1Net::Server::Proto::SSLU(s3e)r Contributed Perl DocumentaNteito:n:Server::Proto::SSL(3)
2
3
4

NAME

6       Net::Server::Proto::SSL - Net::Server SSL protocol.
7

SYNOPSIS

9       Until this release, it was preferable to use the
10       Net::Server::Proto::SSLEAY module.  Recent versions include code that
11       overcomes original limitations.
12
13       See Net::Server::Proto.  See Net::Server::Proto::SSLEAY.
14
15           use base qw(Net::Server::HTTP);
16           main->run(
17               proto => 'ssl',
18               SSL_key_file  => "/path/to/my/file.key",
19               SSL_cert_file => "/path/to/my/file.crt",
20           );
21
22
23           # OR
24
25           sub SSL_key_file  { "/path/to/my/file.key" }
26           sub SSL_cert_file { "/path/to/my/file.crt" }
27           main->run(proto = 'ssl');
28
29
30           # OR
31
32           main->run(
33               port => [443, 8443, "80/tcp"],  # bind to two ssl ports and one tcp
34               proto => "ssl",       # use ssl as the default
35               ipv  => "*",          # bind both IPv4 and IPv6 interfaces
36               SSL_key_file  => "/path/to/my/file.key",
37               SSL_cert_file => "/path/to/my/file.crt",
38           );
39
40
41           # OR
42
43           main->run(port => [{
44               port  => "443",
45               proto => "ssl",
46               # ipv => 4, # default - only do IPv4
47               SSL_key_file  => "/path/to/my/file.key",
48               SSL_cert_file => "/path/to/my/file.crt",
49           }, {
50               port  => "8443",
51               proto => "ssl",
52               ipv   => "*", # IPv4 and IPv6
53               SSL_key_file  => "/path/to/my/file2.key", # separate key
54               SSL_cert_file => "/path/to/my/file2.crt", # separate cert
55
56               SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
57                             # key/value will automatically be passed to IO::Socket::SSL
58           }]);
59

DESCRIPTION

61       Protocol module for Net::Server based on IO::Socket::SSL.  This module
62       implements a secure socket layer over tcp (also known as SSL) via the
63       IO::Socket::SSL module.  If this module does not work in your
64       situation, please also consider using the SSLEAY protocol
65       (Net::Server::Proto::SSLEAY) which interfaces directly with
66       Net::SSLeay.  See Net::Server::Proto.
67
68       If you know that your server will only need IPv4 (which is the default
69       for Net::Server), you can load IO::Socket::SSL in inet4 mode which will
70       prevent it from using Socket6, IO::Socket::IP, or IO::Socket::INET6
71       since they would represent additional and unused overhead.
72
73           use IO::Socket::SSL qw(inet4);
74           use base qw(Net::Server::Fork);
75
76           __PACKAGE__->run(proto => "ssl");
77

PARAMETERS

79       In addition to the normal Net::Server parameters, any of the SSL
80       parameters from IO::Socket::SSL may also be specified.  See
81       IO::Socket::SSL for information on setting this up.  All arguments
82       prefixed with SSL_ will be passed to the IO::Socket::SSL->configure
83       method.
84

BUGS

86       Until version Net::Server version 2, Net::Server::Proto::SSL used the
87       default IO::Socket::SSL::accept method.  This old approach introduces a
88       DDOS vulnerability into the server, where the socket is accepted, but
89       the parent server then has to block until the client negotiates the SSL
90       connection.  This has now been overcome by overriding the accept method
91       and accepting the SSL negotiation after the parent socket has had the
92       chance to go back to listening.
93

LICENCE

95       Distributed under the same terms as Net::Server
96

THANKS

98       Thanks to Vadim for pointing out the IO::Socket::SSL accept was
99       returning objects blessed into the wrong class.
100
101
102
103perl v5.38.0                      2023-07-21        Net::Server::Proto::SSL(3)