Name
SPVM::IO::Socket::SSL - Sockets for SSL Communication.
Description
This class is highly experimental and not yet implemented completly and not tested well and not yet documented.
IO::Socket::SSL class in SPVM represents sockets for SSL communication.
Usage
use IO::Socket::SSL;
# Client
my $host = "www.google.com";
my $port = 443;
my $socket = IO::Socket::SSL->new({PeerAddr => $host, PeerPort => $port});
my $write_buffer = "GET / HTTP/1.0\r\nHost: $host\r\n\r\n";
$socket->write($write_buffer);
my $read_buffer = (mutable string)new_string_len 100000;
while (1) {
my $read_length = $socket->read($read_buffer);
if ($read_length < 0) {
die "Read error";
}
if ($read_length < length $read_buffer) {
last;
}
}
# Server
my $server_socket = IO::Socket::SSL->new({
Listen => 10,
});
$server_socket->accept;Super Class
Fields
ssl_ctx
has ssl_ctx : ro Net::SSLeay::SSL_CTX;
A Net::SSLeay::SSL_CTX object.
ssl
has ssl : ro Net::SSLeay;
A Net::SSLeay object. This object is set after "connect_SSL" method or "accept_SSL" method succeeds.
before_connect_SSL_cbs_list
has before_connect_SSL_cbs_list : ro List of IO::Socket::SSL::Callback::BeforeConnectSSL;
before_accept_SSL_cbs_list
has before_accept_SSL_cbs_list : ro List of IO::Socket::SSL::Callback::BeforeAcceptSSL;
SSL_verify_mode
has SSL_verify_mode : int;
SSL_verify_callback
has SSL_verify_callback : Net::SSLeay::Callback::Verify;
SSL_hostname
has SSL_hostname : string;
SSL_cipher_list
has SSL_cipher_list : string;
SSL_ciphersuites
has SSL_ciphersuites : string;
SSL_check_crl
has SSL_check_crl : int;
SSL_crl_file
has SSL_crl_file : string;
SSL_server
has SSL_server : int;
SSL_server_specified
has SSL_server_specified : int;
SSL_alpn_protocols
has SSL_alpn_protocols : string[];
SSL_startHandshake
has SSL_startHandshake : int;
SSL_honor_cipher_order
has SSL_honor_cipher_order : int;
SSL_ca_file
has SSL_ca_file : string;
SSL_ca_path
has SSL_ca_path : string;
SSL_ca
has SSL_ca : Net::SSLeay::X509[];
SSL_cert_file
has SSL_cert_file : string;
SSL_cert
has SSL_cert : Net::SSLeay::X509[];
SSL_key_file
has SSL_key_file : string;
SSL_key
has SSL_key : Net::SSLeay::EVP_PKEY;
Class Methods
new
static method new : IO::Socket::SSL ($options : object[] = undef);
Instance Methods
option_names
protected method option_names : string[] ();
init
protected method init : void ($options : object[] = undef);
Options:
SSL_verify_mode : Int
SSL_verify_callback : Net::SSLeay::Callback::Verify = undef
SSL_hostname : string
SSL_cipher_list : string
SSL_ciphersuites : string
SSL_check_crl : Int
SSL_crl_file : string
SSL_server : Int
SSL_alpn_protocols : string[]
SSL_startHandshake : Int = 1
SSL_honor_cipher_order : Int = 0;
SSL_ca_file : string = undef
SSL_ca_path : string = undef
SSL_ca : Net::SSLeay::X509[] = undef
SSL_cert_file : string = undef
SSL_cert : Net::SSLeay::X509[] = undef
SSL_key_file : string = undef
SSL_key : Net::SSLeay::EVP_PKEY = undef
configure
protected method configure : void ();
configure_SSL
protected method configure_SSL : void ();
connect_SSL
method connect_SSL : void ();
accept_SSL
method accept_SSL : void ();
accept
method accept : IO::Socket::SSL ($peer_ref : Sys::Socket::Sockaddr[] = undef);
read
method read : int ($buffer : mutable string, $length : int = -1, $offset : int = 0);
write
method write : int ($buffer : string, $length : int = -1, $offset : int = 0);
shutdown_SSL
method shutdown_SSL : int ();
close
method close : void ();
dump_peer_certificate
method dump_peer_certificate : string ();
Calls Net::SSLeay#dump_peer_certificate method given the value of "ssl" field, and returns its return value.
Exceptions:
Exceptions thrown by Net::SSLeay#dump_peer_certificate method could be thrown.
alpn_selected
method alpn_selected : string ();
Calls Net::SSLeay#get0_alpn_selected method given appropriate arguments, converts the value of output argument to a string of appropriate length, and retunrs it.
get_sslversion
method get_sslversion : string ();
Returns the same output of Perl's IO::Socket::SSL method.
Exceptions:
If the version number is unknown, an exception is thrown.
get_sslversion_int
method get_sslversion_int : int ();
Calls Net::SSLeay#version method given the value of "ssl" field, and returns its return value.
get_cipher
method get_cipher : string ();
Calls Net::SSLeay#get_cipher method given the value of "ssl" field, and returns its return value.
Exceptions:
Exceptions thrown by Net::SSLeay#get_cipher method could be thrown.
get_servername
method get_servername : string ();
Calls Net::SSLeay#get_servername method given the value of "ssl" field, the value of TLSEXT_NAMETYPE_host_name, and returns its return value.
Exceptions:
Exceptions thrown by Net::SSLeay#get_servername method could be thrown.
peer_certificate
method peer_certificate : Net::SSLeay::X509 ();
Calls Net::SSLeay#get1_peer_certificate method given the value of "ssl" field, and returns its return value.
Exceptions:
Exceptions thrown by Net::SSLeay#get1_peer_certificate method could be thrown.
peer_certificates
method peer_certificates : Net::SSLeay::X509[];
Returns the same output of Perl's IO::Socket::SSL method.
sock_certificate
method sock_certificate : Net::SSLeay::X509 ();
Calls Net::SSLeay#get_certificate method given the value of "ssl" field, and returns its return value.
Exceptions:
Exceptions thrown by Net::SSLeay#get_certificate method could be thrown.
add_before_connect_SSL_cb
method add_before_connect_SSL_cb : void ($cb : IO::Socket::SSL::Callback::BeforeConnectSSL);
add_before_accept_SSL_cb
method add_before_accept_SSL_cb : void ($cb : IO::Socket::SSL::Callback::BeforeAcceptSSL);
stat
method stat : Sys::IO::Stat ();
This method is not supported in IO::Socket::SSL.
Exceptions:
An exception is thrown.
send
method send : int ($buffer : string, $flags : int = 0, $length : int = -1, $offset : int = 0);
This method is not supported in IO::Socket::SSL.
Exceptions:
An exception is thrown.
sendto
method sendto : int ($buffer : string, $flags : int, $to : Sys::Socket::Sockaddr, $length : int = -1, $offset : int = 0);
This method is not supported in IO::Socket::SSL.
Exceptions:
An exception is thrown.
recv
method recv : int ($buffer : mutable string, $length : int = -1, $flags : int = 0, $offset : int = 0);
This method is not supported in IO::Socket::SSL.
Exceptions:
An exception is thrown.
recvfrom
method recvfrom : int ($buffer : mutable string, $length : int, $flags : int, $from_ref : Sys::Socket::Sockaddr[], $offset : int = 0);
This method is not supported in IO::Socket::SSL.
Exceptions:
An exception is thrown.
FAQ
How to customize Net::SSLeay::SSL_CTX object?
Sets "SSL_startHandshake" option to 0, gets a Net::SSLeay::SSL_CTX object by "ssl_ctx" getter, customizes it, and calls "connect_SSL" method in a client or calls "accept_SSL" method.
Client:
use Net::SSLeay::Constant as SSL;
my $host = "www.google.com";
my $port = 443;
my $socket = IO::Socket::SSL->new({PeerAddr => $host, PeerPort => $port, SSL_startHandshake => 0});
my $ssl_ctx = $socket->ssl_ctx;
$ssl_ctx->set_min_proto_version(SSL->TLS1_1_VERSION);
$socket->connect_SSL;
my $ssl = $socket->ssl;Server:
use Net::SSLeay::Constant as SSL;
my $host = "www.google.com";
my $port = 443;
my $socket = IO::Socket::SSL->new({Listen => 1, SSL_startHandshake => 0});
my $ssl_ctx = $socket->ssl_ctx;
$ssl_ctx->set_min_proto_version(SSL->TLS1_1_VERSION);
my $accepted_socket = $socket->accept;
$accepted_socket->accept_SSL;How to create Net::SSLeay::X509 objects for SSL_ca option from the return value of Mozilla::CA#SSL_ca method?
use Mozilla::CA;
use Net::SSLeay::BIO;
use Net::SSLeay::PEM;
use List;
my $ca = Mozilla::CA->SSL_ca;
my $bio = Net::SSLeay::BIO->new;
$bio->write($ca);
my $x509s_list = List->new(new Net::SSLeay::X509[0]);
while (1) {
my $x509 = (Net::SSLeay::X509)undef;
eval { $x509 = Net::SSLeay::PEM->read_bio_X509($bio); }
if ($@) {
if (eval_error_id isa_error Net::SSLeay::Error::PEM_R_NO_START_LINE) {
last;
}
else {
die $@;
}
}
$x509s_list->push($x509);
}
my $x509s = (Net::SSLeay::X509[])$x509s_list->to_array;
my $SSL_ca_option = $x509x;See Also
Repository
SPVM::IO::Socket::SSL - Github
Author
Yuki Kimoto kimoto.yuki@gmail.com
Copyright & License
Copyright (c) 2024 Yuki Kimoto
MIT License