Selecting SSL_VERIFY_NONE for SSL_verify_mode - perl

I am trying to create a client connection to an internal ssl site that does not have a certificate and needs to bypass the proxy.
I am able to bypass the proxy, and I am able to connect to the site and create a client connection, however, i am getting this ugly warning:
*******************************************************************
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
together with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
at C:/strawberry/perl/site/lib/LWP/Protocol/http.pm line 31
My Code:
use RPC::XML::Client;
use XML::Simple;
use LWP::Protocol::https;
$ENV{NO_PROXY} = '10.*';
$ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0;
my $server = RPC::XML::Client->new("$vneUrl/api/index.ice",
ssl_opts => { SSL_verify_mode => 'SSL_VERIFY_NONE',
verify_hostname => 0,
SSL_use_cert => 0x00
},
);

That message is from IO::Socket::SSL, and it refers to the constant SSL_VERIFY_NONE it exports rather than the string 'SSL_VERIFY_NONE'.
Secondly, ssl_opts is an argument of LWP::UserAgent's constructor, not RPC::XML::Client's.
Try:
use IO::Socket::SSL qw( SSL_VERIFY_NONE );
RPC::XML::Client->new($uri,
useragent => [
ssl_opts => {
verify_hostname => 0,
SSL_verify_mode => SSL_VERIFY_NONE,
},
],
);

New version I believe you should set to 0 or 1.
I think this was a bug:
500 SSL_verify_mode must be a number and not a string
From:
$useragent->ssl_opts(SSL_verify_mode=>'SSL_VERIFY_NONE');
To:
$useragent->ssl_opts(SSL_verify_mode=>'0');

Related

Error IMAPClient with message_string() function

you have an idea on how to solve this problem that I met with the function message_string () of Mail::IMAPClient library, here is my code:
#!/usr/bin/perl -w
use strict;
use warnings;
use Mail::IMAPClient;
use IO::Socket::SSL;
# Create the object connexion with socket SSL + LOG ON
my $imap = Mail::IMAPClient->new(
#Debug => 1,
User => 'xxxxx',
Password => 'yyyyy',
Uid => 1,
Peek => 1, # set \Seen flag
Socket => IO::Socket::SSL->new(
Proto => 'tcp',
PeerAddr => 'zzzzzzz',
PeerPort => 993,
)
);
die "$0: connect: $#" if defined $#;
my $nm=$imap->unseen_count("INBOX") ;
# Select INBOX dossier
$imap->select("INBOX");
my $msg = $imap->message_string('47') or die " $#\n";
the error obtained is the following:
message_string() expected 304627 bytes but received 304718 you may need the IgnoreSizeErrors option
The error message tells you exactly how to cope with this. Some IMAP servers calculate the message size incorrectly -- in particular, many (such as notably GMail) examine the local message size, then change the line terminators to CRLF when sending the message over IMAP, resulting in a slightly different actual size than what the server told the client to expect. By default, IMAPClient will throw an error when this happens, but you can tell it not to by saying IgnoreSizeErrors => 1 when you create an instance.
my $imap = Mail::IMAPClient->new(
#Debug => 1,
User => 'xxxxx',
Password => 'yyyyy',
Uid => 1,
Peek => 1, # set \Seen flag
Socket => IO::Socket::SSL->new(
Proto => 'tcp',
PeerAddr => 'zzzzzzz',
PeerPort => 993,
),
# See here
IgnoreSizeErrors => 1
);

perl sending email works on one system but not another

I have a simple sending email perl code.
use strict;
use warnings;
use Time::Format;
use Email::MIME;
use Email::Sender::Simple qw(sendmail);
use Email::Sender::Transport::SMTP;
my $message = Email::MIME->create(
header_str => [
From => 'me#provider.com',
To => 'me#provider.com',
Subject => 'test',
],
attributes => {
encoding => 'quoted-printable',
charset => 'ISO-8859-1',
},
body_str => 'stefy test',
);
my $transport = Email::Sender::Transport::SMTP->new({
host => 'my.server.smtp',
port => 25,
});
sendmail($message, { transport => $transport });
I can it run with success in one system but not another.
Windows 7 professional -> success
Window Server 2008 -> failure
this is the exception I get:
unable to establish SMTP connection to my.server.smtp port 25
Trace begun at D:\strawberryperl\perl\site\lib\Email\Sender\Transport\SMTP.pm line 193 Email::Sender::Transport::SMTP::_throw('Email::Sender::Transport::SMTP=HASH(0x38
0fef8)', 'unable to establish SMTP connection to my.server.smtp port 25') called at D:\strawberryperl\perl\site\lib\Email\Sender\Transport\SMTP.pm line 143
Any idea ?
thank you
update of the perl version fixed the problem.
This is perl 5, version 26, subversion 2 (v5.26.2) built for MSWin32-x64-multi-t
hread

PERL Get_Server_Certificate certificate verify failed error

I'm receiving a certificate error when trying to send a POST message to a website.
The error I'm receiving:
LWP::Protocol::https::Socket: SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/lib/perl5/site_perl/5.8.8/LWP/Protocol/http.pm line 49
The code that I'm using is:
my $webpage = "";
my $ua = LWP::UserAgent->new( );
$ua->agent('Mozilla');
$webpage = "https://mysite:444/myapp/app.aspx";
my $msg = 'An XML Message';
my $req = POST $webpage,
Content_Type => 'text/xml',
Content => $msg;
So far I've tried a few "fixes" that I've found online:
Tried disabling verify hostname through environment variable:
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;
Tried disabling verify hostname through ssl_opts:
my $ua = LWP::UserAgent->new( ssl_opts => { verify_hostname => 0 }, );
Tried using the Mozilla CA and setting HTTPS_CA_FILE to /usr/lib/perl5/site_perl/5.8.8/Mozilla/CA/cacert.pem?
At this point I'm out of options to try so I'm hoping someone has run into this problem before and can provide assistance.
It's just a typo, use "verify_hostname" without the "s":
my $ua = LWP::UserAgent->new( ssl_opts => { verify_hostname => 0 }, );

Attempting to ignore local SSL certificate [duplicate]

I want to access a website where the certificate cannot be verified. I'm using WWW::Mechanize get request. So how would go about ignoring this and continues to connect to the website?
use IO::Socket::SSL qw();
use WWW::Mechanize qw();
my $mech = WWW::Mechanize->new(ssl_opts => {
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
verify_hostname => 0, # this key is likely going to be removed in future LWP >6.04
});
With IO::Socket::SSL earlier than 1.79, see PERL_LWP_SSL_VERIFY_HOSTNAME.
my $mech = WWW::Mechanize->new( 'ssl_opts' => { 'verify_hostname' => 0 } );

How to ignore 'Certificate Verify Failed' error in perl?

I want to access a website where the certificate cannot be verified. I'm using WWW::Mechanize get request. So how would go about ignoring this and continues to connect to the website?
use IO::Socket::SSL qw();
use WWW::Mechanize qw();
my $mech = WWW::Mechanize->new(ssl_opts => {
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
verify_hostname => 0, # this key is likely going to be removed in future LWP >6.04
});
With IO::Socket::SSL earlier than 1.79, see PERL_LWP_SSL_VERIFY_HOSTNAME.
my $mech = WWW::Mechanize->new( 'ssl_opts' => { 'verify_hostname' => 0 } );