noxxi
commented
11 years ago Issue fixed in version 1.87, see https://rt.cpan.org/Ticket/Display.html?id=84829
Closed minty closed 11 years ago
noxxi
commented
11 years ago Issue fixed in version 1.87, see https://rt.cpan.org/Ticket/Display.html?id=84829
minty
commented
11 years ago Wow, fast, thanks :)
+1
Hi,
This is a RFC : I'm happy to do more work to add tests or rework the implementation, however I wanted to first check if there was any interest (and that I'm even vaugely on the right path).
I recently tripped up over my own stupidity by passing paths to SSL files (key/cert/ca) that didn't exist. The behaviour I observed was that the server started, accepted connections then immediately closed them. No error was emitted.
In my particular case, I was using Mojolicious' morbo, however talking to sri on irc he suggested that IO::Socket:SSL would be the correct place to fix this.
fwiw:
morbo -v -l "https://172.16.200.100:4430?cert=/home/me/ssl/secure.crt&key=/home/me/ssl/secure.key" script/server
If either of those files does not exist, I see this behaviour:
§ telnet 172.16.200.100 4430 Trying 172.16.200.100... Connected to oauth.minty.org. Escape character is '^]'. Connection closed by foreign host.
If all relevant files DO exist, I see this:
§ telnet 172.16.200.100 4430 Trying 172.16.200.100... Connected to oauth.minty.org. Escape character is '^]'.
(followed by the server waiting for input)
I'm not hugely familiar with the IO::Socket::SSL code, so the following patch really should be treated more as a hand-wavy attempt to explain my problem and a rough line in the sand for where it might be possible to fix.
https://github.com/minty/p5-io-socket-ssl/commit/b5a7fe8db91e9993fc7929e5c1b8799dd7f3497a
If someone with better knowledge of the code could give me some pointers/direction, I'd be happy to invest some effort in trying to submit a proper pull-request with a more robust patch include, plus some tests.
Thanks!