UniEvent
view release on metacpan - search on metacpan
view release on metacpan or search on metacpan
clib/src/panda/unievent/SslContext.cc view on Meta::CPAN
auto ret = SslContext::attach(ctx);
int ok;
ok = SSL_CTX_use_certificate_file(ctx, cert_file.c_str(), SSL_FILETYPE_PEM);
if (!ok) return make_unexpected(make_ssl_error_code(SSL_ERROR_SSL));
ok = SSL_CTX_use_PrivateKey_file(ctx, key_file.c_str(), SSL_FILETYPE_PEM);
if (!ok) return make_unexpected(make_ssl_error_code(SSL_ERROR_SSL));
ok = SSL_CTX_check_private_key(ctx);
if (!ok) return make_unexpected(make_ssl_error_code(SSL_ERROR_SSL));
return ret;
}
}}
clib/src/panda/unievent/ssl/SslFilter.cc view on Meta::CPAN
WriteRequest* orig;
bool final;
SslWriteRequest (WriteRequest* req = nullptr) : WriteRequest(), orig(req), final() {}
};
using SslWriteRequestSP = iptr<SslWriteRequest>;
SslFilter::SslFilter (Stream* stream, const SslContext &context, const SslFilterSP& server_filter)
: StreamFilter(stream, TYPE, PRIORITY), state(State::initial), profile(Profile::UNKNOWN), server_filter(server_filter)
{
panda_log_ctor();
if (stream->listening() && !SSL_CTX_check_private_key(context)) throw Error("SSL certificate&key needed to listen()");
#ifdef RENEGOTIATION_DISABLED
SSL_CTX_set_options(context, SSL_OP_NO_RENEGOTIATION);
#endif
init(context);
}
SslFilter::SslFilter (Stream* stream, const SSL_METHOD* method) : SslFilter(stream, ssl_ctx_from_method(method)) {
}
SslFilter::~SslFilter () {
clib/tests/tcp/ssl.cc view on Meta::CPAN
err = SSL_CTX_load_verify_locations(ctx, ca.c_str(), nullptr);
assert(err);
err = SSL_CTX_use_certificate_file(ctx, cert.c_str(), SSL_FILETYPE_PEM);
assert(err);
err = SSL_CTX_use_PrivateKey_file(ctx, key.c_str(), SSL_FILETYPE_PEM);
assert(err);
SSL_CTX_check_private_key(ctx);
assert(err);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, nullptr);
SSL_CTX_set_verify_depth(ctx, 4);
return r;
}
static SslContext get_server_context(string ca_name) {
auto ctx = SSL_CTX_new(SSLv23_server_method());
lib/UniEvent/Stream.pod view on Meta::CPAN
$client->use_ssl;
$client->connect($host, $port);
...
For servers, SSL must be enabled on listening stream, not on individual connection streams. The same SSL context will be used for accepted streams.
my $server = UE::Tcp->new;
my $ssl_ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_use_certificate_file($ssl_ctx, "ca.pem", &Net::SSLeay::FILETYPE_PEM) or die;
Net::SSLeay::CTX_use_PrivateKey_file($ssl_ctx, "ca.key", &Net::SSLeay::FILETYPE_PEM) or die;
Net::SSLeay::CTX_check_private_key($ssl_ctx) or die;
$server->use_ssl($ssl_ctx);
$server->bind(...);
$server->listen;
Enabling or disabling (see C<no_ssl()>) SSL can only be done in certain moments:
=over
=item
misc/sslserv.plx view on Meta::CPAN
my $server = new UniEvent::TCP();
$server->bind("*", $port);
$server->listen(128, \&new_connection);
my $ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_set_verify($ctx, Net::SSLeay::VERIFY_PEER(), sub {
say "VERIFY CALLBACK";
});
Net::SSLeay::CTX_use_certificate_file($ctx, "cppTests/cert.pem", &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_use_PrivateKey_file($ctx, "cppTests/key.pem", &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_check_private_key($ctx) or sslerr();
$server->use_ssl($ctx);
say "ENTERING LOOP";
$d->run;
say "LOOP DONE";
sub new_connection {
my ($server, $err) = @_;
say "new_connection";
say $err if $err;
t/lib/MyTest.pm view on Meta::CPAN
} else {
return var "pipe_$_[0]";
}
}
sub get_ssl_ctx {
my $SERV_CERT = "t/cert/ca.pem";
my $serv_ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_use_certificate_file($serv_ctx, $SERV_CERT, &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_use_PrivateKey_file($serv_ctx, "t/cert/ca.key", &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_check_private_key($serv_ctx) or die Net::SSLeay::ERR_error_string(Net::SSLeay::ERR_get_error);
return $serv_ctx unless wantarray();
my $client_ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_load_verify_locations($client_ctx, $SERV_CERT, '') or die "something went wrong";
return ($serv_ctx, $client_ctx);
}
sub make_basic_server {
my ($loop, $sa) = @_;
t/tcp/ssl.t view on Meta::CPAN
use MyTest;
use Net::SockAddr;
use Net::SSLeay;
test_catch '[tcp-ssl]';
my $SERV_CERT = "t/cert/ca.pem";
my $serv_ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_use_certificate_file($serv_ctx, $SERV_CERT, &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_use_PrivateKey_file($serv_ctx, "t/cert/ca.key", &Net::SSLeay::FILETYPE_PEM) or sslerr();
Net::SSLeay::CTX_check_private_key($serv_ctx) or sslerr();
my $client_ctx = Net::SSLeay::CTX_new();
Net::SSLeay::CTX_load_verify_locations($client_ctx, $SERV_CERT, '') or die "something went wrong";
subtest 'ssl doesnt emit empty messages' => sub {
my $srv = new UE::Tcp;
$srv->use_ssl($serv_ctx);
$srv->bind_addr(SOCKADDR_LOOPBACK);
$srv->listen;
view all matches for this distributionview release on metacpan - search on metacpan
( run in 0.886 second using v1.00-cache-2.02-grep-82fe00e-cpan-f73e49a70403 )