Bad file descriptor in Net::LDAP::Bind - perl

I am establishing the following LDAP connection with Net::LDAP:
my $ldap = Net::LDAP->new( $ldap_host, version => 3 );
my $mesg = $ldap->start_tls(
verify => 'none',
);
$mesg = $ldap->bind( $dn, password => $ldappass );
This will work, and even let me make a query later to check a user's credentials.
But if I try to verify server certificate:
my $ldap = Net::LDAP->new( $ldap_host, version => 3 );
my $mesg = $ldap->start_tls(
verify => 'require',
cafile => '/var/certs/Certificate_Bundle.pem'
);
$mesg = $ldap->bind( $dn, password => $ldappass );
It will successfully establish the connection and verify the server certificate, but while trying the Bind operation I get the following LDAP message parameters:
'resultCode' => 82,
'pdu' => '0O`J3cn=foo1,ou=foo2,dc=foo3Passwd',
'errorMessage' => 'Bad file descriptor'
I'm surprised because result code 82 is defined as LDAP_LOCAL_ERROR, but all the certificate bit seems to work. If I change the 'cafile' parameter to a wrong value, it will fail with a 'I/O Error Connection reset by peer' error message.
Any ideas? Thanks in advance.
UPDATE: I just realized that the certificate verification was not being successful. The LDAP server was using other certificate than the one I had been told. I realized that by using openssl to monitor the handshaking process:
openssl s_client -connect *server:port* -showcerts -state
and there you can see the certificate that the server is effectively using.

Related

Perl mail attachment file size limit

I am using MIME::Lite module to send attachments in email and everything works fine until I realized attachment larger than 15mb cannot be sent successfully. Any suggestion on other module which not having size limit?
You should consider using a different module because that's what the author recommends (try Email::MIME, MIME::Entity or Email::Sender). However, it's not the module that determines the attachment size restriction.
The size limit you're seeing is set by your SMTP server. If you're not explicitly configuring your SMTP server you're using your local service which might differ depending on your OS. You're probably using sendmail or postfix.
See size limit in postfix
postconf | grep message_size_limit
See size limit in sendmail
grep MaxMessageSize /etc/mail/sendmail.cf
If you're using an external SMTP server they usually have their own size limits. Google has a 25MB size limit for their SMTP server smtp.gmail.com. If that's sufficient for you you could send your mail via Google by authenticating.
$msg->send(
'smtp', 'smtp.gmail.com',
Port => 465,
SSL => 1,
AuthUser => $user,
AuthPass => $password,
);
EDIT: I had some issues using MIME::Lite to work properly with Gmail SMTP server so I here's an example on how to use gmail.smtp.com with an alternative pacakge.
#!/usr/bin/env perl
use warnings;
use strict;
use Email::Sender::Simple qw( sendmail );
use Email::Sender::Transport::SMTP;
use Email::Simple;
my $user = 'username#gmail.com';
my $password = 'app-password';
my $host = 'smtp.gmail.com';
my $port = 465;
my $transport = Email::Sender::Transport::SMTP->new(
{
host => $host,
port => $port,
ssl => 1,
sasl_username => $user,
sasl_password => $password,
}
);
my $email = Email::Simple->create(
header => [
To => 'someone#example.com',
From => 'me#localhost',
Subject => 'Hello...',
],
body => "World!\n",
);
sendmail( $email, { transport => $transport } );

POST request using guzzle6 with pfx-certificate

Is it possible to create a POST request using guzzle6 which has .pfx-certificate attached to it?
The documention only mentions pem-format: http://docs.guzzlephp.org/en/stable/request-options.html#cert
Although the documentation at http://docs.guzzlephp.org/en/stable/request-options.html#cert doesn't mention it, it seems to be possible to also use pfx-format with guzzle.
PFX certificates are used for "mutual authentications", that means, the PFX is generated with your local private key and the remote public cert.
To generate a PFX key you run:
openssl pkcs12 -inkey your_privkey.pem -in remote_pub.cert -export -out mixed.pfx
To make a request using the PFX cert, you can:
$api = new \GuzzleHttp\Client([
'base_uri' => $baseUrl,
'cert' => 'path/to/mixed.pfx',
'curl' => [CURLOPT_SSLCERTTYPE => 'P12'], // to define it's a PFX key
]);
this will work in drupal 8 too
use GuzzleHttp\Client;
// Base URI is used with relative requests
$client = new Client([
'base_uri' => 'https://www.google.com',
'cert' => 'pathtopfxflie/nameof.pfx',
'curl' => [CURLOPT_SSLCERTTYPE => 'P12']]);
$response = $client->request('METHOD', 'api path',['headers' => ['Employer' => 100]]);
//get status code using $response->getStatusCode();
$body = $response->getBody();
$arr_body = json_decode($body);

Perl smtp email send is not working

I'm trying to send emails from my gmail account, and get the error:
Error sending email: Connect failed :IO::Socket::INET: connect: timeout at /home/tas/perl5/lib/perl5/Email/Send/SMTP/TLS.pm line 45
I've tried several different email adresses (gmail and others) but the result is the same.
I use this code:
#!/usr/bin/perlml
use Email::Send;
print "Content-type: text/html\n\n";
my $mailer = Email::Send->new( {
mailer => 'SMTP::TLS',
mailer_args => [
Host => 'smtp.gmail.com',
Port => 587,
User => 'XXXX#gmail.com',
Password => 'XXXXXXXXX',
Hello => 'fayland.org',
]
} );
use Email::Simple::Creator; # or other Email::
my $email = Email::Simple->create(
header => [
From => 'XXXX#gmail.com',
To => 'XXXX#gmail.com',
Subject => 'test',
],
body => 'test',
);
eval { $mailer->send($email) };
die "Error sending email: $#" if $#;
What is wrong here? Any other ways to send emails using smtp?
Error sending email: Connect failed :IO::Socket::INET: connect: timeout at /home/tas/perl5/lib/perl5/Email/Send/SMTP/TLS.pm line 45
Looks like there is nothing wrong with your Perl code. It looks like this is a networking problem. Something in your network is preventing you from connecting to Gmail on port 587.
You probably need to discuss this with the system support people for your server.

PERL Get_Server_Certificate certificate verify failed error

I'm receiving a certificate error when trying to send a POST message to a website.
The error I'm receiving:
LWP::Protocol::https::Socket: SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/lib/perl5/site_perl/5.8.8/LWP/Protocol/http.pm line 49
The code that I'm using is:
my $webpage = "";
my $ua = LWP::UserAgent->new( );
$ua->agent('Mozilla');
$webpage = "https://mysite:444/myapp/app.aspx";
my $msg = 'An XML Message';
my $req = POST $webpage,
Content_Type => 'text/xml',
Content => $msg;
So far I've tried a few "fixes" that I've found online:
Tried disabling verify hostname through environment variable:
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;
Tried disabling verify hostname through ssl_opts:
my $ua = LWP::UserAgent->new( ssl_opts => { verify_hostname => 0 }, );
Tried using the Mozilla CA and setting HTTPS_CA_FILE to /usr/lib/perl5/site_perl/5.8.8/Mozilla/CA/cacert.pem?
At this point I'm out of options to try so I'm hoping someone has run into this problem before and can provide assistance.
It's just a typo, use "verify_hostname" without the "s":
my $ua = LWP::UserAgent->new( ssl_opts => { verify_hostname => 0 }, );

Connect failed :IO::Socket::INET: connect: timeout is showing up in Perl .

I have wriiten this script to send mail through gmail smtp to my gmail account . It is not working and giving the already mentioned error ?
use Net::SMTP::TLS;
my $mailer = new Net::SMTP::TLS(
'smtp.gmail.com',
Hello => 'smtp.gmail.com',
Port => 587,
User => 'cetranger#gmail.com',
Password=> 'xxxxxx');
$mailer->mail('cetranger#gmail.com');
$mailer->to('cetranger#gmail.com');
$mailer->data;
$mailer->datasend("Sent from perl!");
$mailer->dataend;
$mailer->quit;
Try this:
use strict;
use warnings;
use Email::Simple;
use Email::Sender::Simple qw(sendmail);
use Email::Sender::Transport::SMTP::TLS;
my $transport = Email::Sender::Transport::SMTP::TLS->new(
host => 'smtp.gmail.com',
port => 587,
username => 'cetranger#gmail.com',
password => 'xxxxxx'
);
my $message = Email::Simple->create(
header => [
From => 'cetranger#gmail.com',
To => 'cetranger#gmail.com',
Subject => 'Sent from perl!',
],
body => 'Sent from perl!',
);
sendmail( $message, {transport => $transport} );
This script should work in fact (I tested with my own gmail account successfully).
I suspect you have some firewall in-between that prevent you from connecting to gmail.
Could you try telnet smtp.gmail.com 587 from your host. You should have something like that:
host$ telnet smtp.gmail.com 587
Trying 173.194.67.108...
Connected to gmail-smtp-msa.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP da8sm6658151wib.6
If you do not have the last 3 lines, this means that you cannot connect directly to the gmail server. Then check as well your own firewall settings (if any).