Plack-App-MCCS
view release on metacpan or search on metacpan
local/lib/perl5/x86_64-linux-thread-multi/Net/SSLeay.pod view on Meta::CPAN
my $rv = Net::SSLeay::set_timeout($ses, $t);
=back
=head3 Low level API: SSL_CTX_* related functions
B<NOTE:> Please note that the function described in this chapter have "SSL_" part stripped from their original openssl names.
=over
=item * CTX_add_client_CA
Adds the CA name extracted from $cacert to the list of CAs sent to the client when requesting a client certificate for $ctx.
my $rv = Net::SSLeay::CTX_add_client_CA($ctx, $cacert);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cacert - value corresponding to openssl's X509 structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_set_client_CA_list.html|http://www.openssl.org/docs/ssl/SSL_CTX_set_client_CA_list.html>
=item * CTX_add_extra_chain_cert
Adds the certificate $x509 to the certificate chain presented together with the certificate. Several certificates can be added one after the other.
my $rv = Net::SSLeay::CTX_add_extra_chain_cert($ctx, $x509);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $x509 - value corresponding to openssl's X509 structure
#
# returns: 1 on success, check out the error stack to find out the reason for failure otherwise
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_add_extra_chain_cert.html|http://www.openssl.org/docs/ssl/SSL_CTX_add_extra_chain_cert.html>
=item * CTX_add_session
Adds the session $ses to the context $ctx.
my $rv = Net::SSLeay::CTX_add_session($ctx, $ses);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $ses - value corresponding to openssl's SSL_SESSION structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_add_session.html|http://www.openssl.org/docs/ssl/SSL_CTX_add_session.html>
=item * CTX_callback_ctrl
??? (more info needed)
my $rv = Net::SSLeay::CTX_callback_ctrl($ctx, $cmd, $fp);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html|http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html>
=item * CTX_check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ctx.
my $rv = Net::SSLeay::CTX_check_private_key($ctx);
# $ctx - value corresponding to openssl's SSL_CTX structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html|http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html>
=item * CTX_ctrl
Internal handling function for SSL_CTX objects.
B<BEWARE:> openssl doc says: This function should never be called directly!
my $rv = Net::SSLeay::CTX_ctrl($ctx, $cmd, $larg, $parg);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cmd - (integer) command id
# $larg - (integer) long ???
# $parg - (string/pointer) ???
#
# returns: (long) result of given command ???
#valid $cmd values
1 - SSL_CTRL_NEED_TMP_RSA
2 - SSL_CTRL_SET_TMP_RSA
3 - SSL_CTRL_SET_TMP_DH
4 - SSL_CTRL_SET_TMP_ECDH
5 - SSL_CTRL_SET_TMP_RSA_CB
6 - SSL_CTRL_SET_TMP_DH_CB
7 - SSL_CTRL_SET_TMP_ECDH_CB
8 - SSL_CTRL_GET_SESSION_REUSED
9 - SSL_CTRL_GET_CLIENT_CERT_REQUEST
10 - SSL_CTRL_GET_NUM_RENEGOTIATIONS
11 - SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS
12 - SSL_CTRL_GET_TOTAL_RENEGOTIATIONS
13 - SSL_CTRL_GET_FLAGS
14 - SSL_CTRL_EXTRA_CHAIN_CERT
15 - SSL_CTRL_SET_MSG_CALLBACK
16 - SSL_CTRL_SET_MSG_CALLBACK_ARG
17 - SSL_CTRL_SET_MTU
20 - SSL_CTRL_SESS_NUMBER
21 - SSL_CTRL_SESS_CONNECT
22 - SSL_CTRL_SESS_CONNECT_GOOD
23 - SSL_CTRL_SESS_CONNECT_RENEGOTIATE
24 - SSL_CTRL_SESS_ACCEPT
25 - SSL_CTRL_SESS_ACCEPT_GOOD
26 - SSL_CTRL_SESS_ACCEPT_RENEGOTIATE
27 - SSL_CTRL_SESS_HIT
28 - SSL_CTRL_SESS_CB_HIT
29 - SSL_CTRL_SESS_MISSES
30 - SSL_CTRL_SESS_TIMEOUTS
31 - SSL_CTRL_SESS_CACHE_FULL
32 - SSL_CTRL_OPTIONS
33 - SSL_CTRL_MODE
40 - SSL_CTRL_GET_READ_AHEAD
41 - SSL_CTRL_SET_READ_AHEAD
42 - SSL_CTRL_SET_SESS_CACHE_SIZE
43 - SSL_CTRL_GET_SESS_CACHE_SIZE
44 - SSL_CTRL_SET_SESS_CACHE_MODE
45 - SSL_CTRL_GET_SESS_CACHE_MODE
50 - SSL_CTRL_GET_MAX_CERT_LIST
51 - SSL_CTRL_SET_MAX_CERT_LIST
local/lib/perl5/x86_64-linux-thread-multi/Net/SSLeay.pod view on Meta::CPAN
=back
=head3 Low level API: SSL_* related functions
B<NOTE:> Please note that the function described in this chapter have "SSL_" part stripped from their original openssl names.
=over
=item * new
Creates a new SSL structure which is needed to hold the data for a TLS/SSL connection.
The new structure inherits the settings of the underlying context $ctx: connection
method (SSLv2/v3/TLSv1), options, verification settings, timeout settings.
my $rv = Net::SSLeay::new($ctx);
# $ctx - value corresponding to openssl's SSL_CTX structure
#
# returns: value corresponding to openssl's SSL structure (0 on failure)
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_new.html|http://www.openssl.org/docs/ssl/SSL_new.html>
=item * accept
Waits for a TLS/SSL client to initiate the TLS/SSL handshake. The communication
channel must already have been set and assigned to the ssl by setting an underlying BIO.
my $rv = Net::SSLeay::accept($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 = success, 0 = handshake not successful, <0 = fatal error during handshake
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_accept.html|http://www.openssl.org/docs/ssl/SSL_accept.html>
=item * add_client_CA
Adds the CA name extracted from cacert to the list of CAs sent to the client
when requesting a client certificate for the chosen ssl, overriding the setting
valid for ssl's SSL_CTX object.
my $rv = Net::SSLeay::add_client_CA($ssl, $x);
# $ssl - value corresponding to openssl's SSL structure
# $x - value corresponding to openssl's X509 structure
#
# returns: 1 on success, 0 on failure
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_set_client_CA_list.html|http://www.openssl.org/docs/ssl/SSL_CTX_set_client_CA_list.html>
=item * callback_ctrl
??? (more info needed)
my $rv = Net::SSLeay::callback_ctrl($ssl, $cmd, $fp);
# $ssl - value corresponding to openssl's SSL structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html|http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html>
=item * check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ssl
my $rv = Net::SSLeay::check_private_key($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html|http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html>
=item * clear
Reset SSL object to allow another connection.
Net::SSLeay::clear($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: no return value
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_clear.html|http://www.openssl.org/docs/ssl/SSL_clear.html>
=item * connect
Initiate the TLS/SSL handshake with an TLS/SSL server.
my $rv = Net::SSLeay::connect($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 = success, 0 = handshake not successful, <0 = fatal error during handshake
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_connect.html|http://www.openssl.org/docs/ssl/SSL_connect.html>
=item * copy_session_id
Copies the session structure fro $from to $to (+ also the private key and certificate associated with $from).
Net::SSLeay::copy_session_id($to, $from);
# $to - value corresponding to openssl's SSL structure
# $from - value corresponding to openssl's SSL structure
#
# returns: no return value
=item * ctrl
Internal handling function for SSL objects.
B<BEWARE:> openssl doc says: This function should never be called directly!
my $rv = Net::SSLeay::ctrl($ssl, $cmd, $larg, $parg);
# $ssl - value corresponding to openssl's SSL structure
# $cmd - (integer) command id
# $larg - (integer) long ???
# $parg - (string/pointer) ???
#
# returns: (long) result of given command ???
For more details about valid $cmd values check L</CTX_ctrl>.
Check openssl doc L<http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html|http://www.openssl.org/docs/ssl/SSL_CTX_ctrl.html>
=item * do_handshake
Will wait for a SSL/TLS handshake to take place. If the connection is in client
mode, the handshake will be started. The handshake routines may have to be
local/lib/perl5/x86_64-linux-thread-multi/Net/SSLeay.pod view on Meta::CPAN
NID_md5_sha1 X509_PURPOSE_SSL_SERVER
NID_mdc2 X509_PURPOSE_TIMESTAMP_SIGN
NID_mdc2WithRSA X509_TRUST_COMPAT
NID_ms_code_com X509_TRUST_EMAIL
NID_ms_code_ind X509_TRUST_OBJECT_SIGN
NID_ms_ctl_sign X509_TRUST_OCSP_REQUEST
NID_ms_efs X509_TRUST_OCSP_SIGN
NID_ms_ext_req X509_TRUST_SSL_CLIENT
NID_ms_sgc X509_TRUST_SSL_SERVER
NID_name X509_TRUST_TSA
NID_netscape X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH
NID_netscape_base_url X509_V_ERR_AKID_SKID_MISMATCH
NID_netscape_ca_policy_url X509_V_ERR_APPLICATION_VERIFICATION
NID_netscape_ca_revocation_url X509_V_ERR_CA_KEY_TOO_SMALL
NID_netscape_cert_extension X509_V_ERR_CA_MD_TOO_WEAK
NID_netscape_cert_sequence X509_V_ERR_CERT_CHAIN_TOO_LONG
NID_netscape_cert_type X509_V_ERR_CERT_HAS_EXPIRED
NID_netscape_comment X509_V_ERR_CERT_NOT_YET_VALID
NID_netscape_data_type X509_V_ERR_CERT_REJECTED
NID_netscape_renewal_url X509_V_ERR_CERT_REVOKED
NID_netscape_revocation_url X509_V_ERR_CERT_SIGNATURE_FAILURE
NID_netscape_ssl_server_name X509_V_ERR_CERT_UNTRUSTED
NID_ns_sgc X509_V_ERR_CRL_HAS_EXPIRED
NID_organizationName X509_V_ERR_CRL_NOT_YET_VALID
NID_organizationalUnitName X509_V_ERR_CRL_PATH_VALIDATION_ERROR
NID_pbeWithMD2AndDES_CBC X509_V_ERR_CRL_SIGNATURE_FAILURE
NID_pbeWithMD2AndRC2_CBC X509_V_ERR_DANE_NO_MATCH
NID_pbeWithMD5AndCast5_CBC X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
NID_pbeWithMD5AndDES_CBC X509_V_ERR_DIFFERENT_CRL_SCOPE
NID_pbeWithMD5AndRC2_CBC X509_V_ERR_EE_KEY_TOO_SMALL
NID_pbeWithSHA1AndDES_CBC X509_V_ERR_EMAIL_MISMATCH
NID_pbeWithSHA1AndRC2_CBC X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
NID_pbe_WithSHA1And128BitRC2_CBC X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
NID_pbe_WithSHA1And128BitRC4 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD
NID_pbe_WithSHA1And2_Key_TripleDES_CBC X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
NID_pbe_WithSHA1And3_Key_TripleDES_CBC X509_V_ERR_EXCLUDED_VIOLATION
NID_pbe_WithSHA1And40BitRC2_CBC X509_V_ERR_HOSTNAME_MISMATCH
NID_pbe_WithSHA1And40BitRC4 X509_V_ERR_INVALID_CA
NID_pbes2 X509_V_ERR_INVALID_CALL
NID_pbmac1 X509_V_ERR_INVALID_EXTENSION
NID_pkcs X509_V_ERR_INVALID_NON_CA
NID_pkcs3 X509_V_ERR_INVALID_POLICY_EXTENSION
NID_pkcs7 X509_V_ERR_INVALID_PURPOSE
NID_pkcs7_data X509_V_ERR_IP_ADDRESS_MISMATCH
NID_pkcs7_digest X509_V_ERR_KEYUSAGE_NO_CERTSIGN
NID_pkcs7_encrypted X509_V_ERR_KEYUSAGE_NO_CRL_SIGN
NID_pkcs7_enveloped X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE
NID_pkcs7_signed X509_V_ERR_NO_EXPLICIT_POLICY
NID_pkcs7_signedAndEnveloped X509_V_ERR_NO_VALID_SCTS
NID_pkcs8ShroudedKeyBag X509_V_ERR_OCSP_CERT_UNKNOWN
NID_pkcs9 X509_V_ERR_OCSP_VERIFY_FAILED
NID_pkcs9_challengePassword X509_V_ERR_OCSP_VERIFY_NEEDED
NID_pkcs9_contentType X509_V_ERR_OUT_OF_MEM
NID_pkcs9_countersignature X509_V_ERR_PATH_LENGTH_EXCEEDED
NID_pkcs9_emailAddress X509_V_ERR_PATH_LOOP
NID_pkcs9_extCertAttributes X509_V_ERR_PERMITTED_VIOLATION
NID_pkcs9_messageDigest X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED
NID_pkcs9_signingTime X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED
NID_pkcs9_unstructuredAddress X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION
NID_pkcs9_unstructuredName X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
NID_private_key_usage_period X509_V_ERR_STORE_LOOKUP
NID_rc2_40_cbc X509_V_ERR_SUBJECT_ISSUER_MISMATCH
NID_rc2_64_cbc X509_V_ERR_SUBTREE_MINMAX
NID_rc2_cbc X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256
NID_rc2_cfb64 X509_V_ERR_SUITE_B_INVALID_ALGORITHM
NID_rc2_ecb X509_V_ERR_SUITE_B_INVALID_CURVE
NID_rc2_ofb64 X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM
NID_rc4 X509_V_ERR_SUITE_B_INVALID_VERSION
NID_rc4_40 X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED
NID_rc5_cbc X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY
NID_rc5_cfb64 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE
NID_rc5_ecb X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE
NID_rc5_ofb64 X509_V_ERR_UNABLE_TO_GET_CRL
NID_ripemd160 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER
NID_ripemd160WithRSA X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT
NID_rle_compression X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
NID_rsa X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
NID_rsaEncryption X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION
NID_rsadsi X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION
NID_safeContentsBag X509_V_ERR_UNNESTED_RESOURCE
NID_sdsiCertificate X509_V_ERR_UNSPECIFIED
NID_secretBag X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX
NID_serialNumber X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE
NID_server_auth X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE
NID_sha X509_V_ERR_UNSUPPORTED_NAME_SYNTAX
NID_sha1 X509_V_FLAG_ALLOW_PROXY_CERTS
NID_sha1WithRSA X509_V_FLAG_CB_ISSUER_CHECK
NID_sha1WithRSAEncryption X509_V_FLAG_CHECK_SS_SIGNATURE
NID_shaWithRSAEncryption X509_V_FLAG_CRL_CHECK
NID_stateOrProvinceName X509_V_FLAG_CRL_CHECK_ALL
NID_subject_alt_name X509_V_FLAG_EXPLICIT_POLICY
NID_subject_key_identifier X509_V_FLAG_EXTENDED_CRL_SUPPORT
NID_surname X509_V_FLAG_IGNORE_CRITICAL
NID_sxnet X509_V_FLAG_INHIBIT_ANY
NID_time_stamp X509_V_FLAG_INHIBIT_MAP
NID_title X509_V_FLAG_LEGACY_VERIFY
NID_undef X509_V_FLAG_NOTIFY_POLICY
NID_uniqueIdentifier X509_V_FLAG_NO_ALT_CHAINS
NID_x509Certificate X509_V_FLAG_NO_CHECK_TIME
NID_x509Crl X509_V_FLAG_PARTIAL_CHAIN
NID_zlib_compression X509_V_FLAG_POLICY_CHECK
NOTHING X509_V_FLAG_POLICY_MASK
OCSP_RESPONSE_STATUS_INTERNALERROR X509_V_FLAG_SUITEB_128_LOS
OCSP_RESPONSE_STATUS_MALFORMEDREQUEST X509_V_FLAG_SUITEB_128_LOS_ONLY
OCSP_RESPONSE_STATUS_SIGREQUIRED X509_V_FLAG_SUITEB_192_LOS
OCSP_RESPONSE_STATUS_SUCCESSFUL X509_V_FLAG_TRUSTED_FIRST
OCSP_RESPONSE_STATUS_TRYLATER X509_V_FLAG_USE_CHECK_TIME
OCSP_RESPONSE_STATUS_UNAUTHORIZED X509_V_FLAG_USE_DELTAS
OPENSSL_BUILT_ON X509_V_FLAG_X509_STRICT
OPENSSL_CFLAGS X509_V_OK
OPENSSL_CPU_INFO XN_FLAG_COMPAT
OPENSSL_DIR XN_FLAG_DN_REV
OPENSSL_ENGINES_DIR XN_FLAG_DUMP_UNKNOWN_FIELDS
OPENSSL_FULL_VERSION_STRING XN_FLAG_FN_ALIGN
OPENSSL_INFO_CONFIG_DIR XN_FLAG_FN_LN
OPENSSL_INFO_CPU_SETTINGS XN_FLAG_FN_MASK
OPENSSL_INFO_DIR_FILENAME_SEPARATOR XN_FLAG_FN_NONE
OPENSSL_INFO_DSO_EXTENSION XN_FLAG_FN_OID
OPENSSL_INFO_ENGINES_DIR XN_FLAG_FN_SN
OPENSSL_INFO_LIST_SEPARATOR XN_FLAG_MULTILINE
OPENSSL_INFO_MODULES_DIR XN_FLAG_ONELINE
( run in 3.113 seconds using v1.01-cache-2.11-cpan-5837b0d9d2c )