Capture stdout/stderr and exit code in perl

The modern recommended way:

use strict;
use warnings;

use Capture::Tiny qw/capture/;

my $cmd = "ls -l /tmp /non_existant_path";
my ($stdout, $stderr, $exitcode) = capture {
    system( $cmd );
};
$exitcode >>= 8;

print "STDOUT:\n", $stdout, "\n";
print "STDERR:\n", $stderr, "\n";
print "Exit code: $exitcode\n";

If Capture::Tiny is not available, IPC::Open3 might be ( but this has some caveats ).

use strict;
use warnings;

use IPC::Open3;

local(*MY_STDIN, *MY_STDOUT, *MY_STDERR);

my $cmd = "ls -l /tmp /nonexistant_path";

my $childpid = open3(*MY_STDIN, *MY_STDOUT, *MY_STDERR, $cmd);
my @outlines = <MY_STDOUT>;
my @errlines = <MY_STDERR>;  # XXX: block potential if massive
close MY_STDOUT;
close MY_STDERR;

print "STDOUT:\n", @outlines, "\n";
print "STDERR:\n", @errlines, "\n";
waitpid($childpid, 0);
my $exitcode = $? >> 8;
print "Exit code $exitcode\n";

Using open3 may fail if the output being thrown in stdout/stderr is too large and cannot be buffered. This can be made to work with IO::Select. See also http://docstore.mik.ua/orelly/perl2/prog/ch32_31.htm .

Capture stdout/stderr and exit code in perl

Ignore SSL certificates in LWP

Ever since release 6.00, Perl’s LWP validates the server’s SSL certificate on HTTPS requests. By default, LWP will use the certificate bundle provided by Mozilla::CA to verify the server certificate. This is detailed in the changelog for 6.00.

There are two way of reverting to the old behaviour (ignore server certificate):

Setting an environment variable, ie:

PERL_LWP_SSL_VERIFY_HOSTNAME=0

Passing an option to the LWP::UserAgent object asking for certificate validation to be ignored, ie:

    use LWP::UserAgent;
    use IO::Socket::SSL qw();

    my $ua = LWP::UserAgent->new(
        ssl_opts => {
            SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
            verify_hostname => 0,
#            SSL_hostname => '',# Set SSL_hostname if you do want to verify the hostname
                                # (ie, when using SNI https://en.wikipedia.org/wiki/Server_Name_Indication)
        }
    );

The SSL_hostname option is only required if you intend to fake the “Host” HTTP header ( so that it doesn’t mismatch with a similar header sent in the SSL handshake, see Server Name Indication ).

Ignore SSL certificates in LWP