[LON-CAPA-cvs] cvs: loncom / LWPReq.pm
raeburn
raeburn at source.lon-capa.org
Sat Jul 2 13:55:57 EDT 2016
raeburn Sat Jul 2 17:55:57 2016 EDT
Added files:
/loncom LWPReq.pm
Log:
- Wrapper for LWP UserAgent to accommodate certificate
verification for SSL.
Index: loncom/LWPReq.pm
+++ loncom/LWPReq.pm
# The LearningOnline Network with CAPA
# LON-CAPA wrapper for LWP UserAgent to accommodate certificate
# verification for SSL.
#
# $Id: LWPReq.pm,v 1.1 2016/07/02 17:55:57 raeburn Exp $
#
# The LearningOnline Network with CAPA
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
package LONCAPA::LWPReq;
use strict;
use lib '/home/httpd/perl/lib';
use LONCAPA::Configuration;
use IO::Socket::SSL();
use LWP::UserAgent();
sub makerequest {
my ($request,$content,$perlvar,$timeout,$verifycert,$use_lc_ca,$debug) = @_;
unless (ref($perlvar) eq' HASH') {
$perlvar = LONCAPA::Configuration::read_conf('loncapa.conf');
}
my ($certf,$keyf,$caf, at opts);
if (ref($perlvar) eq 'HASH') {
$certf = $perlvar->{'lonCertificateDirectory'}.'/'.$perlvar->{'lonnetHostnameCertificate'};
$keyf = $perlvar->{'lonCertificateDirectory'}.'/'.$perlvar->{'lonnetPrivateKey'};
$caf = $perlvar->{'lonCertificateDirectory'}.'/'.$perlvar->{'lonnetCertificateAuthority'};
}
if ($debug) {
$IO::Socket::SSL::DEBUG=$debug;
}
my $response;
if (LWP::UserAgent->VERSION >= 6.00) {
my $ssl_opts;
if ($use_lc_ca && $certf && $keyf) {
$ssl_opts->{'SSL_use_cert'} = 1;
$ssl_opts->{'SSL_cert_file'} = $certf;
$ssl_opts->{'SSL_key_file'} = $keyf;
} else {
$ssl_opts->{'SSL_use_cert'} = 0;
}
if ($verifycert) {
$ssl_opts->{'verify_hostname'} = 1;
$ssl_opts->{'SSL_verify_mode'} = IO::Socket::SSL::SSL_VERIFY_PEER;
$ssl_opts->{'SSL_version'} = 'SSLv23:!SSLv3:!SSLv2';
if ($use_lc_ca) {
$ssl_opts->{'SSL_ca_file'} = $caf;
}
} else {
$ssl_opts->{'verify_hostname'} = 0;
$ssl_opts->{'SSL_verify_mode'} = IO::Socket::SSL::SSL_VERIFY_NONE;
}
push(@opts,(ssl_opts => $ssl_opts));
my $ua = LWP::UserAgent->new(@opts);
if ($timeout) {
$ua->timeout($timeout);
}
if ($content ne '') {
$response = $ua->request($request,$content);
} else {
$response = $ua->request($request);
}
} else {
{
require Net::SSLGlue::LWP;
local %Net::SSLGlue::LWP::SSLopts = %Net::SSLGlue::LWP::SSLopts;
if ($use_lc_ca && $certf && $keyf) {
$Net::SSLGlue::LWP::SSLopts{'SSL_use_cert'} = 1;
$Net::SSLGlue::LWP::SSLopts{'SSL_cert_file'} = $certf;
$Net::SSLGlue::LWP::SSLopts{'SSL_key_file'} = $keyf;
} else {
$Net::SSLGlue::LWP::SSLopts{'SSL_use_cert'} = 0;
}
if ($verifycert) {
$Net::SSLGlue::LWP::SSLopts{'SSL_verify_mode'} = IO::Socket::SSL::SSL_VERIFY_PEER;
$Net::SSLGlue::LWP::SSLopts{'SSL_version'} = 'SSLv23:!SSLv3:!SSLv2';
if ($use_lc_ca) {
$Net::SSLGlue::LWP::SSLopts{'SSL_ca_file'} = $caf;
}
} else {
$Net::SSLGlue::LWP::SSLopts{'SSL_verify_mode'} = IO::Socket::SSL::SSL_VERIFY_NONE;
}
my $ua = LWP::UserAgent->new();
if ($timeout) {
$ua->timeout($timeout);
}
if ($content ne '') {
$response = $ua->request($request,$content);
} else {
$response = $ua->request($request);
}
}
}
return $response;
}
1;
More information about the LON-CAPA-cvs
mailing list