**********************************************************************
***
***  NOTE!! This SSLeay interface is already depreciated!!!!
***
***  Eric Young is currently implementing his own version of the
***  SSLeay modules for Perl.  You should not really use this code,
***  but instead wait for Eric's version.  When it appears
***  Crypt-SSLeay will go away.
***
**********************************************************************



Crypt::SSLeay
-------------

This is an Perl interface to the SSLeay library by Eric Young.  SSLeay
is a free implementation of Netscape's SSL protocol.  You can get more
information about SSLeay and SSL from these places:

  http://www.psy.uq.oz.au/~ftp/Crypto/
  ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
  http://www.netscape.com/newsref/std/SSL.html

The modules in this package are meant to replace the Net::SSLeay
module by Sampo Kellomaki which as far as I can see is not maintained
any more.  I have not been able to reach Sampo on his mail addresses.
I changed the module name because I did not want to stay completely
compatible with Sampo's interfaces.

The main motivation for doing this is to improve the SSL support in
libwww-perl.  Using the old Net::SSLeay module LWP was able to talk to
HTTPS servers, but you could not examine the ciphers used, the
server certificates or use client certificates.


The following modules are available:


Crypt::SSLeay
-------------

The Crypt::SSLeay module gives access to the SSLeay classes.  The
classes mirror the SSLeay C interface onto Perl OO.  The interface to
the SSLeay read/write functions are made similar to the interface of
the sysread/syswrite Perl builtins.  Another plan of mine was to not
use integer constants but instead pass suitable strings as parameters
to the API (where the C API use #define constants).  Currently, none
of the supported methods have needed this.

The currently supported classes are:

   Crypt::SSLeay::CTX
   Crypt::SSLeay::Conn
   Crypt::SSLeay::X509

(The 'Conn' class is an invention of mine.  It represents an SSL
connection.  The C API only use the 'SSL_' prefix for these
functions.)


Crypt::SSLeay::MainContext
--------------------------

This module gives an easy (procedural) interface to a single instance
of the Crypt::SSLeay::CTX class.  The methods of the
Crypt::SSLeay::CTX can be imported as plain functions.  The state of
the managed CTX object is also initialized from various environment
variables (today only $ENV{SSL_CIPHER}).  This CTX is used by default
by the connections created as instances of the Net::SSL module.


Net::SSL
--------

The Net::SSL module is a IO::Socket::INET subclass that makes use of
the SSL protocol mostly transparent (the getlines?, (un)?getc and
accept methods are not implemented yet).  This makes any network
application based on IO::Socket::INET instantly SSL aware by just
instantiating a Net::SSL object instead of a IO::Socket::INET object.

Basically you can access a HTTPS server like this:

   require Net::SSL;
   $sock = Net::SSL->new(PeerAddr => "shop.sol.no",
	                 PeerPort => 443) || die "Can't connect";

   # Who did we connect to (special Net::SSL methods)?
   print $sock->get_peer_certificate->subject_name, "\n";
   print $sock->get_cipher, "\n";

   # The normal HTTP protocol
   $sock->print("GET / HTTP/1.0\n\n");
   while ($sock->read($buf, 1024)) {
	print $buf;
   }

If you want to control the SSL context used you use the
Crypt::SSLeay::MainContext module (or pass a reference to a
Crypt::SSLeay::CTX object with the Net::SSL constructor.)


INSTALLATION

You must first install SSLeay-0.6.6.  The Crypt::SSLeay module does
not really work the the 0.8.X versions of SSLeay yet.  Once this is
accomplished you just perform the usual steps:

   perl Makefile.PL
   make
   make test
   make install



COPYRIGHT

  © 1998 Gisle Aas. All rights reserved.

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.