From 783d97469f8f271db65ab37f900172d5533a30c8 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 23 Jul 2015 20:14:13 +0200 Subject: [PATCH] SSL: Allow disabling peer verification. --- lib/Net/IMAP/Sync.pm | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/Net/IMAP/Sync.pm b/lib/Net/IMAP/Sync.pm index 61930e7..2c2a434 100644 --- a/lib/Net/IMAP/Sync.pm +++ b/lib/Net/IMAP/Sync.pm @@ -50,6 +50,7 @@ my %OPTIONS = ( SSL_ca_path => qr/\A(\P{Control}+)\z/, SSL_cipher_list => qr/\A(\P{Control}+)\z/, SSL_fingerprint => qr/\A([A-Za-z0-9]+\$\p{AHex}+)\z/, + SSL_verify_peer => qr/\A(TRUE|FALSE)\z/i, ); @@ -245,9 +246,12 @@ sub new($%) { $socket = IO::Socket::INET->new(%args) or $self->fail("Cannot bind: $@"); } else { + require 'IO/Socket/SSL.pm'; + if (defined (my $vrfy = delete $self->{SSL_verify_peer})) { + $args{SSL_verify_mode} = 0 if uc $vrfy eq 'FALSE'; + } my $fpr = delete $self->{SSL_fingerprint}; $args{$_} = $self->{$_} foreach grep /^SSL_/, keys %$self; - require 'IO/Socket/SSL.pm'; $socket = IO::Socket::SSL->new(%args) or $self->fail("Failed connect or SSL handshake: $!\n$IO::Socket::SSL::SSL_ERROR"); @@ -309,8 +313,12 @@ sub new($%) { require 'IO/Socket/SSL.pm'; $self->_send('STARTTLS'); + my %sslargs; + if (defined (my $vrfy = delete $self->{SSL_verify_peer})) { + $sslargs{SSL_verify_mode} = 0 if uc $vrfy eq 'FALSE'; + } my $fpr = delete $self->{SSL_fingerprint}; - my %sslargs = %$self{ grep /^SSL_/, keys %$self }; + $sslargs{$_} = $self->{$_} foreach grep /^SSL_/, keys %$self; IO::Socket::SSL->start_SSL($self->{STDIN}, %sslargs) or $self->fail("Failed SSL handshake: $!\n$IO::Socket::SSL::SSL_ERROR"); -- 2.39.2