1POE::Component::SSLify(U3s)er Contributed Perl DocumentatPiOoEn::Component::SSLify(3)
2
3
4

NAME

6       POE::Component::SSLify - Makes using SSL in the world of POE easy!
7

SYNOPSIS

9   Client-side usage
10               # Import the module
11               use POE::Component::SSLify qw( Client_SSLify );
12
13               # Create a normal SocketFactory wheel or something
14               my $factory = POE::Wheel::SocketFactory->new( ... );
15
16               # Converts the socket into a SSL socket POE can communicate with
17               eval { $socket = Client_SSLify( $socket ) };
18               if ( $@ ) {
19                       # Unable to SSLify it...
20               }
21
22               # Now, hand it off to ReadWrite
23               my $rw = POE::Wheel::ReadWrite->new(
24                       Handle  =>      $socket,
25                       ...
26               );
27
28               # Use it as you wish...
29
30   Server-side usage
31               # !!! Make sure you have a public key + certificate generated via Net::SSLeay's makecert.pl
32               # excellent howto: http://www.akadia.com/services/ssh_test_certificate.html
33
34               # Import the module
35               use POE::Component::SSLify qw( Server_SSLify SSLify_Options );
36
37               # Set the key + certificate file
38               eval { SSLify_Options( 'server.key', 'server.crt' ) };
39               if ( $@ ) {
40                       # Unable to load key or certificate file...
41               }
42
43               # Create a normal SocketFactory wheel or something
44               my $factory = POE::Wheel::SocketFactory->new( ... );
45
46               # Converts the socket into a SSL socket POE can communicate with
47               eval { $socket = Server_SSLify( $socket ) };
48               if ( $@ ) {
49                       # Unable to SSLify it...
50               }
51
52               # Now, hand it off to ReadWrite
53               my $rw = POE::Wheel::ReadWrite->new(
54                       Handle  =>      $socket,
55                       ...
56               );
57
58               # Use it as you wish...
59

ABSTRACT

61               Makes SSL use in POE a breeze!
62

DESCRIPTION

64       This component represents the standard way to do SSL in POE.
65

NOTES

67   Socket methods doesn't work
68       The new socket this module gives you actually is some tied socket
69       magic, so you cannot do stuff like getpeername() or getsockname(). The
70       only way to do it is to use SSLify_GetSocket and then operate on the
71       socket it returns.
72
73   Dying everywhere...
74       This module will die() if Net::SSLeay could not be loaded or it is not
75       the version we want. So, it is recommended that you check for errors
76       and not use SSL, like so:
77
78               eval { use POE::Component::SSLify };
79               if ( $@ ) {
80                       $sslavailable = 0;
81               } else {
82                       $sslavailable = 1;
83               }
84
85               # Make socket SSL!
86               if ( $sslavailable ) {
87                       eval { $socket = POE::Component::SSLify::Client_SSLify( $socket ) };
88                       if ( $@ ) {
89                               # Unable to SSLify the socket...
90                       }
91               }
92
93   Mixing Server/Client in the same program
94               Some users have reported success, others failure when they tried to utilize SSLify in both roles. This
95               would require more investigation, so please tread carefully if you need to use it!
96
97   Blocking mode
98               Normally, Net::SSLeay requires the socket to be in blocking mode for the initial handshake to work. However,
99               various users ( especially ASCENT, thanks! ) have reported success in setting nonblocking mode for clients.
100
101               In order to enable nonblocking mode, you need to set the subroutine "NONBLOCKING" to a true value in this
102               package.
103
104                       sub POE::Component::SSLify::NONBLOCKING { 1 }
105                       use POE::Component::SSLify;
106
107               This is a global, and an EXPERIMENTAL feature! Please, pretty please report back to me your experience with
108               this. Hopefully someday SSLify will be fully nonblocking, thanks to your help!
109

FUNCTIONS

111   Client_SSLify
112               Accepts a socket, returns a brand new socket SSLified. Optionally accepts SSL
113               context data.
114                       my $socket = shift;                                             # get the socket from somewhere
115                       $socket = Client_SSLify( $socket );                             # the default
116                       $socket = Client_SSLify( $socket, $version, $options );         # sets more options for the context
117                       $socket = Client_SSLify( $socket, undef, undef, $ctx );         # pass in a custom context
118
119               If $ctx is defined, SSLify will ignore other args. If $ctx isn't defined, SSLify
120               will create it from the $version + $options parameters.
121
122               Known versions:
123                       * sslv2
124                       * sslv3
125                       * tlsv1
126                       * default
127
128               By default we use the version: default
129
130               By default we don't set any options
131
132               NOTE: The way to have a client socket with proper certificates set up is:
133                       my $socket = shift;     # get the socket from somewhere
134                       my $ctx = SSLify_ContextCreate( 'server.key', 'server.crt' );
135                       $socket = Client_SSLify( $socket, undef, undef, $ctx );
136
137               BEWARE: If you passed in a CTX, SSLify will do Net::SSLeay::CTX_free( $ctx ) when the
138               socket is destroyed. This means you cannot reuse contexts!
139
140   Server_SSLify
141               Accepts a socket, returns a brand new socket SSLified
142                       my $socket = shift;     # get the socket from somewhere
143                       $socket = Server_SSLify( $socket );
144
145               NOTE: SSLify_Options must be set first!
146
147               Furthermore, you can pass in your own $ctx object if you desire. This allows you to set custom parameters
148               per-connection, for example.
149                       my $socket = shift;     # get the socket from somewhere
150                       my $ctx = Net::SSLeay::CTX_new();
151                       # set various options on $ctx as desired
152                       $socket = Server_SSLify( $socket, $ctx );
153
154               NOTE: You can use SSLify_GetCTX to modify the global, and avoid doing this on every connection if the
155               options are the same...
156
157   SSLify_Options
158               Accepts the location of the SSL key + certificate files and does it's job
159
160               Optionally accepts the SSL version + CTX options
161                       SSLify_Options( $key, $cert, $version, $options );
162
163               Known versions:
164                       * sslv2
165                       * sslv3
166                       * tlsv1
167                       * default
168
169               By default we use the version: default
170
171               By default we use the options: &Net::SSLeay::OP_ALL
172
173   SSLify_GetCTX
174               Returns the server-side CTX in case you wanted to play around with it :)
175
176               If passed in a socket, it will return that socket's $ctx instead of the global.
177                       my $ctx = SSLify_GetCTX();                      # get the one set via SSLify_Options
178                       my $ctx = SSLify_GetCTX( $sslified_sock );      # get the one in the object
179
180   SSLify_GetCipher
181               Returns the cipher used by the SSLified socket
182
183               Example:
184                       print "SSL Cipher is: " . SSLify_GetCipher( $sslified_sock ) . "\n";
185
186   SSLify_GetSocket
187               Returns the actual socket used by the SSLified socket, useful for stuff like getpeername()/getsockname()
188
189               Example:
190                       print "Remote IP is: " . inet_ntoa( ( unpack_sockaddr_in( getpeername( SSLify_GetSocket( $sslified_sock ) ) ) )[1] ) . "\n";
191
192   SSLify_ContextCreate
193               Accepts some options, and returns a brand-new SSL context object ( $ctx )
194                       my $ctx = SSLify_ContextCreate();
195                       my $ctx = SSLify_ContextCreate( $key, $cert );
196                       my $ctx = SSLify_ContextCreate( $key, $cert, $version, $options );
197
198               Known versions:
199                       * sslv2
200                       * sslv3
201                       * tlsv1
202                       * default
203
204               By default we use the version: default
205
206               By default we don't set any options
207
208               By default we don't use the SSL key + certificate files
209

EXPORT

211               Stuffs all of the above functions in @EXPORT_OK so you have to request them directly
212
213       head1 SUPPORT
214
215       You can find documentation for this module with the perldoc command.
216
217           perldoc POE::Component::SSLify
218
219   Websites
220       ·   AnnoCPAN: Annotated CPAN documentation
221
222           http://annocpan.org/dist/POE-Component-SSLify
223           <http://annocpan.org/dist/POE-Component-SSLify>
224
225       ·   CPAN Ratings
226
227           http://cpanratings.perl.org/d/POE-Component-SSLify
228           <http://cpanratings.perl.org/d/POE-Component-SSLify>
229
230       ·   RT: CPAN's request tracker
231
232           http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify
233           <http://rt.cpan.org/NoAuth/Bugs.html?Dist=POE-Component-SSLify>
234
235       ·   Search CPAN
236
237           http://search.cpan.org/dist/POE-Component-SSLify
238           <http://search.cpan.org/dist/POE-Component-SSLify>
239
240   Bugs
241       Please report any bugs or feature requests to "bug-poe-component-sslify
242       at rt.cpan.org", or through the web interface at
243       http://rt.cpan.org/NoAuth/ReportBug.html?Queue=POE-Component-SSLify
244       <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=POE-Component-SSLify>.
245       I will be notified, and then you'll automatically be notified of
246       progress on your bug as I make changes.
247

SEE ALSO

249       POE
250
251       Net::SSLeay
252

AUTHOR

254       Apocalypse <apocal@cpan.org>
255

PROPS

257               Original code is entirely Rocco Caputo ( Creator of POE ) -> I simply
258               packaged up the code into something everyone could use and accepted the burden
259               of maintaining it :)
260
261               From the PoCo::Client::HTTP code =]
262               # TODO - This code should probably become a POE::Kernel method,
263               # seeing as it's rather baroque and potentially useful in a number
264               # of places.
265

267       Copyright 2009 by Apocalypse/Rocco Caputo
268
269       This library is free software; you can redistribute it and/or modify it
270       under the same terms as Perl itself.
271
272
273
274perl v5.12.0                      2009-02-08         POE::Component::SSLify(3)
Impressum