Net::SSLGlue::SMTP(3pm) User Contributed Perl Documentation Net::SSLGlue::SMTP(3pm)NAME
Net::SSLGlue::SMTP - make Net::SMTP able to use SSL
SYNOPSIS
use Net::SSLGlue::SMTP;
my $smtp_ssl = Net::SMTP->new( $host,
SSL => 1,
SSL_ca_path => ...
);
my $smtp_plain = Net::SMTP->new( $host );
$smtp_plain->starttls( SSL_ca_path => ... );
DESCRIPTION
Net::SSLGlue::SMTP extends Net::SMTP so one can either start directly with SSL or switch later to SSL using the STARTTLS command.
By default it will take care to verify the certificate according to the rules for SMTP implemented in IO::Socket::SSL.
METHODS
new The method "new" of Net::SMTP is now able to start directly with SSL when the argument "<SSL =" 1>> is given. In this case it will not
create an IO::Socket::INET object but an IO::Socket::SSL object. One can give the usual "SSL_*" parameter of IO::Socket::SSL to
"Net::SMTP::new".
starttls
If the connection is not yet SSLified it will issue the STARTTLS command and change the object, so that SSL will now be used. The usual
"SSL_*" parameter of IO::Socket::SSL will be given.
peer_certificate ...
Once the SSL connection is established the object is derived from IO::Socket::SSL so that you can use this method to get information
about the certificate. See the IO::Socket::SSL documentation.
All of these methods can take the "SSL_*" parameter from IO::Socket::SSL to change the behavior of the SSL connection. The following
parameters are especially useful:
SSL_ca_path, SSL_ca_file
Specifies the path or a file where the CAs used for checking the certificates are located. This is typically "etc/ssl/certs" on UNIX
systems.
SSL_verify_mode
If set to 0, verification of the certificate will be disabled. By default it is set to 1 which means that the peer certificate is
checked.
SSL_verifycn_name
Usually the name given as the hostname in the constructor is used to verify the identity of the certificate. If you want to check the
certificate against another name you can specify it with this parameter.
SEE ALSO
IO::Socket::SSL, Net::SMTP
COPYRIGHT
This module is copyright (c) 2008, Steffen Ullrich. All Rights Reserved. This module is free software. It may be used, redistributed
and/or modified under the same terms as Perl itself.
perl v5.14.2 2012-04-06 Net::SSLGlue::SMTP(3pm)
Check Out this Related Man Page
Net::Server::Proto::SSL(3) User Contributed Perl Documentation Net::Server::Proto::SSL(3)NAME
Net::Server::Proto::SSL - Net::Server SSL protocol.
SYNOPSIS
Until this release, it was preferrable to use the Net::Server::Proto::SSLEAY module. Recent versions include code that overcomes original
limitations.
See Net::Server::Proto. See Net::Server::Proto::SSLEAY.
use base qw(Net::Server::HTTP);
main->run(
proto => 'ssl',
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
sub SSL_key_file { "/path/to/my/file.key" }
sub SSL_cert_file { "/path/to/my/file.crt" }
main->run(proto = 'ssl');
# OR
main->run(
port => [443, 8443, "80/tcp"], # bind to two ssl ports and one tcp
proto => "ssl", # use ssl as the default
ipv => "*", # bind both IPv4 and IPv6 interfaces
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
main->run(port => [{
port => "443",
proto => "ssl",
# ipv => 4, # default - only do IPv4
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
}, {
port => "8443",
proto => "ssl",
ipv => "*", # IPv4 and IPv6
SSL_key_file => "/path/to/my/file2.key", # separate key
SSL_cert_file => "/path/to/my/file2.crt", # separate cert
SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
# key/value will automatically be passed to IO::Socket::SSL
}]);
DESCRIPTION
Protocol module for Net::Server based on IO::Socket::SSL. This module implements a secure socket layer over tcp (also known as SSL) via
the IO::Socket::SSL module. If this module does not work in your situation, please also consider using the SSLEAY protocol
(Net::Server::Proto::SSLEAY) which interfaces directly with Net::SSLeay. See Net::Server::Proto.
If you know that your server will only need IPv4 (which is the default for Net::Server), you can load IO::Socket::SSL in inet4 mode which
will prevent it from using Socket6 and IO::Socket::INET6 since they would represent additional and unsued overhead.
use IO::Socket::SSL qw(inet4);
use base qw(Net::Server::Fork);
__PACKAGE__->run(proto => "ssl");
PARAMETERS
In addition to the normal Net::Server parameters, any of the SSL parameters from IO::Socket::SSL may also be specified. See
IO::Socket::SSL for information on setting this up. All arguments prefixed with SSL_ will be passed to the IO::Socket::SSL->configure
method.
BUGS
Until version Net::Server version 2, Net::Server::Proto::SSL used the default IO::Socket::SSL::accept method. This old approach introduces
a DDOS vulnerability into the server, where the socket is accepted, but the parent server then has to block until the client negotiates the
SSL connection. This has now been overcome by overriding the accept method and accepting the SSL negotiation after the parent socket has
had the chance to go back to listening.
LICENCE
Distributed under the same terms as Net::Server
THANKS
Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed into the wrong class.
perl v5.18.2 2013-01-09 Net::Server::Proto::SSL(3)