[BACK]Return to lonssl.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/lonssl.pm between versions 1.12 and 1.14

version 1.12, 2015/10/15 13:40:27 version 1.14, 2015/11/08 03:15:13
Line 37  use strict; Line 37  use strict;
   
 use IO::Socket::INET;  use IO::Socket::INET;
 use IO::Socket::SSL;  use IO::Socket::SSL;
   use Net::SSLeay;
   
 use Fcntl;  use Fcntl;
 use POSIX;  use POSIX;
Line 141  sub PromoteClientSocket { Line 142  sub PromoteClientSocket {
     my $dupfno   = fcntl($PlaintextSocket, F_DUPFD, 0);      my $dupfno   = fcntl($PlaintextSocket, F_DUPFD, 0);
     Debug("Client promotion got dup = $dupfno\n");      Debug("Client promotion got dup = $dupfno\n");
   
       # Starting with IO::Socket::SSL rev. 1.79, carp warns that a verify 
       # mode of SSL_VERIFY_NONE should be explicitly set for client, if 
       # verification is not to be used, and SSL_verify_mode is not set.
       # Starting with rev. 1.95, the default became SSL_VERIFY_PEER which
       # prevents connections to lond.
       # Set SSL_verify_mode to Net::SSLeay::VERIFY_NONE() instead of to
       # SSL_VERIFY_NONE for compatibility with IO::Socket::SSL rev. 1.01
       # used by CentOS/RHEL/Scientific Linux 5).
           
     my $client = IO::Socket::SSL->new_from_fd($dupfno,      my $client = IO::Socket::SSL->new_from_fd($dupfno,
       SSL_use_cert => 1,        SSL_use_cert => 1,
       SSL_key_file  => $KeyFile,        SSL_key_file  => $KeyFile,
       SSL_cert_file => $MyCert,        SSL_cert_file => $MyCert,
       SSL_ca_file   => $CACert);        SSL_ca_file   => $CACert,
         SSL_verify_mode => Net::SSLeay::VERIFY_NONE());
           
     if(!$client) {      if(!$client) {
  $lasterror = IO::Socket::SSL::errstr();   $lasterror = IO::Socket::SSL::errstr();
Line 196  sub PromoteServerSocket { Line 206  sub PromoteServerSocket {
     Debug(" Fileno = $dupfno\n");      Debug(" Fileno = $dupfno\n");
     my $client = IO::Socket::SSL->new_from_fd($dupfno,      my $client = IO::Socket::SSL->new_from_fd($dupfno,
       SSL_server    => 1, # Server role.        SSL_server    => 1, # Server role.
       SSL_user_cert => 1,        SSL_use_cert  => 1,
       SSL_key_file  => $KeyFile,        SSL_key_file  => $KeyFile,
       SSL_cert_file => $MyCert,        SSL_cert_file => $MyCert,
       SSL_ca_file   => $CACert);        SSL_ca_file   => $CACert);
Removed from v.1.12  
changed lines
  Added in v.1.14

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.