diff --git a/Build.PL b/Build.PL index 6be33be..9c4ea66 100644 --- a/Build.PL +++ b/Build.PL @@ -1,31 +1,50 @@ -# Build.PL -use strict; use warnings; -use Module::Build; - -my $build = Module::Build->new( - # look up Module::Build::API for the info! - 'dynamic_config' => 0, - 'module_name' => 'POE::Component::SSLify', - 'license' => 'perl', - - 'dist_abstract' => 'SSL in the world of POE made easy', - - 'create_packlist' => 1, - 'create_makefile_pl' => 'traditional', - 'create_readme' => 1, - - 'test_files' => 't/*.t', - - 'add_to_cleanup' => [ 'META.yml', 'Makefile.PL', 'README', 'Manifest' ], # automatically generated - - 'requires' => { - # Networking - 'Net::SSLeay' => '1.30', - - # minimum perl version - 'perl' => '5.006', - }, -); - -# all done! -$build->create_build_script; +# Build.PL +use strict; use warnings; +use Module::Build; + +my $build = Module::Build->new( + # look up Module::Build::API for the info! + 'dynamic_config' => 0, + 'module_name' => 'POE::Component::SSLify', + 'license' => 'perl', + + 'dist_abstract' => 'SSL in the world of POE made easy', + + 'create_packlist' => 1, + 'create_makefile_pl' => 'traditional', + 'create_readme' => 1, + 'create_license' => 1, + 'sign' => 0, + + 'test_files' => 't/*.t', + + 'add_to_cleanup' => [ 'META.yml', 'Makefile.PL', 'README', 'Manifest', 'LICENSE' ], # automatically generated + + 'requires' => { + # Networking + 'Net::SSLeay' => '1.36', + + # minimum perl version + 'perl' => '5.006', + }, + + 'build_requires' => { + # For the t/simple.t test + 'POE' => 0, + 'POE::Component::Client::TCP' => 0, + 'POE::Component::Server::TCP' => 0, + }, + + # include the standard stuff in META.yml + 'meta_merge' => { + 'resources' => { + 'license' => 'http://dev.perl.org/licenses/', + 'homepage' => 'http://search.cpan.org/dist/POE-Component-SSLify', + 'bugtracker' => 'http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify', + 'repository' => 'http://github.com/apocalypse/perl-poe-sslify', + }, + }, +); + +# all done! +$build->create_build_script; diff --git a/Changes b/Changes index bd260e3..eee29f3 100644 --- a/Changes +++ b/Changes @@ -1,4 +1,13 @@ Revision history for Perl extension POE::Component::SSLify. + +* 0.16 + + Updated the nonblocking code to be production-ready, thanks ASCENT! + Removed the NONBLOCKING() sub, this module is now always nonblocking. + Added more tests, thanks ASCENT! + Added "mylib/example.crt" and "mylib/example.key" for testing, thanks ASCENT! + Misc kwalitee and POD fixes. + Bumped Net::SSLeay prereq to 1.36 so we have the latest SSL stuff to ensure sanity :) * 0.15 diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 198fd38..0000000 --- a/LICENSE +++ /dev/null @@ -1,377 +0,0 @@ -This software is copyright (c) 2009 by Apocalypse. - -This is free software; you can redistribute it and/or modify it under -the same terms as perl itself. - -Terms of Perl itself - -a) the GNU General Public License as published by the Free - Software Foundation; either version 1, or (at your option) any - later version, or -b) the "Artistic License" - ---- The GNU General Public License, Version 1, February 1989 --- - -This software is Copyright (c) 2008 by the POE authors. - -This is free software, licensed under: - - The GNU General Public License, Version 1, February 1989 - - GNU GENERAL PUBLIC LICENSE - Version 1, February 1989 - - Copyright (C) 1989 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The license agreements of most software companies try to keep users -at the mercy of those companies. By contrast, our General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. The -General Public License applies to the Free Software Foundation's -software and to any other program whose authors commit to using it. -You can use it for your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Specifically, the General Public License is designed to make -sure that you have the freedom to give away or sell copies of free -software, that you receive source code or can get it if you want it, -that you can change the software or use pieces of it in new free -programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of a such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must tell them their rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License Agreement applies to any program or other work which -contains a notice placed by the copyright holder saying it may be -distributed under the terms of this General Public License. The -"Program", below, refers to any such program or work, and a "work based -on the Program" means either the Program or any work containing the -Program or a portion of it, either verbatim or with modifications. Each -licensee is addressed as "you". - - 1. You may copy and distribute verbatim copies of the Program's source -code as you receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice and -disclaimer of warranty; keep intact all the notices that refer to this -General Public License and to the absence of any warranty; and give any -other recipients of the Program a copy of this General Public License -along with the Program. You may charge a fee for the physical act of -transferring a copy. - - 2. You may modify your copy or copies of the Program or any portion of -it, and copy and distribute such modifications under the terms of Paragraph -1 above, provided that you also do the following: - - a) cause the modified files to carry prominent notices stating that - you changed the files and the date of any change; and - - b) cause the whole of any work that you distribute or publish, that - in whole or in part contains the Program or any part thereof, either - with or without modifications, to be licensed at no charge to all - third parties under the terms of this General Public License (except - that you may choose to grant warranty protection to some or all - third parties, at your option). - - c) If the modified program normally reads commands interactively when - run, you must cause it, when started running for such interactive use - in the simplest and most usual way, to print or display an - announcement including an appropriate copyright notice and a notice - that there is no warranty (or else, saying that you provide a - warranty) and that users may redistribute the program under these - conditions, and telling the user how to view a copy of this General - Public License. - - d) You may charge a fee for the physical act of transferring a - copy, and you may at your option offer warranty protection in - exchange for a fee. - -Mere aggregation of another independent work with the Program (or its -derivative) on a volume of a storage or distribution medium does not bring -the other work under the scope of these terms. - - 3. You may copy and distribute the Program (or a portion or derivative of -it, under Paragraph 2) in object code or executable form under the terms of -Paragraphs 1 and 2 above provided that you also do one of the following: - - a) accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of - Paragraphs 1 and 2 above; or, - - b) accompany it with a written offer, valid for at least three - years, to give any third party free (except for a nominal charge - for the cost of distribution) a complete machine-readable copy of the - corresponding source code, to be distributed under the terms of - Paragraphs 1 and 2 above; or, - - c) accompany it with the information you received as to where the - corresponding source code may be obtained. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form alone.) - -Source code for a work means the preferred form of the work for making -modifications to it. For an executable file, complete source code means -all the source code for all modules it contains; but, as a special -exception, it need not include source code for modules which are standard -libraries that accompany the operating system on which the executable -file runs, or for standard header files or definitions files that -accompany that operating system. - - 4. You may not copy, modify, sublicense, distribute or transfer the -Program except as expressly provided under this General Public License. -Any attempt otherwise to copy, modify, sublicense, distribute or transfer -the Program is void, and will automatically terminate your rights to use -the Program under this License. However, parties who have received -copies, or rights to use copies, from you under this General Public -License will not have their licenses terminated so long as such parties -remain in full compliance. - - 5. By copying, distributing or modifying the Program (or any work based -on the Program) you indicate your acceptance of this license to do so, -and all its terms and conditions. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the original -licensor to copy, distribute or modify the Program subject to these -terms and conditions. You may not impose any further restrictions on the -recipients' exercise of the rights granted herein. - - 7. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of the license which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -the license, you may choose any version ever published by the Free Software -Foundation. - - 8. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to humanity, the best way to achieve this is to make it -free software which everyone can redistribute and change under these -terms. - - To do so, attach the following notices to the program. It is safest to -attach them to the start of each source file to most effectively convey -the exclusion of warranty; and each file should have at least the -"copyright" line and a pointer to where the full notice is found. - - - Copyright (C) 19yy - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 1, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software Foundation, - Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) 19xx name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the -appropriate parts of the General Public License. Of course, the -commands you use may be called something other than `show w' and `show -c'; they could even be mouse-clicks or menu items--whatever suits your -program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the - program `Gnomovision' (a program to direct compilers to make passes - at assemblers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -That's all there is to it! - - ---- The Artistic License 1.0 --- - -This software is Copyright (c) 2008 by the POE authors. - -This is free software, licensed under: - - The Artistic License 1.0 - -The Artistic License - -Preamble - -The intent of this document is to state the conditions under which a Package -may be copied, such that the Copyright Holder maintains some semblance of -artistic control over the development of the package, while giving the users of -the package the right to use and distribute the Package in a more-or-less -customary fashion, plus the right to make reasonable modifications. - -Definitions: - - - "Package" refers to the collection of files distributed by the Copyright - Holder, and derivatives of that collection of files created through - textual modification. - - "Standard Version" refers to such a Package if it has not been modified, - or has been modified in accordance with the wishes of the Copyright - Holder. - - "Copyright Holder" is whoever is named in the copyright or copyrights for - the package. - - "You" is you, if you're thinking about copying or distributing this Package. - - "Reasonable copying fee" is whatever you can justify on the basis of media - cost, duplication charges, time of people involved, and so on. (You will - not be required to justify it to the Copyright Holder, but only to the - computing community at large as a market that must bear the fee.) - - "Freely Available" means that no fee is charged for the item itself, though - there may be fees involved in handling the item. It also means that - recipients of the item may redistribute it under the same conditions they - received it. - -1. You may make and give away verbatim copies of the source form of the -Standard Version of this Package without restriction, provided that you -duplicate all of the original copyright notices and associated disclaimers. - -2. You may apply bug fixes, portability fixes and other modifications derived -from the Public Domain or from the Copyright Holder. A Package modified in such -a way shall still be considered the Standard Version. - -3. You may otherwise modify your copy of this Package in any way, provided that -you insert a prominent notice in each changed file stating how and when you -changed that file, and provided that you do at least ONE of the following: - - a) place your modifications in the Public Domain or otherwise make them - Freely Available, such as by posting said modifications to Usenet or an - equivalent medium, or placing the modifications on a major archive site - such as ftp.uu.net, or by allowing the Copyright Holder to include your - modifications in the Standard Version of the Package. - - b) use the modified Package only within your corporation or organization. - - c) rename any non-standard executables so the names do not conflict with - standard executables, which must also be provided, and provide a separate - manual page for each non-standard executable that clearly documents how it - differs from the Standard Version. - - d) make other distribution arrangements with the Copyright Holder. - -4. You may distribute the programs of this Package in object code or executable -form, provided that you do at least ONE of the following: - - a) distribute a Standard Version of the executables and library files, - together with instructions (in the manual page or equivalent) on where to - get the Standard Version. - - b) accompany the distribution with the machine-readable source of the Package - with your modifications. - - c) accompany any non-standard executables with their corresponding Standard - Version executables, giving the non-standard executables non-standard - names, and clearly documenting the differences in manual pages (or - equivalent), together with instructions on where to get the Standard - Version. - - d) make other distribution arrangements with the Copyright Holder. - -5. You may charge a reasonable copying fee for any distribution of this -Package. You may charge any fee you choose for support of this Package. You -may not charge a fee for this Package itself. However, you may distribute this -Package in aggregate with other (possibly commercial) programs as part of a -larger (possibly commercial) software distribution provided that you do not -advertise this Package as a product of your own. - -6. The scripts and library files supplied as input to or produced as output -from the programs of this Package do not automatically fall under the copyright -of this Package, but belong to whomever generated them, and may be sold -commercially, and may be aggregated with this Package. - -7. C or perl subroutines supplied by you and linked into this Package shall not -be considered part of this Package. - -8. The name of the Copyright Holder may not be used to endorse or promote -products derived from this software without specific prior written permission. - -9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - -The End - diff --git a/MANIFEST b/MANIFEST index 5e48667..32d49d3 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1,10 +1,10 @@ Build.PL -Changes -Makefile.PL MANIFEST MANIFEST.SKIP +README +Makefile.PL META.yml -README +Changes LICENSE lib/POE/Component/SSLify.pm @@ -15,5 +15,9 @@ examples/server.pl examples/serverclient.pl +mylib/example.crt +mylib/example.key + t/1_load.t t/apocalypse.t +t/simple.t diff --git a/MANIFEST.SKIP b/MANIFEST.SKIP index a398351..e4f3ad8 100644 --- a/MANIFEST.SKIP +++ b/MANIFEST.SKIP @@ -1,28 +1,29 @@ -# Avoid Eclipse stuff -\.includepath$ -\.project$ -\.settings/ - -# Avoid version control files. -\B\.svn\b -\B\.git\b - -# Avoid Makemaker generated and utility files. -\bMakefile$ -\bblib/ -\bMakeMaker-\d -\bpm_to_blib$ - -# Avoid Module::Build generated and utility files. -\bBuild$ -\b_build/ - -# Avoid temp and backup files. -~$ -\.old$ -\#$ -\b\.# -\.bak$ - -# our tarballs -\.tar\.gz$ +# skip Eclipse IDE stuff +\.includepath$ +\.project$ +\.settings/ + +# Avoid version control files. +\B\.svn\b +\B\.git\b + +# Avoid Makemaker generated and utility files. +\bMakefile$ +\bblib/ +\bMakeMaker-\d +\bpm_to_blib$ + +# Avoid Module::Build generated and utility files. +\bBuild$ +\b_build/ +^MYMETA.yml$ + +# Avoid temp and backup files. +~$ +\.old$ +\#$ +\b\.# +\.bak$ + +# our tarballs +\.tar\.gz$ diff --git a/POE-Component-SSLify-0.16.tar.gz b/POE-Component-SSLify-0.16.tar.gz new file mode 100644 index 0000000..621faeb Binary files /dev/null and b/POE-Component-SSLify-0.16.tar.gz differ diff --git a/examples/client.pl b/examples/client.pl index f426d50..4eb8f34 100755 --- a/examples/client.pl +++ b/examples/client.pl @@ -1,8 +1,5 @@ #!/usr/bin/perl use strict; use warnings; - -# to use experimental nonblocking, uncomment this line -#sub POE::Component::SSLify::NONBLOCKING { 1 } use POE; use POE::Component::SSLify qw( Client_SSLify ); @@ -30,7 +27,7 @@ 'do_connect' => sub { # Create the socketfactory wheel to listen for requests $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new( - 'RemotePort' => 5432, + 'RemotePort' => 9898, 'RemoteAddress' => 'localhost', 'Reuse' => 'yes', 'SuccessEvent' => 'Got_Connection', diff --git a/examples/server.pl b/examples/server.pl index 60e5053..52f4454 100755 --- a/examples/server.pl +++ b/examples/server.pl @@ -1,8 +1,5 @@ #!/usr/bin/perl use strict; use warnings; - -# to use experimental nonblocking, uncomment this line -#sub POE::Component::SSLify::NONBLOCKING { 1 } use POE; use Socket qw( inet_ntoa unpack_sockaddr_in ); @@ -15,15 +12,18 @@ POE::Session->create( 'inline_states' => { '_start' => sub { - # Okay, set the SSL options - SSLify_Options( 'server.key', 'server.crt' ); + # Okay, set the SSL certificate info + eval { + SSLify_Options( 'mylib/example.key', 'mylib/example.crt' ); + }; + SSLify_Options( '../mylib/example.key', '../mylib/example.crt' ) if ( $@ ); # Set the alias $_[KERNEL]->alias_set( 'main' ); # Create the socketfactory wheel to listen for requests $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new( - 'BindPort' => 5432, + 'BindPort' => 9898, 'BindAddress' => 'localhost', 'Reuse' => 'yes', 'SuccessEvent' => 'Got_Connection', diff --git a/examples/serverclient.pl b/examples/serverclient.pl index cffc014..d81b7a7 100755 --- a/examples/serverclient.pl +++ b/examples/serverclient.pl @@ -1,8 +1,5 @@ #!/usr/bin/perl use strict; use warnings; - -# to use experimental nonblocking, uncomment this line -#sub POE::Component::SSLify::NONBLOCKING { 1 } use POE; use Socket qw( inet_ntoa unpack_sockaddr_in ); @@ -17,15 +14,18 @@ POE::Session->create( 'inline_states' => { '_start' => sub { - # Okay, set the SSL options - SSLify_Options( 'server.key', 'server.crt' ); + # Okay, set the SSL certificate info + eval { + SSLify_Options( 'mylib/example.key', 'mylib/example.crt' ); + }; + SSLify_Options( '../mylib/example.key', '../mylib/example.crt' ) if ( $@ ); # Set the alias $_[KERNEL]->alias_set( 'server' ); # Create the socketfactory wheel to listen for requests $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new( - 'BindPort' => 5432, + 'BindPort' => 9898, 'BindAddress' => 'localhost', 'Reuse' => 'yes', 'SuccessEvent' => 'Got_Connection', @@ -104,7 +104,7 @@ 'do_connect' => sub { # Create the socketfactory wheel to listen for requests $_[HEAP]->{'SOCKETFACTORY'} = POE::Wheel::SocketFactory->new( - 'RemotePort' => 5432, + 'RemotePort' => 9898, 'RemoteAddress' => 'localhost', 'Reuse' => 'yes', 'SuccessEvent' => 'Got_Connection', diff --git a/lib/POE/Component/SSLify/ClientHandle.pm b/lib/POE/Component/SSLify/ClientHandle.pm index ca94592..440a15f 100644 --- a/lib/POE/Component/SSLify/ClientHandle.pm +++ b/lib/POE/Component/SSLify/ClientHandle.pm @@ -1,10 +1,9 @@ -# $Id: ClientHandle.pm 53 2008-07-28 03:03:04Z larwan $ package POE::Component::SSLify::ClientHandle; use strict; use warnings; # Initialize our version use vars qw( $VERSION ); -$VERSION = '0.15'; +$VERSION = '0.16'; # Import the SSL death routines use Net::SSLeay qw( die_now die_if_ssl_error ); @@ -29,6 +28,10 @@ Net::SSLeay::set_fd( $ssl, $fileno ); # Must use fileno + # Socket is in non-blocking mode, so connect() will return immediately. + # die_if_ssl_error won't die on non-blocking errors. We don't need to call connect() + # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely + # by self (it's needed to connect() once to determine connection type). my $resp = Net::SSLeay::connect( $ssl ) or die_if_ssl_error( 'ssl connect' ); my $self = bless { @@ -71,7 +74,7 @@ =head1 COPYRIGHT AND LICENSE -Copyright 2009 by Apocalypse +Copyright 2010 by Apocalypse This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. diff --git a/lib/POE/Component/SSLify/ServerHandle.pm b/lib/POE/Component/SSLify/ServerHandle.pm index 1b85e33..0d6527e 100644 --- a/lib/POE/Component/SSLify/ServerHandle.pm +++ b/lib/POE/Component/SSLify/ServerHandle.pm @@ -1,10 +1,9 @@ -# $Id: ServerHandle.pm 53 2008-07-28 03:03:04Z larwan $ package POE::Component::SSLify::ServerHandle; use strict; use warnings; # Initialize our version use vars qw( $VERSION ); -$VERSION = '0.15'; +$VERSION = '0.16'; # Import the SSL death routines use Net::SSLeay qw( die_now die_if_ssl_error ); @@ -19,6 +18,10 @@ Net::SSLeay::set_fd( $ssl, $fileno ); + # Socket is in non-blocking mode, so accept() will return immediately. + # die_if_ssl_error won't die on non-blocking errors. We don't need to call accept() + # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely + # by self (it's needed to accept() once to determine connection type). my $err = Net::SSLeay::accept( $ssl ) and die_if_ssl_error( 'ssl accept' ); my $self = bless { @@ -85,7 +88,8 @@ my $wrote_len = Net::SSLeay::write( $self->{'ssl'}, substr( $buf, $offset, $len ) ); # Did we get an error or number of bytes written? - # Net::SSLeay::write() returns the number of bytes written, or -1 on error. + # Net::SSLeay::write() returns the number of bytes written, or 0 on unsuccessful + # operation (probably connection closed), or -1 on error. if ( $wrote_len < 0 ) { # The normal syswrite() POE uses expects 0 here. return 0; @@ -186,19 +190,9 @@ Apocalypse Eapocal@cpan.orgE -=head1 PROPS - - Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply - packaged up the code into something everyone could use... - - From the PoCo::Client::HTTP code for blocking sockets =] - # TODO - This code should probably become a POE::Kernel method, - # seeing as it's rather baroque and potentially useful in a number - # of places. - =head1 COPYRIGHT AND LICENSE -Copyright 2009 by Apocalypse/Rocco Caputo +Copyright 2010 by Apocalypse This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. diff --git a/lib/POE/Component/SSLify.pm b/lib/POE/Component/SSLify.pm index e0411f0..74f11a1 100644 --- a/lib/POE/Component/SSLify.pm +++ b/lib/POE/Component/SSLify.pm @@ -1,10 +1,9 @@ -# $Id: SSLify.pm 53 2008-07-28 03:03:04Z larwan $ package POE::Component::SSLify; use strict; use warnings; # Initialize our version use vars qw( $VERSION ); -$VERSION = '0.15'; +$VERSION = '0.16'; # We need Net::SSLeay or all's a failure! BEGIN { @@ -22,16 +21,13 @@ } # Finally, load our subclass :) + # ClientHandle isa ServerHandle so it will get loaded automatically require POE::Component::SSLify::ClientHandle; - require POE::Component::SSLify::ServerHandle; # Initialize Net::SSLeay Net::SSLeay::load_error_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); Net::SSLeay::randomize(); - - # set nonblocking mode? - if ( ! defined &NONBLOCKING ) { *NONBLOCKING = sub () { 0 } } } } @@ -51,33 +47,28 @@ # The server-side CTX stuff my $ctx = undef; -# Helper sub to set blocking on a handle -sub Set_Blocking { +# Helper sub to set nonblocking on a handle +sub _NonBlocking { my $socket = shift; - # skip this? ( experimental ) - return $socket if NONBLOCKING(); - - # Net::SSLeay needs blocking for setup. - # # ActiveState Perl 5.8.0 dislikes the Win32-specific code to make - # a socket blocking, so we use IO::Handle's blocking(1) method. + # a socket blocking, so we use IO::Handle's blocking(0) method. # Perl 5.005_03 doesn't like blocking(), so we only use it in # 5.8.0 and beyond. if ( $] >= 5.008 and $^O eq 'MSWin32' ) { # From IO::Handle POD # If an error occurs blocking will return undef and $! will be set. - if ( ! $socket->blocking( 1 ) ) { - die "Unable to set blocking mode on socket: $!"; + if ( ! $socket->blocking( 0 ) ) { + die "Unable to set nonblocking mode on socket: $!"; } } else { - # Make the handle blocking, the POSIX way. + # Make the handle nonblocking, the POSIX way. if ( $^O ne 'MSWin32' ) { # Get the old flags my $flags = fcntl( $socket, F_GETFL, 0 ) or die "fcntl( $socket, F_GETFL, 0 ) fails: $!"; - # Okay, we patiently wait until the socket turns blocking mode - until( fcntl( $socket, F_SETFL, $flags & ~O_NONBLOCK ) ) { + # Okay, we patiently wait until the socket turns nonblocking mode + until( fcntl( $socket, F_SETFL, $flags | O_NONBLOCK ) ) { # What was the error? if ( ! ( $! == EAGAIN or $! == EWOULDBLOCK ) ) { # Fatal error... @@ -88,7 +79,7 @@ # Darned MSWin32 way... # Do some ioctl magic here # 126 is FIONBIO ( some docs say 0x7F << 16 ) - my $flag = "0"; + my $flag = "1"; ioctl( $socket, 0x80000000 | ( 4 << 16 ) | ( ord( 'f' ) << 8 ) | 126, $flag ) or die "ioctl( $socket, FIONBIO, $flag ) fails: $!"; } } @@ -107,8 +98,8 @@ die "Did not get a defined socket"; } - # Set blocking on - $socket = Set_Blocking( $socket ); + # Set non-blocking + $socket = _NonBlocking( $socket ); # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle my $newsock = gensym(); @@ -134,8 +125,8 @@ die 'Please do SSLify_Options() first ( or pass in a $ctx object )'; } - # Set blocking on - $socket = Set_Blocking( $socket ); + # Set non-blocking + $socket = _NonBlocking( $socket ); # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle my $newsock = gensym(); @@ -149,7 +140,7 @@ # Get the key + cert + version + options my( $key, $cert, $version, $options ) = @_; - return createSSLcontext( $key, $cert, $version, $options ); + return _createSSLcontext( $key, $cert, $version, $options ); } sub SSLify_Options { @@ -171,13 +162,13 @@ Net::SSLeay::CTX_free( $ctx ); undef $ctx; } - $ctx = createSSLcontext( $key, $cert, $version, $options ); + $ctx = _createSSLcontext( $key, $cert, $version, $options ); # all done! return 1; } -sub createSSLcontext { +sub _createSSLcontext { my( $key, $cert, $version, $options ) = @_; my $context; @@ -247,24 +238,27 @@ # End of module 1; - __END__ +=for stopwords AnnoCPAN CPAN CPANTS Kwalitee RT SSL com diff github + =head1 NAME POE::Component::SSLify - Makes using SSL in the world of POE easy! =head1 SYNOPSIS -=head2 Client-side usage + # CLIENT-side usage # Import the module use POE::Component::SSLify qw( Client_SSLify ); # Create a normal SocketFactory wheel or something - my $factory = POE::Wheel::SocketFactory->new( ... ); - + my $factory = POE::Wheel::SocketFactory->new; + + # Time passes, SocketFactory gives you a socket when it connects in SuccessEvent # Converts the socket into a SSL socket POE can communicate with + my $socket = shift; eval { $socket = Client_SSLify( $socket ) }; if ( $@ ) { # Unable to SSLify it... @@ -273,12 +267,16 @@ # Now, hand it off to ReadWrite my $rw = POE::Wheel::ReadWrite->new( Handle => $socket, - ... + # other options as usual ); # Use it as you wish... - -=head2 Server-side usage + # End of example + + # --------------------------------------------------------------------------- # + + + # SERVER-side usage # !!! Make sure you have a public key + certificate generated via Net::SSLeay's makecert.pl # excellent howto: http://www.akadia.com/services/ssh_test_certificate.html @@ -293,9 +291,11 @@ } # Create a normal SocketFactory wheel or something - my $factory = POE::Wheel::SocketFactory->new( ... ); - + my $factory = POE::Wheel::SocketFactory->new; + + # Time passes, SocketFactory gives you a socket when it gets a connection in SuccessEvent # Converts the socket into a SSL socket POE can communicate with + my $socket = shift; eval { $socket = Server_SSLify( $socket ) }; if ( $@ ) { # Unable to SSLify it... @@ -304,10 +304,11 @@ # Now, hand it off to ReadWrite my $rw = POE::Wheel::ReadWrite->new( Handle => $socket, - ... + # other options as usual ); # Use it as you wish... + # End of example =head1 ABSTRACT @@ -350,20 +351,6 @@ Some users have reported success, others failure when they tried to utilize SSLify in both roles. This would require more investigation, so please tread carefully if you need to use it! -=head2 Blocking mode - - Normally, Net::SSLeay requires the socket to be in blocking mode for the initial handshake to work. However, - various users ( especially ASCENT, thanks! ) have reported success in setting nonblocking mode for clients. - - In order to enable nonblocking mode, you need to set the subroutine "NONBLOCKING" to a true value in this - package. - - sub POE::Component::SSLify::NONBLOCKING { 1 } - use POE::Component::SSLify; - - This is a global, and an EXPERIMENTAL feature! Please, pretty please report back to me your experience with - this. Hopefully someday SSLify will be fully nonblocking, thanks to your help! - =head1 FUNCTIONS =head2 Client_SSLify @@ -476,7 +463,7 @@ Stuffs all of the above functions in @EXPORT_OK so you have to request them directly -head1 SUPPORT +=head1 SUPPORT You can find documentation for this module with the perldoc command. @@ -486,6 +473,10 @@ =over 4 +=item * Search CPAN + +L + =item * AnnoCPAN: Annotated CPAN documentation L @@ -494,13 +485,33 @@ L -=item * RT: CPAN's request tracker +=item * CPAN Forum + +L + +=item * RT: CPAN's Request Tracker L -=item * Search CPAN - -L +=item * CPANTS Kwalitee + +L + +=item * CPAN Testers Results + +L + +=item * CPAN Testers Matrix + +L + +=item * Git Source Code Repository + +This code is currently hosted on github.com under the account "apocalypse". Please feel free to browse it +and pull from it, or whatever. If you want to contribute patches, please send me a diff or prod me to pull +from your repository :) + +L =back @@ -519,8 +530,6 @@ =head1 AUTHOR Apocalypse Eapocal@cpan.orgE - -=head1 PROPS Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply packaged up the code into something everyone could use and accepted the burden @@ -531,11 +540,16 @@ # seeing as it's rather baroque and potentially useful in a number # of places. +ASCENT also helped a lot with the nonblocking mode, without his hard work this +module would still be stuck in the stone age :) + =head1 COPYRIGHT AND LICENSE -Copyright 2009 by Apocalypse/Rocco Caputo +Copyright 2010 by Apocalypse/Rocco Caputo/ascent This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. +The full text of the license can be found in the LICENSE file included with this module. + =cut diff --git a/mylib/example.crt b/mylib/example.crt new file mode 100644 index 0000000..48aceb6 --- /dev/null +++ b/mylib/example.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDIDCCAggCCQCFFIApNMYn+zANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJY +WDETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MRowGAYD +VQQKExFTb21lLUNvbXBhbnkgTHRkLjAeFw0xMDAzMDkyMzM0NDBaFw0yMzExMTYy +MzM0NDBaMFIxCzAJBgNVBAYTAlhYMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYD +VQQHEwlTb21lLUNpdHkxGjAYBgNVBAoTEVNvbWUtQ29tcGFueSBMdGQuMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7vONqMnWdBNGEstmvJDH3vmDh/y +ZxgpkJhKNTIEbyo5B+m29mc860A4VNKGmi/c/Z0zx7ETu5GpTZAvVdhr9LWHKh6j +vH4xGfCfCCfyZtFIxEsIawpaRi2AkKRb4386NCDXdomVCiihAEn2VKS13nZaztMu +EwVFg3l5jIj8sHE9UJbTmbCQOJre1brAK/2l0FEfy03oCygYvtTUzYksbLNsNiG7 +LJ/Y8opoKwdcboVzMOg1dnoY6a3J7hpDd6FSTKcpqxNltk3x1fWh+zEd0Pl3YAMF +uW1mIbOIuSuQD9mZqcxDIaAb/yrU5N82zh7Kkba3MCs1B6eaCWPJcDFeFwIDAQAB +MA0GCSqGSIb3DQEBBQUAA4IBAQBDXa1fKk1NF05/9w93q8/QDINXQhlWFZDIr5oB +A0rU2Rezljji92ElZCl/nGfianeCoCjA6+xMY37eUn8OOfJh1e6a45E1sRyXgZZv +tlZmt65K/UlZCYQ8+jEPjP+Ea/iKq3IUN0RKObOxB3QvOucx0ECfqZeiApuhkjZJ +I97dcD3ybwQ2rZcRzIccKQYsfnzLIzUjLlEbvyIOk6jyGKV6lZfmkeyuDbFlBdcG +85Ts5GpXM7lojmdz858PgNEtCEkoSO8LQSdWftsoCxWTEPdMTBPotMN0FgySO5Wr +d91Rn/uL5LFSGD4CV8u94IcS/qLf1IqheGUWPYZ7edwt+zQm +-----END CERTIFICATE----- diff --git a/mylib/example.key b/mylib/example.key new file mode 100644 index 0000000..444a63d --- /dev/null +++ b/mylib/example.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAy7vONqMnWdBNGEstmvJDH3vmDh/yZxgpkJhKNTIEbyo5B+m2 +9mc860A4VNKGmi/c/Z0zx7ETu5GpTZAvVdhr9LWHKh6jvH4xGfCfCCfyZtFIxEsI +awpaRi2AkKRb4386NCDXdomVCiihAEn2VKS13nZaztMuEwVFg3l5jIj8sHE9UJbT +mbCQOJre1brAK/2l0FEfy03oCygYvtTUzYksbLNsNiG7LJ/Y8opoKwdcboVzMOg1 +dnoY6a3J7hpDd6FSTKcpqxNltk3x1fWh+zEd0Pl3YAMFuW1mIbOIuSuQD9mZqcxD +IaAb/yrU5N82zh7Kkba3MCs1B6eaCWPJcDFeFwIDAQABAoIBAQDAWYEZHrMBXePb +4uac2su6xuxuO4VOBob/qHivfpinJ9MOgH8oZlIivdAxbU599mCL5cbEa4/40E5r +F41JXHqYYGbLwn/Ob8oF9qL/PU/j+QXdpgW9odmXVlCCv1quECmwm60xkjXvkGpp +bmsugQ/giBe2G7XtaVW3CpJSt+by4VW+qf8ke3Y8TQHoW+dUPiexb9KFFTvy9i1O +HV1Z3pQ3Y8yH1qb5xzCNYv1/ofjbAMlv1Cf9CHpAnIWlXA7QCb1VktF2eMjv435d +oxhEhYidARWZfxiYRcewt0FfPU7/yDZXgphLSrQLWEJs6bOxDRhA6l/cOcQX/XG1 +t7I5I9JhAoGBAPuweXOTUEfZdrveXM5716/o+qYMZC330LvOqbpJnB5up8cPR9sl +VB1dZqFMYdFTVD9oPKPY726RxptE8ylShhe5LuPRjF3/aYmXlrQROSJJ5uJ5exr9 +mJjXaRp9AW8wTOqDkHbiyb+WrpVL5klYHvgnJrivokzc246tdsvADJ6xAoGBAM85 +EgTQhHT5OFe4bQavROd8khuTTD3iGQQO0cR5Oh8EjbMc3ejp7qUE41I30DoFpn64 +uOiQzxzpOJFGiid+8FoG7k2/K96j0j9JiBNv93Te1OhOvG+2JirrygoM9E3ofmF5 +trDpCVgs5+mAkdJctmpXME5PPmEKo5+b2cK9S8tHAoGAS5s0sLJVEHBUCZV/nYt4 +PGCpQs5AHcruyiwHsm1AV6f4AIUnmb456WRQWy3dyIrWqQGADdwx+K4T0jrBLO2c +WG4Jlugw2V/LbUi7PbZaymEW2XuSroX1nBxBd3KLxsHkqSICeKQh5Mq4ASM+t1Og +Yf0o1Zv1Dk/eKJsVL5mucNECgYEAst3nIMK/4pwQNx+Y9DErf8i18Rl2sN/NigQk +qrudIJL0oMtk/JuYA1axxREqKjsgWLen3A7Kx4DD9Bn4PFlEq+DZp8BA5L9xRnF5 +BJYb+gQxsIft/VsznM7EKWK/KdRp6kd+Gzw7daHlWFdDB1pBlo7FwoKCLI9bZvTG +xWJR3xcCgYEAyHPtp36K2epbFkpCf5pmtWCVk4lRNs6MSE0aJmbqZhRW971V81ev +xa2DZj3KHcXCfDW5Dnjiyx9qf7GS1ts9dfWyKjr6qEwBcGQMXW3C6p9fuFXkxGhe +Yx2KYA48kiY5Rj5wTpixwdq3YWASlZOQs282UEb+cxZHxpT2YUiIJkc= +-----END RSA PRIVATE KEY----- diff --git a/t/apocalypse.t b/t/apocalypse.t index faf266a..199ba25 100644 --- a/t/apocalypse.t +++ b/t/apocalypse.t @@ -8,5 +8,7 @@ } else { # lousy hack for kwalitee require Test::NoWarnings; require Test::Pod; require Test::Pod::Coverage; - is_apocalypse_here(); + is_apocalypse_here( { + deny => qr/^(?:(?:OutdatedPrereq|Dependencie)s|ModuleUsed|Strict|Fixme|Pod_Spelling)$/, + } ); } diff --git a/t/simple.t b/t/simple.t new file mode 100644 index 0000000..8bee642 --- /dev/null +++ b/t/simple.t @@ -0,0 +1,134 @@ +#!/usr/bin/perl + +use strict; +use warnings; +use Test::More tests => 22; + +use POE; +use POE::Component::Client::TCP; +use POE::Component::Server::TCP; +use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate/; +use Net::SSLeay qw/ERROR_WANT_READ ERROR_WANT_WRITE/; +use POSIX qw/F_GETFL F_SETFL O_NONBLOCK EAGAIN EWOULDBLOCK/; + +# TODO rewrite this to use Test::POE::Server::TCP and stuff :) + +my $port; + +POE::Component::Server::TCP->new +( + Alias => 'myserver', + Address => '127.0.0.1', + Port => 0, + + Started => sub + { + use Socket qw/sockaddr_in/; + $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0]; + }, + ClientConnected => sub + { + ok(1, 'SERVER: accepted'); + }, + ClientDisconnected => sub + { + ok(1, 'SERVER: client disconnected'); + $_[KERNEL]->post(myserver => 'shutdown'); + }, + ClientPreConnect => sub + { + eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') }; + eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@); + ok(!$@, "SERVER: SSLify_Options $@"); + + my $socket = eval { Server_SSLify($_[ARG0]) }; + ok(!$@, "SERVER: Server_SSLify $@"); + ok(1, 'SERVER: SSLify_GetCipher: '. SSLify_GetCipher($socket)); + + my $flags = fcntl($_[ARG0], F_GETFL, 0); + ok($flags & O_NONBLOCK, 'SERVER: SSLified socket is non-blocking?'); + + return ($socket); + }, + ClientInput => sub + { + my ($kernel, $heap, $request) = @_[KERNEL, HEAP, ARG0]; + + ## At this point, connection MUST be encrypted. + my $cipher = SSLify_GetCipher($heap->{client}->get_output_handle); + ok($cipher ne '(NONE)', "SERVER: SSLify_GetCipher: $cipher"); + + if ($request eq 'ping') + { + ok(1, "SERVER: recv: $request"); + $heap->{client}->put("pong"); + } + elsif ($request eq 'ping2') + { + ok(1, "SERVER: recv: $request"); + $heap->{client}->put("pong2"); + } + }, +); + +POE::Component::Client::TCP->new +( + Alias => 'myclient', + RemoteAddress => '127.0.0.1', + RemotePort => $port, + Connected => sub + { + ok(1, 'CLIENT: connected'); + + $_[HEAP]->{server}->put("ping"); + }, + PreConnect => sub + { + my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') }; + ok(!$@, "CLIENT: SSLify_ContextCreate $@"); + my $socket = eval { Client_SSLify($_[ARG0], undef, undef, $ctx) }; + ok(!$@, "CLIENT: Client_SSLify $@"); + ok(1, 'CLIENT: SSLify_GetCipher: '. SSLify_GetCipher($socket)); + + my $flags = fcntl($_[ARG0], F_GETFL, 0); + ok($flags & O_NONBLOCK, 'CLIENT: SSLified socket is non-blocking?'); + + return ($socket); + }, + ServerInput => sub + { + my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0]; + + ## At this point, connection MUST be encrypted. + my $cipher = SSLify_GetCipher($heap->{server}->get_output_handle); + ok($cipher ne '(NONE)', "CLIENT: SSLify_GetCipher: $cipher"); + + if ($line eq 'pong') + { + ok(1, "CLIENT: recv: $line"); + + ## Force SSL renegotiation + my $ssl = tied(*{$heap->{server}->get_output_handle})->{ssl}; + my $reneg_num = Net::SSLeay::num_renegotiations($ssl); + + ok(1 == Net::SSLeay::renegotiate($ssl), 'CLIENT: SSL renegotiation'); + my $handshake = Net::SSLeay::do_handshake($ssl); + my $err = Net::SSLeay::get_error($ssl, $handshake); + + ## 1 == Successful handshake, ERROR_WANT_(READ|WRITE) == non-blocking. + ok($handshake == 1 || $err == ERROR_WANT_READ || $err == ERROR_WANT_WRITE, 'CLIENT: SSL handshake'); + ok($reneg_num < Net::SSLeay::num_renegotiations($ssl), 'CLIENT: Increased number of negotiations'); + + $heap->{server}->put('ping2'); + } + + elsif ($line eq 'pong2') + { + ok(1, "CLIENT: recv: $line"); + $kernel->yield('shutdown'); + } + }, +); + +$poe_kernel->run(); +exit 0;