develooper Front page | perl.libwww | Postings from April 2003

PATCH: Add Win32 SSL support (no OpenSSL/Crypt::SSLeay required)

Thread Next
From:
Johnny Lee
Date:
April 15, 2003 12:33
Subject:
PATCH: Add Win32 SSL support (no OpenSSL/Crypt::SSLeay required)
Message ID:
F19zJ1WAj9PPu4GkIgy00030441@hotmail.com
Windows includes SSL code (unless you've removed IE and WinHttp).

The attached zip file contains files (perl-only) to use the Windows SSL code 
in LWP.

Code was tested on ActivePerl 5.8. The code should work if you have LWP 
v.5.68.

Thanks to Jacques Poulin for testing the code.


Files
------------------
mshttps.pm - goes in your %PERL%\site\lib\lwp\Protocol directory
UserAgent.pm - can replace your %PERL%\site\lib\lwp\UserAgent.pm
UserAgent_20030415b.diff - unified diff of my changes to UserAgent.pm, if 
you want to patch UserAgent.pm instead of replacing it

What works (stuff that I've tested)
------------------------------------
- GET
- POST
- HEAD

The code also supports using a proxy server.
I tested with https://207.61.234.99:80.

Modifying behaviour
-----------------------------------
From mshttps.pm;

Set PERL_LWP_MSHTTPS_USE_WININET env. variable to a non-empty value
   to force Wininet to be used

Set PERL_LWP_MSHTTPS_DONT_IGNORE_SSL_ERRORS env. variable to a non-empty 
value.
   to NOT ignore SSL certificate errors

What's not supported?
------------------------------------
- Passing in a CODE reference for the content of a request.
- The size hint as 3rd param to a request call is essentially ignored. The 
SSL
  response content is returned in one huge block due to a limitation in one
  of the APIs used.


SSL websites tested
----------------------
https://www.modssl.org/example/test.phtml [SSL Cert errors]
https://ssl.netcraft.com
https://www.verisign.com
https://secure1.securityspace.com
https://secure.vintners.net/misc/secure_test_arrive.html
https://www.tradesports.com/

Caveats
----------------------
Some OS configurations prevent the perl code from turning off SSL errors. In 
those cases, any SSL error may cause the request to fail. This occurs esp. 
when using the Wininet DLL.

This is not a common problem from my testing on different machines.

Most secure sites do not have SSL errors when you visit them, esp.
if they use a well-known CA.

Internals
----------------------
LWP calls in to the protocol handlers (http, https, ftp, etc.) to handle
requests.

The modifications to UserAgent.pm catch any failure to create a https
handler. If we're on Win32, we'll try to create an mshttps protocol handler
and use that to handle the https request. If we succeed in creating the
mshttps handle, we'll use that for https requests from now on.

The mshttps handler uses the WinHttp COM object via Win32::OLE
or the Wininet DLL via Win32::Internet if WinHttp is not found.



_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About