diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2015-07-23 20:14:13 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-07-23 20:22:36 +0200 |
commit | 783d97469f8f271db65ab37f900172d5533a30c8 (patch) | |
tree | df1be9d786d94e63ced789c1df4e4dc510adb50c /lib/Net | |
parent | c7e3736d35527593235ae12bf6e879689ea17f66 (diff) |
SSL: Allow disabling peer verification.
Diffstat (limited to 'lib/Net')
-rw-r--r-- | lib/Net/IMAP/Sync.pm | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/lib/Net/IMAP/Sync.pm b/lib/Net/IMAP/Sync.pm index 61930e7..2c2a434 100644 --- a/lib/Net/IMAP/Sync.pm +++ b/lib/Net/IMAP/Sync.pm @@ -50,6 +50,7 @@ my %OPTIONS = ( SSL_ca_path => qr/\A(\P{Control}+)\z/, SSL_cipher_list => qr/\A(\P{Control}+)\z/, SSL_fingerprint => qr/\A([A-Za-z0-9]+\$\p{AHex}+)\z/, + SSL_verify_peer => qr/\A(TRUE|FALSE)\z/i, ); @@ -245,9 +246,12 @@ sub new($%) { $socket = IO::Socket::INET->new(%args) or $self->fail("Cannot bind: $@"); } else { + require 'IO/Socket/SSL.pm'; + if (defined (my $vrfy = delete $self->{SSL_verify_peer})) { + $args{SSL_verify_mode} = 0 if uc $vrfy eq 'FALSE'; + } my $fpr = delete $self->{SSL_fingerprint}; $args{$_} = $self->{$_} foreach grep /^SSL_/, keys %$self; - require 'IO/Socket/SSL.pm'; $socket = IO::Socket::SSL->new(%args) or $self->fail("Failed connect or SSL handshake: $!\n$IO::Socket::SSL::SSL_ERROR"); @@ -309,8 +313,12 @@ sub new($%) { require 'IO/Socket/SSL.pm'; $self->_send('STARTTLS'); + my %sslargs; + if (defined (my $vrfy = delete $self->{SSL_verify_peer})) { + $sslargs{SSL_verify_mode} = 0 if uc $vrfy eq 'FALSE'; + } my $fpr = delete $self->{SSL_fingerprint}; - my %sslargs = %$self{ grep /^SSL_/, keys %$self }; + $sslargs{$_} = $self->{$_} foreach grep /^SSL_/, keys %$self; IO::Socket::SSL->start_SSL($self->{STDIN}, %sslargs) or $self->fail("Failed SSL handshake: $!\n$IO::Socket::SSL::SSL_ERROR"); |