On 4/2/20 1:23 PM, Slaven Rezic wrote:
Hi James,
I can confirm that the certificate is marked as invalid in my firefox,
and also if calling the URL with lwp-request. However, my
Test::Reporter-based report sender still works. It's just working
because Test::Reporter::Transport::Metabase is using HTTP::Tiny, and
HTTP::Tiny does not do certificate validation by default (see the
verify_SSL option). Works:
perl5.31.10 -MData::Dumper -MHTTP::Tiny -e 'warn
Dumper(HTTP::Tiny->new->get("https://metabase.cpantesters.org/api/v1/"))'
With this (albeit with perl-5.30.0 and after installing IO::Socket::SSL
and Net::SSLeay), I got a 404:
#####
$ perl -MData::Dumper -MHTTP::Tiny -e 'warn
Dumper(HTTP::Tiny->new->get("https://metabase.cpantesters.org/api/v1/"))'
$VAR1 = {
'protocol' => 'HTTP/1.1',
'status' => '404',
'url' => 'https://metabase.cpantesters.org/api/v1/',
'content' => '<!DOCTYPE html>
...
',
'reason' => 'Not Found',
'success' => '',
'headers' => {
'via' => [
'1.1 varnish',
'1.1 varnish'
],
'age' => '0',
'content-length' => '20240',
'x-cache-hits' => '0, 0',
'x-cache' => 'MISS, MISS',
'x-served-by' => 'cache-lcy19261-LCY,
cache-bos4650-BOS',
'date' => 'Thu, 02 Apr 2020 18:02:37 GMT',
'connection' => 'keep-alive',
'server' => 'Mojolicious (Perl)',
'x-timer' => 'S1585850556.546659,VS0,VE2416',
'accept-ranges' => 'bytes',
'content-type' => 'text/html;charset=UTF-8'
}
};
#####
Fails:
perl5.31.10 -MData::Dumper -MHTTP::Tiny -e 'warn
Dumper(HTTP::Tiny->new(verify_SSL=>1)->get("https://metabase.cpantesters.org/api/v1/"))'
With this, I got a 599:
#####
$ perl -MData::Dumper -MHTTP::Tiny -e 'warn
Dumper(HTTP::Tiny->new(verify_SSL=>1)->get("https://metabase.cpantesters.org/api/v1/"))'
$VAR1 = {
'headers' => {
'content-length' => 81,
'content-type' => 'text/plain'
},
'content' => 'SSL connection failed for
metabase.cpantesters.org: hostname verification failed
',
'reason' => 'Internal Exception',
'status' => 599,
'url' => 'https://metabase.cpantesters.org/api/v1/',
'success' => ''
};
#####
Regards,
Slaven
Thank you very much.
Jim Keenan
James E Keenan < jkee...@pobox.com <mailto:jkee...@pobox.com>> hat am
2. April 2020 um 14:29 geschrieben:
Today I had occasion to call a program which uses
App::cpanminus::reporter. I have run programs with that module hundreds
of times before. The program failed with this output in the debugger.
#####
error loading Test::Reporter::Transport::Metabase. Please install the
missing module or choose a different transport mechanism.
at /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 21.
CPAN::Testers::Common::Client::Config::__ANON__[/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm:21]("\x{a}error
loading Test::Reporter::Transport::Metabase. Please in"...) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 87
CPAN::Testers::Common::Client::Config::mywarn(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
"\x{a}error loading Test::Reporter::Transport::Metabase. Please
in"...) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 647
CPAN::Testers::Common::Client::Config::_validate_transport(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
"transport", "Metabase uri https://metabase.cpantesters.org/api/v1/
id_file"...) called at error loading
Test::Reporter::Transport::Metabase. Please install the missing module
or choose a different transport mechanism.
at /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 21.
CPAN::Testers::Common::Client::Config::__ANON__[/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm:21]("\x{a}error
loading Test::Reporter::Transport::Metabase. Please in"...) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 87
CPAN::Testers::Common::Client::Config::mywarn(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
"\x{a}error loading Test::Reporter::Transport::Metabase. Please
in"...) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 647
CPAN::Testers::Common::Client::Config::_validate_transport(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
"transport", "Metabase uri https://metabase.cpantesters.org/api/v1/
id_file"...) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 448
CPAN::Testers::Common::Client::Config::_get_config_options(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
HASH(0x806c7d5b8)) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 41
CPAN::Testers::Common::Client::Config::read(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8))
called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm
line 171
App::cpanminus::reporter::_check_cpantesters_config_data(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900))
called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm
line 219
App::cpanminus::reporter::run(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900))
called at cpanm-reporter.pl line 23
line 448
CPAN::Testers::Common::Client::Config::_get_config_options(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8),
HASH(0x806c7d5b8)) called at
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
line 41
CPAN::Testers::Common::Client::Config::read(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8))
called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm
line 171
App::cpanminus::reporter::_check_cpantesters_config_data(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900))
called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm
line 219
App::cpanminus::reporter::run(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900))
called at cpanm-reporter.pl line 23
#####
All the relevant modules are up to date on the machine where the program
was run.
I examined
/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm. I
zeroed in on the call to the internal method '_validate_transport'. I
entered this URL into my browser:
https://metabase.cpantesters.org/api/v1/
I got the standard Firefox "Warning: Potential Security Risk Ahead"
screen. When I clicked "Learn more...", I got:
#####
Websites prove their identity via certificates. Firefox does not trust
this site because it uses a certificate that is not valid for
metabase.cpantesters.org. The certificate is only valid for
c.sni.fastly.net.
Error code: SSL_ERROR_BAD_CERT_DOMAIN
#####
(Hat-tip to BingOS.)
How can we fix this or how can I work-around it?
Thank you very much.
Jim Keenan