Skip Menu |

This queue is for tickets about the Net-HTTPServer CPAN distribution.

Report information
The Basics
Id: 3311
Status: resolved
Worked: 5 min
Priority: 0/
Queue: Net-HTTPServer
People
Owner: reatmon [...] mail.com
Requestors: coryb [...] yahoo-inc.com
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.4
Fixed in: (no value)

History Show all quoted text
  Thu Aug 21 19:44:33 2003 Guest - Ticket created
Subject: ssl server with bad hard-coded values
Hello, we were happy to find your http server lib supports https, so we were playing around with it and found a few bugs. On the HTTPServer.pm (lines 340 - 342): if (!defined($self->{CFG}->{SSL_KEY}) || !defined($self->{CFG}->{SSL_KEY}) || !defined($self->{CFG}->{SSL_KEY})) Should be: if (!defined($self->{CFG}->{SSL_KEY}) || !defined($self->{CFG}->{SSL_CERT}) || !defined($self->{CFG}->{SSL_CA})) Also, the cert values are hard coded to your system in the .4 release (lines 353-355): SSL_key_file => "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/server-key.pem", SSL_cert_file => "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/server-cert.pem", SSL_ca_file => "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/my-ca.pem", Should be: SSL_key_file => $self->{CFG}->{SSL_KEY}, SSL_cert_file => $self->{CFG}->{SSL_CERT}, SSL_ca_file => $self->{CFG}->{SSL_CA}, It is off to a good start. Thanks for the module. -Cory
  Fri Aug 22 10:38:17 2003 reatmon [...] mail.com - Correspondence added 5 min
Now that I can access PAUSE again I will upload 0.5 that has this fix. Thanks for catching it. I'm glad someone else finds this useful. If you want any other features added in, just let me know. [guest - Thu Aug 21 19:44:33 2003]: Show quoted text
> Hello, we were happy to find your http server lib supports https, so > we were playing around with it and found a few bugs. > > On the HTTPServer.pm (lines 340 - 342): > if (!defined($self->{CFG}->{SSL_KEY}) || > !defined($self->{CFG}->{SSL_KEY}) || > !defined($self->{CFG}->{SSL_KEY})) > Should be: > if (!defined($self->{CFG}->{SSL_KEY}) || > !defined($self->{CFG}->{SSL_CERT}) || > !defined($self->{CFG}->{SSL_CA})) > > Also, the cert values are hard coded to your system in the .4 release > (lines 353-355): > SSL_key_file => > "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/server-key.pem", > SSL_cert_file => > "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/server-cert.pem", > SSL_ca_file => > "/home/reatmon/devel/libs/IO-Socket-SSL-0.94/certs/my-ca.pem", > > Should be: > SSL_key_file => $self-
> >{CFG}->{SSL_KEY},
> SSL_cert_file => > $self->{CFG}->{SSL_CERT}, > SSL_ca_file => $self-
> >{CFG}->{SSL_CA},
> > It is off to a good start. Thanks for the module. > > -Cory
  Fri Aug 22 10:38:18 2003 reatmon [...] mail.com - Status changed from 'new' to 'resolved'
  Fri Aug 22 10:38:19 2003 reatmon [...] mail.com - Given to REATMON