**********************************************************************
***
*** NOTE!! This SSLeay interface is already depreciated!!!!
***
*** Eric Young is currently implementing his own version of the
*** SSLeay modules for Perl. You should not really use this code,
*** but instead wait for Eric's version. When it appears
*** Crypt-SSLeay will go away.
***
**********************************************************************
Crypt::SSLeay
-------------
This is an Perl interface to the SSLeay library by Eric Young. SSLeay
is a free implementation of Netscape's SSL protocol. You can get more
information about SSLeay and SSL from these places:
http://www.psy.uq.oz.au/~ftp/Crypto/
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
http://www.netscape.com/newsref/std/SSL.html
The modules in this package are meant to replace the Net::SSLeay
module by Sampo Kellomaki which as far as I can see is not maintained
any more. I have not been able to reach Sampo on his mail addresses.
I changed the module name because I did not want to stay completely
compatible with Sampo's interfaces.
The main motivation for doing this is to improve the SSL support in
libwww-perl. Using the old Net::SSLeay module LWP was able to talk to
HTTPS servers, but you could not examine the ciphers used, the
server certificates or use client certificates.
The following modules are available:
Crypt::SSLeay
-------------
The Crypt::SSLeay module gives access to the SSLeay classes. The
classes mirror the SSLeay C interface onto Perl OO. The interface to
the SSLeay read/write functions are made similar to the interface of
the sysread/syswrite Perl builtins. Another plan of mine was to not
use integer constants but instead pass suitable strings as parameters
to the API (where the C API use #define constants). Currently, none
of the supported methods have needed this.
The currently supported classes are:
Crypt::SSLeay::CTX
Crypt::SSLeay::Conn
Crypt::SSLeay::X509
(The 'Conn' class is an invention of mine. It represents an SSL
connection. The C API only use the 'SSL_' prefix for these
functions.)
Crypt::SSLeay::MainContext
--------------------------
This module gives an easy (procedural) interface to a single instance
of the Crypt::SSLeay::CTX class. The methods of the
Crypt::SSLeay::CTX can be imported as plain functions. The state of
the managed CTX object is also initialized from various environment
variables (today only $ENV{SSL_CIPHER}). This CTX is used by default
by the connections created as instances of the Net::SSL module.
Net::SSL
--------
The Net::SSL module is a IO::Socket::INET subclass that makes use of
the SSL protocol mostly transparent (the getlines?, (un)?getc and
accept methods are not implemented yet). This makes any network
application based on IO::Socket::INET instantly SSL aware by just
instantiating a Net::SSL object instead of a IO::Socket::INET object.
Basically you can access a HTTPS server like this:
require Net::SSL;
$sock = Net::SSL->new(PeerAddr => "shop.sol.no",
PeerPort => 443) || die "Can't connect";
# Who did we connect to (special Net::SSL methods)?
print $sock->get_peer_certificate->subject_name, "\n";
print $sock->get_cipher, "\n";
# The normal HTTP protocol
$sock->print("GET / HTTP/1.0\n\n");
while ($sock->read($buf, 1024)) {
print $buf;
}
If you want to control the SSL context used you use the
Crypt::SSLeay::MainContext module (or pass a reference to a
Crypt::SSLeay::CTX object with the Net::SSL constructor.)
INSTALLATION
You must first install SSLeay-0.6.6. The Crypt::SSLeay module does
not really work the the 0.8.X versions of SSLeay yet. Once this is
accomplished you just perform the usual steps:
perl Makefile.PL
make
make test
make install
COPYRIGHT
� 1998 Gisle Aas. All rights reserved.
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.
