| Subject: | [PATCH] Fix for NO_PROXY support in Net::SSL |
If the environment contains HTTPS_PROXY and NO_PROXY settings that
should cause a request to skip the proxy, the socket will attempt to
create a proxied request to the non-proxied server.
The following patch addresses this by changing proxy() to return undef
if the NO_PROXY setting matches. It also fixes proxy_connect_helper to
pass the packed peer address instead of the host name to connect().
| Subject: | SSL.pm.patch |
--- Net/SSL.pm 2007-09-17 13:56:52.000000000 -0700
+++ Net/SSL.pm.new 2010-05-25 15:25:59.479052000 -0700
@@ -332,8 +332,9 @@
|| croak("proxy connect to $proxy_host:$proxy_port failed: $!");
}
else {
- $self->SUPER::connect($peer_port, $peer_addr)
- || croak("proxy bypass to $peer_addr:$peer_addr failed: $!");
+ my $peer_addr_packed = gethostbyname($peer_addr);
+ $self->SUPER::connect($peer_port, $peer_addr_packed)
+ || croak("proxy bypass to $peer_addr:$peer_port failed: $!");
}
my $connect_string;
@@ -374,9 +375,24 @@
# code adapted from LWP::UserAgent, with $ua->env_proxy API
sub proxy {
+ my $self = shift;
my $proxy_server = $ENV{HTTPS_PROXY} || $ENV{https_proxy};
return unless $proxy_server;
+ my($peer_port, $peer_addr) = (*$self->{ssl_peer_port}, *$self->{ssl_peer_addr});
+ $peer_addr || croak("no peer addr given");
+ $peer_port || croak("no peer port given");
+
+ # see if the proxy should be bypassed
+ my @no_proxy = split( /\s*,\s*/, $ENV{NO_PROXY} || $ENV{no_proxy} || '');
+ my $is_proxied = 1;
+ my $domain;
+ for $domain (@no_proxy) {
+ if ($peer_addr =~ /\Q$domain\E$/) {
+ return;
+ }
+ }
+
$proxy_server =~ s|\Ahttps?://||i;
$proxy_server;
}