/usr/share/perl5/Net/SSLGlue/Socket.pm is in libnet-sslglue-perl 1.052-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 | package Net::SSLGlue::Socket;
our $VERSION = 1.001;
use strict;
use warnings;
use Carp 'croak';
use Symbol 'gensym';
use IO::Socket::SSL;
my $IPCLASS;
BEGIN {
for(qw(IO::Socket::IP IO::Socket::INET6 IO::Socket::INET)) {
$IPCLASS = $_,last if eval "require $_";
}
}
# this can be overwritten (with local) to get arguments passed around
# to strict calls of the socket class new
our %ARGS;
sub new {
my $class = shift;
my %args = @_>1 ? @_ : ( PeerAddr => shift() );
%args = ( %args, %ARGS );
my %sslargs;
for(keys %args) {
$sslargs{$_} = delete $args{$_} if m{^SSL_};
}
my $ssl = delete $args{SSL};
my $sock = $ssl
? IO::Socket::SSL->new(%args,%sslargs)
: $IPCLASS->new(%args)
or return;
my $self = gensym();
*$self = *$sock; # clone handle
bless $self,$class;
${*$self}{sock} = $sock;
${*$self}{ssl} = $ssl;
${*$self}{sslargs} = \%sslargs;
return $self;
}
for my $sub (qw(
fileno sysread syswrite close connect fcntl
read write readline print printf getc say eof getline getlines
blocking autoflush timeout
sockhost sockport peerhost peerport sockdomain
truncate stat setbuf setvbuf fdopen ungetc send recv
)) {
no strict 'refs';
*$sub = sub {
my $self = shift;
my $sock = ${*$self}{sock} or return;
my $sock_sub = $sock->can($sub) or croak("$sock does not support $sub");
unshift @_,$sock;
# warn "*** $sub called";
goto &$sock_sub;
};
}
sub accept {
my ($self,$class) = @_;
my $sock = ${*$self}{sock} or return;
my $conn = $sock->accept();
return bless $conn,$class
if $class && ! $class->isa('Net::SSLGlue::Socket');
$class ||= ref($self);
my $wrap = gensym;
*$wrap = *$conn; # clone original handle
bless $wrap, $class;
${*$wrap}{sock} = $conn;
${*$wrap}{ssl} = ${*$self}{ssl};
${*$wrap}{sslargs} = ${*$self}{sslargs};
return $wrap;
};
sub start_SSL {
my $self = shift;
croak("start_SSL called on SSL socket") if ${*$self}{ssl};
IO::Socket::SSL->start_SSL(${*$self}{sock},%{${*$self}{sslargs}},@_)
or return;
${*$self}{ssl} = 1;
return $self;
}
sub stop_SSL {
my $self = shift;
croak("stop_SSL called on plain socket") if ! ${*$self}{ssl};
${*$self}{sock}->stop_SSL(@_) or return;
${*$self}{ssl} = 0;
return $self;
}
sub can_read {
my ($self,$timeout) = @_;
return 1 if ${*$self}{ssl} && ${*$self}{sock}->pending;
vec( my $vec,fileno(${*$self}{sock}),1) = 1;
return select($vec,undef,undef,$timeout);
}
sub peer_certificate {
my $self = shift;
return ${*$self}{ssl} && ${*$self}{sock}->peer_certificate(@_);
}
sub is_ssl {
my $self = shift;
return ${*$self}{ssl} && ${*$self}{sock};
}
1;
=head1 NAME
Net::SSLGlue::Socket - socket which can be either SSL or plain IP (IPv4/IPv6)
=head1 SYNOPSIS
use Net::SSLGlue::Socket;
# SSL right from start
my $ssl = Net::SSLGlue::Socket->new(
PeerHost => ..., # IPv4|IPv6 address
PeerPort => ...,
SSL => 1,
SSL_ca_path => ...
);
# SSL through upgrade of plain connection
my $plain = Net::SSLGlue::Socket->new(...);
$plain->start_SSL( SSL_ca_path => ... );
...
$plain->stop_SSL
=head1 DESCRIPTION
L<Net::SSLGlue::Socket> implements a socket which can be either plain or SSL.
If IO::Socket::IP or IO::Socket::INET6 are installed it will also transparently
handle IPv6 connections.
A socket can be either start directly with SSL or it can be start plain and
later be upgraded to SSL (because of a STARTTLS commando or similar) and also
downgraded again.
It is possible but not recommended to use the socket in non-blocking
mode, because in this case special care must be taken with SSL (see
documentation of L<IO::Socket::SSL>).
Additionally to the usual socket methods the following methods are defined or
extended:
=head1 METHODS
=over 4
=item new
The method C<new> of L<Net::SSLGlue::Socket> can have the argument SSL. If this
is true the SSL upgrade will be done immediatly. If not set any SSL_* args will
still be saved and used at a later start_SSL call.
=item start_SSL
This will upgrade the plain socket to SSL. See L<IO::Socket::SSL> for
arguments to C<start_SSL>. Any SSL_* arguments given to new will be applied
here too.
=item stop_SSL
This will downgrade the socket from SSL to plain.
=item peer_certificate ...
Once the SSL connection is established you can use this method to get
information about the certificate. See the L<IO::Socket::SSL> documentation.
=item can_read(timeout)
This will check for available data. For a plain socket this will only use
C<select> to check the socket, but for SSL it will check if there are any
pending data before trying a select.
Because SSL needs to read the whole frame before decryption can be done, a
successful return of can_read is no guarantee that data can be read
immediatly, only that new data are either available or in the process of
arriving.
=back
=head1 SEE ALSO
IO::Socket::SSL
=head1 COPYRIGHT
This module is copyright (c) 2013, Steffen Ullrich.
All Rights Reserved.
This module is free software. It may be used, redistributed and/or modified
under the same terms as Perl itself.
|