HTTP-Daemon-SSL
view release on metacpan or search on metacpan
by Cedric Bouvier <Cedric.Bouvier at ctp.com>)
- Update to URL function to return 'https' instead of 'http'
as protocol (Patch from Kees Cook <kees at osdl.org>).
--- Old Versions --------------------------------------------------
v1.01 2003.7.27
- Patch from Evgeniy Pirogov <epirogov at tucows.com> to fix
read issues when a client and server have different timeouts.
- Fixed the README to actually deal with HTTP::Daemon::SSL
instead of IO::Socket::SSL.
v1.00 2003.7.24
- Initial public release.
# http://module-build.sourceforge.net/META-spec.html
name: HTTP-Daemon-SSL
version: 1.04
version_from: SSL.pm
installdirs: site
license: perl
requires:
HTTP::Daemon: 1
IO::Socket::SSL: 0.93
distribution_type: module
generated_by: ExtUtils::MakeMaker version 6.17
Makefile.PL view on Meta::CPAN
# A Makemaker script to build HTTP::Daemon::SSL
#
use ExtUtils::MakeMaker;
# See lib/ExtUtils/MakeMaker.pm for details of how to influence
# the contents of the Makefile that is written.
WriteMakefile(
'NAME' => 'HTTP::Daemon::SSL',
'VERSION_FROM' => 'SSL.pm',
'DISTNAME' => 'HTTP-Daemon-SSL',
'PREREQ_PM' => { 'HTTP::Daemon' => 1.0, 'IO::Socket::SSL' => 0.93 },
'dist' => { COMPRESS => 'gzip', SUFFIX => 'gz', },
);
also available:
http://cvs.pumptheory.com/ (browse)
http://cvs.pumptheory.com/repos/ (repository)
Mark Aufflick, <mark@aufflick.com>
-------
HTTP::Daemon::SSL is a descendant of HTTP::Daemon that uses SSL
sockets (via IO::Socket::SSL) instead of cleartext sockets. It
also handles SSL-specific problems, such as dealing with HTTP
clients that attempt to connect to it without using SSL.
In order to use HTTP::Daemon::SSL, you need to have IO::Socket::SSL
v0.93 or newer installed as well as a recent version of libwww-perl.
installation:
perl Makefile.PL
make
make test
make install
--
#
# This package derived almost entirely from HTTP::Daemon,
# owned by Gisle Aas. Changes include minor alterations in
# the documentation to reflect the use of IO::Socket::SSL
# and modified new(),accept() functions that use IO::Socket::SSL
use strict;
package HTTP::Daemon::SSL;
=head1 NAME
HTTP::Daemon::SSL - a simple http server class with SSL support
=head1 SYNOPSIS
}
}
$c->close;
undef($c);
}
=head1 DESCRIPTION
Instances of the I<HTTP::Daemon::SSL> class are HTTP/1.1 servers that
listen on a socket for incoming requests. The I<HTTP::Daemon::SSL> is a
sub-class of I<IO::Socket::SSL>, so you can perform socket operations
directly on it too.
The accept() method will return when a connection from a client is
available. In a scalar context the returned value will be a reference
to a object of the I<HTTP::Daemon::ClientConn::SSL> class which is another
I<IO::Socket::SSL> subclass. In a list context a two-element array
is returned containing the new I<HTTP::Daemon::ClientConn::SSL> reference
and the peer address; the list will be empty upon failure. (Note that version
1.02 erroneously did not honour list context). Calling
the get_request() method on the I<HTTP::Daemon::ClientConn::SSL> object
will read data from the client and return an I<HTTP::Request> object
reference.
This HTTPS daemon does not fork(2) for you. Your application, i.e. the
user of the I<HTTP::Daemon::SSL> is reponsible for forking if that is
desirable. Also note that the user is responsible for generating
The following methods are the only differences from the I<HTTP::Daemon> base class:
=over 4
=cut
use vars qw($VERSION @ISA $PROTO $DEBUG);
use IO::Socket::SSL;
use HTTP::Daemon;
$VERSION = "1.04";
@ISA = qw(IO::Socket::SSL HTTP::Daemon);
=item $d = new HTTP::Daemon::SSL
The constructor takes the same parameters as the
I<IO::Socket::SSL> constructor. It can also be called without specifying
any parameters, but you will have to make sure that you have an SSL certificate
and key for the server in F<certs/server-cert.pem> and F<certs/server-key.pem>.
See the IO::Socket::SSL documentation for how to change these default locations
and specify many other aspects of SSL behavior. The daemon will then set up a
listen queue of 5 connections and allocate some random port number. A server
that wants to bind to some specific address on the standard HTTPS port will be
constructed like this:
$d = new HTTP::Daemon::SSL
LocalAddr => 'www.someplace.com',
LocalPort => 443;
=cut
$args{Listen} ||= 5;
$args{Proto} ||= 'tcp';
$args{SSL_error_trap} ||= \&ssl_error;
return $class->SUPER::new(%args);
}
sub accept
{
my $self = shift;
my $pkg = shift || "HTTP::Daemon::ClientConn::SSL";
my ($sock, $peer) = IO::Socket::SSL::accept($self,$pkg);
if ($sock) {
${*$sock}{'httpd_daemon'} = $self;
return wantarray ? ($sock, $peer) : $sock;
}
else {
return;
}
}
sub _default_port { 443; }
${*$self}{'httpd_client_proto'} = 1000;
${*$self}{'httpd_daemon'} = new HTTP::Daemon::SSL::DummyDaemon;
if ($error =~ /http/i and $self->opened) {
$self->send_error(400, "Your browser attempted to make an unencrypted\n ".
"request to this server, which is not allowed. Try using\n ".
"HTTPS instead.\n");
}
$self->kill_socket;
}
# we're not overriding any methods here, but we are inserting IO::Socket::SSL
# into the message dispatch tree
package HTTP::Daemon::ClientConn::SSL;
use vars qw(@ISA $DEBUG);
@ISA = qw(IO::Socket::SSL HTTP::Daemon::ClientConn);
*DEBUG = \$HTTP::Daemon::DEBUG;
=head1 SEE ALSO
RFC 2068
L<IO::Socket::SSL>, L<HTTP::Daemon>, L<Apache>
=head1 COPYRIGHT
Code and documentation from HTTP::Daemon Copyright 1996-2001, Gisle Aas
Changes Copyright 2003-2004, Peter Behroozi
This library is free software; you can redistribute it and/or
modify it under the same terms as Perl itself.
=cut
certs/.svn/text-base/server-cert.pem.svn-base view on Meta::CPAN
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Some-State, O=Dummy IO::Socket::SSL Certificate Authority, CN=Dummy IO::Socket::SSL Certificate Authority
Validity
Not Before: Jul 20 16:06:37 2002 GMT
Not After : Dec 5 16:06:37 2029 GMT
Subject: C=US, ST=Some-State, O=IO::Socket::SSL Dummy Server Certificate, CN=IO::Socket::SSL Dummy Server Certificate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:9f:27:5f:4a:8a:35:4a:7f:3f:d1:80:25:96:26:
0a:da:af:9a:6d:bc:23:ba:71:91:5b:40:d1:2d:2b:
c8:60:2a:ef:e9:54:e5:a2:64:0a:57:90:35:bf:cd:
b6:36:f3:25:53:68:65:2c:d8:d0:f9:b7:f3:7f:2e:
f8:e2:3d:e0:dd
Exponent: 65537 (0x10001)
certs/server-cert.pem view on Meta::CPAN
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Some-State, O=Dummy IO::Socket::SSL Certificate Authority, CN=Dummy IO::Socket::SSL Certificate Authority
Validity
Not Before: Jul 20 16:06:37 2002 GMT
Not After : Dec 5 16:06:37 2029 GMT
Subject: C=US, ST=Some-State, O=IO::Socket::SSL Dummy Server Certificate, CN=IO::Socket::SSL Dummy Server Certificate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:9f:27:5f:4a:8a:35:4a:7f:3f:d1:80:25:96:26:
0a:da:af:9a:6d:bc:23:ba:71:91:5b:40:d1:2d:2b:
c8:60:2a:ef:e9:54:e5:a2:64:0a:57:90:35:bf:cd:
b6:36:f3:25:53:68:65:2c:d8:d0:f9:b7:f3:7f:2e:
f8:e2:3d:e0:dd
Exponent: 65537 (0x10001)
t/.svn/text-base/loadmodule.t.svn-base view on Meta::CPAN
# Before `make install' is performed this script should be runnable with
# `make test'. After `make install' it should work as `perl t/01loadmodule.t'
######################### We start with some black magic to print on failure.
BEGIN { $| = 1; print "1..3\n"; }
END {print "Load failed ... not ok 1\n" unless $loaded;}
use IO::Socket::SSL qw(:debug1);
$loaded = 1;
$test=1;
print "ok $test\n";
$test++;
if ($IO::Socket::SSL::DEBUG == 1) { print "ok $test\n"; }
else { print "not ok $test\n"; }
$test++;
if ($Net::SSLeay::trace == 1) { print "ok $test\n"; }
else { print "not ok $test\n"; }
t/.svn/text-base/testmodule.t.svn-base view on Meta::CPAN
my $client = new IO::Socket::INET(PeerAddr => $SSL_SERVER_ADDR,
PeerPort => $SSL_SERVER_PORT);
print $client "GET / HTTP/1.0\r\n\r\n";
(<$client> eq "HTTP/1.1 400 Bad Request\r\n") || print "not ";
&ok("client bad connection test");
my @ary = <$client>;
close $client;
$client = new IO::Socket::SSL(PeerAddr => $SSL_SERVER_ADDR,
PeerPort => $SSL_SERVER_PORT,
SSL_verify_mode => 0x01,
SSL_ca_file => "certs/test-ca.pem");
$client || (print("not ok #client failure\n") && exit);
&ok("client good connection test");
print $client "GET /foo HTTP/1.0\r\n\r\n";
(<$client> eq "HTTP/1.1 403 Forbidden\r\n") || print "not ";
t/loadmodule.t view on Meta::CPAN
# Before `make install' is performed this script should be runnable with
# `make test'. After `make install' it should work as `perl t/01loadmodule.t'
######################### We start with some black magic to print on failure.
BEGIN { $| = 1; print "1..3\n"; }
END {print "Load failed ... not ok 1\n" unless $loaded;}
use IO::Socket::SSL qw(:debug1);
$loaded = 1;
$test=1;
print "ok $test\n";
$test++;
if ($IO::Socket::SSL::DEBUG == 1) { print "ok $test\n"; }
else { print "not ok $test\n"; }
$test++;
if ($Net::SSLeay::trace == 1) { print "ok $test\n"; }
else { print "not ok $test\n"; }
t/testmodule.t view on Meta::CPAN
my $client = new IO::Socket::INET(PeerAddr => $SSL_SERVER_ADDR,
PeerPort => $SSL_SERVER_PORT);
print $client "GET / HTTP/1.0\r\n\r\n";
(<$client> eq "HTTP/1.1 400 Bad Request\r\n") || print "not ";
&ok("client bad connection test");
my @ary = <$client>;
close $client;
$client = new IO::Socket::SSL(PeerAddr => $SSL_SERVER_ADDR,
PeerPort => $SSL_SERVER_PORT,
SSL_verify_mode => 0x01,
SSL_ca_file => "certs/test-ca.pem");
$client || (print("not ok #client failure\n") && exit);
&ok("client good connection test");
print $client "GET /foo HTTP/1.0\r\n\r\n";
(<$client> eq "HTTP/1.1 403 Forbidden\r\n") || print "not ";
( run in 0.302 second using v1.01-cache-2.11-cpan-0d8aa00de5b )