Skip Menu |

This queue is for tickets about the POE-Component-IRC CPAN distribution.

Report information
The Basics
Id: 71876
Status: new
Priority: 0/
Queue: POE-Component-IRC

Owner: Nobody in particular
Requestors: kuriguri [...]

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

From kuriguri [...] Sun Oct 23 18: 40:14 2011
MIME-Version: 1.0
X-Ymail-Osg: oyBqrWYVM1nbQQHfNYZFv3S1gOsrAJz3BX2CCYKTtTNCLdO st1eOHabV2GGZ0hY3dhGRYXyYFlIKF3NwUdNvNgn4iizO3pxZLZfyMjbpVZT vaZ7y7zJPSWwkVJEVm7xwavOeCacpY6S7EXbUUO_obgi2qYWWsghXnM2IYYo chuxiIBwlTOAp5d1OUOb_O9ZrOkJk8Tm0xkVCKXzQHRlgxEnPVBNAax8xLRE KFjo8M04481gBSS_vthfS9Y_qNs5s_ZqbFhkkrxlmjLpDpJCeaX7.h.SnbRD ZtIXNHZuveO55tlCBJQWFseGU0Ymh8fD1QR2u4P1JqbvmtyS4RYQ1reVhUZk FxPXO8D4OPTJ0Ig1.qIo7yNfLgGNR8.5KhuvJUnIIpZ4Bmbdo4byu0w--
X-Spam-Status: No, score=-6.999 tagged_above=-99.9 required=10 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5] autolearn=ham
X-Mailer: YahooMailWebService/
X-Yahoo-Newman-ID: [...]
X-Spam-Flag: NO
content-type: text/plain; charset="utf-8"
Reply-To: John Johnsey <kuriguri [...]>
Message-ID: <1319409606.29801.YahooMailNeo [...]>
X-Yahoo-Newman-Property: ymail-3
X-Virus-Scanned: Debian amavisd-new at
X-Spam-Score: -6.999
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5A059240C11 for <cpan-bug+poe-component-irc [...]>; Sun, 23 Oct 2011 18:40:14 -0400 (EDT)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id p6y4PNPnttTy for <cpan-bug+poe-component-irc [...]>; Sun, 23 Oct 2011 18:40:12 -0400 (EDT)
Received: from ( []) by (Postfix) with SMTP id 7729E240C05 for <bug-poe-component-irc [...]>; Sun, 23 Oct 2011 18:40:12 -0400 (EDT)
Received: (qmail 30841 invoked by uid 103); 23 Oct 2011 22:40:11 -0000
Received: from ( by with QMQP; 23 Oct 2011 22:40:11 -0000
Received: from (HELO ( by (qpsmtpd/0.80/v0.80-19-gf52d165) with SMTP; Sun, 23 Oct 2011 15:40:09 -0700
Received: from [] by with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: from [] by with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: from [] by with NNFMP; 23 Oct 2011 22:40:06 -0000
Received: (qmail 32994 invoked by uid 60001); 23 Oct 2011 22:40:06 -0000
Received: from [] by via HTTP; Sun, 23 Oct 2011 15:40:06 PDT
Authentication-Results: (amavisd-new); dkim=pass header.i= [...]
Authentication-Results: (amavisd-new); domainkeys=pass header.from=kuriguri [...]
Delivered-To: cpan-bug+poe-component-irc [...]
Subject: SSL certificate verification
Domainkey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024;; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=BUOr2/r2vRHCRTZrn2Si3UypTVnesTwcu3BbLAatEVUQewHoTllhQ1r+cB7IFg+/KPji4dLlMj0PfyB6gvSQn66pmBDNQZUHJx1MkkD94W1vOby4tTvngi5f0K6brG63zUpu2N3AErL4t0ym+5U+F+jf5q2HJQb+HLubzlPTFms=;
Return-Path: <kuriguri [...]>
X-RT-Mail-Extension: poe-component-irc
X-Original-To: cpan-bug+poe-component-irc [...]
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1024; t=1319409606; bh=j1vNxJuiZ+il86DPRqVdRJ/3UuV9mm0K0JCUzkIe2XQ=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=WIC5A12SrPbslD2Z/avT62RhzRN9AMrtF4uOrrQJFeJw4Fij++0vST1i8XMf8fVxJydedBHFOzWYrfm2EuketWHWQrYVkNHI9oJomG9GTFdYAKSpZsSzt8ihyKAr5h+DZq/VOCQfA35/BYKJLPpXn79TO8KIHFMnWpvseFkyA60=
Date: Sun, 23 Oct 2011 15:40:06 -0700 (PDT)
To: "bug-POE-Component-IRC [...]" <bug-POE-Component-IRC [...]>
Content-Transfer-Encoding: quoted-printable
From: John Johnsey <kuriguri [...]>
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1407
Download (untitled) / with headers
text/plain 1.3k
While POE::Component::IRC supports SSL connections with UseSSL, no certificate verification is done which renders this option useless. I haven't figured out how to achieve this using POE::Component::SSLify yet since the documentation could be clearer. My last approach was to add something similar to this to _sockup: if ($self->{verifyssl}) {     my $ctx = SSLify_ContextCreate(undef, undef, undef, Net::SSLeay::OP_ALL());     if (!Net::SSLeay::CTX_load_verify_locations($ctx, $self->{cafile}, $self->{capath})) {         warn "Couldn't use an SSL socket: Net::SSLeay::CTX_load_verify_locations failed\n";         $self->{usessl} = 0;     } else {         $socket = Client_SSLify($socket, undef, undef, $ctx);     } } else {     $socket = Client_SSLify($socket); } however it does not work as intended, i.e. the connection is established even with cafile and capath being empty. I'm no OpenSSL expert, so it's very likely that I am missing something obvious. Unfortunately I don't have the time to dig deeper right now and the lines above, which are by the way based on IO::Socket::SSL, took me on a long journey through POE::Component::SSLify and Net::SSLeay. So maybe someone with more OpenSSL can take a look at this and make POE::Component::IRC more secure. All tests done with perl 5.12.4, POE::Component::IRC 6.74 and POE::Component::SSLify 1.008. - JJ

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to