home *** CD-ROM | disk | FTP | other *** search
- #
- # $Id: https.pm,v 1.8 1999/09/20 12:48:37 gisle Exp $
-
- use strict;
-
- package LWP::Protocol::https;
-
- # Figure out which SSL implementation to use
- use vars qw($SSL_CLASS);
- if ($IO::Socket::SSL::VERSION) {
- $SSL_CLASS = "IO::Socket::SSL"; # it was already loaded
- } else {
- eval { require Net::SSL; }; # from Crypt-SSLeay
- if ($@) {
- require IO::Socket::SSL;
- $SSL_CLASS = "IO::Socket::SSL";
- } else {
- $SSL_CLASS = "Net::SSL";
- }
- }
-
-
- use vars qw(@ISA);
-
- require LWP::Protocol::http;
- @ISA=qw(LWP::Protocol::http);
-
- sub _new_socket
- {
- my($self, $host, $port, $timeout) = @_;
- local($^W) = 0; # IO::Socket::INET can be noisy
- my $sock = $SSL_CLASS->new(PeerAddr => $host,
- PeerPort => $port,
- Proto => 'tcp',
- Timeout => $timeout,
- );
- unless ($sock) {
- # IO::Socket::INET leaves additional error messages in $@
- $@ =~ s/^.*?: //;
- die "Can't connect to $host:$port ($@)";
- }
- $sock;
- }
-
- sub _check_sock
- {
- my($self, $req, $sock) = @_;
- my $check = $req->header("If-SSL-Cert-Subject");
- if (defined $check) {
- my $cert = $sock->get_peer_certificate ||
- die "Missing SSL certificate";
- my $subject = $cert->subject_name;
- die "Bad SSL certificate subject: '$subject' !~ /$check/"
- unless $subject =~ /$check/;
- $req->remove_header("If-SSL-Cert-Subject"); # don't pass it on
- }
- }
-
- sub _get_sock_info
- {
- my $self = shift;
- $self->SUPER::_get_sock_info(@_);
- my($res, $sock) = @_;
- $res->header("Client-SSL-Cipher" => $sock->get_cipher);
- my $cert = $sock->get_peer_certificate;
- if ($cert) {
- $res->header("Client-SSL-Cert-Subject" => $cert->subject_name);
- $res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name);
- }
- $res->header("Client-SSL-Warning" => "Peer certificate not verified");
- }
-
- 1;
-
