Skip to content
Snippets Groups Projects
Commit e12de6fe authored by Patrick Cernko's avatar Patrick Cernko
Browse files

option to disable hostname verification 

(most likely fails as we use IPs as hostnames)
parent 92f4f97d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 9 additions and 1 deletion
poolmon
+ 9
1
View file @ e12de6fe
......@@ -34,6 +34,7 @@ $SIG{'PIPE'} = 'IGNORE';
my @PORTS;
my @SSL_PORTS;
my $NO_HOSTNAME_VERIFY = 0;
my $DEBUG = 0;
my $NOFORK = 0;
my $DRY_RUN = 0;
......@@ -55,6 +56,7 @@ my %WEIGHTS;
Getopt::Long::Configure("bundling");
GetOptions('p|port=s' => \@PORTS,
's|ssl=s' => \@SSL_PORTS,
'no-hostname-verify' => \$NO_HOSTNAME_VERIFY,
'd|debug' => \$DEBUG,
't|timeout=i' => \$TIMEOUT,
'l|logfile=s' => \$LOGFILE,
......@@ -125,6 +127,8 @@ Arguments:
You can force a protocol (IMAP or POP3) by specifying
it before the port, separated by a colon. Example:
--port POP3:110 --ssl IMAP:993
--no-hostname-verify Instruct IO::Socket::SSL to skip verifying given
hostname in certificate (default: false)
-c --credfile=PATH File with credentials to authenticate as, mode 0600.
- Username on 1st line.
- Password on 2nd line.
......@@ -249,7 +253,11 @@ sub scan_port {
$sock = IO::Socket::SSL->new(PeerAddr => $host,
PeerPort => $port,
Timeout => $TIMEOUT,
SSL_verify_mode => 1);
SSL_verifycn_scheme => ($NO_HOSTNAME_VERIFY ? 'none' : 'default'),
SSL_verify_mode => 1) or eval {
$DEBUG && write_log("failed to accept or ssl handshake to $host:$port: '$!', SSL_ERROR='".$IO::Socket::SSL::SSL_ERROR."' NO_HOSTNAME_VERIFY=$NO_HOSTNAME_VERIFY");
return 0;
}
} else {
$sock = IO::Socket::INET6->new(PeerAddr => $host,
PeerPort => $port,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment