Pre 0.57_05 release
Sinan Unur
13 years ago
0 | 0 |
Revision history for Crypt-SSLeay
|
1 | 1 |
=================================
|
|
2 |
|
|
3 |
0.57_05 2010-08-15 16:10:12 UTC
|
|
4 |
|
|
5 |
- Fix for NO_PROXY support in Net::SSL (bug #57836)
|
|
6 |
- Bump Net::SSL version number to 2.84_02 after changes
|
|
7 |
- Fix file/dir permissions (bug #60338)
|
|
8 |
- Review warnings when compiling SSLeay.xs against older versions of OpenSSL.
|
|
9 |
Warnings are due to OpenSSL.
|
|
10 |
- Add clarification regarding $ENV{HTTPS_CA_FILE} and $ENV{HTTPS_CA_DIR} to the
|
|
11 |
POD.
|
2 | 12 |
|
3 | 13 |
0.57_04 2010-08-11 00:22:33 UTC
|
4 | 14 |
|
1 | 1 |
|
2 | 2 |
use strict;
|
3 | 3 |
use vars '$VERSION';
|
4 | |
$VERSION = '0.57_04';
|
|
4 |
$VERSION = '0.57_05';
|
5 | 5 |
|
6 | 6 |
eval {
|
7 | 7 |
require XSLoader;
|
|
273 | 273 |
$ENV{HTTPS_CA_FILE} = "some_file";
|
274 | 274 |
$ENV{HTTPS_CA_DIR} = "some_dir";
|
275 | 275 |
|
|
276 |
Note that, if specified, C<$ENV{HTTPS_CA_FILE}> must point to the actual
|
|
277 |
certificate file. That is, C<$ENV{HTTPS_CA_DIR}> is *not* the path were
|
|
278 |
C<$ENV{HTTPS_CA_FILE}> is located.
|
|
279 |
|
|
280 |
For certificates in C<$ENV{HTTPS_CA_DIR}> to be picked up, follow the
|
|
281 |
instructions in the L<OpenSSL documentation|http://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html>
|
|
282 |
|
276 | 283 |
There is no sample CA cert file at this time for testing,
|
277 | 284 |
but you may configure F<eg/net-ssl-test> to use your CA cert
|
278 | 285 |
with the -CAfile option. (TODO: then what is the ./certs
|
5 | 5 |
use Carp;
|
6 | 6 |
|
7 | 7 |
use vars qw(@ISA $VERSION $NEW_ARGS);
|
8 | |
$VERSION = '2.84_01';
|
|
8 |
$VERSION = '2.84_02';
|
9 | 9 |
|
10 | 10 |
require IO::Socket;
|
11 | 11 |
@ISA=qw(IO::Socket::INET);
|
|
332 | 332 |
|| croak("proxy connect to $proxy_host:$proxy_port failed: $!");
|
333 | 333 |
}
|
334 | 334 |
else {
|
335 | |
$self->SUPER::connect($peer_port, $peer_addr)
|
|
335 |
# see RT #57836
|
|
336 |
my $peer_addr_packed = gethostbyname($peer_addr);
|
|
337 |
$self->SUPER::connect($peer_port, $peer_addr_packed)
|
336 | 338 |
|| croak("proxy bypass to $peer_addr:$peer_addr failed: $!");
|
337 | 339 |
}
|
338 | 340 |
|
|
382 | 384 |
}
|
383 | 385 |
|
384 | 386 |
# code adapted from LWP::UserAgent, with $ua->env_proxy API
|
|
387 |
# see also RT #57836
|
385 | 388 |
sub proxy {
|
|
389 |
my $self = shift;
|
386 | 390 |
my $proxy_server = $ENV{HTTPS_PROXY} || $ENV{https_proxy};
|
387 | 391 |
return unless $proxy_server;
|
|
392 |
|
|
393 |
my($peer_port, $peer_addr) = (
|
|
394 |
*$self->{ssl_peer_port},
|
|
395 |
*$self->{ssl_peer_addr}
|
|
396 |
);
|
|
397 |
$peer_addr || croak("no peer addr given");
|
|
398 |
$peer_port || croak("no peer port given");
|
|
399 |
|
|
400 |
# see if the proxy should be bypassed
|
|
401 |
my @no_proxy = split( /\s*,\s*/,
|
|
402 |
$ENV{NO_PROXY} || $ENV{no_proxy} || ''
|
|
403 |
);
|
|
404 |
my $is_proxied = 1;
|
|
405 |
for my $domain (@no_proxy) {
|
|
406 |
if ($peer_addr =~ /\Q$domain\E\z/) {
|
|
407 |
return;
|
|
408 |
}
|
|
409 |
}
|
388 | 410 |
|
389 | 411 |
$proxy_server =~ s|\Ahttps?://||i;
|
390 | 412 |
$proxy_server;
|