********************************************************************** *** *** NOTE!! This SSLeay interface is already depreciated!!!! *** *** Eric Young is currently implementing his own version of the *** SSLeay modules for Perl. You should not really use this code, *** but instead wait for Eric's version. When it appears *** Crypt-SSLeay will go away. *** ********************************************************************** Crypt::SSLeay ------------- This is an Perl interface to the SSLeay library by Eric Young. SSLeay is a free implementation of Netscape's SSL protocol. You can get more information about SSLeay and SSL from these places: http://www.psy.uq.oz.au/~ftp/Crypto/ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/ http://www.netscape.com/newsref/std/SSL.html The modules in this package are meant to replace the Net::SSLeay module by Sampo Kellomaki which as far as I can see is not maintained any more. I have not been able to reach Sampo on his mail addresses. I changed the module name because I did not want to stay completely compatible with Sampo's interfaces. The main motivation for doing this is to improve the SSL support in libwww-perl. Using the old Net::SSLeay module LWP was able to talk to HTTPS servers, but you could not examine the ciphers used, the server certificates or use client certificates. The following modules are available: Crypt::SSLeay ------------- The Crypt::SSLeay module gives access to the SSLeay classes. The classes mirror the SSLeay C interface onto Perl OO. The interface to the SSLeay read/write functions are made similar to the interface of the sysread/syswrite Perl builtins. Another plan of mine was to not use integer constants but instead pass suitable strings as parameters to the API (where the C API use #define constants). Currently, none of the supported methods have needed this. The currently supported classes are: Crypt::SSLeay::CTX Crypt::SSLeay::Conn Crypt::SSLeay::X509 (The 'Conn' class is an invention of mine. It represents an SSL connection. The C API only use the 'SSL_' prefix for these functions.) Crypt::SSLeay::MainContext -------------------------- This module gives an easy (procedural) interface to a single instance of the Crypt::SSLeay::CTX class. The methods of the Crypt::SSLeay::CTX can be imported as plain functions. The state of the managed CTX object is also initialized from various environment variables (today only $ENV{SSL_CIPHER}). This CTX is used by default by the connections created as instances of the Net::SSL module. Net::SSL -------- The Net::SSL module is a IO::Socket::INET subclass that makes use of the SSL protocol mostly transparent (the getlines?, (un)?getc and accept methods are not implemented yet). This makes any network application based on IO::Socket::INET instantly SSL aware by just instantiating a Net::SSL object instead of a IO::Socket::INET object. Basically you can access a HTTPS server like this: require Net::SSL; $sock = Net::SSL->new(PeerAddr => "shop.sol.no", PeerPort => 443) || die "Can't connect"; # Who did we connect to (special Net::SSL methods)? print $sock->get_peer_certificate->subject_name, "\n"; print $sock->get_cipher, "\n"; # The normal HTTP protocol $sock->print("GET / HTTP/1.0\n\n"); while ($sock->read($buf, 1024)) { print $buf; } If you want to control the SSL context used you use the Crypt::SSLeay::MainContext module (or pass a reference to a Crypt::SSLeay::CTX object with the Net::SSL constructor.) INSTALLATION You must first install SSLeay-0.6.6. The Crypt::SSLeay module does not really work the the 0.8.X versions of SSLeay yet. Once this is accomplished you just perform the usual steps: perl Makefile.PL make make test make install COPYRIGHT © 1998 Gisle Aas. All rights reserved. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.