I also use an adapted sslpoe in PoCo::Server::FTP, but its not stable.
 I guess I'm missing something.  I get alot of broken pipes and
handshake failures (I've also replaced the die's), hence I haven't
released the ssl version of PoCo::Server::FTP.  Maybe everyone can
post thier version somewhere, and we can compare notes....
I'll be in #poe as xantus.

-- 
David Davis
Perl Programmer
http://teknikill.net/

On Sat, 21 Aug 2004 23:03:52 -0500, Nick Perez <[EMAIL PROTECTED]> wrote:
> Oops. Reply went to Rocco but not the list: here it is.
> 
> -- Nick
> 
> 
> ---------- Forwarded message ----------
> From: Nick Perez 
> To: Rocco Caputo 
> Date: Sat, 21 Aug 2004 23:01:32 -0500
> Subject: Re: [PATCH] sslpoe-sanity-patch
> 
> I guess I should have sent my changes upstream which are in fact the
> very same changes here. I use this in PoCo::Jabber::Client::XMPP and
> also in Server::XMPP but adapted it for my own uses. I am not offering
> to maintain it, but I will test it against my code and perhaps share
> notes on these changes and others with whomever does take up maintainership.
> 
> -- Nick
> 
> Rocco Caputo wrote:
> > On Sat, Aug 21, 2004 at 07:07:51PM -0400, Dylan William Hardison wrote:
> >
> >>Some changes to SslClient.pm in sslpoe:
> >>
> >>Remove reference to $socket from %Filenum_Object.
> >>Reason: It was keeping the tied filehandle from being DESTROYed.
> >>
> >>In the READ method: Change "die ("handshake failed");"
> >>to $! = 104; return undef.
> >>Reason: This makes POE handle it like a normal
> >>error. Dying allowed someone to send garbage via netcat
> >>and crash the program, thus adding a DoS to any server that
> >>uses SSL. That's not good.
> >>
> >>However, errno 104 is "Connection reset by peer", and this is a lie.
> >>Really the handshake failed... Perhaps some other value should be used
> >>for $!.
> >>
> >>Added a DESTROY method that calls CLOSE,
> >>as CLOSE is not called otherwise.
> >>
> >>The patch is attached.
> >
> >
> > KTHXAPPLIED!
> >
> >
> >>These changes are pretty trivial, and further
> >>work needs to be done on SslClient.pm to make it more robust. Also
> >>perhaps it should properly be named "SSLSocketWraper" or somesuch?
> >>The name is most confusing.
> >
> >
> > I wouldn't mind that, but I don't do enough SSL work (as in ANY) to
> > have a good idea what to do here.  If you'd like, I'm ok with someone
> > adopting and developing the project a bit.  Preferably someone who
> > uses it.
> >
> 
> 
>

Reply via email to