Codebase list libpoe-component-sslify-perl / e4dbcb4
[svn-upgrade] new version libpoe-component-sslify-perl (1.004) Jonathan Yu 11 years ago
21 changed file(s) with 1498 addition(s) and 545 deletion(s). Raw diff Collapse all Expand all
2323 'Apocalypse <APOCAL@cpan.org>'
2424 ],
2525 'dist_name' => 'POE-Component-SSLify',
26 'dist_version' => '1.003',
26 'dist_version' => '1.004',
2727 'license' => 'perl',
2828 'module_name' => 'POE::Component::SSLify',
2929 'recommends' => {},
3232 'Exporter' => '0',
3333 'IO::Handle' => '1.28',
3434 'Net::SSLeay' => '1.36',
35 'Scalar::Util' => '0',
3536 'Symbol' => '0',
37 'Task::Weaken' => '1.03',
38 'parent' => '0',
3639 'perl' => '5.006'
3740 },
3841 'script_files' => []
00 Revision history for Perl extension POE::Component::SSLify.
1
2 1.004
3 Released: 2011-03-08 23:39:03 UTC
4
5 We now load certificate files via CTX_use_certificate_chain_file(), thanks Zephaniah E. Loss-Cutler-Hull <warp-spam_perl@aehallh.com>
6 OpenSSL docs suggest it - http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html#NOTES
7 PLEASE yell at me if you need the old functionality - the docs suggest this is the "better" way to do it...
8 Add the ability to pass a subref to call on connection/negotiation success, thanks Zephaniah E. Loss-Cutler-Hull <warp-spam_perl@aehallh.com>
9 NOTE: This will not work if you do renegotiation or any other zany SSL stuff!
10 Add the SSLify_GetStatus function to get the status of the connection
11 After staring at the Net::SSLeay/OpenSSL docs for a while I realized we were missing support for sslv23 version, added!
12 After some investigation, we now load all default ENGINEs for OpenSSL on startup, as it might provide a performance boost
113
214 1.003
315 Released: 2011-02-28 15:52:24 UTC
00 ==============================
11 9999-99-99 99:99:99 +0000 HEAD
22 ==============================
3
4 commit f9f664939980fdd646c3331815c7c9935e9ee248
5 Author: Apocalypse <perl@0ne.us>
6 Date: Tue Mar 8 16:29:27 2011 -0700
7
8 yet more POD tweaks
9
10 commit 79116f5515997c0353659c5611d943f73e6a3d58
11 Author: Apocalypse <perl@0ne.us>
12 Date: Tue Mar 8 16:23:19 2011 -0700
13
14 add more POD about callback and make the status a boolean value
15
16 commit fb1c1a1c135a20fea4f749548d6d34cab1735ff9
17 Author: Apocalypse <perl@0ne.us>
18 Date: Tue Mar 8 14:43:41 2011 -0700
19
20 fix some nits reported by PerlCritic
21
22 commit 602dac644a11b2331217895056e034d9226310b4
23 Author: Apocalypse <perl@0ne.us>
24 Date: Tue Mar 8 13:27:32 2011 -0700
25
26 tweak testsuite
27
28 commit 7ad6bbbc8e1d95f5dd4fbdb4df957e32eb31519c
29 Author: Apocalypse <perl@0ne.us>
30 Date: Tue Mar 8 12:45:28 2011 -0700
31
32 more doc tweaks
33
34 commit 5079fc8f5c3e4a9275f5fab7a80a10910800f3e1
35 Author: Apocalypse <perl@0ne.us>
36 Date: Tue Mar 8 12:33:10 2011 -0700
37
38 add more connect fail tests
39
40 commit 9700e8dd8f22d73bfeca5b2e603ad3eb85cb310c
41 Author: Apocalypse <perl@0ne.us>
42 Date: Tue Mar 8 12:32:56 2011 -0700
43
44 massive doc revamp
45
46 commit 13dde50f6a039812fb8b335c0318ccf467b2331e
47 Author: Apocalypse <perl@0ne.us>
48 Date: Tue Mar 8 00:23:22 2011 -0700
49
50 add connfail test
51
52 commit d96b80b1a4c1876d82e217677d0cdf33b1f68160
53 Author: Apocalypse <perl@0ne.us>
54 Date: Mon Mar 7 17:14:38 2011 -0700
55
56 add note about renegotiation and connection function
57
58 commit 4df07a720ee9ad46fc39bb4fd39ad46db3c6a710
59 Author: Apocalypse <perl@0ne.us>
60 Date: Mon Mar 7 16:56:44 2011 -0700
61
62 add testcase for connref hooks
63
64 commit def0826f81ef2825c9be2c3a9aa2e0a3588c5489
65 Author: Apocalypse <perl@0ne.us>
66 Date: Mon Mar 7 16:55:24 2011 -0700
67
68 add GetStatus and finalize connref stuff
69
70 commit f5b8e4ae8016715cf5d9385d5771dac8dbe59abd
71 Author: Apocalypse <perl@0ne.us>
72 Date: Mon Mar 7 16:13:03 2011 -0700
73
74 more fixes and add hook testcase
75
76 commit 3e003c92bc922091587960de5a02c5bdfec36c8c
77 Author: Apocalypse <perl@0ne.us>
78 Date: Mon Mar 7 16:04:00 2011 -0700
79
80 add actual hook functionality for connection done
81
82 commit 95ea76ec6e5a93cc8ff8b99df5a9b1558db27984
83 Author: Apocalypse <perl@0ne.us>
84 Date: Mon Mar 7 15:31:27 2011 -0700
85
86 initial commit for hook work
87
88 commit d7914f5f0a6d9cd3065c23ab70f91d9912eba084
89 Author: Apocalypse <perl@0ne.us>
90 Date: Mon Mar 7 14:58:09 2011 -0700
91
92 use CTX_use_certificate_chain_file
93
94 =======================================
95 2011-02-28 08:52:48 -0700 release-1.003
96 =======================================
97
98 commit dba0e05d424aeeb766bf887c1e731593777a6b5b
99 Author: Apocalypse <perl@0ne.us>
100 Date: Mon Feb 28 08:52:48 2011 -0700
101
102 New CPAN release of POE-Component-SSLify - v1.003
103
104 Released: 2011-02-28 15:52:24 UTC
105
106 Add $IGNORE_SSL_ERRORS to ignore certain SSL errors, thanks MNUNBERG
107 - RT#66130
108
109 Remove prereq on vars.pm as it's obsolete
3110
4111 commit 367645dabcbc3ca12aae0c32d7a2e8847274865e
5112 Author: Apocalypse <perl@0ne.us>
2222 t/000-report-versions-tiny.t
2323 t/1_simple.t
2424 t/2_renegotiate.t
25 t/3_insitu.t
25 t/3_upgrade.t
26 t/4_connect_hook.t
27 t/5_connfail_client.t
28 t/6_connfail_server.t
29 t/apocalypse.t
33 "Apocalypse <APOCAL@cpan.org>"
44 ],
55 "dynamic_config" : 0,
6 "generated_by" : "Dist::Zilla version 4.102345, CPAN::Meta::Converter version 2.102400",
6 "generated_by" : "Dist::Zilla version 4.200005, CPAN::Meta::Converter version 2.102400",
77 "license" : [
88 "perl_5"
99 ],
3535 "Exporter" : 0,
3636 "IO::Handle" : "1.28",
3737 "Net::SSLeay" : "1.36",
38 "Scalar::Util" : 0,
3839 "Symbol" : 0,
40 "Task::Weaken" : "1.03",
41 "parent" : 0,
3942 "perl" : "5.006"
4043 }
4144 },
5457 "provides" : {
5558 "POE::Component::SSLify" : {
5659 "file" : "lib/POE/Component/SSLify.pm",
57 "version" : "1.003"
60 "version" : "1.004"
5861 },
5962 "POE::Component::SSLify::ClientHandle" : {
6063 "file" : "lib/POE/Component/SSLify/ClientHandle.pm",
61 "version" : "1.003"
64 "version" : "1.004"
6265 },
6366 "POE::Component::SSLify::ServerHandle" : {
6467 "file" : "lib/POE/Component/SSLify/ServerHandle.pm",
65 "version" : "1.003"
68 "version" : "1.004"
6669 }
6770 },
6871 "release_status" : "stable",
8184 "web" : "http://github.com/apocalypse/perl-poe-sslify"
8285 }
8386 },
84 "version" : "1.003",
87 "version" : "1.004",
8588 "x_BuiltWith" : {
8689 "modules" : {
8790 "Exporter" : "5.63",
9396 "POE" : "1.299",
9497 "POE::Component::Client::TCP" : "1.299",
9598 "POE::Component::Server::TCP" : "1.299",
99 "Scalar::Util" : "1.23",
96100 "Socket" : "1.80",
97101 "Symbol" : "1.06",
102 "Task::Weaken" : "1.03",
98103 "Test::More" : "0.96",
104 "parent" : "0.224",
99105 "perl" : "NA(skipped: perl)"
100106 },
101107 "perl" : {
120126 {
121127 "class" : "Dist::Zilla::Plugin::GatherDir",
122128 "name" : "@Apocalyptic/GatherDir",
123 "version" : "4.102345"
129 "version" : "4.200005"
124130 },
125131 {
126132 "class" : "Dist::Zilla::Plugin::PruneCruft",
127133 "name" : "@Apocalyptic/PruneCruft",
128 "version" : "4.102345"
134 "version" : "4.200005"
129135 },
130136 {
131137 "class" : "Dist::Zilla::Plugin::AutoPrereqs",
132138 "name" : "@Apocalyptic/AutoPrereqs",
133 "version" : "4.102345"
139 "version" : "4.200005"
134140 },
135141 {
136142 "class" : "Dist::Zilla::Plugin::GenerateFile",
137143 "name" : "@Apocalyptic/MANIFEST.SKIP",
138 "version" : "4.102345"
144 "version" : "4.200005"
139145 },
140146 {
141147 "class" : "Dist::Zilla::Plugin::ManifestSkip",
142148 "name" : "@Apocalyptic/ManifestSkip",
143 "version" : "4.102345"
149 "version" : "4.200005"
144150 },
145151 {
146152 "class" : "Dist::Zilla::Plugin::CompileTests",
148154 "version" : "1.103030"
149155 },
150156 {
157 "class" : "Dist::Zilla::Plugin::ApocalypseTests",
158 "name" : "@Apocalyptic/ApocalypseTests",
159 "version" : "1.001"
160 },
161 {
151162 "class" : "Dist::Zilla::Plugin::ReportVersions::Tiny",
152163 "name" : "@Apocalyptic/ReportVersions::Tiny",
153164 "version" : "1.02"
165176 {
166177 "class" : "Dist::Zilla::Plugin::PkgVersion",
167178 "name" : "@Apocalyptic/PkgVersion",
168 "version" : "4.102345"
179 "version" : "4.200005"
169180 },
170181 {
171182 "class" : "Dist::Zilla::Plugin::PodWeaver",
175186 {
176187 "class" : "Dist::Zilla::Plugin::NextRelease",
177188 "name" : "@Apocalyptic/NextRelease",
178 "version" : "4.102345"
189 "version" : "4.200005"
179190 },
180191 {
181192 "class" : "Dist::Zilla::Plugin::ChangelogFromGit",
200211 {
201212 "class" : "Dist::Zilla::Plugin::MetaConfig",
202213 "name" : "@Apocalyptic/MetaConfig",
203 "version" : "4.102345"
214 "version" : "4.200005"
204215 },
205216 {
206217 "class" : "Dist::Zilla::Plugin::MetaData::BuiltWith",
229240 {
230241 "class" : "Dist::Zilla::Plugin::MetaResources",
231242 "name" : "@Apocalyptic/MetaResources",
232 "version" : "4.102345"
243 "version" : "4.200005"
233244 },
234245 {
235246 "class" : "Dist::Zilla::Plugin::MetaNoIndex",
236247 "name" : "@Apocalyptic/MetaNoIndex",
237 "version" : "1.101550"
248 "version" : "4.200005"
238249 },
239250 {
240251 "class" : "Dist::Zilla::Plugin::MetaProvides::Package",
244255 {
245256 "class" : "Dist::Zilla::Plugin::License",
246257 "name" : "@Apocalyptic/License",
247 "version" : "4.102345"
258 "version" : "4.200005"
248259 },
249260 {
250261 "class" : "Dist::Zilla::Plugin::MakeMaker",
251262 "name" : "@Apocalyptic/MakeMaker",
252 "version" : "4.102345"
263 "version" : "4.200005"
253264 },
254265 {
255266 "class" : "Dist::Zilla::Plugin::ModuleBuild",
256267 "name" : "@Apocalyptic/ModuleBuild",
257 "version" : "4.102345"
268 "version" : "4.200005"
258269 },
259270 {
260271 "class" : "Dist::Zilla::Plugin::DualBuilders",
264275 {
265276 "class" : "Dist::Zilla::Plugin::MetaYAML",
266277 "name" : "@Apocalyptic/MetaYAML",
267 "version" : "4.102345"
278 "version" : "4.200005"
268279 },
269280 {
270281 "class" : "Dist::Zilla::Plugin::MetaJSON",
271282 "name" : "@Apocalyptic/MetaJSON",
272 "version" : "4.102345"
283 "version" : "4.200005"
273284 },
274285 {
275286 "class" : "Dist::Zilla::Plugin::ReadmeFromPod",
289300 {
290301 "class" : "Dist::Zilla::Plugin::Manifest",
291302 "name" : "@Apocalyptic/Manifest",
292 "version" : "4.102345"
303 "version" : "4.200005"
293304 },
294305 {
295306 "class" : "Dist::Zilla::Plugin::CheckChangesHasContent",
302313 "version" : "1.110500"
303314 },
304315 {
316 "class" : "Dist::Zilla::Plugin::TestRelease",
317 "name" : "@Apocalyptic/TestRelease",
318 "version" : "4.200005"
319 },
320 {
305321 "class" : "Dist::Zilla::Plugin::ConfirmRelease",
306322 "name" : "@Apocalyptic/ConfirmRelease",
307 "version" : "4.102345"
323 "version" : "4.200005"
308324 },
309325 {
310326 "class" : "Dist::Zilla::Plugin::UploadToCPAN",
311327 "name" : "@Apocalyptic/UploadToCPAN",
312 "version" : "4.102345"
328 "version" : "4.200005"
313329 },
314330 {
315331 "class" : "Dist::Zilla::Plugin::ArchiveRelease",
334350 {
335351 "class" : "Dist::Zilla::Plugin::FinderCode",
336352 "name" : ":InstallModules",
337 "version" : "4.102345"
353 "version" : "4.200005"
338354 },
339355 {
340356 "class" : "Dist::Zilla::Plugin::FinderCode",
341357 "name" : ":TestFiles",
342 "version" : "4.102345"
358 "version" : "4.200005"
343359 },
344360 {
345361 "class" : "Dist::Zilla::Plugin::FinderCode",
346362 "name" : ":ExecFiles",
347 "version" : "4.102345"
363 "version" : "4.200005"
348364 },
349365 {
350366 "class" : "Dist::Zilla::Plugin::FinderCode",
351367 "name" : ":ShareFiles",
352 "version" : "4.102345"
368 "version" : "4.200005"
353369 }
354370 ],
355371 "zilla" : {
357373 "config" : {
358374 "is_trial" : 0
359375 },
360 "version" : "4.102345"
376 "version" : "4.200005"
361377 }
362378 },
363379 "x_authority" : "cpan:APOCAL"
1313 configure_requires:
1414 Module::Build: 0.3601
1515 dynamic_config: 0
16 generated_by: 'Dist::Zilla version 4.102345, CPAN::Meta::Converter version 2.102400'
16 generated_by: 'Dist::Zilla version 4.200005, CPAN::Meta::Converter version 2.102400'
1717 license: perl
1818 meta-spec:
1919 url: http://module-build.sourceforge.net/META-spec-v1.4.html
2727 provides:
2828 POE::Component::SSLify:
2929 file: lib/POE/Component/SSLify.pm
30 version: 1.003
30 version: 1.004
3131 POE::Component::SSLify::ClientHandle:
3232 file: lib/POE/Component/SSLify/ClientHandle.pm
33 version: 1.003
33 version: 1.004
3434 POE::Component::SSLify::ServerHandle:
3535 file: lib/POE/Component/SSLify/ServerHandle.pm
36 version: 1.003
36 version: 1.004
3737 requires:
3838 Exporter: 0
3939 IO::Handle: 1.28
4040 Net::SSLeay: 1.36
41 Scalar::Util: 0
4142 Symbol: 0
43 Task::Weaken: 1.03
44 parent: 0
4245 perl: 5.006
4346 resources:
4447 bugtracker: http://rt.cpan.org/Public/Dist/Display.html?Name=POE-Component-SSLify
4548 homepage: http://search.cpan.org/dist/POE-Component-SSLify/
4649 license: http://dev.perl.org/licenses/
4750 repository: git://github.com/apocalypse/perl-poe-sslify.git
48 version: 1.003
51 version: 1.004
4952 x_BuiltWith:
5053 modules:
5154 Exporter: 5.63
5760 POE: 1.299
5861 POE::Component::Client::TCP: 1.299
5962 POE::Component::Server::TCP: 1.299
63 Scalar::Util: 1.23
6064 Socket: 1.80
6165 Symbol: 1.06
66 Task::Weaken: 1.03
6267 Test::More: 0.96
68 parent: 0.224
6369 perl: 'NA(skipped: perl)'
6470 perl:
6571 original: v5.10.0
7985 -
8086 class: Dist::Zilla::Plugin::GatherDir
8187 name: '@Apocalyptic/GatherDir'
82 version: 4.102345
88 version: 4.200005
8389 -
8490 class: Dist::Zilla::Plugin::PruneCruft
8591 name: '@Apocalyptic/PruneCruft'
86 version: 4.102345
92 version: 4.200005
8793 -
8894 class: Dist::Zilla::Plugin::AutoPrereqs
8995 name: '@Apocalyptic/AutoPrereqs'
90 version: 4.102345
96 version: 4.200005
9197 -
9298 class: Dist::Zilla::Plugin::GenerateFile
9399 name: '@Apocalyptic/MANIFEST.SKIP'
94 version: 4.102345
100 version: 4.200005
95101 -
96102 class: Dist::Zilla::Plugin::ManifestSkip
97103 name: '@Apocalyptic/ManifestSkip'
98 version: 4.102345
104 version: 4.200005
99105 -
100106 class: Dist::Zilla::Plugin::CompileTests
101107 name: '@Apocalyptic/CompileTests'
102108 version: 1.103030
103109 -
110 class: Dist::Zilla::Plugin::ApocalypseTests
111 name: '@Apocalyptic/ApocalypseTests'
112 version: 1.001
113 -
104114 class: Dist::Zilla::Plugin::ReportVersions::Tiny
105115 name: '@Apocalyptic/ReportVersions::Tiny'
106116 version: 1.02
115125 -
116126 class: Dist::Zilla::Plugin::PkgVersion
117127 name: '@Apocalyptic/PkgVersion'
118 version: 4.102345
128 version: 4.200005
119129 -
120130 class: Dist::Zilla::Plugin::PodWeaver
121131 name: '@Apocalyptic/PodWeaver'
123133 -
124134 class: Dist::Zilla::Plugin::NextRelease
125135 name: '@Apocalyptic/NextRelease'
126 version: 4.102345
136 version: 4.200005
127137 -
128138 class: Dist::Zilla::Plugin::ChangelogFromGit
129139 name: '@Apocalyptic/ChangelogFromGit'
143153 -
144154 class: Dist::Zilla::Plugin::MetaConfig
145155 name: '@Apocalyptic/MetaConfig'
146 version: 4.102345
156 version: 4.200005
147157 -
148158 class: Dist::Zilla::Plugin::MetaData::BuiltWith
149159 config:
165175 -
166176 class: Dist::Zilla::Plugin::MetaResources
167177 name: '@Apocalyptic/MetaResources'
168 version: 4.102345
178 version: 4.200005
169179 -
170180 class: Dist::Zilla::Plugin::MetaNoIndex
171181 name: '@Apocalyptic/MetaNoIndex'
172 version: 1.101550
182 version: 4.200005
173183 -
174184 class: Dist::Zilla::Plugin::MetaProvides::Package
175185 name: '@Apocalyptic/MetaProvides::Package'
177187 -
178188 class: Dist::Zilla::Plugin::License
179189 name: '@Apocalyptic/License'
180 version: 4.102345
190 version: 4.200005
181191 -
182192 class: Dist::Zilla::Plugin::MakeMaker
183193 name: '@Apocalyptic/MakeMaker'
184 version: 4.102345
194 version: 4.200005
185195 -
186196 class: Dist::Zilla::Plugin::ModuleBuild
187197 name: '@Apocalyptic/ModuleBuild'
188 version: 4.102345
198 version: 4.200005
189199 -
190200 class: Dist::Zilla::Plugin::DualBuilders
191201 name: '@Apocalyptic/DualBuilders'
193203 -
194204 class: Dist::Zilla::Plugin::MetaYAML
195205 name: '@Apocalyptic/MetaYAML'
196 version: 4.102345
206 version: 4.200005
197207 -
198208 class: Dist::Zilla::Plugin::MetaJSON
199209 name: '@Apocalyptic/MetaJSON'
200 version: 4.102345
210 version: 4.200005
201211 -
202212 class: Dist::Zilla::Plugin::ReadmeFromPod
203213 name: '@Apocalyptic/ReadmeFromPod'
213223 -
214224 class: Dist::Zilla::Plugin::Manifest
215225 name: '@Apocalyptic/Manifest'
216 version: 4.102345
226 version: 4.200005
217227 -
218228 class: Dist::Zilla::Plugin::CheckChangesHasContent
219229 name: '@Apocalyptic/CheckChangesHasContent'
223233 name: '@Apocalyptic/Git::Check'
224234 version: 1.110500
225235 -
236 class: Dist::Zilla::Plugin::TestRelease
237 name: '@Apocalyptic/TestRelease'
238 version: 4.200005
239 -
226240 class: Dist::Zilla::Plugin::ConfirmRelease
227241 name: '@Apocalyptic/ConfirmRelease'
228 version: 4.102345
242 version: 4.200005
229243 -
230244 class: Dist::Zilla::Plugin::UploadToCPAN
231245 name: '@Apocalyptic/UploadToCPAN'
232 version: 4.102345
246 version: 4.200005
233247 -
234248 class: Dist::Zilla::Plugin::ArchiveRelease
235249 name: '@Apocalyptic/ArchiveRelease'
249263 -
250264 class: Dist::Zilla::Plugin::FinderCode
251265 name: ':InstallModules'
252 version: 4.102345
266 version: 4.200005
253267 -
254268 class: Dist::Zilla::Plugin::FinderCode
255269 name: ':TestFiles'
256 version: 4.102345
270 version: 4.200005
257271 -
258272 class: Dist::Zilla::Plugin::FinderCode
259273 name: ':ExecFiles'
260 version: 4.102345
274 version: 4.200005
261275 -
262276 class: Dist::Zilla::Plugin::FinderCode
263277 name: ':ShareFiles'
264 version: 4.102345
278 version: 4.200005
265279 zilla:
266280 class: Dist::Zilla::Dist::Builder
267281 config:
268282 is_trial: 0
269 version: 4.102345
283 version: 4.200005
270284 x_authority: cpan:APOCAL
3131 'Exporter' => '0',
3232 'IO::Handle' => '1.28',
3333 'Net::SSLeay' => '1.36',
34 'Symbol' => '0'
34 'Scalar::Util' => '0',
35 'Symbol' => '0',
36 'Task::Weaken' => '1.03',
37 'parent' => '0'
3538 },
36 'VERSION' => '1.003',
39 'VERSION' => '1.004',
3740 'test' => {
3841 'TESTS' => 't/*.t'
3942 }
+215
-112
README less more
11 POE::Component::SSLify - Makes using SSL in the world of POE easy!
22
33 VERSION
4 This document describes v1.003 of POE::Component::SSLify - released February 28, 2011 as part of POE-Component-SSLify.
4 This document describes v1.004 of POE::Component::SSLify - released March 08, 2011 as part of POE-Component-SSLify.
55
66 SYNOPSIS
77 # CLIENT-side usage
6464
6565 FUNCTIONS
6666 Client_SSLify
67 Accepts a socket, returns a brand new socket SSLified. Optionally accepts SSL
68 context data.
69 my $socket = shift; # get the socket from somewhere
70 $socket = Client_SSLify( $socket ); # the default
71 $socket = Client_SSLify( $socket, $version, $options ); # sets more options for the context
72 $socket = Client_SSLify( $socket, undef, undef, $ctx ); # pass in a custom context
73
74 If $ctx is defined, SSLify will ignore other args. If $ctx isn't defined, SSLify
75 will create it from the $version + $options parameters.
76
77 Known versions:
78 * sslv2
79 * sslv3
80 * tlsv1
81 * default
82
83 By default we use the version: default
84
85 By default we don't set any options
86
87 NOTE: The way to have a client socket with proper certificates set up is:
88 my $socket = shift; # get the socket from somewhere
89 my $ctx = SSLify_ContextCreate( 'server.key', 'server.crt' );
90 $socket = Client_SSLify( $socket, undef, undef, $ctx );
91
92 BEWARE: If you passed in a CTX, SSLify will do Net::SSLeay::CTX_free( $ctx ) when the
93 socket is destroyed. This means you cannot reuse contexts!
67 This function sslifies a client-side socket. You can pass several
68 options to it:
69
70 my $socket = shift;
71 $socket = Client_SSLify( $socket, $version, $options, $ctx, $callback );
72 $socket is the non-ssl socket you got from somewhere ( required )
73 $version is the SSL version you want to use
74 $options is the SSL options you want to use
75 $ctx is the custom SSL context you want to use
76 $callback is the callback hook on success/failure of sslification
77
78 # This is an example of the callback and you should pass it as Client_SSLify( $socket, ... , \&callback );
79 sub callback {
80 my( $socket, $status, $errval ) = @_;
81 # $socket is the original sslified socket in case you need to play with it
82 # $status is either 1 or 0; with 1 signifying success and 0 failure
83 # $errval will be defined if $status == 0; it's the numeric SSL error code
84 # check http://www.openssl.org/docs/ssl/SSL_get_error.html for the possible error values ( and import them from Net::SSLeay! )
85
86 # The return value from the callback is discarded
87 }
88
89 If $ctx is defined, SSLify will ignore $version and $options. Otherwise,
90 it will be created from the $version and $options parameters. If all of
91 them are undefined, it will follow the defaults in
92 "SSLify_ContextCreate".
93
94 BEWARE: If you passed in a CTX, SSLify will do Net::SSLeay::CTX_free(
95 $ctx ) when the socket is destroyed. This means you cannot reuse
96 contexts!
97
98 NOTE: The way to have a client socket with proper certificates set up
99 is:
100
101 my $socket = shift; # get the socket from somewhere
102 my $ctx = SSLify_ContextCreate( 'server.key', 'server.crt' );
103 $socket = Client_SSLify( $socket, undef, undef, $ctx );
104
105 NOTE: You can pass the callback anywhere in the arguments, we'll figure
106 it out for you! If you want to call a POE event, please look into the
107 postback/callback stuff in POE::Session.
108
109 # we got this from POE::Wheel::SocketFactory
110 sub event_SuccessEvent {
111 my $socket = $_[ARG0];
112 $socket = Client_SSLify( $socket, $_[SESSION]->callback( 'sslify_result' ) );
113 $_[HEAP]->{client} = POE::Wheel::ReadWrite->new(
114 Handle => $socket,
115 ...
116 );
117 return;
118 }
119
120 # the callback event
121 sub event_sslify_result {
122 my ($creation_args, $called_args) = @_[ARG0, ARG1];
123 my( $socket, $status, $errval ) = @$called_args;
124
125 if ( $status ) {
126 print "Yay, SSLification worked!";
127 } else {
128 print "Aw, SSLification failed with error $errval";
129 }
130 }
94131
95132 Server_SSLify
96 Accepts a socket, returns a brand new socket SSLified
97 my $socket = shift; # get the socket from somewhere
98 $socket = Server_SSLify( $socket );
99
100 NOTE: SSLify_Options must be set first!
101
102 Furthermore, you can pass in your own $ctx object if you desire. This allows you to set custom parameters
103 per-connection, for example.
104 my $socket = shift; # get the socket from somewhere
105 my $ctx = SSLify_ContextCreate();
106 # set various options on $ctx as desired
107 $socket = Server_SSLify( $socket, $ctx );
108
109 NOTE: You can use SSLify_GetCTX to modify the global, and avoid doing this on every connection if the
110 options are the same...
133 This function sslifies a server-side socket. You can pass several
134 options to it:
135
136 my $socket = shift;
137 $socket = Server_SSLify( $socket, $ctx, $callback );
138 $socket is the non-ssl socket you got from somewhere ( required )
139 $ctx is the custom SSL context you want to use; overrides the global ctx set in SSLify_Options
140 $callback is the callback hook on success/failure of sslification
141
142 BEWARE: "SSLify_Options" must be called first if you aren't passing a
143 $ctx. If you want to set some options per-connection, do this:
144
145 my $socket = shift; # get the socket from somewhere
146 my $ctx = SSLify_ContextCreate();
147 # set various options on $ctx as desired
148 $socket = Server_SSLify( $socket, $ctx );
149
150 NOTE: You can use "SSLify_GetCTX" to modify the global, and avoid doing
151 this on every connection if the options are the same...
152
153 Please look at "Client_SSLify" for more details on the callback hook.
111154
112155 SSLify_ContextCreate
113 Accepts some options, and returns a brand-new Net::SSLeay context object ( $ctx )
114 my $ctx = SSLify_ContextCreate( $key, $cert, $version, $options );
115
116 You can then call various Net::SSLeay methods on the context
117 my $mode = Net::SSLeay::CTX_get_mode( $ctx );
118
119 By default we don't use the SSL key + certificate files
120
121 By default we use the version: default
122
123 Known versions:
124 * sslv2
125 * sslv3
126 * tlsv1
127 * default
128
129 By default we don't set any options
156 Accepts some options, and returns a brand-new Net::SSLeay context object
157 ( $ctx )
158
159 my $ctx = SSLify_ContextCreate( $key, $cert, $version, $options );
160 $key is the certificate key file
161 $cert is the certificate file
162 $version is the SSL version to use
163 $options is the SSL options to use
164
165 You can then call various Net::SSLeay methods on the context
166
167 my $mode = Net::SSLeay::CTX_get_mode( $ctx );
168
169 By default we don't use the SSL key + certificate files
170
171 By default we use the version: default. Known versions of the SSL
172 connection - look at <http://www.openssl.org/docs/ssl/SSL_CTX_new.html>
173 for more info.
174
175 * sslv2
176 * sslv3
177 * tlsv1
178 * sslv23
179 * default ( sslv23 )
180
181 By default we don't set any options - look at
182 <http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html> for more
183 info.
130184
131185 SSLify_Options
132 Call this function to initialize the global server-side CTX. Accepts the location of the
133 SSL key + certificate files, which is required.
134
135 Optionally accepts the SSL version + CTX options
136 SSLify_Options( $key, $cert, $version, $options );
137
138 By default we use the version: default
139
140 Known versions:
141 * sslv2
142 * sslv3
143 * tlsv1
144 * default
145
146 By default we use the options: &Net::SSLeay::OP_ALL
186 Call this function to initialize the global server-side context object.
187 This will be the default context whenever you call "Server_SSLify"
188 without passing a custom context to it.
189
190 SSLify_Options( $key, $cert, $version, $options );
191 $key is the certificate key file ( required )
192 $cert is the certificate file ( required )
193 $version is the SSL version to use
194 $options is the SSL options to use
195
196 By default we use the version: default
197
198 By default we use the options: Net::SSLeay::OP_ALL
199
200 Please look at "SSLify_ContextCreate" for more info on the available
201 versions/options.
147202
148203 SSLify_GetCTX
149 Returns the actual Net::SSLeay context object in case you wanted to play with it :)
150
151 If passed in a socket, it will return that socket's $ctx instead of the global.
152 my $ctx = SSLify_GetCTX(); # get the one set via SSLify_Options
153 my $ctx = SSLify_GetCTX( $sslified_sock ); # get the one in the object
204 Returns the actual Net::SSLeay context object in case you wanted to play
205 with it :)
206
207 If passed in a socket, it will return that socket's $ctx instead of the
208 global.
209
210 my $ctx = SSLify_GetCTX(); # get the one set via SSLify_Options
211 my $ctx = SSLify_GetCTX( $sslified_sock ); # get the one in the object
154212
155213 SSLify_GetCipher
156 Returns the cipher used by the SSLified socket
157
158 Example:
159 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
160
161 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will result in "(NONE)" because the SSL handshake
162 is not done yet. The socket is nonblocking, so you will have to wait a little bit for it to get ready.
163 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
164 got connection from: 127.0.0.1 - commencing Server_SSLify()
165 SSLified: 127.0.0.1 cipher type: ((NONE))
166 Connected to server, commencing Client_SSLify()
167 SSLified the connection to the server
168 Connected to SSL server
169 Input: hola
170 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
171 Got Reply: hola
172 Input: ^C
173 stopped at serverclient.pl line 126.
214 Returns the cipher used by the SSLified socket
215
216 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
217
218 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will
219 result in "(NONE)" because the SSL handshake is not done yet. The socket
220 is nonblocking, so you will have to wait a little bit for it to get
221 ready.
222
223 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
224 got connection from: 127.0.0.1 - commencing Server_SSLify()
225 SSLified: 127.0.0.1 cipher type: ((NONE))
226 Connected to server, commencing Client_SSLify()
227 SSLified the connection to the server
228 Connected to SSL server
229 Input: hola
230 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
231 Got Reply: hola
232 Input: ^C
233 stopped at serverclient.pl line 126.
174234
175235 SSLify_GetSocket
176 Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
177
178 Example:
179 print "Remote IP is: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $sslified_sock ) ) ) )[1] ) . "\n";
236 Returns the actual socket used by the SSLified socket, useful for stuff
237 like getpeername()/getsockname()
238
239 print "Remote IP is: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $sslified_sock ) ) ) )[1] ) . "\n";
180240
181241 SSLify_GetSSL
182 Returns the actual Net::SSLeay object so you can call methods on it
183
184 Example:
185 print Net::SSLeay::dump_peer_certificate( SSLify_GetSSL( $sslified_sock ) );
242 Returns the actual Net::SSLeay object so you can call methods on it
243
244 print Net::SSLeay::dump_peer_certificate( SSLify_GetSSL( $sslified_sock ) );
245
246 SSLify_GetStatus
247 Returns the status of the SSL negotiation/handshake/connection. See
248 <http://www.openssl.org/docs/ssl/SSL_connect.html#RETURN_VALUES> for
249 more info.
250
251 my $status = SSLify_GetStatus( $socket );
252 -1 = still in negotiation stage ( or error )
253 0 = internal SSL error, connection will be dead
254 1 = negotiation successful
186255
187256 NOTES
188257 Socket methods doesn't work
189 The new socket this module gives you actually is some tied socket magic,
190 so you cannot do stuff like getpeername() or getsockname(). The only way
191 to do it is to use "SSLify_GetSocket" and then operate on the socket it
258 The new socket this module gives you actually is tied socket magic, so
259 you cannot do stuff like getpeername() or getsockname(). The only way to
260 do it is to use "SSLify_GetSocket" and then operate on the socket it
192261 returns.
193262
194263 Dying everywhere...
236305 that you're on a broken system. However, if you have the updated OpenSSL
237306 library that fixes this you can use it.
238307
239 In-Situ sslification
308 NOTE: Calling this means the callback function you passed in
309 "Client_SSLify" or "Server_SSLify" will not fire! If you need this
310 please let me know and we can come up with a way to make it work.
311
312 Upgrading a non-ssl socket to SSL
240313 You can have a normal plaintext socket, and convert it to SSL anytime.
241314 Just keep in mind that the client and the server must agree to sslify at
242315 the same time, or they will be waiting on each other forever! See
243 "t/3_insitu.t" for an example of how this works.
316 "t/3_upgrade.t" for an example of how this works.
317
318 Downgrading a SSL socket to non-ssl
319 As of now this is unsupported. If you need this feature please let us
320 know and we'll work on it together!
244321
245322 MSWin32 is not supported
246323 This module doesn't work on MSWin32 platforms at all ( XP, Vista, 7, etc
249326 MSWin32 works just fine! Please help me fix this if you can, thanks!
250327
251328 EXPORT
252 Stuffs all of the above functions in @EXPORT_OK so you have to request them directly
329 Stuffs all of the functions in @EXPORT_OK so you have to request them
330 directly.
253331
254332 SEE ALSO
255333 Please see those modules/websites for more information related to this
362440 ASCENT also helped a lot with the nonblocking mode, without his hard
363441 work this module would still be stuck in the stone age :)
364442
443 A lot of people helped add various features/functions - please look at
444 the changelog for more detail.
445
365446 COPYRIGHT AND LICENSE
366447 This software is copyright (c) 2011 by Apocalypse.
367448
371452 The full text of the license can be found in the LICENSE file included
372453 with this distribution.
373454
455 DISCLAIMER OF WARRANTY
456 BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
457 FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
458 OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
459 PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
460 EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
461 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
462 ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH
463 YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL
464 NECESSARY SERVICING, REPAIR, OR CORRECTION.
465
466 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
467 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
468 REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE
469 TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR
470 CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
471 SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
472 RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
473 FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
474 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
475 DAMAGES.
476
1313 -----BEGIN PGP SIGNED MESSAGE-----
1414 Hash: SHA1
1515
16 SHA1 f7303c3c5c4c01b8a3978878bb9694def4f21c85 Build.PL
17 SHA1 8c6118bc38d4a238e2bcecae98dd9aae02f8e084 Changes
18 SHA1 9579320245a7d68298b8024574c2c4f7f56dca08 CommitLog
16 SHA1 d435f238e487d8142e8518150b7855a233764459 Build.PL
17 SHA1 d477fdd7d574483d63226b8874bcd0987453cde5 Changes
18 SHA1 1c9fcb841a38b09c4c6d3f19e0c9bc20a467aa54 CommitLog
1919 SHA1 e3edc44697d1770c65fec99f6ebdb6ea55fb3050 INSTALL
2020 SHA1 263360e99a0de4d587fedefe1a919dcf61af1d10 LICENSE
21 SHA1 9b47f2f0b927dcb7cab2cc1f7daa62c5b50c55f8 MANIFEST
21 SHA1 1baae2c8b4d91da92fdf35c5542137380f00c9e4 MANIFEST
2222 SHA1 9dfc07c5655b958e800189837f3ddd37ca050bfe MANIFEST.SKIP
23 SHA1 48c9ad465a56b101fa1ac5c85999f30d1331887f META.json
24 SHA1 65aafd261f00a99d6b29708e37d61f61669672b6 META.yml
25 SHA1 29dba82edeb60493a1160a55ca1e884384e85031 Makefile.PL
26 SHA1 e9990bb66d60541b446cdb31e1aaec34de041314 README
23 SHA1 686569e354f905cd3de3f08e283ad6f0885f917c META.json
24 SHA1 85808fcb1a01f2e2f546848f8bc99dce585ff3f0 META.yml
25 SHA1 0924ab6ac3ea8b7346f282e17e43b89799507237 Makefile.PL
26 SHA1 48b7720f1cf878407b686404c53aabbb542bd310 README
2727 SHA1 41a5da1356107d097f6bbf72c62ee4da83e4119f dist.ini
2828 SHA1 96decb1c51052f9b024b6d069e428b4ccc19e909 examples/client.pl
2929 SHA1 d8f9b44df461cdcf6cbd7cffd79a9d49aade3947 examples/server.pl
3030 SHA1 c4a936c75d1d566e936dfb1776c9a01ea244c618 examples/serverclient.pl
31 SHA1 c078b1a678963b8b598da16e962710dff5744cc6 lib/POE/Component/SSLify.pm
32 SHA1 d9b21917a7729440324ba06a73ae033b3e98cf08 lib/POE/Component/SSLify/ClientHandle.pm
33 SHA1 3b6e6a9a9be570576af4b4317410bb4c1276407f lib/POE/Component/SSLify/ServerHandle.pm
31 SHA1 509e2a8a6af679d403ed916538596a60c0ac74b3 lib/POE/Component/SSLify.pm
32 SHA1 6b1e09306b20af6f2a8006cc207f73be4a0e5944 lib/POE/Component/SSLify/ClientHandle.pm
33 SHA1 b3677ae1f14989accb68427bdede87370d19e32d lib/POE/Component/SSLify/ServerHandle.pm
3434 SHA1 59afa28f138a14b956443f915d60a891d5b306b8 mylib/example.crt
3535 SHA1 f2ba02d28cfb207e0a86be7cb4f3c570f257bf93 mylib/example.key
3636 SHA1 fd48b12e3df15fb55695e7d1b4ee95dc3c0cd766 t/00-compile.t
37 SHA1 82a0e48ffb58ff738831c80a41071c607012f483 t/000-report-versions-tiny.t
38 SHA1 a0fb19347ec360acca7bb08e1b2e437179ef3cfa t/1_simple.t
39 SHA1 c625a70ac63ea5d6a0fabd07130f1d3a905b1933 t/2_renegotiate.t
40 SHA1 034a72d7403a58a756c8cbd2b1ce15afd9acf333 t/3_insitu.t
37 SHA1 9df6d0a549121f4e7db1cabbdb703d59aa821f85 t/000-report-versions-tiny.t
38 SHA1 9ade9d7296a3511f42ce3010dd7d215630d51c80 t/1_simple.t
39 SHA1 0d6e08c744e377933f75c6d9fa25c37e3506d1a5 t/2_renegotiate.t
40 SHA1 73790060e55b0189540d898a97c485e187f05ae9 t/3_upgrade.t
41 SHA1 f8ba954e2a5bf546c3932eb9cc1ba9bf89a57385 t/4_connect_hook.t
42 SHA1 2a8853ebcd7064c1f4d39243ecdf24adb2f85459 t/5_connfail_client.t
43 SHA1 93c04d0f28c590f39f621d130e02fb8f77cda897 t/6_connfail_server.t
44 SHA1 e3b390873d4de642e25fcfb4b7d16c00b096d24a t/apocalypse.t
4145 -----BEGIN PGP SIGNATURE-----
4246 Version: GnuPG v1.4.9 (GNU/Linux)
4347
44 iEYEARECAAYFAk1rxMAACgkQGfr7vsGKgxyM4gCgnEeAD1ZuBBv0wbhPsQ1CZW9f
45 FAUAn2EkEydhhQOwiKB4qH8o4FNv6OJR
46 =aEEu
48 iEYEARECAAYFAk12viEACgkQGfr7vsGKgxxkLwCfXhTLn9YyxGmWs69o5LLplJMD
49 aSMAoLGwA6VYx7eY7kXyhrHQpRik3/JI
50 =6gBh
4751 -----END PGP SIGNATURE-----
88 use strict; use warnings;
99 package POE::Component::SSLify::ClientHandle;
1010 BEGIN {
11 $POE::Component::SSLify::ClientHandle::VERSION = '1.003';
11 $POE::Component::SSLify::ClientHandle::VERSION = '1.004';
1212 }
1313 BEGIN {
1414 $POE::Component::SSLify::ClientHandle::AUTHORITY = 'cpan:APOCAL';
2020 use Net::SSLeay 1.36 qw( die_now die_if_ssl_error );
2121
2222 # We inherit from ServerHandle
23 require POE::Component::SSLify::ServerHandle;
24 our @ISA = qw( POE::Component::SSLify::ServerHandle );
23 use parent 'POE::Component::SSLify::ServerHandle';
2524
2625 # Override TIEHANDLE because we create a CTX
2726 sub TIEHANDLE {
28 my ( $class, $socket, $version, $options, $ctx ) = @_;
27 my ( $class, $socket, $version, $options, $ctx, $connref ) = @_;
2928
3029 # create a context, if necessary
3130 if ( ! defined $ctx ) {
4241 # die_if_ssl_error won't die on non-blocking errors. We don't need to call connect()
4342 # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely
4443 # by self (it's needed to connect() once to determine connection type).
45 my $resp = Net::SSLeay::connect( $ssl ) or die_if_ssl_error( 'ssl connect' );
44 my $res = Net::SSLeay::connect( $ssl ) or die_if_ssl_error( 'ssl connect' );
4645
4746 my $self = bless {
4847 'ssl' => $ssl,
5049 'socket' => $socket,
5150 'fileno' => $fileno,
5251 'client' => 1,
52 'status' => $res,
53 'on_connect' => $connref,
5354 }, $class;
5455
5556 return $self;
6162 __END__
6263 =pod
6364
65 =for :stopwords Apocalypse
66
67 =encoding utf-8
68
6469 =head1 NAME
6570
6671 POE::Component::SSLify::ClientHandle - Client-side handle for SSLify
6772
6873 =head1 VERSION
6974
70 This document describes v1.003 of POE::Component::SSLify::ClientHandle - released February 28, 2011 as part of POE-Component-SSLify.
75 This document describes v1.004 of POE::Component::SSLify::ClientHandle - released March 08, 2011 as part of POE-Component-SSLify.
7176
7277 =head1 DESCRIPTION
7378
8186
8287 =item *
8388
84 L<POE::Component::SSLify>
89 L<POE::Component::SSLify|POE::Component::SSLify>
8590
8691 =item *
8792
88 L<POE::Component::SSLify::ServerHandle>
93 L<POE::Component::SSLify::ServerHandle|POE::Component::SSLify::ServerHandle>
8994
9095 =back
9196
102107
103108 The full text of the license can be found in the LICENSE file included with this distribution.
104109
110 =head1 DISCLAIMER OF WARRANTY
111
112 BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
113 FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT
114 WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
115 PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND,
116 EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
117 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
118 PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
119 SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME
120 THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
121
122 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
123 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
124 REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE
125 TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR
126 CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
127 SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
128 RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
129 FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
130 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
131 DAMAGES.
132
105133 =cut
106134
88 use strict; use warnings;
99 package POE::Component::SSLify::ServerHandle;
1010 BEGIN {
11 $POE::Component::SSLify::ServerHandle::VERSION = '1.003';
11 $POE::Component::SSLify::ServerHandle::VERSION = '1.004';
1212 }
1313 BEGIN {
1414 $POE::Component::SSLify::ServerHandle::AUTHORITY = 'cpan:APOCAL';
1717 # ABSTRACT: Server-side handle for SSLify
1818
1919 # Import the SSL death routines
20 use Net::SSLeay 1.36 qw( die_now die_if_ssl_error );
20 use Net::SSLeay 1.36 qw( die_now die_if_ssl_error ERROR_WANT_READ ERROR_WANT_WRITE );
2121
2222 # Ties the socket
2323 sub TIEHANDLE {
24 my ( $class, $socket, $ctx ) = @_;
24 my ( $class, $socket, $ctx, $connref ) = @_;
2525
2626 my $ssl = Net::SSLeay::new( $ctx ) or die_now( "Failed to create SSL $!" );
2727
3333 # die_if_ssl_error won't die on non-blocking errors. We don't need to call accept()
3434 # again, because OpenSSL I/O functions (read, write, ...) can handle that entirely
3535 # by self (it's needed to accept() once to determine connection type).
36 my $err = Net::SSLeay::accept( $ssl ) and die_if_ssl_error( 'ssl accept' );
36 my $res = Net::SSLeay::accept( $ssl ) and die_if_ssl_error( 'ssl accept' );
3737
3838 my $self = bless {
3939 'ssl' => $ssl,
4040 'ctx' => $ctx,
4141 'socket' => $socket,
4242 'fileno' => $fileno,
43 'status' => $res,
44 'on_connect' => $connref,
4345 }, $class;
4446
4547 return $self;
48 }
49
50 sub _check_status {
51 my $self = shift;
52
53 # Okay, is negotiation done?
54 # http://www.openssl.org/docs/ssl/SSL_connect.html#RETURN_VALUES
55 if ( exists $self->{'client'} ) {
56 $self->{'status'} = Net::SSLeay::connect( $self->{'ssl'} );
57 } else {
58 $self->{'status'} = Net::SSLeay::accept( $self->{'ssl'} );
59 }
60
61 # Only process the stuff if we actually have a callback!
62 return unless defined $self->{'on_connect'};
63
64 if ( $self->{'status'} <= 0 ) {
65 # http://www.openssl.org/docs/ssl/SSL_get_error.html
66 my $errval = Net::SSLeay::get_error( $self->{'ssl'}, $self->{'status'} );
67
68 # TODO should we skip ERROR_WANT_ACCEPT and ERROR_WANT_CONNECT ?
69 # also, ERROR_WANT_ACCEPT isn't exported by Net::SSLeay, huh?
70 if ( $errval != ERROR_WANT_READ and $errval != ERROR_WANT_WRITE ) {
71 # call the hook function for error connect
72 $self->{'on_connect'}->( $self->{'orig_socket'}, 0, $errval );
73 }
74 } elsif ( $self->{'status'} == 1 ) {
75 # call the hook function for successful connect
76 $self->{'on_connect'}->( $self->{'orig_socket'}, 1 );
77 }
4678 }
4779
4880 # Read something from the socket
5284
5385 # Get the pointers to buffer, length, and the offset
5486 my( $buf, $len, $offset ) = \( @_ );
87
88 # Check connection status
89 $self->_check_status if $self->{'status'} <= 0;
5590
5691 # If we have no offset, replace the buffer with some input
5792 if ( ! defined $$offset ) {
79114 }
80115
81116 # Insert what we just read into the buffer
82 substr( $$buf, $$offset ) = $read;
117 substr( $$buf, $$offset, 1, $read );
83118
84119 # All done!
85120 return length( $read );
89124 sub WRITE {
90125 # Get ourself + buffer + length + offset to write
91126 my( $self, $buf, $len, $offset ) = @_;
127
128 # Check connection status
129 $self->_check_status if $self->{'status'} <= 0;
92130
93131 # If we have nothing to offset, then start from the beginning
94132 if ( ! defined $offset ) {
129167 my $self = shift;
130168 if ( defined $self->{'socket'} ) {
131169 Net::SSLeay::free( $self->{'ssl'} );
132 close( $self->{'socket'} );
170
171 # TODO we ignore any close errors because there's no way to sanely propagate it up the stack...
172 close( $self->{'socket'} ); ## no critic ( InputOutput::RequireCheckedClose )
133173 undef $self->{'socket'};
134174
135175 # do we need to do CTX_free?
174214 __END__
175215 =pod
176216
217 =for :stopwords Apocalypse
218
219 =encoding utf-8
220
177221 =head1 NAME
178222
179223 POE::Component::SSLify::ServerHandle - Server-side handle for SSLify
180224
181225 =head1 VERSION
182226
183 This document describes v1.003 of POE::Component::SSLify::ServerHandle - released February 28, 2011 as part of POE-Component-SSLify.
227 This document describes v1.004 of POE::Component::SSLify::ServerHandle - released March 08, 2011 as part of POE-Component-SSLify.
184228
185229 =head1 DESCRIPTION
186230
202246
203247 =item *
204248
205 L<POE::Component::SSLify>
249 L<POE::Component::SSLify|POE::Component::SSLify>
206250
207251 =back
208252
219263
220264 The full text of the license can be found in the LICENSE file included with this distribution.
221265
266 =head1 DISCLAIMER OF WARRANTY
267
268 BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
269 FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT
270 WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
271 PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND,
272 EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
273 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
274 PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
275 SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME
276 THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
277
278 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
279 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
280 REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE
281 TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR
282 CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
283 SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
284 RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
285 FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
286 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
287 DAMAGES.
288
222289 =cut
223290
88 use strict; use warnings;
99 package POE::Component::SSLify;
1010 BEGIN {
11 $POE::Component::SSLify::VERSION = '1.003';
11 $POE::Component::SSLify::VERSION = '1.004';
1212 }
1313 BEGIN {
1414 $POE::Component::SSLify::AUTHORITY = 'cpan:APOCAL';
1919 # We need Net::SSLeay or all's a failure!
2020 BEGIN {
2121 # We need >= 1.36 because it contains a lot of important fixes
22 eval "use Net::SSLeay 1.36 qw( die_now die_if_ssl_error )";
22 eval "use Net::SSLeay 1.36 qw( die_now die_if_ssl_error FILETYPE_PEM )";
2323
2424 # Check for errors...
2525 if ( $@ ) {
3434 # Taken from http://search.cpan.org/~flora/Net-SSLeay-1.36/lib/Net/SSLeay.pm#Low_level_API
3535 Net::SSLeay::load_error_strings();
3636 Net::SSLeay::SSLeay_add_ssl_algorithms();
37 # TODO do we need this?
38 #Net::SSLeay::ENGINE_load_builtin_engines(); # If you want built-in engines
39 #Net::SSLeay::ENGINE_register_all_complete(); # If you want built-in engines
37 Net::SSLeay::ENGINE_load_builtin_engines();
38 Net::SSLeay::ENGINE_register_all_complete();
4039 Net::SSLeay::randomize();
4140 }
4241 }
4342
4443 # Do the exporting magic...
45 require Exporter;
46 our @ISA = qw( Exporter );
47 our @EXPORT_OK = qw( Client_SSLify Server_SSLify SSLify_Options SSLify_GetCTX SSLify_GetCipher SSLify_GetSocket SSLify_GetSSL SSLify_ContextCreate );
44 use parent 'Exporter';
45 our @EXPORT_OK = qw(
46 Client_SSLify Server_SSLify
47 SSLify_Options SSLify_GetCTX SSLify_GetCipher SSLify_GetSocket SSLify_GetSSL SSLify_ContextCreate SSLify_GetStatus
48 );
4849
4950 # Bring in some socket-related stuff
5051 use Symbol qw( gensym );
5354 # unfortunately we have to jump to IO 1.25 which includes IO::Handle 1.28... argh!
5455 use IO::Handle 1.28;
5556
57 # Use Scalar::Util's weaken() for the connref stuff
58 use Scalar::Util qw( weaken );
59 use Task::Weaken 1.03; # to make sure it actually works!
60
5661 # The server-side CTX stuff
57 my $ctx = undef;
62 my $ctx;
5863
5964 # global so users of this module can override it locally
6065 our $IGNORE_SSL_ERRORS = 0;
6166
6267
6368 sub Client_SSLify {
64 # Get the socket + version + options + ctx
65 my( $socket, $version, $options, $ctx ) = @_;
69 # Get the socket + version + options + ctx + callback
70 my( $socket, $version, $options, $custom_ctx, $callback ) = @_;
6671
6772 # Validation...
6873 if ( ! defined $socket ) {
6974 die "Did not get a defined socket";
75 }
76
77 # Mangle the callback stuff
78 if ( defined $version and ref $version and ref( $version ) eq 'CODE' ) {
79 $callback = $version;
80 $version = $options = $custom_ctx = undef;
81 } elsif ( defined $options and ref $options and ref( $options ) eq 'CODE' ) {
82 $callback = $options;
83 $options = $custom_ctx = undef;
84 } elsif ( defined $custom_ctx and ref $custom_ctx and ref( $custom_ctx ) eq 'CODE' ) {
85 $callback = $custom_ctx;
86 $custom_ctx = undef;
7087 }
7188
7289 # From IO::Handle POD
7794
7895 # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle
7996 my $newsock = gensym();
80 tie( *$newsock, 'POE::Component::SSLify::ClientHandle', $socket, $version, $options, $ctx ) or die "Unable to tie to our subclass: $!";
97 tie( *$newsock, 'POE::Component::SSLify::ClientHandle', $socket, $version, $options, $custom_ctx, $callback ) or die "Unable to tie to our subclass: $!";
98
99 # argh, store the newsock in the tied class to use for callback
100 if ( defined $callback ) {
101 tied( *$newsock )->{'orig_socket'} = $newsock;
102 weaken( tied( *$newsock )->{'orig_socket'} );
103 }
81104
82105 # All done!
83106 return $newsock;
86109
87110 sub Server_SSLify {
88111 # Get the socket!
89 my $socket = shift;
90 my $custom_ctx = shift;
112 my( $socket, $custom_ctx, $callback ) = @_;
91113
92114 # Validation...
93115 if ( ! defined $socket ) {
97119 # If we don't have a ctx ready, we can't do anything...
98120 if ( ! defined $ctx and ! defined $custom_ctx ) {
99121 die 'Please do SSLify_Options() first ( or pass in a $ctx object )';
122 }
123
124 # mangle custom_ctx depending on callback
125 if ( defined $custom_ctx and ref $custom_ctx and ref( $custom_ctx ) eq 'CODE' ) {
126 $callback = $custom_ctx;
127 $custom_ctx = undef;
100128 }
101129
102130 # From IO::Handle POD
107135
108136 # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle
109137 my $newsock = gensym();
110 tie( *$newsock, 'POE::Component::SSLify::ServerHandle', $socket, ( $custom_ctx || $ctx ) ) or die "Unable to tie to our subclass: $!";
138 tie( *$newsock, 'POE::Component::SSLify::ServerHandle', $socket, ( $custom_ctx || $ctx ), $callback ) or die "Unable to tie to our subclass: $!";
139
140 # argh, store the newsock in the tied class to use for connref
141 if ( defined $callback ) {
142 tied( *$newsock )->{'orig_socket'} = $newsock;
143 weaken( tied( *$newsock )->{'orig_socket'} );
144 }
111145
112146 # All done!
113147 return $newsock;
133167
134168 # Set the default
135169 if ( ! defined $options ) {
136 $options = &Net::SSLeay::OP_ALL;
170 $options = Net::SSLeay::OP_ALL();
137171 }
138172
139173 # set the context, possibly overwriting the previous one
158192 $context = Net::SSLeay::CTX_v3_new();
159193 } elsif ( $version eq 'tlsv1' ) {
160194 $context = Net::SSLeay::CTX_tlsv1_new();
195 } elsif ( $version eq 'sslv23' ) {
196 $context = Net::SSLeay::CTX_v23_new();
161197 } elsif ( $version eq 'default' ) {
162198 $context = Net::SSLeay::CTX_new();
163199 } else {
180216 # do we need to set key/etc?
181217 if ( defined $key ) {
182218 # Following will ask password unless private key is not encrypted
183 Net::SSLeay::CTX_use_RSAPrivateKey_file( $context, $key, &Net::SSLeay::FILETYPE_PEM );
219 Net::SSLeay::CTX_use_RSAPrivateKey_file( $context, $key, FILETYPE_PEM );
184220 die_if_ssl_error( 'private key' ) if ! $IGNORE_SSL_ERRORS;
185221 }
186222
187223 # Set the cert file
188224 if ( defined $cert ) {
189 Net::SSLeay::CTX_use_certificate_file( $context, $cert, &Net::SSLeay::FILETYPE_PEM );
225 Net::SSLeay::CTX_use_certificate_chain_file( $context, $cert );
190226 die_if_ssl_error( 'certificate' ) if ! $IGNORE_SSL_ERRORS;
191227 }
192228
222258 return tied( *$sock )->{'ssl'};
223259 }
224260
261
262 sub SSLify_GetStatus {
263 my $sock = shift;
264 return tied( *$sock )->{'status'};
265 }
266
225267 1;
226268
227269
228270 __END__
229271 =pod
230272
273 =for :stopwords Apocalypse cpan testmatrix url annocpan anno bugtracker rt cpants kwalitee
274 diff irc mailto metadata placeholders
275
276 =encoding utf-8
277
231278 =head1 NAME
232279
233280 POE::Component::SSLify - Makes using SSL in the world of POE easy!
234281
235282 =head1 VERSION
236283
237 This document describes v1.003 of POE::Component::SSLify - released February 28, 2011 as part of POE-Component-SSLify.
284 This document describes v1.004 of POE::Component::SSLify - released March 08, 2011 as part of POE-Component-SSLify.
238285
239286 =head1 SYNOPSIS
240287
301348
302349 =head2 Client_SSLify
303350
304 Accepts a socket, returns a brand new socket SSLified. Optionally accepts SSL
305 context data.
306 my $socket = shift; # get the socket from somewhere
307 $socket = Client_SSLify( $socket ); # the default
308 $socket = Client_SSLify( $socket, $version, $options ); # sets more options for the context
309 $socket = Client_SSLify( $socket, undef, undef, $ctx ); # pass in a custom context
310
311 If $ctx is defined, SSLify will ignore other args. If $ctx isn't defined, SSLify
312 will create it from the $version + $options parameters.
313
314 Known versions:
315 * sslv2
316 * sslv3
317 * tlsv1
318 * default
319
320 By default we use the version: default
321
322 By default we don't set any options
323
324 NOTE: The way to have a client socket with proper certificates set up is:
325 my $socket = shift; # get the socket from somewhere
326 my $ctx = SSLify_ContextCreate( 'server.key', 'server.crt' );
327 $socket = Client_SSLify( $socket, undef, undef, $ctx );
328
329 BEWARE: If you passed in a CTX, SSLify will do Net::SSLeay::CTX_free( $ctx ) when the
330 socket is destroyed. This means you cannot reuse contexts!
351 This function sslifies a client-side socket. You can pass several options to it:
352
353 my $socket = shift;
354 $socket = Client_SSLify( $socket, $version, $options, $ctx, $callback );
355 $socket is the non-ssl socket you got from somewhere ( required )
356 $version is the SSL version you want to use
357 $options is the SSL options you want to use
358 $ctx is the custom SSL context you want to use
359 $callback is the callback hook on success/failure of sslification
360
361 # This is an example of the callback and you should pass it as Client_SSLify( $socket, ... , \&callback );
362 sub callback {
363 my( $socket, $status, $errval ) = @_;
364 # $socket is the original sslified socket in case you need to play with it
365 # $status is either 1 or 0; with 1 signifying success and 0 failure
366 # $errval will be defined if $status == 0; it's the numeric SSL error code
367 # check http://www.openssl.org/docs/ssl/SSL_get_error.html for the possible error values ( and import them from Net::SSLeay! )
368
369 # The return value from the callback is discarded
370 }
371
372 If $ctx is defined, SSLify will ignore $version and $options. Otherwise, it will be created from the $version and
373 $options parameters. If all of them are undefined, it will follow the defaults in L</SSLify_ContextCreate>.
374
375 BEWARE: If you passed in a CTX, SSLify will do Net::SSLeay::CTX_free( $ctx ) when the
376 socket is destroyed. This means you cannot reuse contexts!
377
378 NOTE: The way to have a client socket with proper certificates set up is:
379
380 my $socket = shift; # get the socket from somewhere
381 my $ctx = SSLify_ContextCreate( 'server.key', 'server.crt' );
382 $socket = Client_SSLify( $socket, undef, undef, $ctx );
383
384 NOTE: You can pass the callback anywhere in the arguments, we'll figure it out for you! If you want to call a POE event, please look
385 into the postback/callback stuff in L<POE::Session>.
386
387 # we got this from POE::Wheel::SocketFactory
388 sub event_SuccessEvent {
389 my $socket = $_[ARG0];
390 $socket = Client_SSLify( $socket, $_[SESSION]->callback( 'sslify_result' ) );
391 $_[HEAP]->{client} = POE::Wheel::ReadWrite->new(
392 Handle => $socket,
393 ...
394 );
395 return;
396 }
397
398 # the callback event
399 sub event_sslify_result {
400 my ($creation_args, $called_args) = @_[ARG0, ARG1];
401 my( $socket, $status, $errval ) = @$called_args;
402
403 if ( $status ) {
404 print "Yay, SSLification worked!";
405 } else {
406 print "Aw, SSLification failed with error $errval";
407 }
408 }
331409
332410 =head2 Server_SSLify
333411
334 Accepts a socket, returns a brand new socket SSLified
335 my $socket = shift; # get the socket from somewhere
336 $socket = Server_SSLify( $socket );
337
338 NOTE: SSLify_Options must be set first!
339
340 Furthermore, you can pass in your own $ctx object if you desire. This allows you to set custom parameters
341 per-connection, for example.
342 my $socket = shift; # get the socket from somewhere
343 my $ctx = SSLify_ContextCreate();
344 # set various options on $ctx as desired
345 $socket = Server_SSLify( $socket, $ctx );
346
347 NOTE: You can use SSLify_GetCTX to modify the global, and avoid doing this on every connection if the
348 options are the same...
412 This function sslifies a server-side socket. You can pass several options to it:
413
414 my $socket = shift;
415 $socket = Server_SSLify( $socket, $ctx, $callback );
416 $socket is the non-ssl socket you got from somewhere ( required )
417 $ctx is the custom SSL context you want to use; overrides the global ctx set in SSLify_Options
418 $callback is the callback hook on success/failure of sslification
419
420 BEWARE: L</SSLify_Options> must be called first if you aren't passing a $ctx. If you want to set some options per-connection, do this:
421
422 my $socket = shift; # get the socket from somewhere
423 my $ctx = SSLify_ContextCreate();
424 # set various options on $ctx as desired
425 $socket = Server_SSLify( $socket, $ctx );
426
427 NOTE: You can use L</SSLify_GetCTX> to modify the global, and avoid doing this on every connection if the
428 options are the same...
429
430 Please look at L</Client_SSLify> for more details on the callback hook.
349431
350432 =head2 SSLify_ContextCreate
351433
352 Accepts some options, and returns a brand-new Net::SSLeay context object ( $ctx )
353 my $ctx = SSLify_ContextCreate( $key, $cert, $version, $options );
354
355 You can then call various Net::SSLeay methods on the context
356 my $mode = Net::SSLeay::CTX_get_mode( $ctx );
357
358 By default we don't use the SSL key + certificate files
359
360 By default we use the version: default
361
362 Known versions:
363 * sslv2
364 * sslv3
365 * tlsv1
366 * default
367
368 By default we don't set any options
434 Accepts some options, and returns a brand-new Net::SSLeay context object ( $ctx )
435
436 my $ctx = SSLify_ContextCreate( $key, $cert, $version, $options );
437 $key is the certificate key file
438 $cert is the certificate file
439 $version is the SSL version to use
440 $options is the SSL options to use
441
442 You can then call various Net::SSLeay methods on the context
443
444 my $mode = Net::SSLeay::CTX_get_mode( $ctx );
445
446 By default we don't use the SSL key + certificate files
447
448 By default we use the version: default. Known versions of the SSL connection - look at
449 L<http://www.openssl.org/docs/ssl/SSL_CTX_new.html> for more info.
450
451 * sslv2
452 * sslv3
453 * tlsv1
454 * sslv23
455 * default ( sslv23 )
456
457 By default we don't set any options - look at L<http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html> for more info.
369458
370459 =head2 SSLify_Options
371460
372 Call this function to initialize the global server-side CTX. Accepts the location of the
373 SSL key + certificate files, which is required.
374
375 Optionally accepts the SSL version + CTX options
376 SSLify_Options( $key, $cert, $version, $options );
377
378 By default we use the version: default
379
380 Known versions:
381 * sslv2
382 * sslv3
383 * tlsv1
384 * default
385
386 By default we use the options: &Net::SSLeay::OP_ALL
461 Call this function to initialize the global server-side context object. This will be the default context whenever you call
462 L</Server_SSLify> without passing a custom context to it.
463
464 SSLify_Options( $key, $cert, $version, $options );
465 $key is the certificate key file ( required )
466 $cert is the certificate file ( required )
467 $version is the SSL version to use
468 $options is the SSL options to use
469
470 By default we use the version: default
471
472 By default we use the options: Net::SSLeay::OP_ALL
473
474 Please look at L</SSLify_ContextCreate> for more info on the available versions/options.
387475
388476 =head2 SSLify_GetCTX
389477
390 Returns the actual Net::SSLeay context object in case you wanted to play with it :)
391
392 If passed in a socket, it will return that socket's $ctx instead of the global.
393 my $ctx = SSLify_GetCTX(); # get the one set via SSLify_Options
394 my $ctx = SSLify_GetCTX( $sslified_sock ); # get the one in the object
478 Returns the actual Net::SSLeay context object in case you wanted to play with it :)
479
480 If passed in a socket, it will return that socket's $ctx instead of the global.
481
482 my $ctx = SSLify_GetCTX(); # get the one set via SSLify_Options
483 my $ctx = SSLify_GetCTX( $sslified_sock ); # get the one in the object
395484
396485 =head2 SSLify_GetCipher
397486
398 Returns the cipher used by the SSLified socket
399
400 Example:
401 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
402
403 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will result in "(NONE)" because the SSL handshake
404 is not done yet. The socket is nonblocking, so you will have to wait a little bit for it to get ready.
405 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
406 got connection from: 127.0.0.1 - commencing Server_SSLify()
407 SSLified: 127.0.0.1 cipher type: ((NONE))
408 Connected to server, commencing Client_SSLify()
409 SSLified the connection to the server
410 Connected to SSL server
411 Input: hola
412 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
413 Got Reply: hola
414 Input: ^C
415 stopped at serverclient.pl line 126.
487 Returns the cipher used by the SSLified socket
488
489 print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
490
491 NOTE: Doing this immediately after Client_SSLify or Server_SSLify will result in "(NONE)" because the SSL handshake
492 is not done yet. The socket is nonblocking, so you will have to wait a little bit for it to get ready.
493
494 apoc@blackhole:~/mygit/perl-poe-sslify/examples$ perl serverclient.pl
495 got connection from: 127.0.0.1 - commencing Server_SSLify()
496 SSLified: 127.0.0.1 cipher type: ((NONE))
497 Connected to server, commencing Client_SSLify()
498 SSLified the connection to the server
499 Connected to SSL server
500 Input: hola
501 got input from: 127.0.0.1 cipher type: (AES256-SHA) input: 'hola'
502 Got Reply: hola
503 Input: ^C
504 stopped at serverclient.pl line 126.
416505
417506 =head2 SSLify_GetSocket
418507
419 Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
420
421 Example:
422 print "Remote IP is: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $sslified_sock ) ) ) )[1] ) . "\n";
508 Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
509
510 print "Remote IP is: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $sslified_sock ) ) ) )[1] ) . "\n";
423511
424512 =head2 SSLify_GetSSL
425513
426 Returns the actual Net::SSLeay object so you can call methods on it
427
428 Example:
429 print Net::SSLeay::dump_peer_certificate( SSLify_GetSSL( $sslified_sock ) );
514 Returns the actual Net::SSLeay object so you can call methods on it
515
516 print Net::SSLeay::dump_peer_certificate( SSLify_GetSSL( $sslified_sock ) );
517
518 =head2 SSLify_GetStatus
519
520 Returns the status of the SSL negotiation/handshake/connection. See L<http://www.openssl.org/docs/ssl/SSL_connect.html#RETURN_VALUES>
521 for more info.
522
523 my $status = SSLify_GetStatus( $socket );
524 -1 = still in negotiation stage ( or error )
525 0 = internal SSL error, connection will be dead
526 1 = negotiation successful
430527
431528 =head1 NOTES
432529
433530 =head2 Socket methods doesn't work
434531
435 The new socket this module gives you actually is some tied socket magic, so you cannot do stuff like
532 The new socket this module gives you actually is tied socket magic, so you cannot do stuff like
436533 getpeername() or getsockname(). The only way to do it is to use L</SSLify_GetSocket> and then operate on
437534 the socket it returns.
438535
479576 L<http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc> which explains it in detail. The test will skip this function
480577 if it detects that you're on a broken system. However, if you have the updated OpenSSL library that fixes this you can use it.
481578
482 =head2 In-Situ sslification
579 NOTE: Calling this means the callback function you passed in L</Client_SSLify> or L</Server_SSLify> will not fire! If you need this
580 please let me know and we can come up with a way to make it work.
581
582 =head2 Upgrading a non-ssl socket to SSL
483583
484584 You can have a normal plaintext socket, and convert it to SSL anytime. Just keep in mind that the client and the server must agree to sslify
485 at the same time, or they will be waiting on each other forever! See C<t/3_insitu.t> for an example of how this works.
585 at the same time, or they will be waiting on each other forever! See C<t/3_upgrade.t> for an example of how this works.
586
587 =head2 Downgrading a SSL socket to non-ssl
588
589 As of now this is unsupported. If you need this feature please let us know and we'll work on it together!
486590
487591 =head2 MSWin32 is not supported
488592
491595
492596 =head1 EXPORT
493597
494 Stuffs all of the above functions in @EXPORT_OK so you have to request them directly
598 Stuffs all of the functions in @EXPORT_OK so you have to request them directly.
495599
496600 =head1 SEE ALSO
497601
501605
502606 =item *
503607
504 L<POE>
505
506 =item *
507
508 L<Net::SSLeay>
608 L<POE|POE>
609
610 =item *
611
612 L<Net::SSLeay|Net::SSLeay>
509613
510614 =back
511
512 =for :stopwords cpan testmatrix url annocpan anno bugtracker rt cpants kwalitee diff irc mailto metadata placeholders
513615
514616 =head1 SUPPORT
515617
643745 ASCENT also helped a lot with the nonblocking mode, without his hard work this
644746 module would still be stuck in the stone age :)
645747
748 A lot of people helped add various features/functions - please look at the changelog for more detail.
749
646750 =head1 COPYRIGHT AND LICENSE
647751
648752 This software is copyright (c) 2011 by Apocalypse.
652756
653757 The full text of the license can be found in the LICENSE file included with this distribution.
654758
759 =head1 DISCLAIMER OF WARRANTY
760
761 BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
762 FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT
763 WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
764 PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND,
765 EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
766 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
767 PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
768 SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME
769 THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
770
771 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
772 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
773 REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE
774 TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR
775 CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
776 SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
777 RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
778 FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
779 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
780 DAMAGES.
781
655782 =cut
656783
5656 eval { $v .= pmver('POE','1.267') };
5757 eval { $v .= pmver('POE::Component::Client::TCP','any version') };
5858 eval { $v .= pmver('POE::Component::Server::TCP','any version') };
59 eval { $v .= pmver('Scalar::Util','any version') };
5960 eval { $v .= pmver('Socket','any version') };
6061 eval { $v .= pmver('Symbol','any version') };
62 eval { $v .= pmver('Task::Weaken','1.03') };
6163 eval { $v .= pmver('Test::More','0.88') };
64 eval { $v .= pmver('parent','any version') };
6265
6366
6467
77 # the same terms as the Perl 5 programming language system itself.
88 #
99 use strict; use warnings;
10 use strict; use warnings;
1011
1112 # Thanks to ASCENT for this test!
12
13 use strict; use warnings;
13 # This tests the basic functionality of sslify on client/server side
1414
1515 my $numtests;
1616 BEGIN {
2020 if ( ! $@ ) {
2121 # increment by one
2222 $numtests++;
23
2423 }
2524 }
2625
108107 Alias => 'myclient',
109108 RemoteAddress => '127.0.0.1',
110109 RemotePort => $port,
110
111111 Connected => sub
112112 {
113113 ok(1, 'CLIENT: connected');
77 # the same terms as the Perl 5 programming language system itself.
88 #
99 use strict; use warnings;
10 use strict; use warnings;
1011
1112 # Thanks to ASCENT for this test!
12
13 # This test adds renegotiation to the connection
13 # This test adds renegotiation to the connection from client-side
1414 # Since this is not supported on all platforms, it's marked TODO and adds custom logic
1515 # to make sure it doesn't FAIL if it's not supported.
16
17 use strict; use warnings;
1816
1917 my $numtests;
2018 BEGIN {
2422 if ( ! $@ ) {
2523 # increment by one
2624 $numtests++;
27
2825 }
2926 }
3027
3330 use POE 1.267;
3431 use POE::Component::Client::TCP;
3532 use POE::Component::Server::TCP;
36 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate SSLify_GetSocket/;
33 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate SSLify_GetSocket SSLify_GetSSL/;
3734 use Net::SSLeay qw/ERROR_WANT_READ ERROR_WANT_WRITE/;
3835
3936 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
119116 Alias => 'myclient',
120117 RemoteAddress => '127.0.0.1',
121118 RemotePort => $port,
119
122120 Connected => sub
123121 {
124122 ok(1, 'CLIENT: connected');
156154 local $TODO = "Net::SSLeay::renegotiate() does not work on all platforms";
157155
158156 ## Force SSL renegotiation
159 my $ssl = tied(*{$heap->{server}->get_output_handle})->{ssl};
157 my $ssl = SSLify_GetSSL( $heap->{server}->get_output_handle );
160158 my $reneg_num = Net::SSLeay::num_renegotiations($ssl);
161159
162160 ok(1 == Net::SSLeay::renegotiate($ssl), 'CLIENT: SSL renegotiation');
+0
-194
t/3_insitu.t less more
0 #!/usr/bin/perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10
11 # Thanks to ASCENT for this test!
12
13 use strict; use warnings;
14
15 my $numtests;
16 BEGIN {
17 $numtests = 18;
18
19 eval "use Test::NoWarnings";
20 if ( ! $@ ) {
21 # increment by one
22 $numtests++;
23
24 }
25 }
26
27 use Test::More tests => $numtests;
28
29 use POE 1.267;
30 use POE::Component::Client::TCP;
31 use POE::Component::Server::TCP;
32 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate SSLify_GetSocket/;
33
34 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
35
36 my $port;
37
38 POE::Component::Server::TCP->new
39 (
40 Alias => 'myserver',
41 Address => '127.0.0.1',
42 Port => 0,
43
44 Started => sub
45 {
46 use Socket qw/sockaddr_in/;
47 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
48 },
49 ClientConnected => sub
50 {
51 ok(1, 'SERVER: accepted');
52 },
53 ClientDisconnected => sub
54 {
55 ok(1, 'SERVER: client disconnected');
56 $_[KERNEL]->post(myserver => 'shutdown');
57 },
58 ClientInput => sub
59 {
60 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
61
62 if ( $line eq 'plaintext_ping' ) {
63 ok(1, "SERVER: recv: $line");
64 $heap->{client}->put('plaintext_pong');
65 $heap->{client}->flush; # make sure we sent the pong
66
67 # sslify it in-situ!
68 eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') };
69 eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@);
70 ok(!$@, "SERVER: SSLify_Options $@");
71 my $socket = eval { Server_SSLify($heap->{client}->get_output_handle) };
72 ok(!$@, "SERVER: Server_SSLify $@");
73 ok(1, 'SERVER: SSLify_GetCipher: '. SSLify_GetCipher($socket));
74
75 # We pray that IO::Handle is sane...
76 ok( SSLify_GetSocket( $socket )->blocking == 0, 'SERVER: SSLified socket is non-blocking?');
77
78 # TODO evil code here, ha!
79 # Should I ask rcaputo to add a $rw->replace_handle($socket) method?
80 # if you don't do the undef and just replace it - you'll get a bad file descriptor error from POE!
81 # <fh> select error: Bad file descriptor (hits=-1)
82 undef $heap->{client};
83 $heap->{client} = POE::Wheel::ReadWrite->new(
84 Handle => $socket,
85 InputEvent => 'tcp_server_got_input',
86 ErrorEvent => 'tcp_server_got_error',
87 FlushedEvent => 'tcp_server_got_flush',
88 );
89 } elsif ( $line eq 'ssl_ping' ) {
90 ok(1, "SERVER: recv: $line");
91
92 ## At this point, connection MUST be encrypted.
93 my $cipher = SSLify_GetCipher($heap->{client}->get_output_handle);
94 ok($cipher ne '(NONE)', "SERVER: SSLify_GetCipher: $cipher");
95
96 $heap->{client}->put('ssl_pong');
97 } else {
98 die "Unknown line from CLIENT: $line";
99 }
100 },
101 ClientError => sub
102 {
103 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
104 # The default PoCo::Server::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
105 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
106
107 # TODO are there other "errors" that is harmless?
108 $error = "Normal disconnection" unless $error;
109 my $msg = "Got SERVER $syscall error $errno: $error";
110 unless ( $syscall eq 'read' and $errno == 0 ) {
111 fail( $msg );
112 } else {
113 diag( $msg ) if $ENV{TEST_VERBOSE};
114 }
115 },
116 );
117
118 POE::Component::Client::TCP->new
119 (
120 Alias => 'myclient',
121 RemoteAddress => '127.0.0.1',
122 RemotePort => $port,
123 Connected => sub
124 {
125 ok(1, 'CLIENT: connected');
126
127 $_[HEAP]->{server}->put("plaintext_ping");
128 },
129 ServerInput => sub
130 {
131 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
132
133 if ( $line eq 'plaintext_pong' ) {
134 ok(1, "CLIENT: recv: $line");
135
136 # sslify it in-situ!
137 my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') };
138 ok(!$@, "CLIENT: SSLify_ContextCreate $@");
139 my $socket = eval { Client_SSLify($heap->{server}->get_output_handle, undef, undef, $ctx) };
140 ok(!$@, "CLIENT: Client_SSLify $@");
141 ok(1, 'CLIENT: SSLify_GetCipher: '. SSLify_GetCipher($socket));
142
143 # We pray that IO::Handle is sane...
144 ok( SSLify_GetSocket( $socket )->blocking == 0, 'CLIENT: SSLified socket is non-blocking?');
145
146 # TODO evil code here, ha!
147 # Should I ask rcaputo to add a $rw->replace_handle($socket) method?
148 # if you don't do the undef and just replace it - you'll get a bad file descriptor error from POE!
149 # <fh> select error: Bad file descriptor (hits=-1)
150 undef $heap->{server};
151 $heap->{server} = POE::Wheel::ReadWrite->new(
152 Handle => $socket,
153 InputEvent => 'got_server_input',
154 ErrorEvent => 'got_server_error',
155 FlushedEvent => 'got_server_flush',
156 );
157
158 # Send the ssl ping!
159 $heap->{server}->put('ssl_ping');
160 } elsif ( $line eq 'ssl_pong' ) {
161 ok(1, "CLIENT: recv: $line");
162
163 ## At this point, connection MUST be encrypted.
164 my $cipher = SSLify_GetCipher($heap->{server}->get_output_handle);
165 ok($cipher ne '(NONE)', "CLIENT: SSLify_GetCipher: $cipher");
166
167 $kernel->yield('shutdown');
168 } else {
169 die "Unknown line from SERVER: $line";
170 }
171 },
172 ServerError => sub
173 {
174 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
175 # The default PoCo::Client::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
176 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
177
178 # TODO are there other "errors" that is harmless?
179 $error = "Normal disconnection" unless $error;
180 my $msg = "Got CLIENT $syscall error $errno: $error";
181 unless ( $syscall eq 'read' and $errno == 0 ) {
182 fail( $msg );
183 } else {
184 diag( $msg ) if $ENV{TEST_VERBOSE};
185 }
186 },
187 );
188
189 $poe_kernel->run();
190
191 pass( 'shut down sanely' );
192
193 exit 0;
0 #!/usr/bin/perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10 use strict; use warnings;
11
12 # This tests in-situ sslification ( upgrade a non-ssl socket to ssl )
13
14 my $numtests;
15 BEGIN {
16 $numtests = 18;
17
18 eval "use Test::NoWarnings";
19 if ( ! $@ ) {
20 # increment by one
21 $numtests++;
22 }
23 }
24
25 use Test::More tests => $numtests;
26
27 use POE 1.267;
28 use POE::Component::Client::TCP;
29 use POE::Component::Server::TCP;
30 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_ContextCreate SSLify_GetSocket/;
31
32 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
33
34 my $port;
35
36 POE::Component::Server::TCP->new
37 (
38 Alias => 'myserver',
39 Address => '127.0.0.1',
40 Port => 0,
41
42 Started => sub
43 {
44 use Socket qw/sockaddr_in/;
45 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
46 },
47 ClientConnected => sub
48 {
49 ok(1, 'SERVER: accepted');
50 },
51 ClientDisconnected => sub
52 {
53 ok(1, 'SERVER: client disconnected');
54 $_[KERNEL]->post(myserver => 'shutdown');
55 },
56 ClientInput => sub
57 {
58 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
59
60 if ( $line eq 'plaintext_ping' ) {
61 ok(1, "SERVER: recv: $line");
62 $heap->{client}->put('plaintext_pong');
63 $heap->{client}->flush; # make sure we sent the pong
64
65 # sslify it in-situ!
66 eval { SSLify_Options('mylib/example.key', 'mylib/example.crt', 'sslv3') };
67 eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt', 'sslv3') } if ($@);
68 ok(!$@, "SERVER: SSLify_Options $@");
69 my $socket = eval { Server_SSLify($heap->{client}->get_output_handle) };
70 ok(!$@, "SERVER: Server_SSLify $@");
71 ok(1, 'SERVER: SSLify_GetCipher: '. SSLify_GetCipher($socket));
72
73 # We pray that IO::Handle is sane...
74 ok( SSLify_GetSocket( $socket )->blocking == 0, 'SERVER: SSLified socket is non-blocking?');
75
76 # TODO evil code here, ha!
77 # Should I ask rcaputo to add a $rw->replace_handle($socket) method?
78 # if you don't do the undef and just replace it - you'll get a bad file descriptor error from POE!
79 # <fh> select error: Bad file descriptor (hits=-1)
80 undef $heap->{client};
81 $heap->{client} = POE::Wheel::ReadWrite->new(
82 Handle => $socket,
83 InputEvent => 'tcp_server_got_input',
84 ErrorEvent => 'tcp_server_got_error',
85 FlushedEvent => 'tcp_server_got_flush',
86 );
87 } elsif ( $line eq 'ssl_ping' ) {
88 ok(1, "SERVER: recv: $line");
89
90 ## At this point, connection MUST be encrypted.
91 my $cipher = SSLify_GetCipher($heap->{client}->get_output_handle);
92 ok($cipher ne '(NONE)', "SERVER: SSLify_GetCipher: $cipher");
93
94 $heap->{client}->put('ssl_pong');
95 } else {
96 die "Unknown line from CLIENT: $line";
97 }
98 },
99 ClientError => sub
100 {
101 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
102 # The default PoCo::Server::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
103 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
104
105 # TODO are there other "errors" that is harmless?
106 $error = "Normal disconnection" unless $error;
107 my $msg = "Got SERVER $syscall error $errno: $error";
108 unless ( $syscall eq 'read' and $errno == 0 ) {
109 fail( $msg );
110 } else {
111 diag( $msg ) if $ENV{TEST_VERBOSE};
112 }
113 },
114 );
115
116 POE::Component::Client::TCP->new
117 (
118 Alias => 'myclient',
119 RemoteAddress => '127.0.0.1',
120 RemotePort => $port,
121
122 Connected => sub
123 {
124 ok(1, 'CLIENT: connected');
125
126 $_[HEAP]->{server}->put("plaintext_ping");
127 },
128 ServerInput => sub
129 {
130 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
131
132 if ( $line eq 'plaintext_pong' ) {
133 ok(1, "CLIENT: recv: $line");
134
135 # sslify it in-situ!
136 my $ctx = eval { SSLify_ContextCreate(undef, undef, 'sslv3') };
137 ok(!$@, "CLIENT: SSLify_ContextCreate $@");
138 my $socket = eval { Client_SSLify($heap->{server}->get_output_handle, undef, undef, $ctx) };
139 ok(!$@, "CLIENT: Client_SSLify $@");
140 ok(1, 'CLIENT: SSLify_GetCipher: '. SSLify_GetCipher($socket));
141
142 # We pray that IO::Handle is sane...
143 ok( SSLify_GetSocket( $socket )->blocking == 0, 'CLIENT: SSLified socket is non-blocking?');
144
145 # TODO evil code here, ha!
146 # Should I ask rcaputo to add a $rw->replace_handle($socket) method?
147 # if you don't do the undef and just replace it - you'll get a bad file descriptor error from POE!
148 # <fh> select error: Bad file descriptor (hits=-1)
149 undef $heap->{server};
150 $heap->{server} = POE::Wheel::ReadWrite->new(
151 Handle => $socket,
152 InputEvent => 'got_server_input',
153 ErrorEvent => 'got_server_error',
154 FlushedEvent => 'got_server_flush',
155 );
156
157 # Send the ssl ping!
158 $heap->{server}->put('ssl_ping');
159 } elsif ( $line eq 'ssl_pong' ) {
160 ok(1, "CLIENT: recv: $line");
161
162 ## At this point, connection MUST be encrypted.
163 my $cipher = SSLify_GetCipher($heap->{server}->get_output_handle);
164 ok($cipher ne '(NONE)', "CLIENT: SSLify_GetCipher: $cipher");
165
166 $kernel->yield('shutdown');
167 } else {
168 die "Unknown line from SERVER: $line";
169 }
170 },
171 ServerError => sub
172 {
173 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
174 # The default PoCo::Client::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
175 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
176
177 # TODO are there other "errors" that is harmless?
178 $error = "Normal disconnection" unless $error;
179 my $msg = "Got CLIENT $syscall error $errno: $error";
180 unless ( $syscall eq 'read' and $errno == 0 ) {
181 fail( $msg );
182 } else {
183 diag( $msg ) if $ENV{TEST_VERBOSE};
184 }
185 },
186 );
187
188 $poe_kernel->run();
189
190 pass( 'shut down sanely' );
191
192 exit 0;
0 #!/usr/bin/perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10 use strict; use warnings;
11
12 # This tests the connection OK hook on both server/client
13
14 my $numtests;
15 BEGIN {
16 $numtests = 17;
17
18 eval "use Test::NoWarnings";
19 if ( ! $@ ) {
20 # increment by one
21 $numtests++;
22 }
23 }
24
25 use Test::More tests => $numtests;
26
27 use POE 1.267;
28 use POE::Component::Client::TCP;
29 use POE::Component::Server::TCP;
30 use POE::Component::SSLify qw/Client_SSLify Server_SSLify SSLify_Options SSLify_GetCipher SSLify_GetSocket SSLify_GetStatus/;
31
32 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
33
34 my $port;
35
36 POE::Component::Server::TCP->new
37 (
38 Alias => 'myserver',
39 Address => '127.0.0.1',
40 Port => 0,
41
42 Started => sub
43 {
44 use Socket qw/sockaddr_in/;
45 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
46 },
47 ClientConnected => sub
48 {
49 ok(1, 'SERVER: accepted');
50 },
51 ClientDisconnected => sub
52 {
53 ok(1, 'SERVER: client disconnected');
54 $_[KERNEL]->post( 'myserver' => 'shutdown');
55 },
56 ClientPreConnect => sub
57 {
58 eval { SSLify_Options('mylib/example.key', 'mylib/example.crt') };
59 eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt') } if ($@);
60 ok(!$@, "SERVER: SSLify_Options $@");
61
62 my $socket = eval { Server_SSLify( $_[ARG0], sub {
63 my( $socket, $status, $errval ) = @_;
64
65 pass( "SERVER: Got callback hook" );
66 is( $status, 1, "SERVER: Status received from callback is OK" );
67
68 ## At this point, connection MUST be encrypted.
69 my $cipher = SSLify_GetCipher($socket);
70 ok($cipher ne '(NONE)', "SERVER: SSLify_GetCipher: $cipher");
71 ok( SSLify_GetStatus($socket) == 1, "SERVER: SSLify_GetStatus is done" );
72 } ) };
73 ok(!$@, "SERVER: Server_SSLify $@");
74 ok( SSLify_GetStatus($socket) == -1, "SERVER: SSLify_GetStatus is pending" );
75
76 return ($socket);
77 },
78 ClientInput => sub
79 {
80 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
81
82 die "Unknown line from CLIENT: $line";
83 },
84 ClientError => sub
85 {
86 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
87 # The default PoCo::Server::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
88 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
89
90 # TODO are there other "errors" that is harmless?
91 $error = "Normal disconnection" unless $error;
92 my $msg = "Got SERVER $syscall error $errno: $error";
93 unless ( $syscall eq 'read' and $errno == 0 ) {
94 fail( $msg );
95 } else {
96 diag( $msg ) if $ENV{TEST_VERBOSE};
97 }
98 },
99 );
100
101 POE::Component::Client::TCP->new
102 (
103 Alias => 'myclient',
104 RemoteAddress => '127.0.0.1',
105 RemotePort => $port,
106
107 Connected => sub
108 {
109 ok(1, 'CLIENT: connected');
110 },
111 PreConnect => sub
112 {
113 my $socket = eval { Client_SSLify($_[ARG0], sub {
114 my( $socket, $status, $errval ) = @_;
115
116 pass( "CLIENT: Got callback hook" );
117 is( $status, 1, "CLIENT: Status received from callback is OK" );
118
119 ## At this point, connection MUST be encrypted.
120 my $cipher = SSLify_GetCipher($socket);
121 ok($cipher ne '(NONE)', "CLIENT: SSLify_GetCipher: $cipher");
122 ok( SSLify_GetStatus($socket) == 1, "CLIENT: SSLify_GetStatus is done" );
123
124 $poe_kernel->post( 'myclient' => 'shutdown' );
125 }) };
126 ok(!$@, "CLIENT: Client_SSLify $@");
127 ok( SSLify_GetStatus($socket) == -1, "CLIENT: SSLify_GetStatus is pending" );
128
129 return ($socket);
130 },
131 ServerInput => sub
132 {
133 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
134
135 die "Should have never got any input from the server!";
136 },
137 ServerError => sub
138 {
139 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
140 # The default PoCo::Client::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
141 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
142
143 # TODO are there other "errors" that is harmless?
144 $error = "Normal disconnection" unless $error;
145 my $msg = "Got CLIENT $syscall error $errno: $error";
146 unless ( $syscall eq 'read' and $errno == 0 ) {
147 fail( $msg );
148 } else {
149 diag( $msg ) if $ENV{TEST_VERBOSE};
150 }
151 },
152 );
153
154 $poe_kernel->run();
155
156 pass( 'shut down sanely' );
157
158 exit 0;
0 #!/usr/bin/perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10 use strict; use warnings;
11
12 # this tests the connection fail hook on the client-side
13
14 my $numtests;
15 BEGIN {
16 $numtests = 8;
17
18 eval "use Test::NoWarnings";
19 if ( ! $@ ) {
20 # increment by one
21 $numtests++;
22 }
23 }
24
25 use Test::More tests => $numtests;
26
27 use POE 1.267;
28 use POE::Component::Client::TCP;
29 use POE::Component::Server::TCP;
30 use POE::Component::SSLify qw/Client_SSLify SSLify_GetSocket SSLify_GetStatus/;
31
32 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
33
34 my $port;
35
36 POE::Component::Server::TCP->new
37 (
38 Alias => 'myserver',
39 Address => '127.0.0.1',
40 Port => 0,
41
42 Started => sub
43 {
44 use Socket qw/sockaddr_in/;
45 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
46 },
47 ClientConnected => sub
48 {
49 ok(1, 'SERVER: accepted');
50 },
51 ClientDisconnected => sub
52 {
53 ok(1, 'SERVER: client disconnected');
54 $_[KERNEL]->post( 'myserver' => 'shutdown');
55 },
56 ClientInput => sub
57 {
58 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
59
60 # purposefully send garbage so we screw up the ssl connect on the client-side
61 $heap->{client}->put( 'garbage in, garbage out' );
62 },
63 ClientError => sub
64 {
65 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
66 # The default PoCo::Server::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
67 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
68
69 # Since this test purposefully sends garbage, we expect a connection reset by peer
70 # not ok 7 - Got SERVER read error 104: Connection reset by peer
71
72 # TODO are there other "errors" that is harmless?
73 $error = "Normal disconnection" unless $error;
74 my $msg = "Got SERVER $syscall error $errno: $error";
75 unless ( $syscall eq 'read' and $errno == 104 ) {
76 fail( $msg );
77 } else {
78 diag( $msg ) if $ENV{TEST_VERBOSE};
79 }
80 },
81 );
82
83 POE::Component::Client::TCP->new
84 (
85 Alias => 'myclient',
86 RemoteAddress => '127.0.0.1',
87 RemotePort => $port,
88
89 Connected => sub
90 {
91 ok(1, 'CLIENT: connected');
92 },
93 PreConnect => sub
94 {
95 my $socket = eval { Client_SSLify($_[ARG0], sub {
96 my( $socket, $status, $errval ) = @_;
97
98 pass( "CLIENT: Got callback hook" );
99 is( $status, 0, "CLIENT: Status received from callback is ERR - $errval" );
100
101 $poe_kernel->post( 'myclient' => 'shutdown' );
102 }) };
103 ok(!$@, "CLIENT: Client_SSLify $@");
104 is( SSLify_GetStatus( $socket ), -1, "CLIENT: SSLify_GetStatus is pending" );
105
106 return ($socket);
107 },
108 ServerInput => sub
109 {
110 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
111
112 die "Should have never got any input from the server!";
113 },
114 ServerError => sub
115 {
116 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
117 # The default PoCo::Client::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
118 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
119
120 # TODO are there other "errors" that is harmless?
121 $error = "Normal disconnection" unless $error;
122 my $msg = "Got CLIENT $syscall error $errno: $error";
123 unless ( $syscall eq 'read' and $errno == 0 ) {
124 fail( $msg );
125 } else {
126 diag( $msg ) if $ENV{TEST_VERBOSE};
127 }
128 },
129 );
130
131 $poe_kernel->run();
132
133 pass( 'shut down sanely' );
134
135 exit 0;
0 #!/usr/bin/perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10 use strict; use warnings;
11
12 # this tests the connection fail hook on the server-side
13
14 my $numtests;
15 BEGIN {
16 $numtests = 8;
17
18 # eval "use Test::NoWarnings";
19 # if ( ! $@ ) {
20 # # increment by one
21 # $numtests++;
22 # }
23 }
24
25 # For some reason I can't get this to replicate 5_connfail_client.t - wonder why?!#?
26 # I tried to use POE::Filter::Stream to see if it made a difference, nope...
27 #use Test::More tests => $numtests;
28 use Test::More;
29 plan skip_all => "This test hangs for some reason";
30
31 use POE 1.267;
32 use POE::Component::Client::TCP;
33 use POE::Component::Server::TCP;
34 use POE::Component::SSLify qw/Server_SSLify SSLify_Options SSLify_GetSocket SSLify_GetStatus/;
35
36 # TODO rewrite this to use Test::POE::Server::TCP and stuff :)
37
38 my $port;
39
40 POE::Component::Server::TCP->new
41 (
42 Alias => 'myserver',
43 Address => '127.0.0.1',
44 Port => 0,
45
46 Started => sub
47 {
48 use Socket qw/sockaddr_in/;
49 $port = (sockaddr_in($_[HEAP]->{listener}->getsockname))[0];
50 },
51 ClientConnected => sub
52 {
53 ok(1, 'SERVER: accepted');
54 },
55 ClientPreConnect => sub
56 {
57 eval { SSLify_Options('mylib/example.key', 'mylib/example.crt') };
58 eval { SSLify_Options('../mylib/example.key', '../mylib/example.crt') } if ($@);
59 ok(!$@, "SERVER: SSLify_Options $@");
60
61 my $socket = eval { Server_SSLify( $_[ARG0], sub {
62 my( $socket, $status, $errval ) = @_;
63
64 pass( "SERVER: Got callback hook" );
65 is( $status, 0, "SERVER: Status received from callback is ERR - $errval" );
66
67 $poe_kernel->post( 'myserver' => 'shutdown');
68 } ) };
69 ok(!$@, "SERVER: Server_SSLify $@");
70 is( SSLify_GetStatus( $socket ), -1, "SERVER: SSLify_GetStatus is pending" );
71
72 return ($socket);
73 },
74 ClientDisconnected => sub
75 {
76 ok(1, 'SERVER: client disconnected');
77 },
78 ClientInput => sub
79 {
80 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
81
82 die "Should have never got any input from the client!";
83 },
84 ClientError => sub
85 {
86 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
87 # The default PoCo::Server::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
88 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
89
90 # Since this test purposefully sends garbage, we expect a connection reset by peer
91 # not ok 7 - Got SERVER read error 104: Connection reset by peer
92
93 # TODO are there other "errors" that is harmless?
94 $error = "Normal disconnection" unless $error;
95 my $msg = "Got SERVER $syscall error $errno: $error";
96 unless ( $syscall eq 'read' and $errno == 104 ) {
97 fail( $msg );
98 } else {
99 diag( $msg ) if $ENV{TEST_VERBOSE};
100 }
101 },
102 );
103
104 POE::Component::Client::TCP->new
105 (
106 Alias => 'myclient',
107 RemoteAddress => '127.0.0.1',
108 RemotePort => $port,
109
110 Connected => sub
111 {
112 ok(1, 'CLIENT: connected');
113 },
114 ServerInput => sub
115 {
116 my ($kernel, $heap, $line) = @_[KERNEL, HEAP, ARG0];
117
118 # purposefully send garbage so we screw up the ssl connect on the client-side
119 $heap->{server}->put( 'garbage in, garbage out' );
120 },
121 ServerError => sub
122 {
123 # Thanks to H. Merijn Brand for spotting this FAIL in 5.12.0!
124 # The default PoCo::Client::TCP handler will throw a warning, which causes Test::NoWarnings to FAIL :(
125 my ($syscall, $errno, $error) = @_[ ARG0..ARG2 ];
126
127 # Since this test purposefully sends garbage, we expect a connection reset by peer
128 # not ok 7 - Got SERVER read error 104: Connection reset by peer
129
130 # TODO are there other "errors" that is harmless?
131 $error = "Normal disconnection" unless $error;
132 my $msg = "Got CLIENT $syscall error $errno: $error";
133 unless ( $syscall eq 'read' and $errno == 104 ) {
134 fail( $msg );
135 } else {
136 diag( $msg ) if $ENV{TEST_VERBOSE};
137 }
138 },
139 );
140
141 $poe_kernel->run();
142
143 pass( 'shut down sanely' );
144
145 exit 0;
0 #!perl
1 #
2 # This file is part of POE-Component-SSLify
3 #
4 # This software is copyright (c) 2011 by Apocalypse.
5 #
6 # This is free software; you can redistribute it and/or modify it under
7 # the same terms as the Perl 5 programming language system itself.
8 #
9 use strict; use warnings;
10 use strict; use warnings;
11
12 use Test::More;
13 eval "use Test::Apocalypse 1.000";
14 if ( $@ ) {
15 plan skip_all => 'Test::Apocalypse required for validating the distribution';
16 } else {
17 # hack for Kwalitee ( zany require format so DZP::AutoPrereq will not pick it up )
18 require 'Test/NoWarnings.pm'; require 'Test/Pod.pm'; require 'Test/Pod/Coverage.pm';
19
20 is_apocalypse_here( {
21
22 } );
23 }