Bug #67799 for IO-Socket-SSL: Add support for setting SSL-CTX-Options

Wed Apr 27 15:23:08 2011 james [...] riverstyx.net - Ticket created

Subject:	Add support for setting SSL-CTX-Options
Date:	Wed, 27 Apr 2011 12:22:57 -0700
To:	bug-IO-Socket-SSL [...] rt.cpan.org
From:	James Zwiers <james [...] riverstyx.net>

Greetings, This is a request to add a specific feature. When the constructor for IO::Socket::SSL::SSL_Context is called it internally sets a few options into the SSL context. However, there are many others that are also available that are useful (for example, the context options that outright deny certain SSL-modes, SSLv2 for example). I wanted to ask if it was possible to make it such that the arguments hash that is ultimately passed into IO::Socket::SSL::SSL_Context->new could also contain a value that can be passed into Net::SSLeay::CTX_set_options. I don't have a specific patch in mind for this, I'm working around it in another way right now. It just struck me as something that would be useful, and not overly challenging to add. Thanks, James Zwiers Developer Riverstyx Internet

Tue May 10 10:19:25 2011 Steffen_Ullrich [...] genua.de - Correspondence added

Show quoted text

> I wanted to ask if it was possible to make it such that the arguments > hash that is ultimately passed into IO::Socket::SSL::SSL_Context->new > could also contain a value that can be passed into > Net::SSLeay::CTX_set_options.

Hi, I've just added to 1.42 an option SSL_create_ctx_callback. Using this option you can do anything with the context after it got created and the default options were set. See documentation for an example. Hope this helps, Regards, Steffen

Tue May 10 10:19:25 2011 The RT System itself - Status changed from 'new' to 'open'

Tue May 10 10:19:25 2011 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'