1 package LWP::Protocol::https10;
5 # Figure out which SSL implementation to use
6 use vars qw($SSL_CLASS);
7 if ($Net::SSL::VERSION) {
8 $SSL_CLASS = "Net::SSL";
10 elsif ($IO::Socket::SSL::VERSION) {
11 $SSL_CLASS = "IO::Socket::SSL"; # it was already loaded
14 eval { require Net::SSL; }; # from Crypt-SSLeay
16 require IO::Socket::SSL;
17 $SSL_CLASS = "IO::Socket::SSL";
20 $SSL_CLASS = "Net::SSL";
27 require LWP::Protocol::http10;
28 @ISA=qw(LWP::Protocol::http10);
32 my($self, $host, $port, $timeout) = @_;
33 local($^W) = 0; # IO::Socket::INET can be noisy
34 my $sock = $SSL_CLASS->new(PeerAddr => $host,
40 # IO::Socket::INET leaves additional error messages in $@
42 die "Can't connect to $host:$port ($@)";
49 my($self, $req, $sock) = @_;
50 my $check = $req->header("If-SSL-Cert-Subject");
52 my $cert = $sock->get_peer_certificate ||
53 die "Missing SSL certificate";
54 my $subject = $cert->subject_name;
55 die "Bad SSL certificate subject: '$subject' !~ /$check/"
56 unless $subject =~ /$check/;
57 $req->remove_header("If-SSL-Cert-Subject"); # don't pass it on
64 $self->SUPER::_get_sock_info(@_);
66 $res->header("Client-SSL-Cipher" => $sock->get_cipher);
67 my $cert = $sock->get_peer_certificate;
69 $res->header("Client-SSL-Cert-Subject" => $cert->subject_name);
70 $res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name);
72 $res->header("Client-SSL-Warning" => "Peer certificate not verified");