diff --git a/Changes b/Changes index 6504e54..48e877d 100644 --- a/Changes +++ b/Changes @@ -5,7 +5,6 @@ We now load certificate files via CTX_use_certificate_chain_file(), thanks Zephaniah E. Loss-Cutler-Hull OpenSSL docs suggest it - http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html#NOTES PLEASE yell at me if you need the old functionality - the docs suggest this is the "better" way to do it... - Add the ability to pass a subref to call on connection/negotiation success, thanks Zephaniah E. Loss-Cutler-Hull NOTE: This will not work if you do renegotiation or any other zany SSL stuff! Add the SSLify_GetStatus function to get the status of the connection diff --git a/lib/POE/Component/SSLify/ClientHandle.pm b/lib/POE/Component/SSLify/ClientHandle.pm index f762748..f389ef8 100644 --- a/lib/POE/Component/SSLify/ClientHandle.pm +++ b/lib/POE/Component/SSLify/ClientHandle.pm @@ -6,8 +6,7 @@ use Net::SSLeay 1.36 qw( die_now die_if_ssl_error ); # We inherit from ServerHandle -require POE::Component::SSLify::ServerHandle; -our @ISA = qw( POE::Component::SSLify::ServerHandle ); +use parent 'POE::Component::SSLify::ServerHandle'; # Override TIEHANDLE because we create a CTX sub TIEHANDLE { diff --git a/lib/POE/Component/SSLify/ServerHandle.pm b/lib/POE/Component/SSLify/ServerHandle.pm index cfc7056..d0b2160 100644 --- a/lib/POE/Component/SSLify/ServerHandle.pm +++ b/lib/POE/Component/SSLify/ServerHandle.pm @@ -100,7 +100,7 @@ } # Insert what we just read into the buffer - substr( $$buf, $$offset ) = $read; + substr( $$buf, $$offset, 1, $read ); # All done! return length( $read ); @@ -153,7 +153,9 @@ my $self = shift; if ( defined $self->{'socket'} ) { Net::SSLeay::free( $self->{'ssl'} ); - close( $self->{'socket'} ); + + # TODO we ignore any close errors because there's no way to sanely propagate it up the stack... + close( $self->{'socket'} ); ## no critic ( InputOutput::RequireCheckedClose ) undef $self->{'socket'}; # do we need to do CTX_free? diff --git a/lib/POE/Component/SSLify.pm b/lib/POE/Component/SSLify.pm index 47f2292..87a94f4 100644 --- a/lib/POE/Component/SSLify.pm +++ b/lib/POE/Component/SSLify.pm @@ -5,7 +5,7 @@ # We need Net::SSLeay or all's a failure! BEGIN { # We need >= 1.36 because it contains a lot of important fixes - eval "use Net::SSLeay 1.36 qw( die_now die_if_ssl_error )"; + eval "use Net::SSLeay 1.36 qw( die_now die_if_ssl_error FILETYPE_PEM )"; # Check for errors... if ( $@ ) { @@ -27,8 +27,7 @@ } # Do the exporting magic... -require Exporter; -our @ISA = qw( Exporter ); +use parent 'Exporter'; our @EXPORT_OK = qw( Client_SSLify Server_SSLify SSLify_Options SSLify_GetCTX SSLify_GetCipher SSLify_GetSocket SSLify_GetSSL SSLify_ContextCreate SSLify_GetStatus @@ -46,7 +45,7 @@ use Task::Weaken 1.03; # to make sure it actually works! # The server-side CTX stuff -my $ctx = undef; +my $ctx; # global so users of this module can override it locally our $IGNORE_SSL_ERRORS = 0; @@ -91,7 +90,7 @@ sub Client_SSLify { # Get the socket + version + options + ctx + callback - my( $socket, $version, $options, $ctx, $callback ) = @_; + my( $socket, $version, $options, $custom_ctx, $callback ) = @_; # Validation... if ( ! defined $socket ) { @@ -101,13 +100,13 @@ # Mangle the callback stuff if ( defined $version and ref $version and ref( $version ) eq 'CODE' ) { $callback = $version; - $version = $options = $ctx = undef; + $version = $options = $custom_ctx = undef; } elsif ( defined $options and ref $options and ref( $options ) eq 'CODE' ) { $callback = $options; - $options = $ctx = undef; - } elsif ( defined $ctx and ref $ctx and ref( $ctx ) eq 'CODE' ) { - $callback = $ctx; - $ctx = undef; + $options = $custom_ctx = undef; + } elsif ( defined $custom_ctx and ref $custom_ctx and ref( $custom_ctx ) eq 'CODE' ) { + $callback = $custom_ctx; + $custom_ctx = undef; } # From IO::Handle POD @@ -118,7 +117,7 @@ # Now, we create the new socket and bind it to our subclass of Net::SSLeay::Handle my $newsock = gensym(); - tie( *$newsock, 'POE::Component::SSLify::ClientHandle', $socket, $version, $options, $ctx, $callback ) or die "Unable to tie to our subclass: $!"; + tie( *$newsock, 'POE::Component::SSLify::ClientHandle', $socket, $version, $options, $custom_ctx, $callback ) or die "Unable to tie to our subclass: $!"; # argh, store the newsock in the tied class to use for callback if ( defined $callback ) { @@ -251,7 +250,7 @@ By default we use the version: default -By default we use the options: &Net::SSLeay::OP_ALL +By default we use the options: Net::SSLeay::OP_ALL Please look at L for more info on the available versions/options. =cut @@ -267,7 +266,7 @@ # Set the default if ( ! defined $options ) { - $options = &Net::SSLeay::OP_ALL; + $options = Net::SSLeay::OP_ALL(); } # set the context, possibly overwriting the previous one @@ -316,7 +315,7 @@ # do we need to set key/etc? if ( defined $key ) { # Following will ask password unless private key is not encrypted - Net::SSLeay::CTX_use_RSAPrivateKey_file( $context, $key, &Net::SSLeay::FILETYPE_PEM ); + Net::SSLeay::CTX_use_RSAPrivateKey_file( $context, $key, FILETYPE_PEM ); die_if_ssl_error( 'private key' ) if ! $IGNORE_SSL_ERRORS; }