Net-SSLeay
view release on metacpan or search on metacpan
lib/Net/SSLeay.pod view on Meta::CPAN
my $rv = Net::SSLeay::set_timeout($ses, $t);
=back
=head3 Low level API: SSL_CTX_* related functions
B<NOTE:> Please note that the function described in this chapter have "SSL_" part stripped from their original openssl names.
=over
=item * CTX_add_client_CA
Adds the CA name extracted from $cacert to the list of CAs sent to the client when requesting a client certificate for $ctx.
my $rv = Net::SSLeay::CTX_add_client_CA($ctx, $cacert);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cacert - value corresponding to openssl's X509 structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_CA_list.html>
=item * CTX_add_extra_chain_cert
Adds the certificate $x509 to the certificate chain presented together with the certificate. Several certificates can be added one after the other.
my $rv = Net::SSLeay::CTX_add_extra_chain_cert($ctx, $x509);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $x509 - value corresponding to openssl's X509 structure
#
# returns: 1 on success, check out the error stack to find out the reason for failure otherwise
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_add_extra_chain_cert.html>
=item * CTX_add_session
Adds the session $ses to the context $ctx.
my $rv = Net::SSLeay::CTX_add_session($ctx, $ses);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $ses - value corresponding to openssl's SSL_SESSION structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_add_session.html>
=item * CTX_callback_ctrl
??? (more info needed)
my $rv = Net::SSLeay::CTX_callback_ctrl($ctx, $cmd, $fp);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_ctrl.html>
=item * CTX_check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ctx.
my $rv = Net::SSLeay::CTX_check_private_key($ctx);
# $ctx - value corresponding to openssl's SSL_CTX structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_use_certificate.html>
=item * CTX_ctrl
Internal handling function for SSL_CTX objects.
B<BEWARE:> openssl doc says: This function should never be called directly!
my $rv = Net::SSLeay::CTX_ctrl($ctx, $cmd, $larg, $parg);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cmd - (integer) command id
# $larg - (integer) long ???
# $parg - (string/pointer) ???
#
# returns: (long) result of given command ???
# valid $cmd values
# 1 - SSL_CTRL_NEED_TMP_RSA
# 2 - SSL_CTRL_SET_TMP_RSA
# 3 - SSL_CTRL_SET_TMP_DH
# 4 - SSL_CTRL_SET_TMP_ECDH
# 5 - SSL_CTRL_SET_TMP_RSA_CB
# 6 - SSL_CTRL_SET_TMP_DH_CB
# 7 - SSL_CTRL_SET_TMP_ECDH_CB
# 8 - SSL_CTRL_GET_SESSION_REUSED
# 9 - SSL_CTRL_GET_CLIENT_CERT_REQUEST
# 10 - SSL_CTRL_GET_NUM_RENEGOTIATIONS
# 11 - SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS
# 12 - SSL_CTRL_GET_TOTAL_RENEGOTIATIONS
# 13 - SSL_CTRL_GET_FLAGS
# 14 - SSL_CTRL_EXTRA_CHAIN_CERT
# 15 - SSL_CTRL_SET_MSG_CALLBACK
# 16 - SSL_CTRL_SET_MSG_CALLBACK_ARG
# 17 - SSL_CTRL_SET_MTU
# 20 - SSL_CTRL_SESS_NUMBER
# 21 - SSL_CTRL_SESS_CONNECT
# 22 - SSL_CTRL_SESS_CONNECT_GOOD
# 23 - SSL_CTRL_SESS_CONNECT_RENEGOTIATE
# 24 - SSL_CTRL_SESS_ACCEPT
# 25 - SSL_CTRL_SESS_ACCEPT_GOOD
# 26 - SSL_CTRL_SESS_ACCEPT_RENEGOTIATE
# 27 - SSL_CTRL_SESS_HIT
# 28 - SSL_CTRL_SESS_CB_HIT
# 29 - SSL_CTRL_SESS_MISSES
# 30 - SSL_CTRL_SESS_TIMEOUTS
# 31 - SSL_CTRL_SESS_CACHE_FULL
# 32 - SSL_CTRL_OPTIONS
# 33 - SSL_CTRL_MODE
# 40 - SSL_CTRL_GET_READ_AHEAD
# 41 - SSL_CTRL_SET_READ_AHEAD
# 42 - SSL_CTRL_SET_SESS_CACHE_SIZE
# 43 - SSL_CTRL_GET_SESS_CACHE_SIZE
# 44 - SSL_CTRL_SET_SESS_CACHE_MODE
# 45 - SSL_CTRL_GET_SESS_CACHE_MODE
# 50 - SSL_CTRL_GET_MAX_CERT_LIST
# 51 - SSL_CTRL_SET_MAX_CERT_LIST
lib/Net/SSLeay.pod view on Meta::CPAN
=back
=head3 Low level API: SSL_* related functions
B<NOTE:> Please note that the function described in this chapter have "SSL_" part stripped from their original openssl names.
=over
=item * new
Creates a new SSL structure which is needed to hold the data for a TLS/SSL connection.
The new structure inherits the settings of the underlying context $ctx: connection
method (SSLv2/v3/TLSv1), options, verification settings, timeout settings.
my $rv = Net::SSLeay::new($ctx);
# $ctx - value corresponding to openssl's SSL_CTX structure
#
# returns: value corresponding to openssl's SSL structure (0 on failure)
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_new.html>
=item * accept
Waits for a TLS/SSL client to initiate the TLS/SSL handshake. The communication
channel must already have been set and assigned to the ssl by setting an underlying BIO.
my $rv = Net::SSLeay::accept($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 = success, 0 = handshake not successful, <0 = fatal error during handshake
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_accept.html>
=item * add_client_CA
Adds the CA name extracted from cacert to the list of CAs sent to the client
when requesting a client certificate for the chosen ssl, overriding the setting
valid for ssl's SSL_CTX object.
my $rv = Net::SSLeay::add_client_CA($ssl, $x);
# $ssl - value corresponding to openssl's SSL structure
# $x - value corresponding to openssl's X509 structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_CA_list.html>
=item * callback_ctrl
??? (more info needed)
my $rv = Net::SSLeay::callback_ctrl($ssl, $cmd, $fp);
# $ssl - value corresponding to openssl's SSL structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_ctrl.html>
=item * check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ssl
my $rv = Net::SSLeay::check_private_key($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_use_certificate.html>
=item * clear
Reset SSL object to allow another connection.
Net::SSLeay::clear($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: no return value
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_clear.html>
=item * connect
Initiate the TLS/SSL handshake with an TLS/SSL server.
my $rv = Net::SSLeay::connect($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 = success, 0 = handshake not successful, <0 = fatal error during handshake
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_connect.html>
=item * copy_session_id
Copies the session structure fro $from to $to (+ also the private key and certificate associated with $from).
Net::SSLeay::copy_session_id($to, $from);
# $to - value corresponding to openssl's SSL structure
# $from - value corresponding to openssl's SSL structure
#
# returns: no return value
=item * ctrl
Internal handling function for SSL objects.
B<BEWARE:> openssl doc says: This function should never be called directly!
my $rv = Net::SSLeay::ctrl($ssl, $cmd, $larg, $parg);
# $ssl - value corresponding to openssl's SSL structure
# $cmd - (integer) command id
# $larg - (integer) long ???
# $parg - (string/pointer) ???
#
# returns: (long) result of given command ???
For more details about valid $cmd values check L</CTX_ctrl>.
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_ctrl.html>
=item * do_handshake
Will wait for a SSL/TLS handshake to take place. If the connection is in client
mode, the handshake will be started. The handshake routines may have to be
lib/Net/SSLeay.pod view on Meta::CPAN
NID_md5_sha1 X509_PURPOSE_OCSP_HELPER
NID_mdc2 X509_PURPOSE_SMIME_ENCRYPT
NID_mdc2WithRSA X509_PURPOSE_SMIME_SIGN
NID_ms_code_com X509_PURPOSE_SSL_CLIENT
NID_ms_code_ind X509_PURPOSE_SSL_SERVER
NID_ms_ctl_sign X509_PURPOSE_TIMESTAMP_SIGN
NID_ms_efs X509_REQ_VERSION_1
NID_ms_ext_req X509_REQ_VERSION_2
NID_ms_sgc X509_REQ_VERSION_3
NID_name X509_TRUST_COMPAT
NID_netscape X509_TRUST_DEFAULT
NID_netscape_base_url X509_TRUST_EMAIL
NID_netscape_ca_policy_url X509_TRUST_OBJECT_SIGN
NID_netscape_ca_revocation_url X509_TRUST_OCSP_REQUEST
NID_netscape_cert_extension X509_TRUST_OCSP_SIGN
NID_netscape_cert_sequence X509_TRUST_SSL_CLIENT
NID_netscape_cert_type X509_TRUST_SSL_SERVER
NID_netscape_comment X509_TRUST_TSA
NID_netscape_data_type X509_VERSION_1
NID_netscape_renewal_url X509_VERSION_2
NID_netscape_revocation_url X509_VERSION_3
NID_netscape_ssl_server_name X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH
NID_ns_sgc X509_V_ERR_AKID_SKID_MISMATCH
NID_organizationName X509_V_ERR_APPLICATION_VERIFICATION
NID_organizationalUnitName X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL
NID_pbeWithMD2AndDES_CBC X509_V_ERR_CA_BCONS_NOT_CRITICAL
NID_pbeWithMD2AndRC2_CBC X509_V_ERR_CA_CERT_MISSING_KEY_USAGE
NID_pbeWithMD5AndCast5_CBC X509_V_ERR_CA_KEY_TOO_SMALL
NID_pbeWithMD5AndDES_CBC X509_V_ERR_CA_MD_TOO_WEAK
NID_pbeWithMD5AndRC2_CBC X509_V_ERR_CERT_CHAIN_TOO_LONG
NID_pbeWithSHA1AndDES_CBC X509_V_ERR_CERT_HAS_EXPIRED
NID_pbeWithSHA1AndRC2_CBC X509_V_ERR_CERT_NOT_YET_VALID
NID_pbe_WithSHA1And128BitRC2_CBC X509_V_ERR_CERT_REJECTED
NID_pbe_WithSHA1And128BitRC4 X509_V_ERR_CERT_REVOKED
NID_pbe_WithSHA1And2_Key_TripleDES_CBC X509_V_ERR_CERT_SIGNATURE_FAILURE
NID_pbe_WithSHA1And3_Key_TripleDES_CBC X509_V_ERR_CERT_UNTRUSTED
NID_pbe_WithSHA1And40BitRC2_CBC X509_V_ERR_CRL_HAS_EXPIRED
NID_pbe_WithSHA1And40BitRC4 X509_V_ERR_CRL_NOT_YET_VALID
NID_pbes2 X509_V_ERR_CRL_PATH_VALIDATION_ERROR
NID_pbmac1 X509_V_ERR_CRL_SIGNATURE_FAILURE
NID_pkcs X509_V_ERR_DANE_NO_MATCH
NID_pkcs3 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
NID_pkcs7 X509_V_ERR_DIFFERENT_CRL_SCOPE
NID_pkcs7_data X509_V_ERR_EC_KEY_EXPLICIT_PARAMS
NID_pkcs7_digest X509_V_ERR_EE_KEY_TOO_SMALL
NID_pkcs7_encrypted X509_V_ERR_EMAIL_MISMATCH
NID_pkcs7_enveloped X509_V_ERR_EMPTY_SUBJECT_ALT_NAME
NID_pkcs7_signed X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL
NID_pkcs7_signedAndEnveloped X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
NID_pkcs8ShroudedKeyBag X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
NID_pkcs9 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD
NID_pkcs9_challengePassword X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
NID_pkcs9_contentType X509_V_ERR_EXCLUDED_VIOLATION
NID_pkcs9_countersignature X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3
NID_pkcs9_emailAddress X509_V_ERR_HOSTNAME_MISMATCH
NID_pkcs9_extCertAttributes X509_V_ERR_INVALID_CA
NID_pkcs9_messageDigest X509_V_ERR_INVALID_CALL
NID_pkcs9_signingTime X509_V_ERR_INVALID_EXTENSION
NID_pkcs9_unstructuredAddress X509_V_ERR_INVALID_NON_CA
NID_pkcs9_unstructuredName X509_V_ERR_INVALID_POLICY_EXTENSION
NID_private_key_usage_period X509_V_ERR_INVALID_PURPOSE
NID_rc2_40_cbc X509_V_ERR_IP_ADDRESS_MISMATCH
NID_rc2_64_cbc X509_V_ERR_ISSUER_NAME_EMPTY
NID_rc2_cbc X509_V_ERR_KEYUSAGE_NO_CERTSIGN
NID_rc2_cfb64 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN
NID_rc2_ecb X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE
NID_rc2_ofb64 X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA
NID_rc4 X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER
NID_rc4_40 X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER
NID_rc5_cbc X509_V_ERR_NO_EXPLICIT_POLICY
NID_rc5_cfb64 X509_V_ERR_NO_ISSUER_PUBLIC_KEY
NID_rc5_ecb X509_V_ERR_NO_VALID_SCTS
NID_rc5_ofb64 X509_V_ERR_OCSP_CERT_UNKNOWN
NID_ripemd160 X509_V_ERR_OCSP_VERIFY_FAILED
NID_ripemd160WithRSA X509_V_ERR_OCSP_VERIFY_NEEDED
NID_rle_compression X509_V_ERR_OUT_OF_MEM
NID_rsa X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA
NID_rsaEncryption X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN
NID_rsadsi X509_V_ERR_PATH_LENGTH_EXCEEDED
NID_safeContentsBag X509_V_ERR_PATH_LOOP
NID_sdsiCertificate X509_V_ERR_PERMITTED_VIOLATION
NID_secretBag X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED
NID_serialNumber X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED
NID_server_auth X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION
NID_sha X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
NID_sha1 X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY
NID_sha1WithRSA X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH
NID_sha1WithRSAEncryption X509_V_ERR_STORE_LOOKUP
NID_sha224 X509_V_ERR_SUBJECT_ISSUER_MISMATCH
NID_sha224WithRSAEncryption X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL
NID_sha256 X509_V_ERR_SUBJECT_NAME_EMPTY
NID_sha256WithRSAEncryption X509_V_ERR_SUBTREE_MINMAX
NID_sha384 X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256
NID_sha384WithRSAEncryption X509_V_ERR_SUITE_B_INVALID_ALGORITHM
NID_sha3_224 X509_V_ERR_SUITE_B_INVALID_CURVE
NID_sha3_256 X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM
NID_sha3_384 X509_V_ERR_SUITE_B_INVALID_VERSION
NID_sha3_512 X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED
NID_sha512 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY
NID_sha512WithRSAEncryption X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE
NID_sha512_224 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE
NID_sha512_224WithRSAEncryption X509_V_ERR_UNABLE_TO_GET_CRL
NID_sha512_256 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER
NID_sha512_256WithRSAEncryption X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT
NID_shaWithRSAEncryption X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
NID_shake128 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
NID_shake256 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION
NID_stateOrProvinceName X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION
NID_subject_alt_name X509_V_ERR_UNNESTED_RESOURCE
NID_subject_key_identifier X509_V_ERR_UNSPECIFIED
NID_surname X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX
NID_sxnet X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE
NID_time_stamp X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE
NID_title X509_V_ERR_UNSUPPORTED_NAME_SYNTAX
NID_undef X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM
NID_uniqueIdentifier X509_V_FLAG_ALLOW_PROXY_CERTS
NID_x509Certificate X509_V_FLAG_CB_ISSUER_CHECK
NID_x509Crl X509_V_FLAG_CHECK_SS_SIGNATURE
NID_zlib_compression X509_V_FLAG_CRL_CHECK
NOTHING X509_V_FLAG_CRL_CHECK_ALL
OCSP_RESPONSE_STATUS_INTERNALERROR X509_V_FLAG_EXPLICIT_POLICY
( run in 0.950 second using v1.01-cache-2.11-cpan-39bf76dae61 )