01-online_test.patch: * Refactored file name 't/online.enabled' into var. * Moved unlink() to 'touch' logic to have everything related to this task in single place. * Delete no-op: unless (defined $online_tests) { * Replace global $online_tests with lexical. * Removed needless '? 1 : 0' to have this line fit in 80 columns. * Replaced global filehandle ENABLED with lexical $tmp. * Replaced '|| die' with 'or die' which is generally more safe. 02-mxin_mxout_bugfix.patch: * Typo fix. 03-mxfiles.patch: * Added autogeneration of list with MatrixSSL object files to simplify upgrade to new MatrixSSL version (Linux only!). * Old version of object files list for MatrixSSL 1-1-5 and 1-7-3 moved to separate files (probably they should be deleted?). P.S. I don't sure is MY::postamble function needed - if not then it should be removed too. 04-headers.patch: * Updated matrixssl_win32_inline. Original code was written for MatrixSSL-1.2.5 which has single .h file: matrixSsl.h. Starting from version 1.7.3 MatrixSSL split matrixSsl.h into two files: matrixSsl.h and matrixCommon.h. Part of code which matrixssl_win32_inline fixes was left in matrixSsl.h, but another part of code was moved into matrixCommon.h. Also '#define SSLPUBLIC' was renamed to '#define MATRIXPUBLIC'. I've updated it to process both .h-files, and #include both .h-files in .xs. * Rewrite matrixssl_win32_inline documentation. * Deleted mxSsl.h. 05-xs_no_pod.patch: * Deleted all POD from .xs because: - this documentation out of date; - it isn't good place for such documentation in .xs; - I don't think we need duplicate of official .pdf in POD. 06-MAX_CHAIN_LENGTH.patch: * Increase MAX_CHAIN_LENGTH constant to allow usage of big package with root CA certificates (about 120 certificates). 07-export_const.patch: * All hardcoded constants replaced by real constants from .h-files, both in .pm and .xs! * All MatrixSSL functions exported into user's package. * All constants from .h-files wrapped in .xs into functions and then exported into read-only scalars into user's package in .pm. Constant names are equal to MatrixSSL original names, i.e. without prefix "mx". * Hash %mxSSL_ALERT_CODES replaced by two hashes %SSL_alertLevel and %SSL_alertDescription and these hashes also exported into user's package; constant 67/SSL_ALLOW_ANON_CONNECTION removed from hashes. * Exporter module replaced by custom import() function in .pm (because Exporter is bloated, ugly, unable to export read-only scalars and it's main feature "tags" isn't needed in this module). * Line if(flags!=0) {flags=SSL_FLAGS_SERVER;sessionId=0;} deleted from matrixSslNewSession() in .xs. It's user responsibility to use constant $SSL_FLAGS_SERVER and set $sessionId to 0. * Added standard test: t/00.load.t * Added test: t/export.t * Added test: t/export-const.t * Fixed test: t/Crypt-MatrixSSL.t to take advantage from exporting functions and constants. 08-export_const2.patch: * Refactored constants added in 07-export_const.patch using ExtUtils::Constant. 09-xs_cleanup.patch: * Small documentation typo fix in Makefile.PL. * Export new constant SSL_MAX_PLAINTEXT_LEN because user need to know maximum length of message in matrixSslEncode() to split his huge message into many matrixSslEncode() calls and avoid SSL_ERROR/SSL_FULL. * Now all public MatrixSSL functions supported - added these: matrixSslGetAnonStatus matrixSslAssignNewKeys matrixSslSetResumptionFlag matrixSslGetResumptionFlag * INCOMPATIBLE API CHANGES! Removed 'privPass' param from matrixSslReadKeysMem() to have it interface compatible with MatrixSSL documentation. * Added typemap to have perl support for MatrixSSL types ssl_t, sslKeys_t and sslSessionId_t. This make possible for perl/xsubpp to automatically generate _correct_ XS code for most functions without manual CODE: and OUTPUT: sections. * Delete CODE: and/or OUTPUT: sections for all functions which can be automatically generated now. * Renamed all function params to names used in MatrixSSL documentation: mxin -> in mxout -> out mxkeys -> keys session -> ssl etc... * Moved var declarations from CODE: to INIT: sections for ease reading. * Functions order in .xs slightly changed to correspond with their order in MatrixSSL .pdf documentation - to ease comparing .xs and .pdf. * Added new tests. ========================= === Unobvious changes === ========================= * Replaced hardcoded constants 18500 and 4100 for 'out' buffer size in matrixSslDecode() and matrixSslEncode*() functions to SSL_MAX_BUF_SIZE. >>> Probably SSL_MAX_RECORD_LEN should be used instead, but I'm not sure, >>> so I take SSL_MAX_BUF_SIZE which is 5 bytes larger... * Use static 'out' buffer in matrixSslDecode() and matrixSslEncode*() instead of dirty sv_setpvn/SvCUR_set/SvGROW hacks on SV*. * Removed all SvGROW() - AFAIK it isn't required and sv_{set,cat}pv*() will automatically grow SV* if needed. * Replaced sv_setpvn() with sv_setpvn_mg() to support more perl magic. >>> I'm not sure, but I suppose this required for things like >>> Data::Alias which often used in proxy applications with in/out >>> buffers. * INCOMPATIBLE CHANGES! Now matrixSslDecode() and matrixSslEncode*() functions will APPEND data into output buffer SV* instead of replacing it. This has sense for applications which use single output buffer both for sending data into socket and these functions. * matrixSslReadKeys: * Changed params type from SV* to char*. * Removed logic which replace empty string with NULL. * matrixSslReadKeysMem: * Removed logic which replace empty string with NULL. * matrixSslFreeKeys: * Do not set 'keys' param to 0 after calling matrixSslFreeKeys(). * matrixSslDeleteSession: * Do not set 'ssl' param to 0 after calling matrixSslDeleteSession(). * matrixSslDecode: * Changed 'error', 'alertLevel' and 'alertDescription' params type from SV* to unsigned char*. * Removed logic which initialize 'error', 'alertLevel' and 'alertDescription' to 0 before calling matrixSslDecode(). * Bugfix: 'error', 'alertLevel' and 'alertDescription' was incorrectly set as _signed_ values using sv_setiv() which them all _unsigned_. * Removed logic which silently "define" output SV*. * matrixSslEncode: * Removed dirty hack which "define" input buffer because SvPV() will make empty string from undef() automatically plus print warning. * Removed logic which silently "define" output SV*. * matrixSslSetSessionOption: * Removed logic which forced 'arg' to NULL because it was needed only as workaround wrong 'arg' type char* (which magically convert undef to empty string and print warning). * matrixSslSetCertValidator: * Bugfix: 'arg' type was int instead of void*. About these changes. I sure it's good idea to do minimum operations in XS level (unless XS used for rewriting some slow perl code in C, of course). Library wrappers like Crypt::MatrixSSL should stick to original library interface where possible - it somebody wanna make C library interface more 'cool and perlish' then it's much ease to do this in perl-level wrappers in optional Crypt/MatrixSSL/Easy.pm module. With this patch only difference from original MatrixSSL interface is in/out buffers in matrixSslEncode*() and matrixSslDecode() functions - everything else work exactly as described in MatrixSSL .pdf documentation. 1) Removed logic which replace empty string with NULL. >>> I've fixed XS so it will convert perl undef() into NULL and leave >>> defined strings as-is, i.e. empty perl string will be empty C string. >>> This happens not everythere, but only with params which CAN BE >>> NULL, according to MatrixSSL documentation. If user send undef() >>> as some other param, then he probably will see 'undefined' warning. 2) Do not set 'XXX' param to 0 after calling matrixSsl{Free,Delete}XXX(). >>> This changes original MatrixSSL interface and I don't see any >>> reason why this 'feature' needed. 3) Removed logic which initialize 'error', 'alertLevel' and 'alertDescription' to 0 before calling matrixSslDecode(). >>> To avoid senseless 'undefined' warning I convert undefined values >>> in these params into number 0, but if these params already defined >>> numbers they will not be touched. If MatrixSSL doesn't initialize >>> them, then this IS the MatrixSSL's interface! 4) Removed logic which silently "define" input/output SV* buffers. >>> This is sort of 'always use strict/warnings' idea. User shouldn't >>> use undefined input/output buffers, and if he using them then he >>> will see 'undefined' warnings, which is GOOD THING. P.S. In attach you'll see additional file 09-test_cert.tgz - it contains certificates which I've created for new tests (some of these certificates in binary format, so I can't include them inside .patch).