Skip Menu |
 

This queue is for tickets about the POE-Component-IRC CPAN distribution.

Report information
The Basics
Id: 71876
Status: new
Priority: 0/
Queue: POE-Component-IRC

People
Owner: Nobody in particular
Requestors: kuriguri [...] ymail.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



From kuriguri [...] ymail.com Sun Oct 23 18: 40:14 2011
MIME-Version: 1.0
X-Ymail-Osg: oyBqrWYVM1nbQQHfNYZFv3S1gOsrAJz3BX2CCYKTtTNCLdO st1eOHabV2GGZ0hY3dhGRYXyYFlIKF3NwUdNvNgn4iizO3pxZLZfyMjbpVZT vaZ7y7zJPSWwkVJEVm7xwavOeCacpY6S7EXbUUO_obgi2qYWWsghXnM2IYYo chuxiIBwlTOAp5d1OUOb_O9ZrOkJk8Tm0xkVCKXzQHRlgxEnPVBNAax8xLRE KFjo8M04481gBSS_vthfS9Y_qNs5s_ZqbFhkkrxlmjLpDpJCeaX7.h.SnbRD ZtIXNHZuveO55tlCBJQWFseGU0Ymh8fD1QR2u4P1JqbvmtyS4RYQ1reVhUZk FxPXO8D4OPTJ0Ig1.qIo7yNfLgGNR8.5KhuvJUnIIpZ4Bmbdo4byu0w--
X-Spam-Status: No, score=-6.999 tagged_above=-99.9 required=10 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5] autolearn=ham
X-Mailer: YahooMailWebService/0.8.114.317681
X-Yahoo-Newman-ID: 350566.3038.bm [...] omp1029.mail.ne1.yahoo.com
X-Spam-Flag: NO
content-type: text/plain; charset="utf-8"
Reply-To: John Johnsey <kuriguri [...] ymail.com>
Message-ID: <1319409606.29801.YahooMailNeo [...] web122017.mail.ne1.yahoo.com>
X-Yahoo-Newman-Property: ymail-3
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
X-Spam-Score: -6.999
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id 5A059240C11 for <cpan-bug+poe-component-irc [...] hipster.bestpractical.com>; Sun, 23 Oct 2011 18:40:14 -0400 (EDT)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6y4PNPnttTy for <cpan-bug+poe-component-irc [...] hipster.bestpractical.com>; Sun, 23 Oct 2011 18:40:12 -0400 (EDT)
Received: from la.mx.develooper.com (x1.develooper.com [207.171.7.70]) by hipster.bestpractical.com (Postfix) with SMTP id 7729E240C05 for <bug-poe-component-irc [...] rt.cpan.org>; Sun, 23 Oct 2011 18:40:12 -0400 (EDT)
Received: (qmail 30841 invoked by uid 103); 23 Oct 2011 22:40:11 -0000
Received: from x16.dev (10.0.100.26) by x1.dev with QMQP; 23 Oct 2011 22:40:11 -0000
Received: from nm9-vm4.bullet.mail.ne1.yahoo.com (HELO nm9-vm4.bullet.mail.ne1.yahoo.com) (98.138.91.169) by 16.mx.develooper.com (qpsmtpd/0.80/v0.80-19-gf52d165) with SMTP; Sun, 23 Oct 2011 15:40:09 -0700
Received: from [98.138.90.54] by nm9.bullet.mail.ne1.yahoo.com with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: from [98.138.89.173] by tm7.bullet.mail.ne1.yahoo.com with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: from [127.0.0.1] by omp1029.mail.ne1.yahoo.com with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: (qmail 32994 invoked by uid 60001); 23 Oct 2011 22:40:06 -0000
Received: from [92.195.148.148] by web122017.mail.ne1.yahoo.com via HTTP; Sun, 23 Oct 2011 15:40:06 PDT
Authentication-Results: hipster.bestpractical.com (amavisd-new); dkim=pass header.i= [...] ymail.com
Authentication-Results: hipster.bestpractical.com (amavisd-new); domainkeys=pass header.from=kuriguri [...] ymail.com
Delivered-To: cpan-bug+poe-component-irc [...] hipster.bestpractical.com
Subject: SSL certificate verification
Domainkey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=ymail.com; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=BUOr2/r2vRHCRTZrn2Si3UypTVnesTwcu3BbLAatEVUQewHoTllhQ1r+cB7IFg+/KPji4dLlMj0PfyB6gvSQn66pmBDNQZUHJx1MkkD94W1vOby4tTvngi5f0K6brG63zUpu2N3AErL4t0ym+5U+F+jf5q2HJQb+HLubzlPTFms=;
Return-Path: <kuriguri [...] ymail.com>
X-RT-Mail-Extension: poe-component-irc
X-Original-To: cpan-bug+poe-component-irc [...] hipster.bestpractical.com
X-Spam-Check-BY: 16.mx.develooper.com
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ymail.com; s=s1024; t=1319409606; bh=j1vNxJuiZ+il86DPRqVdRJ/3UuV9mm0K0JCUzkIe2XQ=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=WIC5A12SrPbslD2Z/avT62RhzRN9AMrtF4uOrrQJFeJw4Fij++0vST1i8XMf8fVxJydedBHFOzWYrfm2EuketWHWQrYVkNHI9oJomG9GTFdYAKSpZsSzt8ihyKAr5h+DZq/VOCQfA35/BYKJLPpXn79TO8KIHFMnWpvseFkyA60=
Date: Sun, 23 Oct 2011 15:40:06 -0700 (PDT)
X-Spam-Level:
To: "bug-POE-Component-IRC [...] rt.cpan.org" <bug-POE-Component-IRC [...] rt.cpan.org>
Content-Transfer-Encoding: quoted-printable
From: John Johnsey <kuriguri [...] ymail.com>
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1407
Download (untitled) / with headers
text/plain 1.3k
While POE::Component::IRC supports SSL connections with UseSSL, no certificate verification is done which renders this option useless. I haven't figured out how to achieve this using POE::Component::SSLify yet since the documentation could be clearer. My last approach was to add something similar to this to _sockup: if ($self->{verifyssl}) {     my $ctx = SSLify_ContextCreate(undef, undef, undef, Net::SSLeay::OP_ALL());     if (!Net::SSLeay::CTX_load_verify_locations($ctx, $self->{cafile}, $self->{capath})) {         warn "Couldn't use an SSL socket: Net::SSLeay::CTX_load_verify_locations failed\n";         $self->{usessl} = 0;     } else {         $socket = Client_SSLify($socket, undef, undef, $ctx);     } } else {     $socket = Client_SSLify($socket); } however it does not work as intended, i.e. the connection is established even with cafile and capath being empty. I'm no OpenSSL expert, so it's very likely that I am missing something obvious. Unfortunately I don't have the time to dig deeper right now and the lines above, which are by the way based on IO::Socket::SSL, took me on a long journey through POE::Component::SSLify and Net::SSLeay. So maybe someone with more OpenSSL can take a look at this and make POE::Component::IRC more secure. All tests done with perl 5.12.4, POE::Component::IRC 6.74 and POE::Component::SSLify 1.008. - JJ


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.