Thread Problem mit LWP::UserAgent und SSL request unter Strawberry Perl (14 answers)
Opened by Bernhard at 2015-04-03 14:56

GwenDragon
 2015-04-07 20:59
#180606 #180606
User since
2005-01-17
14761 Artikel
Admin1
[Homepage]
user image
Bislang klappt es nur mit einem originalen Strawberry-Perl 5.12.3 mit:
Code (perl): (dl )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
use IO::Socket::SSL qw(debug3);
use LWP::UserAgent; 

IO::Socket::SSL::set_ctx_defaults( 
        SSL_verify_mode => SSL_VERIFY_PEER ,
        SSL_ca_file => "1.pem",
);

my $ua  = LWP::UserAgent->new (); 
my $req = HTTP::Request->new(
    GET => 
        'https://api.flickr.com/services/rest/?method=flickr.auth.getFrob&api_key=df2c4935d4a2dedb9e618f400e808b4c&format=rest&auth_token=72157651265610617-7929d0e254995744&api_sig=8b0edba90343f1593dcb14ad39ce07d7'
);

my $res = $ua->request($req);

print $req->as_string;

print $res->status_line, "\n";

print $res->headers_as_string;

und dem Zertifikat http://www.symantec.com/content/en/us/enterprise/v...

1.pem:
Code: (dl )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
-----BEGIN CERTIFICATE-----
MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i
2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ
2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ
-----END CERTIFICATE-----


ergibt:

Code: (dl )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
DEBUG: .../IO/Socket/SSL.pm:1464: new ctx 46009944
DEBUG: .../IO/Socket/SSL.pm:334: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:336: socket connected
DEBUG: .../IO/Socket/SSL.pm:349: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:392: Net::SSLeay::connect -> 1
DEBUG: .../IO/Socket/SSL.pm:447: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:1500: free ctx 46009944 open=46009944
DEBUG: .../IO/Socket/SSL.pm:1508: OK free ctx 46009944
GET https://api.flickr.com/services/rest/?method=flickr.auth.getFrob&api_key=df2c4935d4a2dedb9e618f400e808b4c&format=rest&auth_token=72157651265610617-7929d0e254995744&api_sig=8b0edba90343f1593dcb14ad39ce07d7
User-Agent: libwww-perl/5.837

200 OK
Cache-Control: private
Connection: close
Date: Tue, 07 Apr 2015 18:58:13 GMT
Via: http/1.1 fts101.flickr.bf1.yahoo.com (ApacheTrafficServer/4.0.2 [cMsSf ]), http/1.1 r07.ycpi.dea.yahoo.net (ApacheTrafficServer [cMsSf ])
Age: 0
Server: ATS
Vary: Accept-Encoding
Content-Length: 109
Content-Type: text/xml; charset=utf-8
Client-Date: Tue, 07 Apr 2015 18:58:10 GMT
Client-Peer: 188.125.93.38:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
Client-SSL-Cert-Subject: /C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./CN=www.yahoo.com
Client-SSL-Cipher: RC4-SHA
Client-SSL-Warning: Peer certificate not verified
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Strict-Transport-Security: max-age=259200
X-Robots-Tag: noindex
X-Served-By: www67.flickr.bf1.yahoo.com



Dass es nur mit Uralt-LWP und -IO-Socket-SSL geht, stimmt nicht gerade freudig.

//EDIT:
Strawberry Perl 5.14.4.1 32bit (mit letzten Updates) auf Win 7 x64
Code (perl): (dl )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
use strict; use warnings;
use IO::Socket::SSL qw(debug3);
use LWP::UserAgent; 

my $ua  = LWP::UserAgent->new; 
$ua->ssl_opts( 
    SSL_verify_mode => SSL_VERIFY_PEER,
    SSL_ca_file => '1.pem',
 );
my $req = HTTP::Request->new(
    GET => 
        'https://api.flickr.com/services/rest/?method=flickr.auth.getFrob&api_key=df2c4935d4a2dedb9e618f400e808b4c&format=rest&auth_token=72157651265610617-7929d0e254995744&api_sig=8b0edba90343f1593dcb14ad39ce07d7'
);

my $res = $ua->request($req);

print $req->as_string;
print $res->status_line, "\n";
print $res->headers_as_string;

erzeugt
Code: (dl )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
DEBUG: .../IO/Socket/SSL.pm:2602: new ctx 32724688
DEBUG: .../IO/Socket/SSL.pm:542: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:544: socket connected
DEBUG: .../IO/Socket/SSL.pm:566: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:599: using SNI with hostname api.flickr.com
DEBUG: .../IO/Socket/SSL.pm:634: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:653: set socket to non-blocking to enforce timeout=180
DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:2458: ok=1 cert=52275728
DEBUG: .../IO/Socket/SSL.pm:2458: ok=1 cert=52276064
DEBUG: .../IO/Socket/SSL.pm:2458: ok=1 cert=52275840
DEBUG: .../IO/Socket/SSL.pm:2458: ok=1 cert=42283792
DEBUG: .../IO/Socket/SSL.pm:1570: scheme=www cert=42283792
DEBUG: .../IO/Socket/SSL.pm:1580: identity=api.flickr.com cn=www.yahoo.com alt=2 *.answers.yahoo.com 2 *.antispam.yahoo.com 2 *.api.fantasysports.yahoo.com 2 *.auctions.yahoo.com 2 *.autos.yahoo.com 2 *.calendar.yahoo.com 2 *.celebrity.yahoo.com 2 *.cricket.yahoo.com 2 *.deals.yahoo.com 2 *.eurosport.yahoo.com 2 *.everything.yahoo.com 2 *.fantasysports.yahoo.com 2 *.finance.yahoo.com 2 *.flickr.com 2 *.football.fantasysports.yahoo.com 2 *.games.yahoo.com 2 *.geo.yahoo.com 2 *.groups.yahoo.com 2 *.help.yahoo.com 2 *.lifestyle.yahoo.com 2 *.m.yahoo.com 2 *.mail.yahoo.com 2 *.maktoob.com 2 *.messenger.yahoo.com 2 *.mg.mail.yahoo.com 2 *.movies.yahoo.com 2 *.msg.yahoo.com 2 *.mujer.yahoo.com 2 *.music.yahoo.com 2 *.my.yahoo.com 2 *.news.yahoo.com 2 *.notepad.yahoo.com 2 *.noticias.yahoo.com 2 *.protrade.com 2 *.safely.yahoo.com 2 *.screen.yahoo.com 2 *.search.yahoo.com 2 *.secure.yahoo.com 2 *.seguridad.yahoo.com 2 *.shine.yahoo.com 2 *.sports.yahoo.com 2 *.staticflickr.com 2 *.travel.yahoo.com 2 *.tv.yahoo.com 2 *.video.yahoo.com 2 *.wc.fantasysports.yahoo.com 2 *.wc.yahoodns.net 2 *.weather.yahoo.com 2 *.yahoo.com 2 *.yahooapis.com 2 *.ybp.yahoo.com 2 *.ymail.com 2 *.yql.yahoo.com 2 *.ysm.yahoo.com 2 flic.kr 2 flickr.com 2 s.wc.yahoo.net 2 www.yahoo.com 2 yahooapis.com 2 ymail.com
DEBUG: .../IO/Socket/SSL.pm:2508: got stapled OCSP response
run basic verify at C:/strawberry/perl/site/lib/IO/Socket/SSL.pm line 2515.
found issuer in chain at C:/strawberry/perl/site/lib/IO/Socket/SSL.pm line 2522.
found issuer in chain at C:/strawberry/perl/site/lib/IO/Socket/SSL.pm line 2522.
got issuer at C:/strawberry/perl/site/lib/IO/Socket/SSL.pm line 2522.
DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:677: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:687: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:707: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:667: Net::SSLeay::connect -> 1
DEBUG: .../IO/Socket/SSL.pm:722: ssl handshake done
DEBUG: .../IO/Socket/SSL.pm:735: got OCSP success with stapling
DEBUG: .../IO/Socket/SSL.pm:2635: free ctx 32724688 open=32724688
DEBUG: .../IO/Socket/SSL.pm:2640: free ctx 32724688 callback
DEBUG: .../IO/Socket/SSL.pm:2647: OK free ctx 32724688
GET https://api.flickr.com/services/rest/?method=flickr.auth.getFrob&api_key=df2c4935d4a2dedb9e618f400e808b4c&format=rest&auth_token=72157651265610617-7929d0e254995744&api_sig=8b0edba90343f1593dcb14ad39ce07d7
User-Agent: libwww-perl/6.13

200 OK
Cache-Control: private
Connection: close
Date: Tue, 07 Apr 2015 19:16:26 GMT
Via: http/1.1 fts125.flickr.bf1.yahoo.com (ApacheTrafficServer/4.0.2 [cMsSf ]), http/1.1 r10.ycpi.dea.yahoo.net (ApacheTrafficServer [cMsSf ])
Age: 0
Server: ATS
Vary: Accept-Encoding
Content-Length: 109
Content-Type: text/xml; charset=utf-8
Client-Date: Tue, 07 Apr 2015 19:16:23 GMT
Client-Peer: 188.125.93.38:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
Client-SSL-Cert-Subject: /C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./CN=www.yahoo.com
Client-SSL-Cipher: ECDHE-RSA-AES128-SHA256
Client-SSL-Socket-Class: IO::Socket::SSL
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Strict-Transport-Security: max-age=259200
X-Robots-Tag: noindex
X-Served-By: www252.flickr.bf1.yahoo.com

Last edited: 2015-04-07 21:19:40 +0200 (CEST)

View full thread Problem mit LWP::UserAgent und SSL request unter Strawberry Perl