Skip Menu |
 

This queue is for tickets about the Crypt-SSLeay CPAN distribution.

Report information
The Basics
Id: 11078
Status: resolved
Priority: 1/
Queue: Crypt-SSLeay

People
Owner: dland [...] cpan.org
Requestors: info [...] gwendragon.de
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 0.51
Fixed in: (no value)



Subject: Net::SSL in Crypt::SSLeay ignores no_proxy settings
Download (untitled) / with headers
text/plain 1.3k
ActivePerl v5.8.6.811 MSWin32-x86-multi-thread Crypt-SSLeay 0.51 Running on Windows 2000 SP4 Using LWP::UserAgent with Crypt::SSLeay and https_proxy and no_proxy settings Intranet server with domainname intranet and subdomains is at 192.168.0.12 in our net and registered on our intranet dns bind server. All IPs/domain names are resolved correct! * Connecting to https://ssl.intranet ignores no_proxy settings and connects over our internet proxy! This is a problem! * Connecting to http://intranet connects direct to intranet server. It seams, that Net::SSL ignores the no_proxy settings an uses the proxy ip/port to connect. But we have to connect to https://ssl.intranet for testing and programming purposes CODE: ----snip---- #!/usr/local/bin/perl use LWP::UserAgent; my $url = "https://ssl.intranet"; # is IP 192.168.0.12 my $ua = LWP::UserAgent->new; # proxy to WWW is 192.168.0.1:3128 $ua->proxy([qw( http https )], "http://192.168.0.1:3128"); # intranet is 192.168.0.*, ssl.intranet $ua->no_proxy( '192.168.0.12', 'ssl.intranet', '192.168.0.1' ); my $req = HTTP::Request->new(GET => $url); my $res = $ua->request($req); if ($res->is_success) { print $res->as_string; } else { print "Failed: ", $res->status_line, "\n"; } 1; ----snip---- The same problem occurs with perls GET skript in bin subdir
From: GwenDragon
Download (untitled) / with headers
text/plain 1.7k
[guest - Wed Jan 19 07:24:23 2005]: This patch helped me. --- SSL.pm 2003-05-28 08:26:08.000000000 +0200 +++ SSL.pm.patched 2005-06-22 14:37:13.671875000 +0200 @@ -325,7 +325,18 @@ $lwp_object; } - + +# +++ patched by GwenDragon 2005-06-14 +sub is_noproxy { + my $dom = shift; + + my $np = $ENV{'NO_PROXY'} || ''; + my ( @nop ) = split /,/,$np; + + return grep(/$dom/, @nop); +} +# +++ patched by GwenDragon 2005-06-14 + sub proxy_connect_helper { my $self = shift; @@ -341,14 +352,27 @@ my $iaddr = gethostbyname($host); $iaddr || die("can't resolve proxy server name: $host, $!"); - $port || die("no port given for proxy server $proxy"); - - $self->SUPER::connect($port, $iaddr) - || die("proxy connect to $host:$port failed: $!"); + $port || die("no port given for proxy server $proxy"); my($peer_port, $peer_addr) = (*$self->{ssl_peer_port}, *$self- Show quoted text
>{ssl_peer_addr});
$peer_port || die("no peer port given"); - $peer_addr || die("no peer addr given"); + $peer_addr || die("no peer addr given"); + +# +++ patched by GwenDragon 2005-06-14 +if (is_noproxy($peer_addr)) { + $iaddr = gethostbyname($peer_addr); + $iaddr || die("can't resolve $peer_addr, $!"); + $self->SUPER::connect($peer_port, $iaddr) #try connection + || die("connect to $peer_addr:$peer_port failed: $!"); + return 1; + } + else { +# +++ patched by GwenDragon 2005-06-14 + $self->SUPER::connect($port, $iaddr) + || die("proxy connect to $host:$port failed: $!"); +# +++ patched by GwenDragon 2005-06-14 +} +# +++ patched by GwenDragon 2005-06-14 my $connect_string; if ($ENV{"HTTPS_PROXY_USERNAME"} || $ENV{"HTTPS_PROXY_PASSWORD"}) {
From: GwenDragon
Download (untitled) / with headers
text/plain 1.9k
[guest - Thu Jun 23 07:42:52 2005]: Sorry forgot to say, that the patch is for Net::SSL Version 2.77 !!! Show quoted text
> [guest - Wed Jan 19 07:24:23 2005]: > > This patch helped me. > > --- SSL.pm 2003-05-28 08:26:08.000000000 +0200 > +++ SSL.pm.patched 2005-06-22 14:37:13.671875000 +0200 > @@ -325,7 +325,18 @@ > > $lwp_object; > } > - > + > +# +++ patched by GwenDragon 2005-06-14 > +sub is_noproxy { > + my $dom = shift; > + > + my $np = $ENV{'NO_PROXY'} || ''; > + my ( @nop ) = split /,/,$np; > + > + return grep(/$dom/, @nop); > +} > +# +++ patched by GwenDragon 2005-06-14 > + > sub proxy_connect_helper { > my $self = shift; > > @@ -341,14 +352,27 @@ > > my $iaddr = gethostbyname($host); > $iaddr || die("can't resolve proxy server name: $host, $!"); > - $port || die("no port given for proxy server $proxy"); > - > - $self->SUPER::connect($port, $iaddr) > - || die("proxy connect to $host:$port failed: $!"); > + $port || die("no port given for proxy server $proxy"); > > my($peer_port, $peer_addr) = (*$self->{ssl_peer_port}, *$self-
> >{ssl_peer_addr});
> $peer_port || die("no peer port given"); > - $peer_addr || die("no peer addr given"); > + $peer_addr || die("no peer addr given"); > + > +# +++ patched by GwenDragon 2005-06-14 > +if (is_noproxy($peer_addr)) { > + $iaddr = gethostbyname($peer_addr); > + $iaddr || die("can't resolve $peer_addr, $!"); > + $self->SUPER::connect($peer_port, $iaddr) #try > connection > + || die("connect to $peer_addr:$peer_port failed: $!"); > + return 1; > + } > + else { > +# +++ patched by GwenDragon 2005-06-14 > + $self->SUPER::connect($port, $iaddr) > + || die("proxy connect to $host:$port failed: $!"); > +# +++ patched by GwenDragon 2005-06-14 > +} > +# +++ patched by GwenDragon 2005-06-14 > > my $connect_string; > if ($ENV{"HTTPS_PROXY_USERNAME"} || $ENV{"HTTPS_PROXY_PASSWORD"})
{
From: GwenDragon
[guest - Thu Jun 23 07:46:31 2005]: The patch is not tested.
RT-Send-CC: info [...] gwendragon.de
Download (untitled) / with headers
text/plain 384b
On Thu Jun 23 07:42:52 2005, guest wrote: Show quoted text
> [guest - Wed Jan 19 07:24:23 2005]: > > This patch helped me. > > --- SSL.pm 2003-05-28 08:26:08.000000000 +0200 > +++ SSL.pm.patched 2005-06-22 14:37:13.671875000 +0200 > @@ -325,7 +325,18 @@ >
Hello, I am the new maintainer for Crypt-SSLeay. I'll look at this patch and see about integrating it into the distribution. Thanks, David
Download (untitled) / with headers
text/plain 310b
I have uploaded Crypt-SSLeay-0.53_02, which contains a patch to resolve this problem. I didn't use your patch per se, but it was of great help to me in understanding what the problem was, and for this I am grateful. Can you take this development snapshot for a spin and let me know how it goes? Thanks, David
Download (untitled) / with headers
text/plain 213b
This bug has been resolved to my satisfaction. If you have any problems with the latest development release (0.53_03), please let me know. A stable 0.54 release will be issued in the next few weeks. Thanks, David


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.