Net::Proxy::Connector::ssl(3) SSL Net::Proxy connector

DESCRIPTION

"Net::Proxy::Connecter::ssl" is a "Net::Proxy::Connector" that can manage SSL connections (thanks to "IO::Socket::SSL").

By default, this connector creates SSL sockets. You will need to subclass it to create ``smarter'' connectors than can upgrade their connections to SSL.

In addition to the options listed below, this connector accepts all "SSL_..." options to "IO::Socket::SSL". They are transparently passed through to the appropriate "IO::Socket::SSL" methods when needed.

CONNECTOR OPTIONS

The connector accept the following options:

in

  • host

    The listening address. If not given, the default is "localhost".

  • port

    The listening port.

  • start_cleartext

    If true, the connection will start in cleartext. It is possible to upgrade a socket to using SSL with the "upgrade_SSL()" method.

out

  • host

    The listening address. If not given, the default is "localhost".

  • port

    The listening port.

  • start_cleartext

    If true, the connection will start in cleartext. It is possible to upgrade a socket to using SSL with the "upgrade_SSL()" method.

METHODS

The "Net::Proxy::Connector::ssl" connector has an extra method:
upgrade_SSL( $sock )
This method will upgrade a cleartext socket to SSL. If the socket is already in SSL, it will "carp()".

CREATING A SELF-SIGNED CERTIFICATE

I tend to forget this information, and the openssl documentation doesn't make this any clearer, so here are the most basic commands needed to create your own self-signed certificate (courtesy David Morel): 

    $ openssl genrsa -out key.pem 1024
    $ openssl req -new -key key.pem -x509 -out cert.pem -days 365

A certificate is required is you want to run a SSL server or a proxy with a "Net::Proxy::Connector::ssl" as its "in" connector.

Once the key and certificate have been created, you can use them in your parameter list to "Net::Proxy->new()" (they are passed through to "IO::Socket::SSL"): 

    Net::Proxy->new(
        {
            in => {
                host          => '0.0.0.0',
                port          => 443,
                SSL_key_file  => 'key.pem',
                SSL_cert_file => 'cert.pem',
            },
            out => { type => 'tcp', port => '80' }
        }
    );

AUTHOR

Philippe 'BooK' Bruhat, "<[email protected]>".

COPYRIGHT

Copyright 2006 Philippe 'BooK' Bruhat, All Rights Reserved.

LICENSE

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

LAST SEARCHED