Hey,
Here is a patch against libwww-perl-5.64 that turns off the
"Client-SSL-Warning" => "Peer certificate not verified"
when Crypt::SSLeay has been configured to do peer certificate
verification. By wrapping the call in an eval {}, this patch
should also be compatible with other SSL implementations that
do not support this sock->get_peer_verify API.
[root@gate libwww-perl-5.64]# diff -u lib/LWP/Protocol/https.pm.old
lib/LWP/Protocol/https.pm
--- lib/LWP/Protocol/https.pm.old Fri Nov 16 18:10:28 2001
+++ lib/LWP/Protocol/https.pm Mon Mar 18 12:38:37 2002
@@ -34,7 +34,9 @@
$res->header("Client-SSL-Cert-Subject" => $cert->subject_name);
$res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name);
}
- $res->header("Client-SSL-Warning" => "Peer certificate not verified");
+ if(! eval { $sock->get_peer_verify }) {
+ $res->header("Client-SSL-Warning" => "Peer certificate not verified");
+ }
}
Thanks,
Josh
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NodeWorks Founder Huntington Beach, CA USA
http://www.nodeworks.com 1-714-625-4051
