{ "content": [ { "type": "text", "text": "# Net::Server::Proto::SSL (perldoc)\n\n## NAME\n\nNet::Server::Proto::SSL - Net::Server SSL protocol.\n\n## SYNOPSIS\n\nUntil this release, it was preferable to use the Net::Server::Proto::SSLEAY module. Recent\nversions include code that overcomes original limitations.\nSee Net::Server::Proto. See Net::Server::Proto::SSLEAY.\nuse base qw(Net::Server::HTTP);\nmain->run(\nproto => 'ssl',\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n# OR\nsub SSLkeyfile { \"/path/to/my/file.key\" }\nsub SSLcertfile { \"/path/to/my/file.crt\" }\nmain->run(proto = 'ssl');\n# OR\nmain->run(\nport => [443, 8443, \"80/tcp\"], # bind to two ssl ports and one tcp\nproto => \"ssl\", # use ssl as the default\nipv => \"*\", # bind both IPv4 and IPv6 interfaces\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n# OR\nmain->run(port => [{\nport => \"443\",\nproto => \"ssl\",\n# ipv => 4, # default - only do IPv4\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n}, {\nport => \"8443\",\nproto => \"ssl\",\nipv => \"*\", # IPv4 and IPv6\nSSLkeyfile => \"/path/to/my/file2.key\", # separate key\nSSLcertfile => \"/path/to/my/file2.crt\", # separate cert\nSSLfoo => 1, # Any key prefixed with SSL passed as a port hashref\n# key/value will automatically be passed to IO::Socket::SSL\n}]);\n\n## DESCRIPTION\n\nProtocol module for Net::Server based on IO::Socket::SSL. This module implements a secure socket\nlayer over tcp (also known as SSL) via the IO::Socket::SSL module. If this module does not work\nin your situation, please also consider using the SSLEAY protocol (Net::Server::Proto::SSLEAY)\nwhich interfaces directly with Net::SSLeay. See Net::Server::Proto.\n\n## Sections\n\n- **NAME**\n- **SYNOPSIS**\n- **DESCRIPTION**\n- **PARAMETERS**\n- **BUGS**\n- **LICENCE**\n- **THANKS**\n\nUse structuredContent.sections for detailed options, examples, and full documentation.\n" } ], "structuredContent": { "command": "Net::Server::Proto::SSL", "section": "", "mode": "perldoc", "summary": "Net::Server::Proto::SSL - Net::Server SSL protocol.", "synopsis": "Until this release, it was preferable to use the Net::Server::Proto::SSLEAY module. Recent\nversions include code that overcomes original limitations.\nSee Net::Server::Proto. See Net::Server::Proto::SSLEAY.\nuse base qw(Net::Server::HTTP);\nmain->run(\nproto => 'ssl',\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n# OR\nsub SSLkeyfile { \"/path/to/my/file.key\" }\nsub SSLcertfile { \"/path/to/my/file.crt\" }\nmain->run(proto = 'ssl');\n# OR\nmain->run(\nport => [443, 8443, \"80/tcp\"], # bind to two ssl ports and one tcp\nproto => \"ssl\", # use ssl as the default\nipv => \"*\", # bind both IPv4 and IPv6 interfaces\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n# OR\nmain->run(port => [{\nport => \"443\",\nproto => \"ssl\",\n# ipv => 4, # default - only do IPv4\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n}, {\nport => \"8443\",\nproto => \"ssl\",\nipv => \"*\", # IPv4 and IPv6\nSSLkeyfile => \"/path/to/my/file2.key\", # separate key\nSSLcertfile => \"/path/to/my/file2.crt\", # separate cert\nSSLfoo => 1, # Any key prefixed with SSL passed as a port hashref\n# key/value will automatically be passed to IO::Socket::SSL\n}]);", "tldr_summary": null, "tldr_examples": [], "tldr_source": null, "flags": [], "examples": [], "see_also": [], "section_outline": [ { "name": "NAME", "lines": 2, "subsections": [] }, { "name": "SYNOPSIS", "lines": 50, "subsections": [] }, { "name": "DESCRIPTION", "lines": 14, "subsections": [] }, { "name": "PARAMETERS", "lines": 4, "subsections": [] }, { "name": "BUGS", "lines": 7, "subsections": [] }, { "name": "LICENCE", "lines": 2, "subsections": [] }, { "name": "THANKS", "lines": 3, "subsections": [] } ], "sections": { "NAME": { "content": "Net::Server::Proto::SSL - Net::Server SSL protocol.\n", "subsections": [] }, "SYNOPSIS": { "content": "Until this release, it was preferable to use the Net::Server::Proto::SSLEAY module. Recent\nversions include code that overcomes original limitations.\n\nSee Net::Server::Proto. See Net::Server::Proto::SSLEAY.\n\nuse base qw(Net::Server::HTTP);\nmain->run(\nproto => 'ssl',\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n\n\n# OR\n\nsub SSLkeyfile { \"/path/to/my/file.key\" }\nsub SSLcertfile { \"/path/to/my/file.crt\" }\nmain->run(proto = 'ssl');\n\n\n# OR\n\nmain->run(\nport => [443, 8443, \"80/tcp\"], # bind to two ssl ports and one tcp\nproto => \"ssl\", # use ssl as the default\nipv => \"*\", # bind both IPv4 and IPv6 interfaces\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n);\n\n\n# OR\n\nmain->run(port => [{\nport => \"443\",\nproto => \"ssl\",\n# ipv => 4, # default - only do IPv4\nSSLkeyfile => \"/path/to/my/file.key\",\nSSLcertfile => \"/path/to/my/file.crt\",\n}, {\nport => \"8443\",\nproto => \"ssl\",\nipv => \"*\", # IPv4 and IPv6\nSSLkeyfile => \"/path/to/my/file2.key\", # separate key\nSSLcertfile => \"/path/to/my/file2.crt\", # separate cert\n\nSSLfoo => 1, # Any key prefixed with SSL passed as a port hashref\n# key/value will automatically be passed to IO::Socket::SSL\n}]);\n", "subsections": [] }, "DESCRIPTION": { "content": "Protocol module for Net::Server based on IO::Socket::SSL. This module implements a secure socket\nlayer over tcp (also known as SSL) via the IO::Socket::SSL module. If this module does not work\nin your situation, please also consider using the SSLEAY protocol (Net::Server::Proto::SSLEAY)\nwhich interfaces directly with Net::SSLeay. See Net::Server::Proto.\n\nIf you know that your server will only need IPv4 (which is the default for Net::Server), you can\nload IO::Socket::SSL in inet4 mode which will prevent it from using Socket6 and\nIO::Socket::INET6 since they would represent additional and unused overhead.\n\nuse IO::Socket::SSL qw(inet4);\nuse base qw(Net::Server::Fork);\n\nPACKAGE->run(proto => \"ssl\");\n", "subsections": [] }, "PARAMETERS": { "content": "In addition to the normal Net::Server parameters, any of the SSL parameters from IO::Socket::SSL\nmay also be specified. See IO::Socket::SSL for information on setting this up. All arguments\nprefixed with SSL will be passed to the IO::Socket::SSL->configure method.\n", "subsections": [] }, "BUGS": { "content": "Until version Net::Server version 2, Net::Server::Proto::SSL used the default\nIO::Socket::SSL::accept method. This old approach introduces a DDOS vulnerability into the\nserver, where the socket is accepted, but the parent server then has to block until the client\nnegotiates the SSL connection. This has now been overcome by overriding the accept method and\naccepting the SSL negotiation after the parent socket has had the chance to go back to\nlistening.\n", "subsections": [] }, "LICENCE": { "content": "Distributed under the same terms as Net::Server\n", "subsections": [] }, "THANKS": { "content": "Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed into\nthe wrong class.\n", "subsections": [] } } } }