X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,KHOP_RCVD_TRUST,KHOP_THREADED,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,TW_BW X-Spam-Check-By: sourceware.org MIME-Version: 1.0 In-Reply-To: References: Date: Thu, 1 Nov 2012 13:29:41 -0500 Message-ID: Subject: Re: Problem with HTTPS in LWP module in Perl From: Reini Urban To: cygwin AT cygwin DOT com Content-Type: text/plain; charset=ISO-8859-1 X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id qA1ITqQB012731 On Thu, Nov 1, 2012 at 1:22 PM, Reini Urban wrote: > On Thu, Nov 1, 2012 at 1:05 PM, Björn Kautler wrote: >> I'm having a problem with https requests to >> "https://www.geocaching.com" in perl. >> Nothing was done at all, then I found out I need to install >> LWP::Protocol:https which I did with "cpan LWP::Protocol:https". >> Now according to Wireshark at least SSL communication is started. >> But after the "Client Hello" it just hangs until a timeout happens, >> waiting for the "Server Hello". >> With other HTTPS pages like "https://www.google.com" it works fine. >> The exact same Perl script works fine under Ubuntu. >> The https request to the same page works fine with curl under cygwin. >> If I change the SSL socket class to Net::SSL instead of >> IO::Socket::SSL, it also hangs after the "Client Hello", but then >> retries with SSLv3 instead of TLSv1 according to Wireshark and this at >> least works a bit better though not completely. >> So I guess something is weird in the Cygwin port of IO::Socket::SSL. :-/ > > Probably, but I cannot reproduce it. > If it is, you need to file a rt.cpan.org ticket for this, > with some wireshark loggings and the exact request. > > $ lwp-request https://www.geocaching.com/ > 501 Protocol scheme 'https' is not supported (LWP::Protocol::https not > installed) > $ cpan LWP::Protocol::https > ... (built and installed SULLR/IO-Socket-SSL-1.77.tar.gz, > GAAS/LWP-Protocol-https-6.03.tar.gz) > /usr/bin/make install -- OK > > $ lwp-request -USed https://www.geocaching.com/ > GET https://www.geocaching.com/ > User-Agent: lwp-request/6.03 libwww-perl/6.04 > > 500 Can't connect to www.geocaching.com:443 > Content-Type: text/plain > Client-Date: Thu, 01 Nov 2012 18:21:07 GMT > Client-Warning: Internal response > > From debian: > $ lwp-request -USed https://www.geocaching.com/ > GET https://www.geocaching.com/ > User-Agent: lwp-request/5.834 libwww-perl/6.04 > > GET https://www.geocaching.com/ --> 500 Can't connect to www.geocaching.com:443 > Content-Type: text/plain > Client-Date: Thu, 01 Nov 2012 18:18:49 GMT > Client-Warning: Internal response > > $ lwp-request -USed https://www.google.com/ > -> 200 OK I got a bit more information from some other version: $ perl5.14.3 -S lwp-request -USed https://www.geocaching.com/ GET https://www.geocaching.com/ User-Agent: lwp-request/5.834 libwww-perl/6.04 GET https://www.geocaching.com/ --> 500 Can't connect to www.geocaching.com:443 (Crypt-SSLeay can't verify hostnames) Content-Type: text/plain Client-Date: Thu, 01 Nov 2012 18:22:57 GMT Client-Warning: Internal response So I think it's on the application level, not the library. This is with Crypt::SSLeay 0.64. My Cygwin has 0.60, and debian had 0.58. See http://stackoverflow.com/questions/12116244/https-proxy-and-lwpuseragent how to utilize PERL_LWP_SSL_VERIFY_HOSTNAME=0 -- Reini Urban http://cpanel.net/ http://www.perl-compiler.org/ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple