in reply to Which module for SSL certificate access?

I think that there is a way to optimize this. I used Net::SSLeay::OO. I managed to get a server together and a client, but the client needs some more work. The server seems ok.
#!/usr/bin/perl
#server.pl

use strict;
use warnings;
use Net::SSLeay::OO::SSL;
use Net::SSLeay::OO::Context;
use Net::SSLeay::OO::X509;
use Net::SSLeay::OO::Constants qw(VERIFY_PEER);
use Socket qw(:DEFAULT :crlf);

print "This is Net::SSLeay $Net::SSLeay::VERSION\n";
$Net::SSLeay::trace = 3; 

my $port = shift || 8080;
my $proto = getprotobyname 'tcp';
socket(SERVER, PF_INET, SOCK_STREAM, $proto) 
or die "socket: $!";
setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, 1)
or die "setsock: $!";

my $paddr = sockaddr_in($port, INADDR_ANY);
bind(SERVER, $paddr) or die "bind: $!";
listen(SERVER, SOMAXCONN) or die "listen: $!";
print "Server started on port $port", "\n";

my $client_addr;
my $client_ip = 'localhost';
while ($client_addr = accept(CLIENT, SERVER))
{
my ($client_port, $client_ip) = sockaddr_in($client_addr);
my $client_ipnum = inet_ntoa($client_ip);
my $client_host  = gethostbyname($client_ip);
print "Hello, CLIENT";
close CLIENT;
}

my $ctx = Net::SSLeay::OO::Context->new;
$ctx->set_cipher_list('ALL'),
$ctx->set_verify(1);

my $ssl = Net::SSLeay::OO::SSL->new( ctx => $ctx );
my $cert = $ssl->get_peer_certificate; 
verify($ssl);

sub verify {
    use Net::SSLeay::OO::X509::Name;
    my ( $ok, $x509_cert ) = @_;
    my $name = $x509_cert->get_subject_name;
    print "$$: **** Verify called ($ok)\n";
    if ($x509_cert) {
        print "$$: Certificate:\n";
        print " Common name is: " . $name->cn . "\n";
        print " Subject Name: " . $x509_cert->get_subject_name->onelin
+e . "\n";
        print " Issuer Name: " . $x509_cert->get_issuer_name->oneline 
+. "\n";
        print " AltNames: " . $x509_cert->get_subjectAltNames->oneline
+ . "\n";
        print " notBefore: " . $x509_cert->get_notBefore($x509_cert)->
+oneline . "\n";
        print " notAfter: " . $x509_cert->get_notAfter($x509_cert)->on
+eline . "\n";
    }
    return 1;
}

[download]
And here's the client: 
#!/usr/bin/perl
#client.pl

use strict;
use warnings;
use Socket qw(:DEFAULT :crlf);

my $host = shift || 'localhost';
my $port = shift || 8080;

 my $proto = getprotobyname('tcp');


my $iaddr = inet_aton($host);
my $paddr = sockaddr_in($port, $iaddr);
socket(SOCKET, PF_INET, SOCK_STREAM, $proto)
or die "socket: $!";
 connect(SOCKET, $paddr) or die "connect: $!";

my $line;
if  ($line)
{
print $line;
}
close SOCKET or die "close: $!";

[download]

Replies are listed 'Best First'.
Re^2: Which module for SSL certificate access?
by WoodyWeaver (Monk) on Jun 25, 2010 at 18:01 UTC
    Thanks. This machine is a windows box, and I was using ActiveState for the above -- no problem, I also have a cygwin perl build. perl -MCPAN -e "install Net::SSLeay::OO" has lead me into a maze of twisty little packages -- openssl won't compile on me (a mess with fipscannister.o) which leaves me unable to take this approach. So you get good karma, but I'm still inelegant.

    I'm going to try to find another box with a real unix.
[reply]

In Section Seekers of Perl Wisdom