view release on metacpan or search on metacpan
lib/Mojolicious/Plugin/SslAuth.pm view on Meta::CPAN
my $id = $self->tx->connection;
my $handle = Mojo::IOLoop->stream($id)->handle;
# Not SSL connection
return if ref $handle ne 'IO::Socket::SSL';
return $callback->($handle);
}
);
}
lib/Mojolicious/Plugin/SslAuth.pm view on Meta::CPAN
$self->render_text('commonName not matched');
};
app->start;
L<IO::Socket::SSL> connection passed as parameter.
See L<IO::Socket::SSL> for available methods. (You're most likely looking for ->peer_certificate and/or ->get_cipher)
=over
=item Older versions of Mojolicious
view release on metacpan or search on metacpan
.travis.yml view on Meta::CPAN
perl:
- "5.20"
- "5.16"
- "5.12"
install:
- "cpanm -n Test::Pod Test::Pod::Coverage IO::Socket::SSL"
- "cpanm -n --installdeps ."
notifications:
email: false
view release on metacpan or search on metacpan
0.05 2013-11-06 10:23:09 JST
- fixed support for prefork server (Hypnotoad, Starman, Starlet, etc.)
0.04 2013-05-30 09:03:44 JST
- added the dependancy of IO::Socket::SSL
0.03 2013-05-01 18:21:38 JST
- removed the dependancy of Net::Twitter::Lite
- removed the dependancy of WebService::Dropbox
- millaize
view release on metacpan or search on metacpan
lib/MongoDB/MongoClient.pm view on Meta::CPAN
#pod ssl => 1
#pod ssl => \%ssl_options
#pod
#pod This tells the driver that you are connecting to an SSL mongodb instance.
#pod
#pod You must have L<IO::Socket::SSL> 1.42+ and L<Net::SSLeay> 1.49+ installed for
#pod SSL support.
#pod
#pod The C<ssl> attribute takes either a boolean value or a hash reference of
#pod options to pass to IO::Socket::SSL. For example, to set a CA file to validate
#pod the server certificate and set a client certificate for the server to validate,
#pod you could set the attribute like this:
#pod
#pod ssl => {
#pod SSL_ca_file => "/path/to/ca.pem",
lib/MongoDB/MongoClient.pm view on Meta::CPAN
ssl => 1
ssl => \%ssl_options
This tells the driver that you are connecting to an SSL mongodb instance.
You must have L<IO::Socket::SSL> 1.42+ and L<Net::SSLeay> 1.49+ installed for
SSL support.
The C<ssl> attribute takes either a boolean value or a hash reference of
options to pass to IO::Socket::SSL. For example, to set a CA file to validate
the server certificate and set a client certificate for the server to validate,
you could set the attribute like this:
ssl => {
SSL_ca_file => "/path/to/ca.pem",
lib/MongoDB/MongoClient.pm view on Meta::CPAN
See also the documentation for L<Net::SSLeay> for details on installing and
compiling against OpenSSL.
TLS connections in the driver rely on the default settings provided by
L<IO::Socket::SSL>, but allow you to pass custom configuration to it.
Please read its documentation carefully to see how to control your TLS
configuration.
=head1 AUTHENTICATION
lib/MongoDB/MongoClient.pm view on Meta::CPAN
mongodb://johndoe:trustno1@mongo.example.com/auth_db
=head2 MONGODB-X509 (for SSL client certificate)
X509 authentication requires SSL support (L<IO::Socket::SSL>), requires
that a client certificate be configured in the ssl parameters, and requires
specifying the "MONGODB-X509" authentication mechanism.
my $mc = MongoDB::MongoClient->new(
host => "mongodb://sslmongo.example.com/",
view release on metacpan or search on metacpan
lib/Monitoring/Icinga2/Client/REST.pm view on Meta::CPAN
$insecure ? (
ssl_opts => {
# Don't verify certs with either SSL module used by LWP
verify_hostname => 0,
SSL_verify_callback => sub { 1 },
# Set ca_file for IO::Socket::SSL
defined $cafile ? ( SSL_ca_file => $cafile) : (),
},
) : (),
);
view release on metacpan or search on metacpan
lib/Monitoring/Livestatus/INET.pm view on Meta::CPAN
my $self = Monitoring::Livestatus->new(%options);
bless $self, $class;
confess('not a scalar') if ref $self->{'peer'} ne '';
if(($self->{'peer'}//$self->{'server'}) =~ m|^tls://|mx) {
require IO::Socket::SSL;
}
return $self;
}
lib/Monitoring/Livestatus/INET.pm view on Meta::CPAN
};
my $tls = 0;
my $peer_addr = $self->{'peer'};
if($peer_addr =~ s|tls://||mx) {
#$IO::Socket::SSL::DEBUG = 2 if $ENV{'THRUK_VERBOSE'} && $ENV{'THRUK_VERBOSE'} >= 2;
#$IO::Socket::SSL::DEBUG = 3 if $ENV{'THRUK_VERBOSE'} && $ENV{'THRUK_VERBOSE'} >= 3;
$options->{'PeerAddr'} = $peer_addr;
$options->{'SSL_cert_file'} = $self->{'cert'};
$options->{'SSL_key_file'} = $self->{'key'};
$options->{'SSL_ca_file'} = $self->{'ca_file'};
$options->{'SSL_verify_mode'} = 0 if(defined $self->{'verify'} && $self->{'verify'} == 0);
lib/Monitoring/Livestatus/INET.pm view on Meta::CPAN
$tls = 1;
}
eval {
if($tls) {
$sock = IO::Socket::SSL->new(%{$options});
} else {
$sock = IO::Socket::IP->new(%{$options});
}
if(!defined $sock || !$sock->connected()) {
my $msg = "failed to connect to $peer_addr: ".($tls ? IO::Socket::SSL::errstr() : $!);
if($self->{'errors_are_fatal'}) {
confess($msg);
}
$Monitoring::Livestatus::ErrorCode = 500;
$Monitoring::Livestatus::ErrorMessage = $msg;
view release on metacpan or search on metacpan
lib/Mozilla/CA.pm view on Meta::CPAN
Mozilla::CA - Mozilla's CA cert bundle in PEM format
=head1 SYNOPSIS
use IO::Socket::SSL;
use Mozilla::CA;
my $host = "www.paypal.com";
my $client = IO::Socket::SSL->new(
PeerHost => "$host:443",
SSL_verify_mode => 0x02,
SSL_ca_file => Mozilla::CA::SSL_ca_file(),
)
|| die "Can't connect: $@";
view release on metacpan or search on metacpan
lib/Mozilla/PublicSuffix.pm view on Meta::CPAN
Similar to this module, with an object-oriented interface and somewhat
alternative interpretation of the rules Mozilla stipulates for determining a
public suffix.
=item L<IO::Socket::SSL::PublicSuffix>
Ships with C<IO::Socket::SSL>, used by many HTTP client libraries for
SSL/TLS support, and makes it easy to use the current version of the
public suffix list at run-time.
=back
view release on metacpan or search on metacpan
lib/NOLookup/RDAP/RDAPLookup.pm view on Meta::CPAN
} elsif ($args->{force_ipv} == 6) {
print STDERR "RDAPLookup: Connecting forcibly over ipv6\n" if ($args->{debug});
$ua->ssl_opts(Domain => AF_INET6);
}
# Also, on force_ipv, disable ssl verify
use IO::Socket::SSL;
$ua->ssl_opts( verify_hostname => 0, SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE);
print STDERR "RDAPLookup: Connecting forcibly, also turn of SSL verify mode\n" if ($args->{debug});
}
return $ro;
view release on metacpan or search on metacpan
lib/Nagios/NRPE/Client.pm view on Meta::CPAN
$socket_opts{Domain} = AF_INET6;
}
if ($self->{ssl})
{
eval {
# required for new IO::Socket::SSL versions
use IO::Socket::SSL;
};
$socket_opts{SSL_cipher_list} = $self->{SSL_cipher_list}
|| 'ALL:!MD5:@STRENGTH:@SECLEVEL=0';
$socket_opts{SSL_verify_mode} = SSL_VERIFY_NONE;
$socket_opts{SSL_version} = 'TLSv1';
$socket = IO::Socket::SSL->new(%socket_opts);
if ($SSL_ERROR)
{
$reason = "$!,$SSL_ERROR";
return return_error($reason);
}
view release on metacpan or search on metacpan
lib/Neo4j/Bolt.pm view on Meta::CPAN
unless ($tls && (ref($tls) == 'HASH')) {
die "Arg 1 should URL and Arg 2 a hashref with keys 'ca_dir','ca_file','pk_file','pk_pass'"
}
my %default_ca = ();
eval {
require IO::Socket::SSL;
%default_ca = IO::Socket::SSL::default_ca();
};
eval {
require Mozilla::CA;
$default_ca{SSL_ca_file} = Mozilla::CA::SSL_ca_file();
} unless %default_ca;
lib/Neo4j/Bolt.pm view on Meta::CPAN
$cxn = Neo4j::Bolt->connect_tls('bolt://all-the-young-dudes.us:7687', { ca_cert => '/etc/ssl/cert.pem' });
When neither C<ca_dir> nor C<ca_file> are specified, an attempt will
be made to use the default trust store instead.
This requires L<IO::Socket::SSL> or L<Mozilla::CA> to be installed.
=item set_log_level($LEVEL)
When $LEVEL is set to one of the strings C<ERROR WARN INFO DEBUG> or C<TRACE>,
libneo4j-client native logger will emit log messages at or above the given
view release on metacpan or search on metacpan
lib/Neo4j/Driver.pm view on Meta::CPAN
For older Neo4j servers (before S<version 4.2>), the driver
will automatically fall back to slower REST-style JSON.
The driver also supports encrypted communication using HTTPS,
but doesn't bundle the necessary packages. You will need to
install L<IO::Socket::SSL> separately to enable HTTPS.
=back
The protocol is automatically chosen based on the URI scheme.
See L<Neo4j::Driver::Config/"uri"> for details.
view release on metacpan or search on metacpan
examples/tls_alpn_01_client.pl view on Meta::CPAN
use constant {
_DOMAIN => 'example.com',
};
use Crypt::OpenSSL::X509;
use IO::Socket::SSL;
use Crypt::Perl::X509::Extension::acmeValidation_v1;
die 'No ALPN support in Net::SSLeay!' if !Net::SSLeay->can('CTX_set_alpn_protos');
my $client = IO::Socket::SSL->new(
PeerAddr => '127.0.0.1',
PeerPort => '443',
ReuseAddr => 1,
SSL_alpn_protocols => [ 'acme-tls/1' ],
SSL_hostname => _DOMAIN(),
view release on metacpan or search on metacpan
lib/Net/AMQP/RabbitMQ/PP.pm view on Meta::CPAN
use Net::AMQP;
use Sys::Hostname;
use Try::Tiny;
use Time::HiRes;
use constant HAS_TLS => eval { require IO::Socket::SSL; 1 };
sub new {
my ( $class, %parameters ) = @_;
if( ! %Net::AMQP::Protocol::spec ) {
lib/Net/AMQP/RabbitMQ/PP.pm view on Meta::CPAN
my $connection_class = "IO::Socket::INET";
my %connection_args;
if ( $args{secure} ) {
die "IO::Socket::SSL is required for secure connections"
if ! HAS_TLS;
$connection_class = "IO::Socket::SSL";
my @ssl_args = grep { /^SSL_/ } sort keys %args;
@connection_args{ @ssl_args } = @args{ @ssl_args };
}
$self->_set_handle(
lib/Net/AMQP/RabbitMQ/PP.pm view on Meta::CPAN
socket_timeout => 5,
frame_max => 131072,
);
connect can also take a secure flag for SSL connections, this will only work if
L<IO::Socket::SSL> is available. You can also pass SSL specific arguments through
in the connect method and these will be passed through
$mq->connect(
...
secure => 1,
view release on metacpan or search on metacpan
lib/Net/APNS/Simple.pm view on Meta::CPAN
use Carp ();
use JSON;
use Moo;
use Protocol::HTTP2::Client;
use IO::Select;
use IO::Socket::SSL qw();
our $VERSION = "0.07";
has [qw/auth_key key_id team_id bundle_id development/] => (
is => 'rw',
lib/Net/APNS/Simple.pm view on Meta::CPAN
'Proxy-Connection' => "Keep-Alive",
);
my ($code, $mess, %h) = $socket->read_response_headers;
$code eq '200' or die "Proxy error: $code $mess";
IO::Socket::SSL->start_SSL(
$socket,
# explicitly set hostname we should use for SNI
SSL_hostname => $host,
%ssl_opts,
) or die $! || $IO::Socket::SSL::SSL_ERROR;
}
else {
# TLS transport socket
$socket = IO::Socket::SSL->new(
PeerHost => $host,
PeerPort => $port,
%ssl_opts,
) or die $! || $IO::Socket::SSL::SSL_ERROR;
}
$self->{_socket} = $socket;
# non blocking
$self->{_socket}->blocking(0);
view release on metacpan or search on metacpan
The Account Provisioning Protocol Developer's Guide is not publicly available.
It appears that Safe Passage Secure Tunnel and Stunnel establish standard SSL
connections. It should be possible to use Net::SSLeay and connect to the APP
server directly. Initial prototyping with IO::Socket::SSL was not promising. :(
The get_num_domain_mailboxes, get_mailbox_availability and get_mailbox_status
methods currently return response information. No attempt is (yet) made to
parse this data.
view release on metacpan or search on metacpan
lib/Net/Async/AMQP.pm view on Meta::CPAN
=item * pass - the password for this user, defaults to guest
=item * ssl - true if you want to connect over SSL
=item * SSL_* - SSL-specific parameters, see L<IO::Async::SSL> and L<IO::Socket::SSL> for details
=back
Returns $self.
view release on metacpan or search on metacpan
lib/Net/Async/HTTP/Server/PSGI.pm view on Meta::CPAN
=item C<psgix.io>
The actual L<IO::Socket> filehandle that the request was received on.
If the server is running under SSL for HTTPS, this will be an
L<IO::Socket::SSL> instance, so reading from or writing to it will happen in
cleartext.
=item C<net.async.http.server>
The C<Net::Async::HTTP::Server::PSGI> object serving the request
view release on metacpan or search on metacpan
t/21local-connect-ssl.t view on Meta::CPAN
on_stream => sub {
my ( $stream ) = @_;
# SNI - RT#94605
SKIP: {
skip "SSL server does not support SNI", 1 unless IO::Socket::SSL->can_server_sni;
my $sslsocket = $stream->read_handle;
is( $sslsocket->get_servername, "127.0.0.1", '->get_servername on server' );
}
view release on metacpan or search on metacpan
lib/Net/Async/IMAP/Client.pm view on Meta::CPAN
$Net::Async::IMAP::Client::VERSION = '0.004';
}
use strict;
use warnings;
use parent qw(IO::Async::Stream);
use IO::Socket::SSL qw(SSL_VERIFY_NONE);
use IO::Async::SSL;
use IO::Async::SSLStream;
use Protocol::IMAP::Client;
use curry;
use Future;
lib/Net/Async/IMAP/Client.pm view on Meta::CPAN
},
starttls => sub {
my ($ev, $data) = @_;
$self->loop->SSL_upgrade(
handle => $self->read_handle,
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
)->on_done(
$self->curry::on_tls_upgraded
)->on_fail(sub { warn "upgrade failed: @_" });
},
authentication_required => sub {
view release on metacpan or search on metacpan
lib/Net/Async/Kubernetes.pm view on Meta::CPAN
use warnings;
use parent 'IO::Async::Notifier';
use Carp qw(croak);
use Scalar::Util qw(blessed);
use IO::Socket::SSL;
use File::Temp ();
use Future;
use URI;
use Protocol::WebSocket::Request;
use Kubernetes::REST;
view release on metacpan or search on metacpan
lib/Net/Async/Matrix.pm view on Meta::CPAN
Whether to use SSL/TLS to communicate with the homeserver. Defaults false.
=head2 SSL_* => ...
Any other parameters whose names begin C<SSL_> will be stored for passing to
the HTTP user agent. See L<IO::Socket::SSL> for more detail.
=head2 path_prefix => STRING
Optional. Gives the path prefix to find the Matrix client API at. Normally
this should not need modification.
view release on metacpan or search on metacpan
examples/send.pl view on Meta::CPAN
use IO::Async::Loop;
use Net::Async::SMTP::Client;
use Email::Simple;
use Email::Address;
use IO::Socket::SSL qw(SSL_VERIFY_NONE);
use Getopt::Long;
use Pod::Usage;
=head1 Usage
view release on metacpan or search on metacpan
lib/Net/Async/WebService/lxd.pm view on Meta::CPAN
operations are still running or have completed. The optional parameter B<polling_time> controls how
often that will occur; it will default to 1 sec, if not provided.
As LXC can be accessed remotely only via HTTPS, TLS (SSL) parameters must be provided. These will be
forwarded directly to
L<IO::Socket::SSL|https://metacpan.org/pod/IO::Socket::SSL#Description-Of-Methods>. But, specifically,
one should consider to provide:
=over
=item * B<client certificate>, via a proper subset of C<SSL_cert_file>, C<SSL_key_file>, C<SSL_cert> and C<SSL_key>.
lib/Net/Async/WebService/lxd.pm view on Meta::CPAN
Robert Barta, C<< <rho at devc.at> >>
=head1 CREDITS
L<IO::Async>, L<Net::Async::HTTP>, L<IO::Socket::SSL> and friends are amazing.
=head1 LICENSE AND COPYRIGHT
Copyright 2022 Robert Barta.
view release on metacpan or search on metacpan
lib/Net/Async/Webservice/Common/WithRequestWrapper.pm view on Meta::CPAN
isa => HashRef,
);
sub _build_ssl_options {
# this is to work around an issue with IO::Async::SSL, see
# https://rt.cpan.org/Ticket/Display.html?id=96474
eval "require IO::Socket::SSL" or return {};
return { SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_PEER() }
}
sub request {
state $argcheck = compile( Object, HTTPRequest );
view release on metacpan or search on metacpan
lib/Net/Async/Webservice/UPS.pm view on Meta::CPAN
return defined $self->cache;
}
sub _build_ssl_options {
eval "require IO::Socket::SSL; require IO::Socket::SSL::Utils; require Mozilla::CA;"
or return {};
my $cert = IO::Socket::SSL::Utils::PEM_string2cert(<<'PEM');
-----BEGIN CERTIFICATE-----
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx
FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVow
XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAz
lib/Net/Async/Webservice/UPS.pm view on Meta::CPAN
WM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2Omuf
Tqj/ZA1k
-----END CERTIFICATE-----
PEM
return {
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_PEER(),
SSL_ca => [ $cert ],
SSL_ca_file => Mozilla::CA::SSL_ca_file(),
};
}
lib/Net/Async/Webservice/UPS.pm view on Meta::CPAN
=head2 C<ssl_options>
Optional hashref, its contents will be passed to C<user_agent>'s
C<do_request> method.
If L<IO::Socket::SSL> and L<Mozilla::CA> are installed, the default
value sets full TLS validation, and makes sure that the Verisign
certificate currently (as of 2015-02-03) used by the UPS servers is
recognised (see L<UPS SSL/TLS notes>).
=head1 METHODS
view release on metacpan or search on metacpan
lib/Net/Async/XMPP/Protocol.pm view on Meta::CPAN
=cut
use IO::Async::Resolver::DNS;
use IO::Async::SSL;
use IO::Socket::SSL qw(SSL_VERIFY_NONE);
use Socket qw(getnameinfo IPPROTO_TCP NI_NUMERICHOST NI_NUMERICSERV SOCK_STREAM);
use Protocol::XMPP::Stream;
use Future::Utils 'repeat';
use curry::weak;
view release on metacpan or search on metacpan
TLSProfile.pm view on Meta::CPAN
=head1 DESCRIPTION
This is a TLS profile for BEEP as defined by RFC 3080 for use with the
C<Net::BEEP::Lite> module. It can be use for both the initiator and
listener roles. This module relies heavily on the C<IO::Socket::SSL>
module for the TLS implementation.
=cut
use Carp;
use strict;
use warnings;
use XML::LibXML;
use IO::Socket::SSL;
use Net::BEEP::Lite::Message;
use base qw(Net::BEEP::Lite::BaseProfile);
TLSProfile.pm view on Meta::CPAN
session as its first and only argument. For example, this might be
used to change the local profiles offered.
=item SSL_*
These are parameters that are understood by C<IO::Socket::SSL::new>.
You will probably want to use a few of them: SSL_cert_file,
SSL_key_file, and SSL_verify_mode are typical.
=back
TLSProfile.pm view on Meta::CPAN
my $sock = $session->_socket();
my %ssl_args = %{$self->{_ssl_args}};
$ssl_args{SSL_server} = $self->{_is_server} if $self->{_is_server};
my $ssl_sock = IO::Socket::SSL->start_SSL($sock, %ssl_args);
if ($ssl_sock) {
# SSL negotation succeeded.
$session->_set_socket($ssl_sock);
TLSProfile.pm view on Meta::CPAN
$session->_tuning_reset();
$res = 1;
}
else {
$errstr = "SSL/TLS negotiation failed: ", &IO::Socket::SSL::errstr();
print STDERR $errstr if $self->{debug};
$res = undef;
}
TLSProfile.pm view on Meta::CPAN
=head1 SEE ALSO
=over 4
=item L<IO::Socket::SSL>
=item L<Net::BEEP::Lite>
=cut
view release on metacpan or search on metacpan
"LWP::UserAgent" : "0"
}
},
"test" : {
"requires" : {
"IO::Socket::SSL" : "0",
"Test::Exception" : "0",
"Test::More" : "0"
}
}
},
view release on metacpan or search on metacpan
"dynamic_config" : 1,
"prereqs" : {
"runtime" : {
"recommends" : {
"HTTP::Tiny" : "0.092",
"IO::Socket::SSL" : "2.098",
"Data::Peek" : "0.53",
"Data::Dumper" : "2.183",
"JSON::MaybeXS" : "1.004008"
},
"requires" : {
"perl" : "5.014002",
"Data::Dumper" : "0",
"JSON::MaybeXS" : "1.004005",
"IO::Socket::SSL" : "1.42",
"List::Util" : "0",
"Carp" : "0",
"HTTP::Tiny" : "0.025"
}
},