Skip Menu |

This queue is for tickets about the Net-IMAP-Server CPAN distribution.

Report information
The Basics
Id: 50150
Status: resolved
Priority: 0/
Queue: Net-IMAP-Server
People
Owner: Nobody in particular
Requestors: alexmv [...] bestpractical.com
keder [...] fi.muni.cz
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Oct 01 12:18:31 2009 keder [...] fi.muni.cz - Ticket created
Subject: Net::IMAP::Server - paths to SSL certificate and key
Date: Thu, 01 Oct 2009 18:17:40 +0200
To: bug-net-imap-server [...] rt.cpan.org, net-imap-server [...] bestpractical.com
From: Dan Keder <keder [...] fi.muni.cz>
Hi, I modified the module Net::IMAP::Server so that I can specify paths to the SSL certificate and key files. The patch that does it is in the attachments. However it requires another change in Net::Server::Coro which I already sent to its respective mailing list (and which I am attaching to this mail as well). Have a nice day, Dan Keder P.S. Please send any replies to my email address as well, I am not registered in this mailing list. -- Free your mind...the rest will follow. --------------------------------------------------------

Message body is not shown because sender requested not to inline it.

Message body is not shown because sender requested not to inline it.

  Thu Oct 01 12:58:45 2009 alexmv [...] bestpractical.com - Ticket #50152: Ticket created
CC: bug-net-imap-server [...] rt.cpan.org, net-imap-server [...] bestpractical.com
Subject: Re: [Net-IMAP-Server] Net::IMAP::Server - paths to SSL certificate and key
Date: Thu, 01 Oct 2009 12:58:30 -0400
To: Dan Keder <keder [...] fi.muni.cz>
From: Alex Vandiver <alexmv [...] bestpractical.com>
On Thu, 2009-10-01 at 18:17 +0200, Dan Keder wrote: Show quoted text
> I modified the module Net::IMAP::Server so that I can specify paths to > the SSL certificate and key files. The patch that does it is in the > attachments. > > However it requires another change in Net::Server::Coro which I already > sent to its respective mailing list (and which I am attaching to this > mail as well).
Thanks! This looks like a useful feature. However, it looks only to work with TCP connections which later get TLS enabled, but not with straight-up SSL connections. That is, the following fails for me: $ perl -Ilib -MNet::IMAP::Server -e 'Net::IMAP::Server->new( server_cert => "moose/server-cert.pem", server_key => "moose/server-key.pem", ssl_port => 9930 )->run' & 2009/10/01-12:52:58 Net::IMAP::Server (type Net::Server::Coro) starting! pid(4318) Binding to TCP port 1430 on host * Binding to SSL port 9930 on host * Group Not Defined. Defaulting to EGID '1000 1005 1004 1000 443 250 100 85 35 27 19 18 16 11 10' User Not Defined. Defaulting to EUID '1000' SSL accept error: 1, error:00000001:lib(0):func(0):reason(1) $ openssl s_client -connect localhost:9930 -crlf CONNECTED(00000003) 4278:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:596: I'd love to take these patches if you can fix this problem. Tangentially, where's the "respective mailing list" for Net::Server::Coro? I don't know of one -- which is surprising, because I'm the maintainer. :) - Alex
  Thu Oct 01 13:04:38 2009 cpan [...] chmrr.net - Ticket #50152: Merged into ticket #50150
  Thu Oct 01 13:04:38 2009 cpan [...] chmrr.net - Merged into ticket #50150
  Fri Oct 02 04:10:32 2009 keder [...] fi.muni.cz - Ticket #50162: Ticket created
CC: bug-net-imap-server [...] rt.cpan.org, net-imap-server [...] bestpractical.com
Subject: Re: [Net-IMAP-Server] Net::IMAP::Server - paths to SSL certificate and key
Date: Fri, 02 Oct 2009 10:09:35 +0200
To: Alex Vandiver <alexmv [...] bestpractical.com>
From: Dan Keder <keder [...] fi.muni.cz>
On 01.10.2009 18:58, Alex Vandiver wrote: Show quoted text
> On Thu, 2009-10-01 at 18:17 +0200, Dan Keder wrote:
>> I modified the module Net::IMAP::Server so that I can specify paths to >> the SSL certificate and key files. The patch that does it is in the >> attachments. >> >> However it requires another change in Net::Server::Coro which I already >> sent to its respective mailing list (and which I am attaching to this >> mail as well).
> > Thanks! This looks like a useful feature. However, it looks only to > work with TCP connections which later get TLS enabled, but not with > straight-up SSL connections. That is, the following fails for me: > > $ perl -Ilib -MNet::IMAP::Server -e 'Net::IMAP::Server->new( > server_cert => "moose/server-cert.pem", > server_key => "moose/server-key.pem", > ssl_port => 9930 > )->run'& > 2009/10/01-12:52:58 Net::IMAP::Server (type Net::Server::Coro) starting! > pid(4318) > Binding to TCP port 1430 on host * > Binding to SSL port 9930 on host * > Group Not Defined. Defaulting to EGID '1000 1005 1004 1000 443 250 100 > 85 35 27 19 18 16 11 10' > User Not Defined. Defaulting to EUID '1000' > SSL accept error: 1, error:00000001:lib(0):func(0):reason(1) > > $ openssl s_client -connect localhost:9930 -crlf > CONNECTED(00000003) > 4278:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake failure:s23_clnt.c:596:
Yes, I didn't get so far yet :-). Right now I am playing with TLS. I will certainly look into that, maybe even today. Show quoted text
> I'd love to take these patches if you can fix this problem. > Tangentially, where's the "respective mailing list" for > Net::Server::Coro? I don't know of one -- which is surprising, because > I'm the maintainer. :)
I meant the bug tracking address of Net::Server::Coro - bug-net-server-coro@rt.cpan.org (as you found out yourself). dan -- Free your mind...the rest will follow. --------------------------------------------------------
  Fri Oct 02 09:28:57 2009 keder [...] fi.muni.cz - Ticket #50166: Ticket created
CC: bug-net-imap-server [...] rt.cpan.org, net-imap-server [...] bestpractical.com
Subject: Re: [Net-IMAP-Server] Net::IMAP::Server - paths to SSL certificate and key
Date: Fri, 02 Oct 2009 15:28:21 +0200
To: Alex Vandiver <alexmv [...] bestpractical.com>
From: Dan Keder <keder [...] fi.muni.cz>
OK, I managed to get the custom certificate paths working with both SSL and TLS connections. I'm attaching the patches. The are made against the current (vanilla) version of modules. dan On 01.10.2009 18:58, Alex Vandiver wrote: Show quoted text
> On Thu, 2009-10-01 at 18:17 +0200, Dan Keder wrote:
>> I modified the module Net::IMAP::Server so that I can specify paths to >> the SSL certificate and key files. The patch that does it is in the >> attachments. >> >> However it requires another change in Net::Server::Coro which I already >> sent to its respective mailing list (and which I am attaching to this >> mail as well).
> > Thanks! This looks like a useful feature. However, it looks only to > work with TCP connections which later get TLS enabled, but not with > straight-up SSL connections. That is, the following fails for me: > > $ perl -Ilib -MNet::IMAP::Server -e 'Net::IMAP::Server->new( > server_cert => "moose/server-cert.pem", > server_key => "moose/server-key.pem", > ssl_port => 9930 > )->run'& > 2009/10/01-12:52:58 Net::IMAP::Server (type Net::Server::Coro) starting! > pid(4318) > Binding to TCP port 1430 on host * > Binding to SSL port 9930 on host * > Group Not Defined. Defaulting to EGID '1000 1005 1004 1000 443 250 100 > 85 35 27 19 18 16 11 10' > User Not Defined. Defaulting to EUID '1000' > SSL accept error: 1, error:00000001:lib(0):func(0):reason(1) > > $ openssl s_client -connect localhost:9930 -crlf > CONNECTED(00000003) > 4278:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake failure:s23_clnt.c:596: > > I'd love to take these patches if you can fix this problem. > Tangentially, where's the "respective mailing list" for > Net::Server::Coro? I don't know of one -- which is surprising, because > I'm the maintainer. :) > - Alex
-- Free your mind...the rest will follow. --------------------------------------------------------

Message body is not shown because sender requested not to inline it.

Message body is not shown because sender requested not to inline it.

  Mon Oct 05 10:16:52 2009 keder [...] fi.muni.cz - Ticket #50213: Ticket created
CC: bug-net-imap-server [...] rt.cpan.org, net-imap-server [...] bestpractical.com
Subject: Re: [Net-IMAP-Server] Net::IMAP::Server - paths to SSL certificate and key
Date: Mon, 05 Oct 2009 16:16:19 +0200
To: Alex Vandiver <alexmv [...] bestpractical.com>
From: Dan Keder <keder [...] fi.muni.cz>
Sorry, one of the patches I sent you had a bug in it. I'm attaching the correct version (hopefully :-). dan On 02.10.2009 15:28, Dan Keder wrote: Show quoted text
> OK, I managed to get the custom certificate paths working with both SSL > and TLS connections. I'm attaching the patches. The are made against the > current (vanilla) version of modules. > > dan > > On 01.10.2009 18:58, Alex Vandiver wrote:
>> On Thu, 2009-10-01 at 18:17 +0200, Dan Keder wrote:
>>> I modified the module Net::IMAP::Server so that I can specify paths to >>> the SSL certificate and key files. The patch that does it is in the >>> attachments. >>> >>> However it requires another change in Net::Server::Coro which I already >>> sent to its respective mailing list (and which I am attaching to this >>> mail as well).
>> >> Thanks! This looks like a useful feature. However, it looks only to >> work with TCP connections which later get TLS enabled, but not with >> straight-up SSL connections. That is, the following fails for me: >> >> $ perl -Ilib -MNet::IMAP::Server -e 'Net::IMAP::Server->new( >> server_cert => "moose/server-cert.pem", >> server_key => "moose/server-key.pem", >> ssl_port => 9930 >> )->run'& >> 2009/10/01-12:52:58 Net::IMAP::Server (type Net::Server::Coro) starting! >> pid(4318) >> Binding to TCP port 1430 on host * >> Binding to SSL port 9930 on host * >> Group Not Defined. Defaulting to EGID '1000 1005 1004 1000 443 250 100 >> 85 35 27 19 18 16 11 10' >> User Not Defined. Defaulting to EUID '1000' >> SSL accept error: 1, error:00000001:lib(0):func(0):reason(1) >> >> $ openssl s_client -connect localhost:9930 -crlf >> CONNECTED(00000003) >> 4278:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert >> handshake failure:s23_clnt.c:596: >> >> I'd love to take these patches if you can fix this problem. >> Tangentially, where's the "respective mailing list" for >> Net::Server::Coro? I don't know of one -- which is surprising, because >> I'm the maintainer. :) >> - Alex
>
-- Free your mind...the rest will follow. --------------------------------------------------------

Message body is not shown because sender requested not to inline it.

  Fri Oct 16 00:02:24 2009 cpan [...] chmrr.net - Ticket #50162: Merged into ticket #50150
  Fri Oct 16 00:02:24 2009 cpan [...] chmrr.net - Merged into ticket #50150
  Fri Oct 16 00:02:41 2009 cpan [...] chmrr.net - Ticket #50166: Merged into ticket #50150
  Fri Oct 16 00:02:41 2009 cpan [...] chmrr.net - Merged into ticket #50150
  Fri Oct 16 00:03:05 2009 cpan [...] chmrr.net - Ticket #50213: Merged into ticket #50150
  Fri Oct 16 00:03:05 2009 cpan [...] chmrr.net - Merged into ticket #50150
  Fri Oct 16 00:14:09 2009 alexmv [...] bestpractical.com - Correspondence added
CC: net-imap-server [...] bestpractical.com, bug-net-imap-server [...] rt.cpan.org
Subject: Re: [Net-IMAP-Server] [rt.cpan.org #50150] Net::IMAP::Server - paths to SSL certificate and key
Date: Fri, 16 Oct 2009 00:13:52 -0400
To: Dan Keder <keder [...] fi.muni.cz>
From: Alex Vandiver <alexmv [...] bestpractical.com>
On Fri, 2009-10-02 at 10:06 -0400, Alex Vandiver wrote: Show quoted text
> Thanks! I'm about to head on a short vacation, so I'll review them over > the weekend and get back to you.
Sorry to have taken longer than expected to get back to you. The problem with these patches it that they make plain ol' Net::Server::Coro fall down. Specifically, this hunk: ----------------8<----------------- diff --git a/perl/Net/Server/Coro.pm b/perl/Net/Server/Coro.pm index cf8633b..204849c 100644 --- a/perl/Net/Server/Coro.pm +++ b/perl/Net/Server/Coro.pm @@ -46,7 +46,8 @@ sub post_bind_hook { my $self = shift; my $prop = $self->{server}; delete $prop->{select}; - $prop->{sock} = [ map { make_coro_socket($_) } @{ $prop->{sock} } ]; + + $prop->{sock} = [ map { make_coro_socket($_, $self->server_cert, $self->server_key) } @{ $prop->{sock} } ]; } =head2 make_coro_socket SOCKET ----------------8<----------------- ...only works if the Net::Server::Coro object has ->server_cert and ->server_key methods -- which Net::IMAP::Server has, but Net::Server::Coro doesn't. The right answer is _probably_ to push those methods down onto Net::Server::Coro, but I'm open to other suggestions as well. Thanks for taking the time to put these patches together! I notice from the diff header that you're using git -- if you want to produce patches by comitting them to your local git clone and running `git format-patch origin/master`, it'll correctly preserve your authorship information and commit messages when I commit it. - Alex
  Fri Oct 16 09:09:27 2009 keder [...] fi.muni.cz - Correspondence added
CC: net-imap-server [...] bestpractical.com, bug-net-imap-server [...] rt.cpan.org
Subject: Re: [Net-IMAP-Server] [rt.cpan.org #50150] Net::IMAP::Server - paths to SSL certificate and key
Date: Fri, 16 Oct 2009 15:08:51 +0200
To: Alex Vandiver <alexmv [...] bestpractical.com>
From: Dan Keder <keder [...] fi.muni.cz>
Hi, I moved all the stuff around certificates to Net/Server/Coro.pm. The Net/IMAP/Server.pm module should be clean now. The patch is attached. dan On 16.10.2009 06:13, Alex Vandiver wrote: Show quoted text
> On Fri, 2009-10-02 at 10:06 -0400, Alex Vandiver wrote:
>> Thanks! I'm about to head on a short vacation, so I'll review them over >> the weekend and get back to you.
> > Sorry to have taken longer than expected to get back to you. The > problem with these patches it that they make plain ol' Net::Server::Coro > fall down. Specifically, this hunk: > > ----------------8<----------------- > diff --git a/perl/Net/Server/Coro.pm b/perl/Net/Server/Coro.pm > index cf8633b..204849c 100644 > --- a/perl/Net/Server/Coro.pm > +++ b/perl/Net/Server/Coro.pm > @@ -46,7 +46,8 @@ sub post_bind_hook { > my $self = shift; > my $prop = $self->{server}; > delete $prop->{select}; > - $prop->{sock} = [ map { make_coro_socket($_) } @{ $prop->{sock} } ]; > + > + $prop->{sock} = [ map { make_coro_socket($_, $self->server_cert, $self->server_key) } @{ $prop->{sock} } ]; > } > > =head2 make_coro_socket SOCKET > ----------------8<----------------- > > ...only works if the Net::Server::Coro object has ->server_cert and > ->server_key methods -- which Net::IMAP::Server has, but > Net::Server::Coro doesn't. The right answer is _probably_ to push those > methods down onto Net::Server::Coro, but I'm open to other suggestions > as well. > > Thanks for taking the time to put these patches together! I notice > from the diff header that you're using git -- if you want to produce > patches by comitting them to your local git clone and running `git > format-patch origin/master`, it'll correctly preserve your authorship > information and commit messages when I commit it. > - Alex
-- Dan Keder Faculty of Informatics, Masaryk University ---------------------------------------------------------

Message body is not shown because sender requested not to inline it.

  Fri Oct 16 11:04:30 2009 alexmv [...] bestpractical.com - Correspondence added
CC: net-imap-server [...] bestpractical.com, bug-net-imap-server <bug-net-imap-server [...] rt.cpan.org>
Subject: Re: [Net-IMAP-Server] [rt.cpan.org #50150] Net::IMAP::Server - paths to SSL certificate and key
Date: Fri, 16 Oct 2009 11:04:22 -0400
To: Dan Keder <keder [...] fi.muni.cz>
From: Alex Vandiver <alexmv [...] bestpractical.com>
On Fri, 2009-10-16 at 15:08 +0200, Dan Keder wrote: Show quoted text
> I moved all the stuff around certificates to Net/Server/Coro.pm. The > Net/IMAP/Server.pm module should be clean now.
I applied a derivative of this patch -- check that the newly-released Net::Server::Coro 0.6 and Net::IMAP::Server 1.24 work the way you'd expect? Thanks for the patches! - Alex
  Mon Nov 09 17:31:17 2009 cpan [...] chmrr.net - Status changed from 'new' to 'resolved'