Provided by: libnet-server-perl_2.014-1_all bug

NAME

       Net::Server::Proto::SSL - Net::Server SSL protocol.

SYNOPSIS

       Until this release, it was preferable to use the Net::Server::Proto::SSLEAY module.
       Recent versions include code that overcomes original limitations.

       See Net::Server::Proto.  See Net::Server::Proto::SSLEAY.

           use base qw(Net::Server::HTTP);
           main->run(
               proto => 'ssl',
               SSL_key_file  => "/path/to/my/file.key",
               SSL_cert_file => "/path/to/my/file.crt",
           );

           # OR

           sub SSL_key_file  { "/path/to/my/file.key" }
           sub SSL_cert_file { "/path/to/my/file.crt" }
           main->run(proto = 'ssl');

           # OR

           main->run(
               port => [443, 8443, "80/tcp"],  # bind to two ssl ports and one tcp
               proto => "ssl",       # use ssl as the default
               ipv  => "*",          # bind both IPv4 and IPv6 interfaces
               SSL_key_file  => "/path/to/my/file.key",
               SSL_cert_file => "/path/to/my/file.crt",
           );

           # OR

           main->run(port => [{
               port  => "443",
               proto => "ssl",
               # ipv => 4, # default - only do IPv4
               SSL_key_file  => "/path/to/my/file.key",
               SSL_cert_file => "/path/to/my/file.crt",
           }, {
               port  => "8443",
               proto => "ssl",
               ipv   => "*", # IPv4 and IPv6
               SSL_key_file  => "/path/to/my/file2.key", # separate key
               SSL_cert_file => "/path/to/my/file2.crt", # separate cert

               SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
                             # key/value will automatically be passed to IO::Socket::SSL
           }]);

DESCRIPTION

       Protocol module for Net::Server based on IO::Socket::SSL.  This module implements a secure
       socket layer over tcp (also known as SSL) via the IO::Socket::SSL module.  If this module
       does not work in your situation, please also consider using the SSLEAY protocol
       (Net::Server::Proto::SSLEAY) which interfaces directly with Net::SSLeay.  See
       Net::Server::Proto.

       If you know that your server will only need IPv4 (which is the default for Net::Server),
       you can load IO::Socket::SSL in inet4 mode which will prevent it from using Socket6,
       IO::Socket::IP, or IO::Socket::INET6 since they would represent additional and unused
       overhead.

           use IO::Socket::SSL qw(inet4);
           use base qw(Net::Server::Fork);

           __PACKAGE__->run(proto => "ssl");

PARAMETERS

       In addition to the normal Net::Server parameters, any of the SSL parameters from
       IO::Socket::SSL may also be specified.  See IO::Socket::SSL for information on setting
       this up.  All arguments prefixed with SSL_ will be passed to the
       IO::Socket::SSL->configure method.

BUGS

       Until version Net::Server version 2, Net::Server::Proto::SSL used the default
       IO::Socket::SSL::accept method.  This old approach introduces a DDOS vulnerability into
       the server, where the socket is accepted, but the parent server then has to block until
       the client negotiates the SSL connection.  This has now been overcome by overriding the
       accept method and accepting the SSL negotiation after the parent socket has had the chance
       to go back to listening.

LICENCE

       Distributed under the same terms as Net::Server

THANKS

       Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed
       into the wrong class.