Skip Menu |
 

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 83001
Status: rejected
Priority: 0/
Queue: IO-Socket-SSL

People
Owner: Nobody in particular
Requestors: victor [...] vsespb.ru
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 1.82
Fixed in: (no value)



Subject: Documentation is not clear about use of SSL_VERIFY_NONE
Download (untitled) / with headers
text/plain 1.2k
This use strict; use IO::Socket::SSL; my $client = IO::Socket::SSL->new("google.com:https", SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()) || warn "I encountered a problem:".IO::Socket::SSL::errstr(); print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; and This use strict; use IO::Socket::SSL; my $client = IO::Socket::SSL->new("google.com:https", {SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()}) || warn "I encountered a problem:".IO::Socket::SSL::errstr(); print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; don't work as expected it produce the following warning: ******************************************************************* Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER together with SSL_ca_file|SSL_ca_path for verification. If you really don't want to verify the certificate and keep the connection open to Man-In-The-Middle attacks please set SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. ******************************************************************* In documentation there is no example how to pass VERIFY_NONE. What is VERIFY_NONE ? VERIFY_NONE or VERIFY_NONE() or IO::Socket::SSL::VERIFY_NONE or Net::SSL::VERIFY_NONE() ? Pass as hash ref or hash ? none of this work..
Download (untitled) / with headers
text/plain 1.5k
Also IO::Socket::SSL->new("google.com:https", {SSL_verify_mode=>SSL_VERIFY_NONE}) and IO::Socket::SSL->new("google.com:https", SSL_verify_mode=>SSL_VERIFY_NONE) don't work On Mon Jan 28 15:30:52 2013, vsespb wrote: Show quoted text
> This > > use strict; > use IO::Socket::SSL; > my $client = IO::Socket::SSL->new("google.com:https", > SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()) || warn "I encountered a > problem:".IO::Socket::SSL::errstr(); > print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; > > > and This > > > use strict; > use IO::Socket::SSL; > my $client = IO::Socket::SSL->new("google.com:https", > {SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()}) || warn "I encountered a > problem:".IO::Socket::SSL::errstr(); > print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; > > > don't work as expected > > it produce the following warning: > > > ******************************************************************* > Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client > is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER > together with SSL_ca_file|SSL_ca_path for verification. > If you really don't want to verify the certificate and keep the > connection open to Man-In-The-Middle attacks please set > SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. > ******************************************************************* > > In documentation there is no example how to pass VERIFY_NONE. > What is VERIFY_NONE ? VERIFY_NONE or VERIFY_NONE() or > IO::Socket::SSL::VERIFY_NONE or Net::SSL::VERIFY_NONE() ? Pass as hash > ref or hash ? > > none of this work.. >
Download (untitled) / with headers
text/plain 272b
the documentation of IO::Socket::SSL relates to the documentation of IO::Socket::INET, where the syntax is clearly documented as class- Show quoted text
>new(%args) with the exception
'If the constructor is only passed a single argument, it is assumed to be a "PeerAddr" specification.'


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.