Codebase list libpoe-component-sslify-perl / 2bad9a0
New upstream release Nathan Handler 14 years ago
19 changed file(s) with 582 addition(s) and 231 deletion(s). Raw diff Collapse all Expand all
+51
-31
Build.PL less more
0 # Build.PL
1 use strict; use warnings;
2 use Module::Build;
3
4 my $build = Module::Build->new(
5 # look up Module::Build::API for the info!
6 'dynamic_config' => 0,
7 'module_name' => 'POE::Component::SSLify',
8 'license' => 'perl',
9
10 'dist_abstract' => 'SSL in the world of POE made easy',
11
12 'create_packlist' => 1,
13 'create_makefile_pl' => 'traditional',
14 'create_readme' => 1,
15
16 'test_files' => 't/*.t',
17
18 'add_to_cleanup' => [ 'META.yml', 'Makefile.PL', 'README', 'Manifest' ], # automatically generated
19
20 'requires' => {
21 # Networking
22 'Net::SSLeay' => '1.30',
23
24 # minimum perl version
25 'perl' => '5.006',
26 },
27 );
28
29 # all done!
30 $build->create_build_script;
0 # Build.PL
1 use strict; use warnings;
2 use Module::Build;
3
4 my $build = Module::Build->new(
5 # look up Module::Build::API for the info!
6 'dynamic_config' => 0,
7 'module_name' => 'POE::Component::SSLify',
8 'license' => 'perl',
9
10 'dist_abstract' => 'SSL in the world of POE made easy',
11 'dist_author' => 'Apocalypse <APOCAL@cpan.org>',
12
13 'create_packlist' => 1,
14 'create_makefile_pl' => 'traditional',
15 'create_readme' => 1,
16 'create_license' => 1,
17 'sign' => 0,
18
19 'test_files' => 't/*.t',
20
21 'add_to_cleanup' => [ 'META.yml', 'Makefile.PL', 'README', 'Makefile', 'LICENSE' ], # automatically generated
22
23 'requires' => {
24 # Networking
25 'Net::SSLeay' => '1.36',
26
27 # minimum perl version
28 'perl' => '5.006',
29 },
30
31 'build_requires' => {
32 # For the t/simple.t test
33 'POE' => '1.267',
34 'POE::Component::Client::TCP' => 0,
35 'POE::Component::Server::TCP' => 0,
36 },
37
38 # include the standard stuff in META.yml
39 'meta_merge' => {
40 'resources' => {
41 'license' => 'http://dev.perl.org/licenses/',
42 'homepage' => 'http://search.cpan.org/dist/POE-Component-SSLify',
43 'bugtracker' => 'http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify',
44 'repository' => 'http://github.com/apocalypse/perl-poe-sslify',
45 },
46 },
47 );
48
49 # all done!
50 $build->create_build_script;
+19
-0
Changes less more
00 Revision history for Perl extension POE::Component::SSLify.
1
2 * 0.18
3
4 Bumped POE dep to at least 1.267 for t/simple.t - thanks CPANTesters!
5 Minor typo fixes in POD/Build.PL
6
7 * 0.17
8
9 Fixed the t/simple.t test to PASS on FreeBSD because Net::SSLeay::renegotiate was buggy on it, thanks CPANTesters!
10 Added note about OpenSSL functions in the POD.
11
12 * 0.16
13
14 Updated the nonblocking code to be production-ready, thanks ASCENT!
15 Removed the NONBLOCKING() sub, this module is now always nonblocking.
16 Added more tests, thanks ASCENT!
17 Added "mylib/example.crt" and "mylib/example.key" for testing, thanks ASCENT!
18 Misc kwalitee and POD fixes.
19 Bumped Net::SSLeay prereq to 1.36 so we have the latest SSL stuff to ensure sanity :)
120
221 * 0.15
322
+6
-6
LICENSE less more
0 This software is copyright (c) 2009 by Apocalypse.
0 This software is copyright (c) 2010 by Apocalypse <APOCAL@cpan.org>.
11
22 This is free software; you can redistribute it and/or modify it under
3 the same terms as perl itself.
4
5 Terms of Perl itself
3 the same terms as the Perl 5 programming language system itself.
4
5 Terms of the Perl programming language system itself
66
77 a) the GNU General Public License as published by the Free
88 Software Foundation; either version 1, or (at your option) any
1111
1212 --- The GNU General Public License, Version 1, February 1989 ---
1313
14 This software is Copyright (c) 2008 by the POE authors.
14 This software is Copyright (c) 2010 by Apocalypse <APOCAL@cpan.org>.
1515
1616 This is free software, licensed under:
1717
269269
270270 --- The Artistic License 1.0 ---
271271
272 This software is Copyright (c) 2008 by the POE authors.
272 This software is Copyright (c) 2010 by Apocalypse <APOCAL@cpan.org>.
273273
274274 This is free software, licensed under:
275275
+7
-3
MANIFEST less more
00 Build.PL
1 Changes
2 Makefile.PL
31 MANIFEST
42 MANIFEST.SKIP
3 README
4 Makefile.PL
55 META.yml
6 README
6 Changes
77 LICENSE
88
99 lib/POE/Component/SSLify.pm
1414 examples/server.pl
1515 examples/serverclient.pl
1616
17 mylib/example.crt
18 mylib/example.key
19
1720 t/1_load.t
1821 t/apocalypse.t
22 t/simple.t
+29
-28
MANIFEST.SKIP less more
0 # Avoid Eclipse stuff
1 \.includepath$
2 \.project$
3 \.settings/
4
5 # Avoid version control files.
6 \B\.svn\b
7 \B\.git\b
8
9 # Avoid Makemaker generated and utility files.
10 \bMakefile$
11 \bblib/
12 \bMakeMaker-\d
13 \bpm_to_blib$
14
15 # Avoid Module::Build generated and utility files.
16 \bBuild$
17 \b_build/
18
19 # Avoid temp and backup files.
20 ~$
21 \.old$
22 \#$
23 \b\.#
24 \.bak$
25
26 # our tarballs
27 \.tar\.gz$
0 # skip Eclipse IDE stuff
1 \.includepath$
2 \.project$
3 \.settings/
4
5 # Avoid version control files.
6 \B\.svn\b
7 \B\.git\b
8
9 # Avoid Makemaker generated and utility files.
10 \bMakefile$
11 \bblib/
12 \bMakeMaker-\d
13 \bpm_to_blib$
14
15 # Avoid Module::Build generated and utility files.
16 \bBuild$
17 \b_build/
18 ^MYMETA.yml$
19
20 # Avoid temp and backup files.
21 ~$
22 \.old$
23 \#$
24 \b\.#
25 \.bak$
26
27 # our tarballs
28 \.tar\.gz$
+27
-18
META.yml less more
00 ---
1 abstract: 'SSL in the world of POE made easy'
2 author:
3 - 'Apocalypse <APOCAL@cpan.org>'
4 build_requires:
5 POE: 1.267
6 POE::Component::Client::TCP: 0
7 POE::Component::Server::TCP: 0
8 configure_requires:
9 Module::Build: 0.36
10 dynamic_config: 0
11 generated_by: 'Module::Build version 0.3603'
12 license: perl
13 meta-spec:
14 url: http://module-build.sourceforge.net/META-spec-v1.4.html
15 version: 1.4
116 name: POE-Component-SSLify
2 version: 0.15
3 author:
4 - 'Apocalypse E<lt>apocal@cpan.orgE<gt>'
5 abstract: SSL in the world of POE made easy
6 license: perl
7 resources:
8 license: http://dev.perl.org/licenses/
9 requires:
10 Net::SSLeay: 1.30
11 perl: 5.006
12 dynamic_config: 0
1317 provides:
1418 POE::Component::SSLify:
1519 file: lib/POE/Component/SSLify.pm
16 version: 0.15
20 version: 0.18
1721 POE::Component::SSLify::ClientHandle:
1822 file: lib/POE/Component/SSLify/ClientHandle.pm
19 version: 0.15
23 version: 0.18
2024 POE::Component::SSLify::ServerHandle:
2125 file: lib/POE/Component/SSLify/ServerHandle.pm
22 version: 0.15
23 generated_by: Module::Build version 0.280801
24 meta-spec:
25 url: http://module-build.sourceforge.net/META-spec-v1.2.html
26 version: 1.2
26 version: 0.18
27 requires:
28 Net::SSLeay: 1.36
29 perl: 5.006
30 resources:
31 bugtracker: http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify
32 homepage: http://search.cpan.org/dist/POE-Component-SSLify
33 license: http://dev.perl.org/licenses/
34 repository: http://github.com/apocalypse/perl-poe-sslify
35 version: 0.18
+9
-6
Makefile.PL less more
0 # Note: this file was auto-generated by Module::Build::Compat version 0.2808_01
0 # Note: this file was auto-generated by Module::Build::Compat version 0.3603
11 require 5.006;
22 use ExtUtils::MakeMaker;
33 WriteMakefile
44 (
5 'PL_FILES' => {},
6 'INSTALLDIRS' => 'site',
75 'NAME' => 'POE::Component::SSLify',
8 'EXE_FILES' => [],
96 'VERSION_FROM' => 'lib/POE/Component/SSLify.pm',
107 'PREREQ_PM' => {
11 'Net::SSLeay' => '1.30'
12 }
8 'Net::SSLeay' => '1.36',
9 'POE' => '1.267',
10 'POE::Component::Client::TCP' => 0,
11 'POE::Component::Server::TCP' => 0
12 },
13 'INSTALLDIRS' => 'site',
14 'EXE_FILES' => [],
15 'PL_FILES' => {}
1316 )
1417 ;
+84
-34
README less more
11 POE::Component::SSLify - Makes using SSL in the world of POE easy!
22
33 SYNOPSIS
4 Client-side usage
4 # CLIENT-side usage
5
56 # Import the module
67 use POE::Component::SSLify qw( Client_SSLify );
78
89 # Create a normal SocketFactory wheel or something
9 my $factory = POE::Wheel::SocketFactory->new( ... );
10
10 my $factory = POE::Wheel::SocketFactory->new;
11
12 # Time passes, SocketFactory gives you a socket when it connects in SuccessEvent
1113 # Converts the socket into a SSL socket POE can communicate with
14 my $socket = shift;
1215 eval { $socket = Client_SSLify( $socket ) };
1316 if ( $@ ) {
1417 # Unable to SSLify it...
1720 # Now, hand it off to ReadWrite
1821 my $rw = POE::Wheel::ReadWrite->new(
1922 Handle => $socket,
20 ...
23 # other options as usual
2124 );
2225
2326 # Use it as you wish...
24
25 Server-side usage
27 # End of example
28
29 # --------------------------------------------------------------------------- #
30
31 # SERVER-side usage
32
2633 # !!! Make sure you have a public key + certificate generated via Net::SSLeay's makecert.pl
2734 # excellent howto: http://www.akadia.com/services/ssh_test_certificate.html
2835
3643 }
3744
3845 # Create a normal SocketFactory wheel or something
39 my $factory = POE::Wheel::SocketFactory->new( ... );
40
46 my $factory = POE::Wheel::SocketFactory->new;
47
48 # Time passes, SocketFactory gives you a socket when it gets a connection in SuccessEvent
4149 # Converts the socket into a SSL socket POE can communicate with
50 my $socket = shift;
4251 eval { $socket = Server_SSLify( $socket ) };
4352 if ( $@ ) {
4453 # Unable to SSLify it...
4756 # Now, hand it off to ReadWrite
4857 my $rw = POE::Wheel::ReadWrite->new(
4958 Handle => $socket,
50 ...
59 # other options as usual
5160 );
5261
5362 # Use it as you wish...
63 # End of example
5464
5565 ABSTRACT
5666 Makes SSL use in POE a breeze!
8595 }
8696 }
8797
88 Mixing Server/Client in the same program
89 Some users have reported success, others failure when they tried to utilize SSLify in both roles. This
90 would require more investigation, so please tread carefully if you need to use it!
91
92 Blocking mode
93 Normally, Net::SSLeay requires the socket to be in blocking mode for the initial handshake to work. However,
94 various users ( especially ASCENT, thanks! ) have reported success in setting nonblocking mode for clients.
95
96 In order to enable nonblocking mode, you need to set the subroutine "NONBLOCKING" to a true value in this
97 package.
98
99 sub POE::Component::SSLify::NONBLOCKING { 1 }
100 use POE::Component::SSLify;
101
102 This is a global, and an EXPERIMENTAL feature! Please, pretty please report back to me your experience with
103 this. Hopefully someday SSLify will be fully nonblocking, thanks to your help!
98 OpenSSL functions
99 Theoretically you can do anything that Net::SSLeay exports from the
100 OpenSSL libs on the socket. However, I have not tested every possible
101 function against SSLify, so use them carefully! If you have success,
102 please report back to me so I can update this doc!
103
104 Net::SSLeay::renegotiate
105 This function has been tested ( it's in t/simple.t ) but it doesn't work
106 on FreeBSD! I tracked it down to this security advisory:
107 <http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc> which
108 explains it in detail. The test will skip this function if it detects
109 that you're on a FreeBSD system. However, if you have the updated
110 OpenSSL library that fixes this you can use it.
104111
105112 FUNCTIONS
106113 Client_SSLify
178185 Example:
179186 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
180187
188 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will result in "(NONE)" because the SSL handshake
189 is not done yet. The socket is nonblocking, so you will have to wait a little bit for it to get ready.
190 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
191 got connection from: 127.0.0.1 - commencing Server_SSLify()
192 SSLified: 127.0.0.1 cipher type: ((NONE))
193 Connected to server, commencing Client_SSLify()
194 SSLified the connection to the server
195 Connected to SSL server
196 Input: hola
197 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
198 Got Reply: hola
199 Input: ^C
200 stopped at serverclient.pl line 126.
201
181202 SSLify_GetSocket
182203 Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
183204
205226 EXPORT
206227 Stuffs all of the above functions in @EXPORT_OK so you have to request them directly
207228
208 head1 SUPPORT
209
229 SUPPORT
210230 You can find documentation for this module with the perldoc command.
211231
212232 perldoc POE::Component::SSLify
213233
214234 Websites
235 * Search CPAN
236
237 <http://search.cpan.org/dist/POE-Component-SSLify>
238
215239 * AnnoCPAN: Annotated CPAN documentation
216240
217241 <http://annocpan.org/dist/POE-Component-SSLify>
220244
221245 <http://cpanratings.perl.org/d/POE-Component-SSLify>
222246
223 * RT: CPAN's request tracker
247 * CPAN Forum
248
249 <http://cpanforum.com/dist/POE-Component-SSLify>
250
251 * RT: CPAN's Request Tracker
224252
225253 <http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify>
226254
227 * Search CPAN
228
229 <http://search.cpan.org/dist/POE-Component-SSLify>
255 * CPANTS Kwalitee
256
257 <http://cpants.perl.org/dist/overview/POE-Component-SSLify>
258
259 * CPAN Testers Results
260
261 <http://cpantesters.org/distro/P/POE-Component-SSLify.html>
262
263 * CPAN Testers Matrix
264
265 <http://matrix.cpantesters.org/?dist=POE-Component-SSLify>
266
267 * Git Source Code Repository
268
269 This code is currently hosted on github.com under the account
270 "apocalypse". Please feel free to browse it and pull from it, or
271 whatever. If you want to contribute patches, please send me a diff
272 or prod me to pull from your repository :)
273
274 <http://github.com/apocalypse/perl-poe-sslify>
230275
231276 Bugs
232277 Please report any bugs or feature requests to "bug-poe-component-sslify
243288 AUTHOR
244289 Apocalypse <apocal@cpan.org>
245290
246 PROPS
247291 Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply
248292 packaged up the code into something everyone could use and accepted the burden
249293 of maintaining it :)
250294
251295 From the PoCo::Client::HTTP code =]
252 # TODO - This code should probably become a POE::Kernel method,
296 # This code should probably become a POE::Kernel method,
253297 # seeing as it's rather baroque and potentially useful in a number
254298 # of places.
255299
300 ASCENT also helped a lot with the nonblocking mode, without his hard
301 work this module would still be stuck in the stone age :)
302
256303 COPYRIGHT AND LICENSE
257 Copyright 2009 by Apocalypse/Rocco Caputo
304 Copyright 2010 by Apocalypse/Rocco Caputo/Dariusz Jackowski
258305
259306 This library is free software; you can redistribute it and/or modify it
260307 under the same terms as Perl itself.
261308
309 The full text of the license can be found in the LICENSE file included
310 with this module.
311
+6
-0
debian/changelog less more
0 libpoe-component-sslify-perl (0.18-1) UNRELEASED; urgency=low
1
2 * New upstream release
3
4 -- Nathan Handler <nhandler@ubuntu.com> Tue, 30 Mar 2010 08:48:04 -0500
5
06 libpoe-component-sslify-perl (0.15-1) unstable; urgency=low
17
28 [ Antonio Radici ]
+1
-4
examples/client.pl less more
00 #!/usr/bin/perl
11 use strict; use warnings;
2
3 # to use experimental nonblocking, uncomment this line
4 #sub POE::Component::SSLify::NONBLOCKING { 1 }
52
63 use POE;
74 use POE::Component::SSLify qw( Client_SSLify );
2926 'do_connect' => sub {
3027 # Create the socketfactory wheel to listen for requests
3128 $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new(
32 'RemotePort' => 5432,
29 'RemotePort' => 9898,
3330 'RemoteAddress' => 'localhost',
3431 'Reuse' => 'yes',
3532 'SuccessEvent' => 'Got_Connection',
+11
-7
examples/server.pl less more
00 #!/usr/bin/perl
11 use strict; use warnings;
2
3 # to use experimental nonblocking, uncomment this line
4 #sub POE::Component::SSLify::NONBLOCKING { 1 }
52
63 use POE;
74 use Socket qw( inet_ntoa unpack_sockaddr_in );
1411 POE::Session->create(
1512 'inline_states' => {
1613 '_start' => sub {
17 # Okay, set the SSL options
18 SSLify_Options( 'server.key', 'server.crt' );
14 # Okay, set the SSL certificate info
15 eval {
16 SSLify_Options( 'mylib/example.key', 'mylib/example.crt' );
17 };
18 SSLify_Options( '../mylib/example.key', '../mylib/example.crt' ) if ( $@ );
1919
2020 # Set the alias
2121 $_[KERNEL]->alias_set( 'main' );
2222
2323 # Create the socketfactory wheel to listen for requests
2424 $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new(
25 'BindPort' => 5432,
25 'BindPort' => 9898,
2626 'BindAddress' => 'localhost',
2727 'Reuse' => 'yes',
2828 'SuccessEvent' => 'Got_Connection',
3838 $socket = Server_SSLify( $socket );
3939
4040 # testing stuff
41 warn "got connection from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: " . SSLify_GetCipher( $socket );
41 warn "got connection from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: " . SSLify_GetCipher( $socket ) . "\n";
4242
4343 # Hand it off to ReadWrite
4444 my $wheel = POE::Wheel::ReadWrite->new(
6464 'Got_Input' => sub {
6565 # ARG0: The Line, ARG1: Wheel ID
6666
67 # testing stuff
68 my $socket = $_[HEAP]->{'WHEELS'}->{ $_[ARG1] }->get_output_handle();
69 warn "got input from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: (" . SSLify_GetCipher( $socket ) . ") input: '$_[ARG0]'\n";
70
6771 # Send back to the client the line!
6872 $_[HEAP]->{'WHEELS'}->{ $_[ARG1] }->put( $_[ARG0] );
6973 return 1;
+15
-11
examples/serverclient.pl less more
00 #!/usr/bin/perl
11 use strict; use warnings;
2
3 # to use experimental nonblocking, uncomment this line
4 #sub POE::Component::SSLify::NONBLOCKING { 1 }
52
63 use POE;
74 use Socket qw( inet_ntoa unpack_sockaddr_in );
1613 POE::Session->create(
1714 'inline_states' => {
1815 '_start' => sub {
19 # Okay, set the SSL options
20 SSLify_Options( 'server.key', 'server.crt' );
16 # Okay, set the SSL certificate info
17 eval {
18 SSLify_Options( 'mylib/example.key', 'mylib/example.crt' );
19 };
20 SSLify_Options( '../mylib/example.key', '../mylib/example.crt' ) if ( $@ );
2121
2222 # Set the alias
2323 $_[KERNEL]->alias_set( 'server' );
2424
2525 # Create the socketfactory wheel to listen for requests
2626 $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new(
27 'BindPort' => 5432,
27 'BindPort' => 9898,
2828 'BindAddress' => 'localhost',
2929 'Reuse' => 'yes',
3030 'SuccessEvent' => 'Got_Connection',
3737 my $socket = $_[ ARG0 ];
3838
3939 # testing stuff
40 warn "got connection from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( $socket ) ) )[1] ) . " - commencing Server_SSLify()";
40 warn "got connection from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( $socket ) ) )[1] ) . " - commencing Server_SSLify()\n";
4141
4242 # SSLify it!
4343 $socket = Server_SSLify( $socket );
4444
4545 # testing stuff
46 warn "SSLified: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: " . SSLify_GetCipher( $socket );
46 warn "SSLified: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: (" . SSLify_GetCipher( $socket ) . ")\n";
4747
4848 # Hand it off to ReadWrite
4949 my $wheel = POE::Wheel::ReadWrite->new(
6767 },
6868 'Got_Input' => sub {
6969 # ARG0: The Line, ARG1: Wheel ID
70
71 # testing stuff
72 my $socket = $_[HEAP]->{'WHEELS'}->{ $_[ARG1] }->get_output_handle();
73 warn "got input from: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $socket ) ) ) )[1] ) . " cipher type: (" . SSLify_GetCipher( $socket ) . ") input: '$_[ARG0]'\n";
7074
7175 # Send back to the client the line!
7276 $_[HEAP]->{'WHEELS'}->{ $_[ARG1] }->put( $_[ARG0] );
103107 'do_connect' => sub {
104108 # Create the socketfactory wheel to listen for requests
105109 $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new(
106 'RemotePort' => 5432,
110 'RemotePort' => 9898,
107111 'RemoteAddress' => 'localhost',
108112 'Reuse' => 'yes',
109113 'SuccessEvent' => 'Got_Connection',
127131 # ARG0 = Socket, ARG1 = Remote Address, ARG2 = Remote Port
128132 my $socket = $_[ ARG0 ];
129133
130 warn "Connected to server, commencing Client_SSLify()";
134 warn "Connected to server, commencing Client_SSLify()\n";
131135
132136 # SSLify it!
133137 $socket = Client_SSLify( $socket );
134138
135 warn "SSLified the connection to the server";
139 warn "SSLified the connection to the server\n";
136140
137141 # Hand it off to ReadWrite
138142 my $wheel = POE::Wheel::ReadWrite->new(
+7
-4
lib/POE/Component/SSLify/ClientHandle.pm less more
0 # $Id: ClientHandle.pm 53 2008-07-28 03:03:04Z larwan $
10 package POE::Component::SSLify::ClientHandle;
21 use strict; use warnings;
32
43 # Initialize our version
54 use vars qw( $VERSION );
6 $VERSION = '0.15';
5 $VERSION = '0.18';
76
87 # Import the SSL death routines
98 use Net::SSLeay qw( die_now die_if_ssl_error );
1918
2019 # create a context, if necessary
2120 if ( ! defined $ctx ) {
22 $ctx = POE::Component::SSLify::createSSLcontext( undef, undef, $version, $options );
21 $ctx = POE::Component::SSLify::_createSSLcontext( undef, undef, $version, $options );
2322 }
2423
2524 my $ssl = Net::SSLeay::new( $ctx ) or die_now( "Failed to create SSL $!" );
2827
2928 Net::SSLeay::set_fd( $ssl, $fileno ); # Must use fileno
3029
30 # Socket is in non-blocking mode, so connect() will return immediately.
31 # die_if_ssl_error won't die on non-blocking errors. We don't need to call connect()
32 # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely
33 # by self (it's needed to connect() once to determine connection type).
3134 my $resp = Net::SSLeay::connect( $ssl ) or die_if_ssl_error( 'ssl connect' );
3235
3336 my $self = bless {
7073
7174 =head1 COPYRIGHT AND LICENSE
7275
73 Copyright 2009 by Apocalypse
76 Copyright 2010 by Apocalypse
7477
7578 This library is free software; you can redistribute it and/or modify
7679 it under the same terms as Perl itself.
+8
-14
lib/POE/Component/SSLify/ServerHandle.pm less more
0 # $Id: ServerHandle.pm 53 2008-07-28 03:03:04Z larwan $
10 package POE::Component::SSLify::ServerHandle;
21 use strict; use warnings;
32
43 # Initialize our version
54 use vars qw( $VERSION );
6 $VERSION = '0.15';
5 $VERSION = '0.18';
76
87 # Import the SSL death routines
98 use Net::SSLeay qw( die_now die_if_ssl_error );
1817
1918 Net::SSLeay::set_fd( $ssl, $fileno );
2019
20 # Socket is in non-blocking mode, so accept() will return immediately.
21 # die_if_ssl_error won't die on non-blocking errors. We don't need to call accept()
22 # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely
23 # by self (it's needed to accept() once to determine connection type).
2124 my $err = Net::SSLeay::accept( $ssl ) and die_if_ssl_error( 'ssl accept' );
2225
2326 my $self = bless {
8487 my $wrote_len = Net::SSLeay::write( $self->{'ssl'}, substr( $buf, $offset, $len ) );
8588
8689 # Did we get an error or number of bytes written?
87 # Net::SSLeay::write() returns the number of bytes written, or -1 on error.
90 # Net::SSLeay::write() returns the number of bytes written, or 0 on unsuccessful
91 # operation (probably connection closed), or -1 on error.
8892 if ( $wrote_len < 0 ) {
8993 # The normal syswrite() POE uses expects 0 here.
9094 return 0;
185189
186190 Apocalypse E<lt>apocal@cpan.orgE<gt>
187191
188 =head1 PROPS
189
190 Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply
191 packaged up the code into something everyone could use...
192
193 From the PoCo::Client::HTTP code for blocking sockets =]
194 # TODO - This code should probably become a POE::Kernel method,
195 # seeing as it's rather baroque and potentially useful in a number
196 # of places.
197
198192 =head1 COPYRIGHT AND LICENSE
199193
200 Copyright 2009 by Apocalypse/Rocco Caputo
194 Copyright 2010 by Apocalypse
201195
202196 This library is free software; you can redistribute it and/or modify
203197 it under the same terms as Perl itself.
+99
-64
lib/POE/Component/SSLify.pm less more
0 # $Id: SSLify.pm 53 2008-07-28 03:03:04Z larwan $
10 package POE::Component::SSLify;
21 use strict; use warnings;
32
43 # Initialize our version
54 use vars qw( $VERSION );
6 $VERSION = '0.15';
5 $VERSION = '0.18';
76
87 # We need Net::SSLeay or all's a failure!
98 BEGIN {
1514 die $@;
1615 } else {
1716 # Check to make sure the versions are what we want
17 # TODO what if Net::SSLeay is upgraded to 1.4? :(
1818 if ( ! ( defined $Net::SSLeay::VERSION and
1919 $Net::SSLeay::VERSION =~ /^1\.3/ ) ) {
2020 warn 'Please upgrade Net::SSLeay to v1.30+ installed: v' . $Net::SSLeay::VERSION;
2121 }
2222
2323 # Finally, load our subclass :)
24 # ClientHandle isa ServerHandle so it will get loaded automatically
2425 require POE::Component::SSLify::ClientHandle;
25 require POE::Component::SSLify::ServerHandle;
2626
2727 # Initialize Net::SSLeay
28 # Taken from http://search.cpan.org/~flora/Net-SSLeay-1.36/lib/Net/SSLeay.pm#Low_level_API
2829 Net::SSLeay::load_error_strings();
2930 Net::SSLeay::SSLeay_add_ssl_algorithms();
3031 Net::SSLeay::randomize();
31
32 # set nonblocking mode?
33 if ( ! defined &NONBLOCKING ) { *NONBLOCKING = sub () { 0 } }
3432 }
3533 }
3634
5048 # The server-side CTX stuff
5149 my $ctx = undef;
5250
53 # Helper sub to set blocking on a handle
54 sub Set_Blocking {
51 # Helper sub to set nonblocking on a handle
52 sub _NonBlocking {
5553 my $socket = shift;
5654
57 # skip this? ( experimental )
58 return $socket if NONBLOCKING();
59
60 # Net::SSLeay needs blocking for setup.
61 #
6255 # ActiveState Perl 5.8.0 dislikes the Win32-specific code to make
63 # a socket blocking, so we use IO::Handle's blocking(1) method.
56 # a socket blocking, so we use IO::Handle's blocking(0) method.
6457 # Perl 5.005_03 doesn't like blocking(), so we only use it in
6558 # 5.8.0 and beyond.
6659 if ( $] >= 5.008 and $^O eq 'MSWin32' ) {
6760 # From IO::Handle POD
6861 # If an error occurs blocking will return undef and $! will be set.
69 if ( ! $socket->blocking( 1 ) ) {
70 die "Unable to set blocking mode on socket: $!";
62 if ( ! $socket->blocking( 0 ) ) {
63 die "Unable to set nonblocking mode on socket: $!";
7164 }
7265 } else {
73 # Make the handle blocking, the POSIX way.
66 # Make the handle nonblocking, the POSIX way.
7467 if ( $^O ne 'MSWin32' ) {
7568 # Get the old flags
7669 my $flags = fcntl( $socket, F_GETFL, 0 ) or die "fcntl( $socket, F_GETFL, 0 ) fails: $!";
7770
78 # Okay, we patiently wait until the socket turns blocking mode
79 until( fcntl( $socket, F_SETFL, $flags & ~O_NONBLOCK ) ) {
71 # Okay, we patiently wait until the socket turns nonblocking mode
72 until( fcntl( $socket, F_SETFL, $flags | O_NONBLOCK ) ) {
8073 # What was the error?
8174 if ( ! ( $! == EAGAIN or $! == EWOULDBLOCK ) ) {
8275 # Fatal error...
8780 # Darned MSWin32 way...
8881 # Do some ioctl magic here
8982 # 126 is FIONBIO ( some docs say 0x7F << 16 )
90 my $flag = "0";
83 my $flag = "1";
9184 ioctl( $socket, 0x80000000 | ( 4 << 16 ) | ( ord( 'f' ) << 8 ) | 126, $flag ) or die "ioctl( $socket, FIONBIO, $flag ) fails: $!";
9285 }
9386 }
10699 die "Did not get a defined socket";
107100 }
108101
109 # Set blocking on
110 $socket = Set_Blocking( $socket );
102 # Set non-blocking
103 $socket = _NonBlocking( $socket );
111104
112105 # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle
113106 my $newsock = gensym();
133126 die 'Please do SSLify_Options() first ( or pass in a $ctx object )';
134127 }
135128
136 # Set blocking on
137 $socket = Set_Blocking( $socket );
129 # Set non-blocking
130 $socket = _NonBlocking( $socket );
138131
139132 # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle
140133 my $newsock = gensym();
148141 # Get the key + cert + version + options
149142 my( $key, $cert, $version, $options ) = @_;
150143
151 return createSSLcontext( $key, $cert, $version, $options );
144 return _createSSLcontext( $key, $cert, $version, $options );
152145 }
153146
154147 sub SSLify_Options {
170163 Net::SSLeay::CTX_free( $ctx );
171164 undef $ctx;
172165 }
173 $ctx = createSSLcontext( $key, $cert, $version, $options );
166 $ctx = _createSSLcontext( $key, $cert, $version, $options );
174167
175168 # all done!
176169 return 1;
177170 }
178171
179 sub createSSLcontext {
172 sub _createSSLcontext {
180173 my( $key, $cert, $version, $options ) = @_;
181174
182175 my $context;
246239
247240 # End of module
248241 1;
249
250242 __END__
251243
244 =for stopwords AnnoCPAN CPAN CPANTS Kwalitee RT SSL com diff github FreeBSD OpenSSL
245
252246 =head1 NAME
253247
254248 POE::Component::SSLify - Makes using SSL in the world of POE easy!
255249
256250 =head1 SYNOPSIS
257251
258 =head2 Client-side usage
252 # CLIENT-side usage
259253
260254 # Import the module
261255 use POE::Component::SSLify qw( Client_SSLify );
262256
263257 # Create a normal SocketFactory wheel or something
264 my $factory = POE::Wheel::SocketFactory->new( ... );
265
258 my $factory = POE::Wheel::SocketFactory->new;
259
260 # Time passes, SocketFactory gives you a socket when it connects in SuccessEvent
266261 # Converts the socket into a SSL socket POE can communicate with
262 my $socket = shift;
267263 eval { $socket = Client_SSLify( $socket ) };
268264 if ( $@ ) {
269265 # Unable to SSLify it...
272268 # Now, hand it off to ReadWrite
273269 my $rw = POE::Wheel::ReadWrite->new(
274270 Handle => $socket,
275 ...
271 # other options as usual
276272 );
277273
278274 # Use it as you wish...
279
280 =head2 Server-side usage
275 # End of example
276
277 # --------------------------------------------------------------------------- #
278
279 # SERVER-side usage
281280
282281 # !!! Make sure you have a public key + certificate generated via Net::SSLeay's makecert.pl
283282 # excellent howto: http://www.akadia.com/services/ssh_test_certificate.html
292291 }
293292
294293 # Create a normal SocketFactory wheel or something
295 my $factory = POE::Wheel::SocketFactory->new( ... );
296
294 my $factory = POE::Wheel::SocketFactory->new;
295
296 # Time passes, SocketFactory gives you a socket when it gets a connection in SuccessEvent
297297 # Converts the socket into a SSL socket POE can communicate with
298 my $socket = shift;
298299 eval { $socket = Server_SSLify( $socket ) };
299300 if ( $@ ) {
300301 # Unable to SSLify it...
303304 # Now, hand it off to ReadWrite
304305 my $rw = POE::Wheel::ReadWrite->new(
305306 Handle => $socket,
306 ...
307 # other options as usual
307308 );
308309
309310 # Use it as you wish...
311 # End of example
310312
311313 =head1 ABSTRACT
312314
344346 }
345347 }
346348
347 =head2 Mixing Server/Client in the same program
348
349 Some users have reported success, others failure when they tried to utilize SSLify in both roles. This
350 would require more investigation, so please tread carefully if you need to use it!
351
352 =head2 Blocking mode
353
354 Normally, Net::SSLeay requires the socket to be in blocking mode for the initial handshake to work. However,
355 various users ( especially ASCENT, thanks! ) have reported success in setting nonblocking mode for clients.
356
357 In order to enable nonblocking mode, you need to set the subroutine "NONBLOCKING" to a true value in this
358 package.
359
360 sub POE::Component::SSLify::NONBLOCKING { 1 }
361 use POE::Component::SSLify;
362
363 This is a global, and an EXPERIMENTAL feature! Please, pretty please report back to me your experience with
364 this. Hopefully someday SSLify will be fully nonblocking, thanks to your help!
349 =head2 OpenSSL functions
350
351 Theoretically you can do anything that Net::SSLeay exports from the OpenSSL libs on the socket. However, I have not tested every
352 possible function against SSLify, so use them carefully! If you have success, please report back to me so I can update this doc!
353
354 =head3 Net::SSLeay::renegotiate
355
356 This function has been tested ( it's in t/simple.t ) but it doesn't work on FreeBSD! I tracked it down to this security advisory:
357 L<http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc> which explains it in detail. The test will skip this function
358 if it detects that you're on a FreeBSD system. However, if you have the updated OpenSSL library that fixes this you can use it.
365359
366360 =head1 FUNCTIONS
367361
445439 Example:
446440 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
447441
442 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will result in "(NONE)" because the SSL handshake
443 is not done yet. The socket is nonblocking, so you will have to wait a little bit for it to get ready.
444 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
445 got connection from: 127.0.0.1 - commencing Server_SSLify()
446 SSLified: 127.0.0.1 cipher type: ((NONE))
447 Connected to server, commencing Client_SSLify()
448 SSLified the connection to the server
449 Connected to SSL server
450 Input: hola
451 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
452 Got Reply: hola
453 Input: ^C
454 stopped at serverclient.pl line 126.
455
448456 =head2 SSLify_GetSocket
449457
450458 Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
475483
476484 Stuffs all of the above functions in @EXPORT_OK so you have to request them directly
477485
478 head1 SUPPORT
486 =head1 SUPPORT
479487
480488 You can find documentation for this module with the perldoc command.
481489
485493
486494 =over 4
487495
496 =item * Search CPAN
497
498 L<http://search.cpan.org/dist/POE-Component-SSLify>
499
488500 =item * AnnoCPAN: Annotated CPAN documentation
489501
490502 L<http://annocpan.org/dist/POE-Component-SSLify>
493505
494506 L<http://cpanratings.perl.org/d/POE-Component-SSLify>
495507
496 =item * RT: CPAN's request tracker
508 =item * CPAN Forum
509
510 L<http://cpanforum.com/dist/POE-Component-SSLify>
511
512 =item * RT: CPAN's Request Tracker
497513
498514 L<http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify>
499515
500 =item * Search CPAN
501
502 L<http://search.cpan.org/dist/POE-Component-SSLify>
516 =item * CPANTS Kwalitee
517
518 L<http://cpants.perl.org/dist/overview/POE-Component-SSLify>
519
520 =item * CPAN Testers Results
521
522 L<http://cpantesters.org/distro/P/POE-Component-SSLify.html>
523
524 =item * CPAN Testers Matrix
525
526 L<http://matrix.cpantesters.org/?dist=POE-Component-SSLify>
527
528 =item * Git Source Code Repository
529
530 This code is currently hosted on github.com under the account "apocalypse". Please feel free to browse it
531 and pull from it, or whatever. If you want to contribute patches, please send me a diff or prod me to pull
532 from your repository :)
533
534 L<http://github.com/apocalypse/perl-poe-sslify>
503535
504536 =back
505537
519551
520552 Apocalypse E<lt>apocal@cpan.orgE<gt>
521553
522 =head1 PROPS
523
524554 Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply
525555 packaged up the code into something everyone could use and accepted the burden
526556 of maintaining it :)
527557
528558 From the PoCo::Client::HTTP code =]
529 # TODO - This code should probably become a POE::Kernel method,
559 # This code should probably become a POE::Kernel method,
530560 # seeing as it's rather baroque and potentially useful in a number
531561 # of places.
532562
563 ASCENT also helped a lot with the nonblocking mode, without his hard work this
564 module would still be stuck in the stone age :)
565
533566 =head1 COPYRIGHT AND LICENSE
534567
535 Copyright 2009 by Apocalypse/Rocco Caputo
568 Copyright 2010 by Apocalypse/Rocco Caputo/Dariusz Jackowski
536569
537570 This library is free software; you can redistribute it and/or modify
538571 it under the same terms as Perl itself.
539572
573 The full text of the license can be found in the LICENSE file included with this module.
574
540575 =cut
+19
-0
mylib/example.crt less more
0 -----BEGIN CERTIFICATE-----
1 MIIDIDCCAggCCQCFFIApNMYn+zANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJY
2 WDETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MRowGAYD
3 VQQKExFTb21lLUNvbXBhbnkgTHRkLjAeFw0xMDAzMDkyMzM0NDBaFw0yMzExMTYy
4 MzM0NDBaMFIxCzAJBgNVBAYTAlhYMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYD
5 VQQHEwlTb21lLUNpdHkxGjAYBgNVBAoTEVNvbWUtQ29tcGFueSBMdGQuMIIBIjAN
6 BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7vONqMnWdBNGEstmvJDH3vmDh/y
7 ZxgpkJhKNTIEbyo5B+m29mc860A4VNKGmi/c/Z0zx7ETu5GpTZAvVdhr9LWHKh6j
8 vH4xGfCfCCfyZtFIxEsIawpaRi2AkKRb4386NCDXdomVCiihAEn2VKS13nZaztMu
9 EwVFg3l5jIj8sHE9UJbTmbCQOJre1brAK/2l0FEfy03oCygYvtTUzYksbLNsNiG7
10 LJ/Y8opoKwdcboVzMOg1dnoY6a3J7hpDd6FSTKcpqxNltk3x1fWh+zEd0Pl3YAMF
11 uW1mIbOIuSuQD9mZqcxDIaAb/yrU5N82zh7Kkba3MCs1B6eaCWPJcDFeFwIDAQAB
12 MA0GCSqGSIb3DQEBBQUAA4IBAQBDXa1fKk1NF05/9w93q8/QDINXQhlWFZDIr5oB
13 A0rU2Rezljji92ElZCl/nGfianeCoCjA6+xMY37eUn8OOfJh1e6a45E1sRyXgZZv
14 tlZmt65K/UlZCYQ8+jEPjP+Ea/iKq3IUN0RKObOxB3QvOucx0ECfqZeiApuhkjZJ
15 I97dcD3ybwQ2rZcRzIccKQYsfnzLIzUjLlEbvyIOk6jyGKV6lZfmkeyuDbFlBdcG
16 85Ts5GpXM7lojmdz858PgNEtCEkoSO8LQSdWftsoCxWTEPdMTBPotMN0FgySO5Wr
17 d91Rn/uL5LFSGD4CV8u94IcS/qLf1IqheGUWPYZ7edwt+zQm
18 -----END CERTIFICATE-----
+27
-0
mylib/example.key less more
0 -----BEGIN RSA PRIVATE KEY-----
1 MIIEpQIBAAKCAQEAy7vONqMnWdBNGEstmvJDH3vmDh/yZxgpkJhKNTIEbyo5B+m2
2 9mc860A4VNKGmi/c/Z0zx7ETu5GpTZAvVdhr9LWHKh6jvH4xGfCfCCfyZtFIxEsI
3 awpaRi2AkKRb4386NCDXdomVCiihAEn2VKS13nZaztMuEwVFg3l5jIj8sHE9UJbT
4 mbCQOJre1brAK/2l0FEfy03oCygYvtTUzYksbLNsNiG7LJ/Y8opoKwdcboVzMOg1
5 dnoY6a3J7hpDd6FSTKcpqxNltk3x1fWh+zEd0Pl3YAMFuW1mIbOIuSuQD9mZqcxD
6 IaAb/yrU5N82zh7Kkba3MCs1B6eaCWPJcDFeFwIDAQABAoIBAQDAWYEZHrMBXePb
7 4uac2su6xuxuO4VOBob/qHivfpinJ9MOgH8oZlIivdAxbU599mCL5cbEa4/40E5r
8 F41JXHqYYGbLwn/Ob8oF9qL/PU/j+QXdpgW9odmXVlCCv1quECmwm60xkjXvkGpp
9 bmsugQ/giBe2G7XtaVW3CpJSt+by4VW+qf8ke3Y8TQHoW+dUPiexb9KFFTvy9i1O
10 HV1Z3pQ3Y8yH1qb5xzCNYv1/ofjbAMlv1Cf9CHpAnIWlXA7QCb1VktF2eMjv435d
11 oxhEhYidARWZfxiYRcewt0FfPU7/yDZXgphLSrQLWEJs6bOxDRhA6l/cOcQX/XG1
12 t7I5I9JhAoGBAPuweXOTUEfZdrveXM5716/o+qYMZC330LvOqbpJnB5up8cPR9sl
13 VB1dZqFMYdFTVD9oPKPY726RxptE8ylShhe5LuPRjF3/aYmXlrQROSJJ5uJ5exr9
14 mJjXaRp9AW8wTOqDkHbiyb+WrpVL5klYHvgnJrivokzc246tdsvADJ6xAoGBAM85
15 EgTQhHT5OFe4bQavROd8khuTTD3iGQQO0cR5Oh8EjbMc3ejp7qUE41I30DoFpn64
16 uOiQzxzpOJFGiid+8FoG7k2/K96j0j9JiBNv93Te1OhOvG+2JirrygoM9E3ofmF5
17 trDpCVgs5+mAkdJctmpXME5PPmEKo5+b2cK9S8tHAoGAS5s0sLJVEHBUCZV/nYt4
18 PGCpQs5AHcruyiwHsm1AV6f4AIUnmb456WRQWy3dyIrWqQGADdwx+K4T0jrBLO2c
19 WG4Jlugw2V/LbUi7PbZaymEW2XuSroX1nBxBd3KLxsHkqSICeKQh5Mq4ASM+t1Og
20 Yf0o1Zv1Dk/eKJsVL5mucNECgYEAst3nIMK/4pwQNx+Y9DErf8i18Rl2sN/NigQk
21 qrudIJL0oMtk/JuYA1axxREqKjsgWLen3A7Kx4DD9Bn4PFlEq+DZp8BA5L9xRnF5
22 BJYb+gQxsIft/VsznM7EKWK/KdRp6kd+Gzw7daHlWFdDB1pBlo7FwoKCLI9bZvTG
23 xWJR3xcCgYEAyHPtp36K2epbFkpCf5pmtWCVk4lRNs6MSE0aJmbqZhRW971V81ev
24 xa2DZj3KHcXCfDW5Dnjiyx9qf7GS1ts9dfWyKjr6qEwBcGQMXW3C6p9fuFXkxGhe
25 Yx2KYA48kiY5Rj5wTpixwdq3YWASlZOQs282UEb+cxZHxpT2YUiIJkc=
26 -----END RSA PRIVATE KEY-----
+3
-1
t/apocalypse.t less more
77 } else {
88 # lousy hack for kwalitee
99 require Test::NoWarnings; require Test::Pod; require Test::Pod::Coverage;
10 is_apocalypse_here();
10 is_apocalypse_here( {
11 deny => qr/^(?:(?:OutdatedPrereq|Dependencie)s|ModuleUsed|Strict|Fixme|Pod_Spelling)$/,
12 } );
1113 }
+154
-0
t/simple.t less more
0 #!/usr/bin/perl
1
2 # Thanks to ASCENT for this test!
3
4 use strict; use warnings;
5
6 my $numtests;
7 BEGIN {
8 $numtests = 22;
9
10 eval "use Test::NoWarnings";
11 if ( ! $@ ) {
12 # increment by one
13 $numtests++;
14
15 }
16 }
17
18 use Test::More tests => $numtests;
19
20 use POE;
21 use POE::Component::Client::TCP;
22 use POE::Component::Server::TCP;
23 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate/;
24 use Net::SSLeay qw/ERROR_WANT_READ ERROR_WANT_WRITE/;
25 use POSIX qw/F_GETFL F_SETFL O_NONBLOCK EAGAIN EWOULDBLOCK/;
26
27 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
28
29 my $port;
30
31 POE::Component::Server::TCP->new
32 (
33 Alias => 'myserver',
34 Address => '127.0.0.1',
35 Port => 0,
36
37 Started => sub
38 {
39 use Socket qw/sockaddr_in/;
40 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
41 },
42 ClientConnected => sub
43 {
44 ok(1, 'SERVER: accepted');
45 },
46 ClientDisconnected => sub
47 {
48 ok(1, 'SERVER: client disconnected');
49 $_[KERNEL]->post(myserver => 'shutdown');
50 },
51 ClientPreConnect => sub
52 {
53 eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') };
54 eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@);
55 ok(!$@, "SERVER: SSLify_Options $@");
56
57 my $socket = eval { Server_SSLify($_[ARG0]) };
58 ok(!$@, "SERVER: Server_SSLify $@");
59 ok(1, 'SERVER: SSLify_GetCipher: '. SSLify_GetCipher($socket));
60
61 my $flags = fcntl($_[ARG0], F_GETFL, 0);
62 ok($flags & O_NONBLOCK, 'SERVER: SSLified socket is non-blocking?');
63
64 return ($socket);
65 },
66 ClientInput => sub
67 {
68 my ($kernel, $heap, $request) = @_[KERNEL, HEAP, ARG0];
69
70 ## At this point, connection MUST be encrypted.
71 my $cipher = SSLify_GetCipher($heap->{client}->get_output_handle);
72 ok($cipher ne '(NONE)', "SERVER: SSLify_GetCipher: $cipher");
73
74 if ($request eq 'ping')
75 {
76 ok(1, "SERVER: recv: $request");
77 $heap->{client}->put("pong");
78 }
79 elsif ($request eq 'ping2')
80 {
81 ok(1, "SERVER: recv: $request");
82 $heap->{client}->put("pong2");
83 }
84 },
85 );
86
87 POE::Component::Client::TCP->new
88 (
89 Alias => 'myclient',
90 RemoteAddress => '127.0.0.1',
91 RemotePort => $port,
92 Connected => sub
93 {
94 ok(1, 'CLIENT: connected');
95
96 $_[HEAP]->{server}->put("ping");
97 },
98 PreConnect => sub
99 {
100 my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') };
101 ok(!$@, "CLIENT: SSLify_ContextCreate $@");
102 my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) };
103 ok(!$@, "CLIENT: Client_SSLify $@");
104 ok(1, 'CLIENT: SSLify_GetCipher: '. SSLify_GetCipher($socket));
105
106 my $flags = fcntl($_[ARG0], F_GETFL, 0);
107 ok($flags & O_NONBLOCK, 'CLIENT: SSLified socket is non-blocking?');
108
109 return ($socket);
110 },
111 ServerInput => sub
112 {
113 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
114
115 ## At this point, connection MUST be encrypted.
116 my $cipher = SSLify_GetCipher($heap->{server}->get_output_handle);
117 ok($cipher ne '(NONE)', "CLIENT: SSLify_GetCipher: $cipher");
118
119 if ($line eq 'pong')
120 {
121 ok(1, "CLIENT: recv: $line");
122
123 # Skip 2 Net::SSLeay::renegotiate() tests on FreeBSD because of
124 # http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc
125 TODO: {
126 local $TODO = "Net::SSLeay::renegotiate() does not work on all platforms";
127
128 ## Force SSL renegotiation
129 my $ssl = tied(*{$heap->{server}->get_output_handle})->{ssl};
130 my $reneg_num = Net::SSLeay::num_renegotiations($ssl);
131
132 ok(1 == Net::SSLeay::renegotiate($ssl), 'CLIENT: SSL renegotiation');
133 my $handshake = Net::SSLeay::do_handshake($ssl);
134 my $err = Net::SSLeay::get_error($ssl, $handshake);
135
136 ## 1 == Successful handshake, ERROR_WANT_(READ|WRITE) == non-blocking.
137 ok($handshake == 1 || $err == ERROR_WANT_READ || $err == ERROR_WANT_WRITE, 'CLIENT: SSL handshake');
138 ok($reneg_num < Net::SSLeay::num_renegotiations($ssl), 'CLIENT: Increased number of negotiations');
139 }
140
141 $heap->{server}->put('ping2');
142 }
143
144 elsif ($line eq 'pong2')
145 {
146 ok(1, "CLIENT: recv: $line");
147 $kernel->yield('shutdown');
148 }
149 },
150 );
151
152 $poe_kernel->run();
153 exit 0;