Bug #83001 for IO-Socket-SSL: Documentation is not clear about use of SSL_VERIFY

Mon Jan 28 06:30:52 2013 victor [...] vsespb.ru - Ticket created

Subject:

Documentation is not clear about use of SSL_VERIFY_NONE

This use strict; use IO::Socket::SSL; my $client = IO::Socket::SSL->new("google.com:https", SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()) || warn "I encountered a problem:".IO::Socket::SSL::errstr(); print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; and This use strict; use IO::Socket::SSL; my $client = IO::Socket::SSL->new("google.com:https", {SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()}) || warn "I encountered a problem:".IO::Socket::SSL::errstr(); print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; don't work as expected it produce the following warning: ******************************************************************* Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER together with SSL_ca_file|SSL_ca_path for verification. If you really don't want to verify the certificate and keep the connection open to Man-In-The-Middle attacks please set SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. ******************************************************************* In documentation there is no example how to pass VERIFY_NONE. What is VERIFY_NONE ? VERIFY_NONE or VERIFY_NONE() or IO::Socket::SSL::VERIFY_NONE or Net::SSL::VERIFY_NONE() ? Pass as hash ref or hash ? none of this work..

Mon Jan 28 06:33:52 2013 victor [...] vsespb.ru - Correspondence added

Also IO::Socket::SSL->new("google.com:https", {SSL_verify_mode=>SSL_VERIFY_NONE}) and IO::Socket::SSL->new("google.com:https", SSL_verify_mode=>SSL_VERIFY_NONE) don't work On Mon Jan 28 15:30:52 2013, vsespb wrote: Show quoted text

> This > > use strict; > use IO::Socket::SSL; > my $client = IO::Socket::SSL->new("google.com:https", > SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()) || warn "I encountered a > problem:".IO::Socket::SSL::errstr(); > print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; > > > and This > > > use strict; > use IO::Socket::SSL; > my $client = IO::Socket::SSL->new("google.com:https", > {SSL_verify_mode=>Net::SSLeay::VERIFY_NONE()}) || warn "I encountered a > problem:".IO::Socket::SSL::errstr(); > print $client "GET / HTTP/1.0\r\n\r\n"; print <$client>; > > > don't work as expected > > it produce the following warning: > > > ******************************************************************* > Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client > is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER > together with SSL_ca_file|SSL_ca_path for verification. > If you really don't want to verify the certificate and keep the > connection open to Man-In-The-Middle attacks please set > SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. > ******************************************************************* > > In documentation there is no example how to pass VERIFY_NONE. > What is VERIFY_NONE ? VERIFY_NONE or VERIFY_NONE() or > IO::Socket::SSL::VERIFY_NONE or Net::SSL::VERIFY_NONE() ? Pass as hash > ref or hash ? > > none of this work.. >

Mon Jan 28 06:33:54 2013 victor [...] vsespb.ru - Status changed from 'new' to 'open'

Mon Jan 28 07:10:38 2013 Steffen_Ullrich [...] genua.de - Correspondence added

the documentation of IO::Socket::SSL relates to the documentation of IO::Socket::INET, where the syntax is clearly documented as class- Show quoted text

>new(%args) with the exception

'If the constructor is only passed a single argument, it is assumed to be a "PeerAddr" specification.'

Mon Jan 28 07:10:39 2013 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'rejected'

Bug #83001 for IO-Socket-SSL: Documentation is not clear about use of SSL_VERIFY_NONE