 14:37:12 cleach Exp -
package Net::FTPSSL;
use strict;
use warnings;
# Enforce a minimum version of this module or Net::FTPSSL hangs!
# v1.08 works, v1.18 added ccc() support.
# Don't use v1.79 to v1.85 due to misleading warnings.
use IO::Socket::SSL 1.26;
use vars qw( $VERSION @EXPORT $ERRSTR );
use base ( 'Exporter', 'IO::Socket::SSL' );
# Only supports IPv4 (to also get IPv6 must use IO::Socket::IP instead. v0.20)
use IO::Socket::INET;
use Net::SSLeay::Handle;
use File::Basename;
use File::Copy;
use Time::Local;
use Sys::Hostname;
use Carp qw( carp croak );
# Tells if possible to use IPv6 in connections.
my $ipv6;
my $IOCLASS;
my $family_key; # Domain or Family
my $debug_log_msg; # Used if Debug is turned on
BEGIN {
$VERSION = "0.42"; # The version of this module!
my $type = "IO::Socket::SSL";
$ipv6 = 0; # Assume IPv4 only ...
$IOCLASS = "IO::Socket::INET"; # Assume IPv4 only ...
$family_key = "Domain"; # Traditional ...
my $msg;
my $ioOrig = $IOCLASS;
# Can we use IPv6 vs IPv4? Let IO::Socket::SSL make the decision for us!
# The logic gets real messy otherwise.
if ( ! $type->can ("can_ipv6") ) {
$msg = "No IPv6 support available. You must 1st upgrade $type to support it!";
} elsif ( $type->can_ipv6 () ) {
$ipv6 = 1; # Yes! IPv6 can be suporteed!
$IOCLASS = $type->can_ipv6 (); # Get which IPv6 module SSL uses.
$family_key = "Family" if ( $IOCLASS eq "IO::Socket::IP" );
my $ver = $IOCLASS->VERSION;
$msg = "IPv6 support available via $IOCLASS ($ver) Key: ($family_key)";
}
# May depreciate in the near future in favor of the "grep" loop below!
# Debating the merrits of having two ways to do this.
if (ref ($arg->{SSL_Client_Certificate}) eq "HASH") {
# The main purpose of this option was to allow users to specify
# client certificates when their FTPS server requires them.
# This hash applies to both the command & data channels.
# Tags specified here overrided normal options if any tags
# conflict.
# See IO::Socket::SSL for supported options.
%ssl_args = %{$arg->{SSL_Client_Certificate}};
$found_ssl_args = 1;
}
# See IO::Socket::SSL for supported options.
# Provides a way to directly pass needed SSL_* arguments to this module.
# There is only one Net::FTPSSL option that starts with SSL_, so skipping it!
for (grep { m{^SSL_} } keys %{$arg}) {
next if ( $_ eq "SSL_Client_Certificate" ); # The FTPSSL opt to skip!
$ssl_args{$_} = $arg->{$_};
$found_ssl_args = 1;
}
# Only add if not using certificates & the caller didn't provide a value ...
unless ( $ssl_args{SSL_use_cert} || $ssl_args{SSL_verify_mode} ) {
# Stops the Man-In-The-Middle (MITM) security warning from start_ssl()
# when it calls configure_SSL() in IO::Socket::SSL.
# To plug that MITM security hole requires the use of certificates,
# so all that's being done here is supressing the warning. The MITM
# security hole is still open!
# That warning is now a fatal error in newer versions of IO::Socket::SSL.
# warn "WARNING: Your connection is vunerable to the MITM attacks\n";
$ssl_args{SSL_verify_mode} = Net::SSLeay::VERIFY_NONE();
}
# --------------------------------------------------------------------------
# Will hold all the control options to this class
# Similar in use as _SSL_arguments ...
my %ftpssl_args;
# Now onto processing the regular hash of arguments provided ...
# Default to true unless you request to disable it or no encryption used ...
my $enableCtx = ($arg->{DisableContext} || $encrypt_mode eq CLR_CRYPT) ? 0 : 1;
# Used to work arround some FTPS servers behaving badly!
my $pasvHost = $arg->{OverridePASV};
my $fixHelp = $arg->{OverrideHELP};
# --------------------------------------------------------------------------
# if ( $debug && ! exists $arg->{DebugLogFile} ) {
# # So will write any debug comments to STDERR ...
# $IO::Socket::SSL::DEBUG = 3;
# }
# A special case used for further debugging the response!
# This special value is undocumented in the POD on purpose!
my $debug_extra = ($debug == 99) ? 1 : 0;
# Special case for eliminating listing help text during login!
my $no_login_help = ($debug == 90) ? 1 : 0;
my $f_exists = 0;
} else {
$mode = $ssl_args{SSL_version} = "TLSv12"; # TLS v1.2 per defaults
$use_ssl_flag = 0;
}
$ssl_args{Timeout} = $timeout unless (exists $ssl_args{Timeout});
# ------------------------------------------------------------------------
# The options for Reusing the Session ...
# ------------------------------------------------------------------------
if ( $reuseSession ) {
$ssl_args{SSL_session_cache} = IO::Socket::SSL::Session_Cache->new (4 + $reuseSession);
$ssl_args{SSL_session_key} = "Net-FTPSSL-${VERSION}-$$:${port}";
}
# _debug_print_hash (undef, "Socket call", "initialization", "?", $socket);
# _debug_print_hash (undef, "Before start_SSL() call", "initialization", "?", \%ssl_args);
# ------------------------------------------------------------------------
# Can we use SNI?
if ( $type->can ("can_client_sni") && $type->can_client_sni () ) {
$ssl_args{SSL_hostname} = $host if (! exists $ssl_args{SSL_hostname});
# Catch the banner from the connection request ...
return _croak_or_return ($socket) unless (response ($socket) == CMD_OK);
# In explicit mode FTPSSL sends an AUTH TLS/SSL command, catch the msgs
command( $socket, "AUTH", ($use_ssl_flag ? "SSL" : "TLS") );
return _croak_or_return ($socket) unless (response ($socket) == CMD_OK);
}
# ------------------------------------------------------------------------
# Now transform the clear connection into a SSL one on our end.
# Messy since newer IO::Socket::SSL modules remove {_FTPSSL_arguments}!
# Bug Id: 120341.
# ------------------------------------------------------------------------
$obj = $type->start_SSL( $socket, %ssl_args );
unless ( $obj ) {
unless ( exists ${*$socket}{_FTPSSL_arguments} ) {
${*$socket}{_FTPSSL_arguments} = \%ftpssl_args;
_print_LOG (undef, "Restoring _FTPSSL_arguments to \$socket.\n") if ( $debug );
}
return _croak_or_return ( $socket, undef,
"$mode: " . IO::Socket::SSL::errstr () );
}
unless ( exists ${*$obj}{_FTPSSL_arguments} ) {
${*$obj}{_FTPSSL_arguments} = \%ftpssl_args;
$obj->_print_LOG ("Restoring _FTPSSL_arguments to \$obj.\n") if ( $debug );
}
# ------------------------------------------------------------------------
if ( $encrypt_mode eq IMP_CRYPT ) {
# Catch the banner from the implicit connection request ...
my $io;
if ( $ftps_ref->{data_prot} eq DATA_PROT_PRIVATE && exists ($ftps_ref->{myContext}) ) {
my %ssl_opts = %{$ftps_ref->{myContext}};
my $mode = ${*$self}{_SSL_arguments}->{SSL_version};
# Can we use SNI?
if ( $self->can ("can_client_sni") && $self->can_client_sni () ) {
$ssl_opts{SSL_hostname} = $ftps_ref->{data_host};
}
$io = IO::Socket::SSL->start_SSL ( $ftps_ref->{data_ch}, \%ssl_opts )
or return $self->_croak_or_return ( 0,
"$mode: " . IO::Socket::SSL::errstr () );
} elsif ( $ftps_ref->{data_prot} eq DATA_PROT_PRIVATE ) {
$io = IO::Handle->new ();
tie ( *$io, "Net::SSLeay::Handle", $ftps_ref->{data_ch} );
} elsif ( $ftps_ref->{data_prot} eq DATA_PROT_CLEAR ) {
$io = $ftps_ref->{data_ch};
} else {
# TODO: Fix so DATA_PROT_SAFE & DATA_PROT_CONFIDENTIAL work.
can increase the cache's size by setting the I<ReuseSession> to a larger value.
Where the I<session cache size> is (4 + the I<ReuseSession> value).
B<DisableContext> - Tells the B<FTP/S> server that we don't wish to reuse the
I<command channel> context for all I<data channel> connections. (0/1) If
option I<ReuseSession> or I<SSL_Client_Certificate> are also used, this option
is ignored! By default the context is always reused on encrypted data channels
via B<SSL_reuse_ctx>.
B<SSL_*> - SSL arguments which can be applied when I<start_SSL()> is finally
called to encrypt the command channel. See I<IO::Socket::SSL> for a list of
valid arguments.
This is an alternative to using the I<SSL_Client_Certificate> option. But
any B<SSL_*> options provided here overrides what's provided in that hash.
B<SSL_Client_Certificate> - Expects a reference to a hash. It's main purpose
is to allow you to use client certificates when talking to your I<FTP/S> server.
Options here apply to the creation of the command channel. And when a data
channel is needed later, it uses the B<SSL_reuse_ctx> option to reuse the
command channel's context.
See I<start_SSL()> in I<IO::Socket::SSL> for more details on this and other
options available besides those for certificates. If an option provided via
this hash conflicts with other options we would normally use, the entries in
this hash take precedence, except for any direct B<SSL_*> options provided in
both places.
B<Domain> - Specify the domain to use, i.e. I<AF_INET> or I<AF_INET6>. This
argument will be passed to the I<IO::Socket::*> class when creating the socket
connection. It's a way to enforce using I<IPv4> vs I<IPv6> even when it would
default to the other. B<Family> is an accepted alias for the B<Domain> tag if
you prefer it.
This option supports B<four> distinct modes to support your needs. You can pass
a reference to an array that lists all the B<FTP> commands your sever supports,
you can set it to B<1> to say all commands are supported, set it to B<0> to say
none of the commands are supported, or finally set it to B<-1> to call B<FEAT>
instead of B<HELP> for the list of supported commands. See I<supported()> or
I<fix_supported()> for more details.
This option can also be usefull when your server doesn't support the I<HELP>
command itself and you need to trigger some of the conditional logic.
B<useSSL> - This option is being depreciated in favor of L<IO::Socket::SSL>'s
B<SSL_version> option. It's just a quick and dirty way to downgrade your
connection from B<TLS> to B<SSL> which is no longer recommended.
=back
=head1 METHODS
Most of the methods return I<true> or I<false>, true when the operation was
a success and false when failed. Methods like B<list> or B<nlst> return an
empty array when they fail. This behavior can be modified by the B<Croak>
Curtis Leach - <cleach at cpan dot org> - As of v0.05
=head1 SEE ALSO
I<Net::Cmd>
I<Net::FTP>
I<Net::SSLeay::Handle>
I<IO::Socket::SSL>
RFC 959 - L<http://www.rfc-editor.org/info/rfc959>
RFC 2228 - L<http://www.rfc-editor.org/info/rfc2228>
RFC 2246 - L<http://www.rfc-editor.org/info/rfc2246>
RFC 4217 - L<http://www.rfc-editor.org/info/rfc4217>
=head1 CREDITS
"configure" : {
"requires" : {
"ExtUtils::MakeMaker" : "0"
}
},
"runtime" : {
"requires" : {
"File::Basename" : "0",
"File::Copy" : "0",
"IO::Socket::INET" : "0",
"IO::Socket::SSL" : "1.26",
"Net::HTTPTunnel" : "0.50",
"Net::SSLeay" : "0",
"Net::SSLeay::Handle" : "0",
"Sys::Hostname" : "0",
"Time::Local" : "0",
"perl" : "5.006001"
}
}
},
"release_status" : "stable",
version: '1.4'
name: Net-FTPSSL
no_index:
directory:
- t
- inc
requires:
File::Basename: '0'
File::Copy: '0'
IO::Socket::INET: '0'
IO::Socket::SSL: '1.26'
Net::HTTPTunnel: '0.50'
Net::SSLeay: '0'
Net::SSLeay::Handle: '0'
Sys::Hostname: '0'
Time::Local: '0'
perl: '5.006001'
version: '0.42'
Makefile.PL view on Meta::CPAN
eval {
require Net::HTTPTunnel;
$value = "Y";
};
if ($@) {
# Only ask if module isn't present! (uses default for smoke testers)
$value = prompt ("Will you be tunneling through a proxy server? This requires extra modules.", $value);
}
# My list of required modules for Net::FTPSSL ...
my %req = ( IO::Socket::SSL => 1.26, IO::Socket::INET => 0,
Net::SSLeay => 0, Net::SSLeay::Handle => 0,
File::Basename => 0, File::Copy => 0,
Time::Local => 0, Sys::Hostname => 0 );
# Also required if you need to go through a proxy tunnel ... (the question)
if ($value eq "Y" || $value eq "y") {
$req{Net::HTTPTunnel} = "0.50"; # So we get 0.50, not 0.5
}
# These additional modules are required to run the test scripts ...
Then set PERL5LIB to "${location}/lib/perl5".
DEPENDENCIES
=====================================================================
This module requires these other modules and libraries:
Net::SSLeay
IO::Socket::SSL
File::Basename
Time::Local
Sys::Hostname
File::Copy
IO::Socket::INET
If you are going to have to tunnel through a proxy server, the following module
is also required:
Net::HTTPTunnel
module isn't working. Most likely the server you are testing against
requires additional SSL options before it will accept any connections
from the client. That the assumptions made by these test programs may
just not match your FTPS server's configuration.
The most common reasons for failure is that your FTPS server requires a
FTPS client to use specific SSL options that are not turned on by default
by the test cases. These missing SSL options could prevent you from
connecting to a FTPS server or prevent you from creating a data channel for
transfering data with the FTPS server. If you think that this is the reason,
see "perldoc IO::Socket::SSL" to review what SSL options are available.
Or "perldoc Net::FTPSSL" for options specific to my module.
I'll cover how to insert those extra options into the mix later on by
hacking a single config file that is automatically generated.
If you are able to log in to run the test cases, they may silently add
some additional options based on known server issues encountered in the
past. But if it's not a known issue, you may have to open a CPAN ticket
with me to figure out whats wrong.
TEST t/26-ccc_test.t FAILS
=====================================================================
The CCC command is very unstable on some servers. Sometimes it works and
sometimes it fails. The issue seems to be on the server side when it
unexpectedly closes the command channel afterwards.
ADVANCED TROUBLESHOOTING
=====================================================================
Sometimes the logs to Net::FTPSSL are just not enough. Sometimes it would be
very helpful to see the IO::Socket::SSL trace as well. The logging can be
turned on statically or dynamically. But the easiest way for submitting
a CPAN ticket is statically as shown in the 1st example:
use IO::Socket::SSL qw (debug3): # Turns on verbose SSL loging.
use Net::FTPSSL;
# The STDERR hack
open (STDERR, "> myLogfile.txt"); # Redirects STDERR to this file.
$ftps = Net::FTPSSL->new ($server, ..., Debug=>1);
$ftps->trapWarn ();
...
This will mix writting the SSL trace & FTPSSL logs together to STDERR which
is also redirected to the requested file. Providing more inforamtion on what
is happening with the connection to the server. Just don't write to STDERR
yourself in your test program! It will confuse the log generated.
But if you prefer, and you have a new enough version of IO-Socket-SSL,
you can also toggle it at any time by setting:
$IO::Socket::SSL::DEBUG = 3; # Turn on Full Logging to STDERR.
or
$IO::Socket::SSL::DEBUG = 0; # Turn logging off again!
Too bad there seems to be no way to redirect the SSL logs to a file of your
choice without the above hack.
You can also dynamically do this via:
$Net::SSLeay::trace = 4; # Turn on Full Logging to STDERR as Warnings.
or
$Net::SSLeay::trace = 0; # Turn logging off again!
The good news about SSLeay is that anything it writes out is done as a
8) Data Connection mode (C)lear or (P)rotected. ? (C|S|E|P) [P]
When transfering date back & forth between your FTPS server do you
wish your data to be sent in clear text? Or protected by encryption.
The S & E options are not currently supported.
9) What encryption protocal to use ? (SSLv23|TLSv1|TLSV11|TLSv12) [TLSv12]
Case is important here, the default is the most secure protocall. But
I allow the others since not all FTPS servers support all protocalls.
The new TLSv13 will show up in the list only if your installed version
of Net::SSLeay and IO::Socket::SSL both support it.
10) Use (P)ASV or (E)PSV for data connections ? (P|E) [P]
I recommend using the default answer here.
11) Will you be FTP'ing through a proxy server ? (Y|N) [N]
If you answer Y, it will use module "Net::HTTPTunnel" for this
purpose. If this optional module isn't installed, you won't see this
question.
--) I'm not showing the questions for tunneling should you answer Y.
t/test-helper/helper1234.pm view on Meta::CPAN
use strict;
use warnings;
use vars qw( @ISA @EXPORT @EXPORT_OK $VERSION );
use Exporter;
use Test::More 0.88;
use File::Basename;
use File::Spec;
# Uses both IO::Socket::SSL & Net::SSLeay
use Net::FTPSSL;
$VERSION = "1.01";
@ISA = qw( Exporter );
@EXPORT = qw ( stop_testing
bail_testing
called_by_make_test
get_log_name
are_updates_allowed
t/test-helper/helper1234.pm view on Meta::CPAN
$dir = "" if ($dir eq "<HOME>"); # Will ask server for it later on
my $mode = askQW ("\tConnection mode (I)mplicit, (E)xplicit, or (C)lear.", "E", "(I|E|C)", 'FTPSSL_Encryption', 1);
$ftps_opts{Encryption} = $mode;
# If the connection is to be encrypted ...
if ( $mode ne CLR_CRYPT ) {
my $ans = askQW ("\tData Connection mode (C)lear or (P)rotected.", "P", "(C|S|E|P)", 'FTPSSL_DataProtLevel', 1);
$ftps_opts{DataProtLevel} = $ans;
my $ver = $IO::Socket::SSL::VERSION;
my $opts;
my $def = "TLSv12";
# Values from IO::Socket::SSL.pm ...
# Search for "my %SSL_OP_NO" initialization.
if ( Net::SSLeay->can ("OP_NO_TLSv1_3") && $ver >= 2.060 ) {
$opts = "(SSLv23|TLSv1|TLSv11|TLSv12|TLSv13)";
} else {
$opts = "(SSLv23|TLSv1|TLSv11|TLSv12)";
}
$ans = askQW ("\tWhat encryption protocal to use", $def, $opts, 'FTPSSL_SSL_version');
$ftps_opts{SSL_version} = $ans;
} else {
( run in 0.561 second using v1.01-cache-2.11-cpan-4d50c553e7e )