Net-SSLeay
view release on metacpan or search on metacpan
SSL * s
void
SSL_read(s,max=32768)
SSL * s
int max
PREINIT:
char *buf;
int got;
int succeeded = 1;
PPCODE:
New(0, buf, max, char);
got = SSL_read(s, buf, max);
if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got))
succeeded = 0;
/* If in list context, return 2-item list:
* first return value: data gotten, or undef on error (got<0)
* second return value: result from SSL_read()
*/
Safefree(buf);
void
SSL_peek(s,max=32768)
SSL * s
int max
PREINIT:
char *buf;
int got;
int succeeded = 1;
PPCODE:
New(0, buf, max, char);
got = SSL_peek(s, buf, max);
if (got <= 0 && SSL_ERROR_ZERO_RETURN != SSL_get_error(s, got))
succeeded = 0;
/* If in list context, return 2-item list:
* first return value: data gotten, or undef on error (got<0)
* second return value: result from SSL_peek()
*/
#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */
void
SSL_read_ex(s,max=32768)
SSL * s
int max
PREINIT:
char *buf;
size_t readbytes;
int succeeded;
PPCODE:
Newx(buf, max, char);
succeeded = SSL_read_ex(s, buf, max, &readbytes);
/* Return 2-item list:
* first return value: data gotten, or undef on error
* second return value: result from SSL_read_ex()
*/
EXTEND(SP, 2);
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, readbytes) : newSV(0)));
void
SSL_peek_ex(s,max=32768)
SSL * s
int max
PREINIT:
char *buf;
size_t readbytes;
int succeeded;
PPCODE:
Newx(buf, max, char);
succeeded = SSL_peek_ex(s, buf, max, &readbytes);
/* Return 2-item list:
* first return value: data gotten, or undef on error
* second return value: result from SSL_peek_ex()
*/
EXTEND(SP, 2);
PUSHs(sv_2mortal(succeeded ? newSVpvn(buf, readbytes) : newSV(0)));
void
SSL_write_ex(s,buf)
SSL * s
PREINIT:
STRLEN len;
size_t written;
int succeeded;
INPUT:
char * buf = SvPV( ST(1), len);
PPCODE:
succeeded = SSL_write_ex(s, buf, len, &written);
/* Return 2-item list:
* first return value: data gotten, or undef on error
* second return value: result from SSL_read_ex()
*/
EXTEND(SP, 2);
PUSHs(sv_2mortal(newSVuv(written)));
PUSHs(sv_2mortal(newSViv(succeeded)));
SSL_CTX * s
char * str
void
SSL_get_ciphers(s)
SSL * s
PREINIT:
STACK_OF(SSL_CIPHER) *sk = NULL;
const SSL_CIPHER *c;
int i;
PPCODE:
sk = SSL_get_ciphers(s);
if( sk == NULL ) {
XSRETURN_EMPTY;
}
for (i=0; i<sk_SSL_CIPHER_num(sk); i++) {
c = sk_SSL_CIPHER_value(sk, i);
XPUSHs(sv_2mortal(newSViv(PTR2IV(c))));
}
const char *
SSL_get_peer_certificate(s)
SSL * s
void
SSL_get_peer_cert_chain(s)
SSL * s
PREINIT:
STACK_OF(X509) *chain = NULL;
X509 *x;
int i;
PPCODE:
chain = SSL_get_peer_cert_chain(s);
if( chain == NULL ) {
XSRETURN_EMPTY;
}
for (i=0; i<sk_X509_num(chain); i++) {
x = sk_X509_value(chain, i);
XPUSHs(sv_2mortal(newSViv(PTR2IV(x))));
}
void
SSL_verify_client_post_handshake(SSL *ssl)
#endif
void
i2d_SSL_SESSION(sess)
SSL_SESSION * sess
PREINIT:
STRLEN len;
unsigned char *pc,*pi;
PPCODE:
if (!(len = i2d_SSL_SESSION(sess,NULL))) croak("invalid SSL_SESSION");
Newx(pc,len,unsigned char);
if (!pc) croak("out of memory");
pi = pc;
i2d_SSL_SESSION(sess,&pi);
XPUSHs(sv_2mortal(newSVpv((char*)pc,len)));
Safefree(pc);
SSL_SESSION *
long
SSL_set1_client_sigalgs_list(SSL *ssl, const char *str)
void
SSL_get_sigalgs(SSL *ssl, int idx)
PREINIT:
int n_sigalgs;
int psign = NID_undef, phash = NID_undef, psignhash = NID_undef;
unsigned char rsig = 0, rhash = 0;
PPCODE:
n_sigalgs = SSL_get_sigalgs(ssl, idx,
&psign, &phash, &psignhash,
&rsig, &rhash);
EXTEND(SP, 6);
PUSHs(sv_2mortal(newSViv(n_sigalgs)));
PUSHs(sv_2mortal(newSViv(psign)));
PUSHs(sv_2mortal(newSViv(phash)));
PUSHs(sv_2mortal(newSViv(psignhash)));
PUSHs(sv_2mortal(newSVuv(rsig)));
PUSHs(sv_2mortal(newSVuv(rhash)));
void
SSL_get_shared_sigalgs(SSL *ssl, int idx)
PREINIT:
int n_sigalgs;
int psign = NID_undef, phash = NID_undef, psignhash = NID_undef;
unsigned char rsig = 0, rhash = 0;
PPCODE:
n_sigalgs = SSL_get_shared_sigalgs(ssl, idx,
&psign, &phash, &psignhash,
&rsig, &rhash);
EXTEND(SP, 6);
PUSHs(sv_2mortal(newSViv(n_sigalgs)));
PUSHs(sv_2mortal(newSViv(psign)));
PUSHs(sv_2mortal(newSViv(phash)));
PUSHs(sv_2mortal(newSViv(psignhash)));
PUSHs(sv_2mortal(newSVuv(rsig)));
char * serial_hex
ASN1_TIME *rev_time
long reason_code
ASN1_TIME *comp_time
PREINIT:
BIGNUM *bn = NULL;
ASN1_INTEGER *sn;
X509_REVOKED *rev;
ASN1_ENUMERATED *rsn = NULL;
int rv;
PPCODE:
rv=0;
rev = X509_REVOKED_new();
if (rev) {
if (BN_hex2bn(&bn, serial_hex)) {
sn = BN_to_ASN1_INTEGER(bn, NULL);
if (sn) {
X509_REVOKED_set_serialNumber(rev, sn);
ASN1_INTEGER_free(sn);
rv = 1;
}
void
P_X509_REQ_get_attr(req,n)
X509_REQ *req
int n
INIT:
X509_ATTRIBUTE * att;
int count, i;
ASN1_STRING * s;
ASN1_TYPE * t;
PPCODE:
att = X509_REQ_get_attr(req,n);
count = X509_ATTRIBUTE_count(att);
for (i=0; i<count; i++) {
t = X509_ATTRIBUTE_get0_type(att, i);
s = t->value.asn1_string;
XPUSHs(sv_2mortal(newSViv(PTR2IV(s))));
}
int
P_X509_REQ_add_extensions(x,...)
void
P_X509_copy_extensions(x509_req,x509,override=1)
X509_REQ *x509_req
X509 *x509
int override
PREINIT:
STACK_OF(X509_EXTENSION) *exts = NULL;
X509_EXTENSION *ext, *tmpext;
ASN1_OBJECT *obj;
int i, idx, ret = 1;
PPCODE:
if (!x509 || !x509_req) XSRETURN_IV(0);
exts = X509_REQ_get_extensions(x509_req);
for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
ext = sk_X509_EXTENSION_value(exts, i);
obj = X509_EXTENSION_get_object(ext);
idx = X509_get_ext_by_OBJ(x509, obj, -1);
/* Does extension exist? */
if (idx != -1) {
if (override) continue; /* don't override existing extension */
/* Delete all extensions of same type */
void
X509_get_subjectAltNames(cert)
X509 * cert
PREINIT:
int i, j, count = 0;
X509_EXTENSION *subjAltNameExt = NULL;
STACK_OF(GENERAL_NAME) *subjAltNameDNs = NULL;
GENERAL_NAME *subjAltNameDN = NULL;
int num_gnames;
PPCODE:
if ( (i = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1)) >= 0
&& (subjAltNameExt = X509_get_ext(cert, i))
&& (subjAltNameDNs = (STACK_OF(GENERAL_NAME) *)X509V3_EXT_d2i(subjAltNameExt)))
{
num_gnames = sk_GENERAL_NAME_num(subjAltNameDNs);
for (j = 0; j < num_gnames; j++)
{
subjAltNameDN = sk_GENERAL_NAME_value(subjAltNameDNs, j);
void
P_X509_get_crl_distribution_points(cert)
X509 * cert
INIT:
GENERAL_NAMES *gnames;
GENERAL_NAME *gn;
STACK_OF(DIST_POINT) *points;
DIST_POINT *p;
int i, j;
PPCODE:
points = (STACK_OF(DIST_POINT) *)X509_get_ext_d2i(cert, NID_crl_distribution_points, NULL, NULL);
for (i = 0; i < sk_DIST_POINT_num(points); i++) {
p = sk_DIST_POINT_value(points, i);
if (!p->distpoint)
continue;
if (p->distpoint->type == 0) {
/* full name */
gnames = p->distpoint->name.fullname;
for (j = 0; j < sk_GENERAL_NAME_num(gnames); j++) {
gn = sk_GENERAL_NAME_value(gnames, j);
}
}
sk_DIST_POINT_pop_free(points, DIST_POINT_free);
void
P_X509_get_ocsp_uri(cert)
X509 * cert
PREINIT:
AUTHORITY_INFO_ACCESS *info;
int i;
PPCODE:
info = (AUTHORITY_INFO_ACCESS *)X509_get_ext_d2i(cert, NID_info_access, NULL, NULL);
if (!info) XSRETURN_UNDEF;
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
if (OBJ_obj2nid(ad->method) == NID_ad_OCSP
&& ad->location->type == GEN_URI) {
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
XPUSHs(sv_2mortal(newSVpv(
(char*)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier),
void
P_X509_get_ext_key_usage(cert,format=0)
X509 * cert
int format
PREINIT:
EXTENDED_KEY_USAGE *extusage;
int i, nid;
char buffer[100]; /* openssl doc: a buffer length of 80 should be more than enough to handle any OID encountered in practice */
ASN1_OBJECT *o;
PPCODE:
extusage = (EXTENDED_KEY_USAGE *)X509_get_ext_d2i(cert, NID_ext_key_usage, NULL, NULL);
for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
o = sk_ASN1_OBJECT_value(extusage,i);
nid = OBJ_obj2nid(o);
OBJ_obj2txt(buffer, sizeof(buffer)-1, o, 1);
if(format==0)
XPUSHs(sv_2mortal(newSVpv(buffer,0))); /* format 0: oid */
else if(format==1 && nid>0)
XPUSHs(sv_2mortal(newSViv(nid))); /* format 1: nid */
else if(format==2 && nid>0)
else if(format==3 && nid>0)
XPUSHs(sv_2mortal(newSVpv(OBJ_nid2ln(nid),0))); /* format 3: longname */
}
EXTENDED_KEY_USAGE_free(extusage);
void
P_X509_get_key_usage(cert)
X509 * cert
INIT:
ASN1_BIT_STRING * u;
PPCODE:
u = (ASN1_BIT_STRING *)X509_get_ext_d2i(cert, NID_key_usage, NULL, NULL);
if (u) {
if (ASN1_BIT_STRING_get_bit(u,0)) XPUSHs(sv_2mortal(newSVpv("digitalSignature",0)));
if (ASN1_BIT_STRING_get_bit(u,1)) XPUSHs(sv_2mortal(newSVpv("nonRepudiation",0)));
if (ASN1_BIT_STRING_get_bit(u,2)) XPUSHs(sv_2mortal(newSVpv("keyEncipherment",0)));
if (ASN1_BIT_STRING_get_bit(u,3)) XPUSHs(sv_2mortal(newSVpv("dataEncipherment",0)));
if (ASN1_BIT_STRING_get_bit(u,4)) XPUSHs(sv_2mortal(newSVpv("keyAgreement",0)));
if (ASN1_BIT_STRING_get_bit(u,5)) XPUSHs(sv_2mortal(newSVpv("keyCertSign",0)));
if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("cRLSign",0)));
if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("encipherOnly",0)));
if (ASN1_BIT_STRING_get_bit(u,8)) XPUSHs(sv_2mortal(newSVpv("decipherOnly",0)));
ASN1_BIT_STRING_free(u);
}
void
P_X509_get_netscape_cert_type(cert)
X509 * cert
INIT:
ASN1_BIT_STRING * u;
PPCODE:
u = (ASN1_BIT_STRING *)X509_get_ext_d2i(cert, NID_netscape_cert_type, NULL, NULL);
if (u) {
if (ASN1_BIT_STRING_get_bit(u,0)) XPUSHs(sv_2mortal(newSVpv("client",0)));
if (ASN1_BIT_STRING_get_bit(u,1)) XPUSHs(sv_2mortal(newSVpv("server",0)));
if (ASN1_BIT_STRING_get_bit(u,2)) XPUSHs(sv_2mortal(newSVpv("email",0)));
if (ASN1_BIT_STRING_get_bit(u,3)) XPUSHs(sv_2mortal(newSVpv("objsign",0)));
if (ASN1_BIT_STRING_get_bit(u,4)) XPUSHs(sv_2mortal(newSVpv("reserved",0)));
if (ASN1_BIT_STRING_get_bit(u,5)) XPUSHs(sv_2mortal(newSVpv("sslCA",0)));
if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("emailCA",0)));
if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("objCA",0)));
long
ASN1_INTEGER_get(ASN1_INTEGER *a)
void
P_ASN1_INTEGER_set_hex(i,str)
ASN1_INTEGER * i
char * str
INIT:
BIGNUM *bn;
int rv = 1;
PPCODE:
bn = BN_new();
if (!BN_hex2bn(&bn, str)) XSRETURN_IV(0);
if (!BN_to_ASN1_INTEGER(bn, i)) rv = 0;
BN_free(bn);
XSRETURN_IV(rv);
void
P_ASN1_INTEGER_set_dec(i,str)
ASN1_INTEGER * i
char * str
INIT:
BIGNUM *bn;
int rv = 1;
PPCODE:
bn = BN_new();
if (!BN_dec2bn(&bn, str)) XSRETURN_IV(0);
if (!BN_to_ASN1_INTEGER(bn, i)) rv = 0;
BN_free(bn);
XSRETURN_IV(rv);
void
P_ASN1_INTEGER_get_hex(i)
ASN1_INTEGER * i
INIT:
BIGNUM *bn;
char *result;
PPCODE:
bn = BN_new();
if (!bn) XSRETURN_UNDEF;
ASN1_INTEGER_to_BN(i, bn);
result = BN_bn2hex(bn);
BN_free(bn);
if (!result) XSRETURN_UNDEF;
XPUSHs(sv_2mortal(newSVpv((const char*)result, strlen(result))));
OPENSSL_free(result);
void
P_ASN1_INTEGER_get_dec(i)
ASN1_INTEGER * i
INIT:
BIGNUM *bn;
char *result;
PPCODE:
bn = BN_new();
if (!bn) XSRETURN_UNDEF;
ASN1_INTEGER_to_BN(i, bn);
result = BN_bn2dec(bn);
BN_free(bn);
if (!result) XSRETURN_UNDEF;
XPUSHs(sv_2mortal(newSVpv((const char*)result, strlen(result))));
OPENSSL_free(result);
void
P_ASN1_STRING_get(s,utf8_decode=0)
ASN1_STRING * s
int utf8_decode
PREINIT:
SV * u8;
PPCODE:
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
u8 = newSVpv((const char*)ASN1_STRING_get0_data(s), ASN1_STRING_length(s));
#else
u8 = newSVpv((const char*)ASN1_STRING_data(s), ASN1_STRING_length(s));
#endif
if (utf8_decode) sv_utf8_decode(u8);
XPUSHs(sv_2mortal(u8));
#if (OPENSSL_VERSION_NUMBER >= 0x1010000f && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
int load_chain
char *password
PREINIT:
PKCS12 *p12;
EVP_PKEY *private_key = NULL;
X509 *certificate = NULL;
STACK_OF(X509) *cachain = NULL;
X509 *x;
BIO *bio;
int i, result;
PPCODE:
bio = BIO_new_file(file, "rb");
if (bio) {
OPENSSL_add_all_algorithms_noconf();
if ((p12 = d2i_PKCS12_bio(bio, NULL))) {
if(load_chain)
result= PKCS12_parse(p12, password, &private_key, &certificate, &cachain);
else
result= PKCS12_parse(p12, password, &private_key, &certificate, NULL);
if (result) {
if (private_key)
SSL_check_private_key(ctx)
SSL * ctx
# /* buf and size were required with Net::SSLeay 1.88 and earlier. */
# /* With OpenSSL 0.9.8l and older compile can warn about discarded const. */
void
SSL_CIPHER_description(const SSL_CIPHER *cipher, char *unused_buf=NULL, int unused_size=0)
PREINIT:
char *description;
char buf[512];
PPCODE:
description = SSL_CIPHER_description(cipher, buf, sizeof(buf));
if(description == NULL) {
XSRETURN_EMPTY;
}
XPUSHs(sv_2mortal(newSVpv(description, 0)));
const char *
SSL_CIPHER_get_name(const SSL_CIPHER *c)
int
if (outlen == 0) XSRETURN_PV("");
ST(0) = sv_newmortal();
sv_setpvn(ST(0), (const char *)out, (STRLEN)outlen);
void
SSL_client_hello_get1_extensions_present(SSL *s)
PREINIT:
int ret, *out = NULL, i;
size_t outlen;
AV *av;
PPCODE:
ret = SSL_client_hello_get1_extensions_present(s, &out, &outlen);
if (ret != 1) XSRETURN_UNDEF;
av = newAV();
mXPUSHs(newRV_noinc((SV*)av));
for (i=0; i < outlen; i++) {
av_push(av, newSViv(*(out + i)));
}
OPENSSL_free(out);
#if OPENSSL_VERSION_NUMBER >= 0x30200000L && !defined(LIBRESSL_VERSION_NUMBER)
void
SSL_client_hello_get_extension_order(SSL *s)
PREINIT:
int ret, i;
uint16_t *exts;
size_t num_exts;
AV *av;
PPCODE:
ret = SSL_client_hello_get_extension_order(s, NULL, &num_exts);
if (ret != 1) XSRETURN_UNDEF;
Newx(exts, num_exts, uint16_t);
ret = SSL_client_hello_get_extension_order(s, exts, &num_exts);
if (ret != 1) {
Safefree(exts);
XSRETURN_UNDEF;
}
void
RSA_get_key_parameters(rsa)
RSA * rsa
PREINIT:
#if (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x1010000fL)) || (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL))
const BIGNUM *n, *e, *d;
const BIGNUM *p, *q;
const BIGNUM *dmp1, *dmq1, *iqmp;
#endif
PPCODE:
{
#if (!defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x1010000fL)) || (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL))
RSA_get0_key(rsa, &n, &e, &d);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
/* Caution: returned list consists of SV pointers to BIGNUMs, which would need to be blessed as Crypt::OpenSSL::Bignum for further use */
XPUSHs(bn2sv(n));
XPUSHs(bn2sv(e));
XPUSHs(bn2sv(d));
XPUSHs(bn2sv(p));
ASN1_OBJECT *a
ASN1_OBJECT *b
void
X509_pubkey_digest(data,type)
const X509 *data
const EVP_MD *type
PREINIT:
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
PPCODE:
if (X509_pubkey_digest(data,type,md,&md_size))
XSRETURN_PVN((char *)md, md_size);
else
XSRETURN_UNDEF;
void
X509_digest(data,type)
const X509 *data
const EVP_MD *type
PREINIT:
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
PPCODE:
if (X509_digest(data,type,md,&md_size))
XSRETURN_PVN((char *)md, md_size);
XSRETURN_UNDEF;
void
X509_CRL_digest(data,type)
const X509_CRL *data
const EVP_MD *type
PREINIT:
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
PPCODE:
if (X509_CRL_digest(data,type,md,&md_size))
XSRETURN_PVN((char *)md, md_size);
XSRETURN_UNDEF;
void
X509_REQ_digest(data,type)
const X509_REQ *data
const EVP_MD *type
PREINIT:
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
PPCODE:
if (X509_REQ_digest(data,type,md,&md_size))
XSRETURN_PVN((char *)md, md_size);
XSRETURN_UNDEF;
void
X509_NAME_digest(data,type)
const X509_NAME *data
const EVP_MD *type
PREINIT:
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
PPCODE:
if (X509_NAME_digest(data,type,md,&md_size))
XSRETURN_PVN((char *)md, md_size);
XSRETURN_UNDEF;
unsigned long
X509_subject_name_hash(X509 *x)
unsigned long
X509_issuer_name_hash(X509 *a)
OUTPUT:
RETVAL
void
X509_get_X509_PUBKEY(x)
const X509 *x
PREINIT:
X509_PUBKEY *pkey;
STRLEN len;
unsigned char *pc, *pi;
PPCODE:
if (!(pkey = X509_get_X509_PUBKEY(x))) croak("invalid certificate");
if (!(len = i2d_X509_PUBKEY(pkey, NULL))) croak("invalid certificate public key");
Newx(pc,len,unsigned char);
if (!pc) croak("out of memory");
pi = pc;
i2d_X509_PUBKEY(pkey, &pi);
if (pi-pc != len) croak("invalid encoded length");
XPUSHs(sv_2mortal(newSVpv((char*)pc,len)));
Safefree(pc);
}
OUTPUT:
RETVAL
void
P_next_proto_negotiated(s)
const SSL *s
PREINIT:
const unsigned char *data;
unsigned int len;
PPCODE:
SSL_get0_next_proto_negotiated(s, &data, &len);
XPUSHs(sv_2mortal(newSVpv((char *)data, len)));
void
P_next_proto_last_status(s)
const SSL *s
PPCODE:
XPUSHs(sv_2mortal(newSVsv(cb_data_advanced_get((void*)s, "next_proto_select_cb!!last_status"))));
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#if !defined(OPENSSL_NO_TLSEXT)
int
SSL_set_tlsext_status_type(SSL *ssl,int cmd)
}
OUTPUT:
RETVAL
void
i2d_OCSP_RESPONSE(r)
OCSP_RESPONSE * r
PREINIT:
STRLEN len;
unsigned char *pc,*pi;
PPCODE:
if (!(len = i2d_OCSP_RESPONSE(r,NULL))) croak("invalid OCSP response");
Newx(pc,len,unsigned char);
if (!pc) croak("out of memory");
pi = pc;
i2d_OCSP_RESPONSE(r,&pi);
XPUSHs(sv_2mortal(newSVpv((char*)pc,len)));
Safefree(pc);
void
OCSP_RESPONSE_free(r)
}
OUTPUT:
RETVAL
void
i2d_OCSP_REQUEST(r)
OCSP_REQUEST * r
PREINIT:
STRLEN len;
unsigned char *pc,*pi;
PPCODE:
if (!(len = i2d_OCSP_REQUEST(r,NULL))) croak("invalid OCSP request");
Newx(pc,len,unsigned char);
if (!pc) croak("out of memory");
pi = pc;
i2d_OCSP_REQUEST(r,&pi);
XPUSHs(sv_2mortal(newSVpv((char*)pc,len)));
Safefree(pc);
void
SSL *ssl
PREINIT:
SSL_CTX *ctx;
X509_STORE *store;
STACK_OF(X509) *chain;
X509 *cert,*issuer;
OCSP_CERTID *id;
int i;
STRLEN len;
unsigned char *pi;
PPCODE:
if (!ssl) croak("not a SSL object");
ctx = SSL_get_SSL_CTX(ssl);
if (!ctx) croak("invalid SSL object - no context");
store = SSL_CTX_get_cert_store(ctx);
chain = SSL_get_peer_cert_chain(ssl);
for(i=0;i<items-1;i++) {
cert = INT2PTR(X509*,SvIV(ST(i+1)));
if (X509_check_issued(cert,cert) == X509_V_OK)
void
OCSP_response_results(rsp,...)
OCSP_RESPONSE *rsp
PREINIT:
OCSP_BASICRESP *bsr;
int i,want_array;
time_t nextupd = 0;
time_t gmtoff = -1;
int getall,sksn;
PPCODE:
bsr = OCSP_response_get1_basic(rsp);
if (!bsr) croak("invalid OCSP response");
want_array = (GIMME_V == G_LIST);
getall = (items <= 1);
sksn = OCSP_resp_count(bsr);
for(i=0; i < (getall ? sksn : items-1); i++) {
const char *error = NULL;
OUTPUT:
RETVAL
void
P_alpn_selected(s)
const SSL *s
PREINIT:
const unsigned char *data;
unsigned int len;
PPCODE:
SSL_get0_alpn_selected(s, &data, &len);
XPUSHs(sv_2mortal(newSVpv((char *)data, len)));
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
void
SSL_export_keying_material(ssl, outlen, label, context=&PL_sv_undef)
SSL * ssl
SV * context
PREINIT:
unsigned char * out;
STRLEN llen;
STRLEN contextlen = 0;
char *context_arg = NULL;
int use_context = 0;
int ret;
INPUT:
char * label = SvPV( ST(2), llen);
PPCODE:
Newx(out, outlen, unsigned char);
if (context != &PL_sv_undef) {
use_context = 1;
context_arg = SvPV( ST(3), contextlen);
}
ret = SSL_export_keying_material(ssl, out, outlen, label, llen, (unsigned char*)context_arg, contextlen, use_context);
PUSHs(sv_2mortal(ret>0 ? newSVpvn((const char *)out, outlen) : newSV(0)));
EXTEND(SP, 1);
Safefree(out);
( run in 0.802 second using v1.01-cache-2.11-cpan-5511b514fd6 )