Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Use Net::SSLeay, how to read the encrypted ssl alert record.

by fwingx (Novice)
on Aug 14, 2013 at 15:00 UTC ( #1049430=perlquestion: print w/replies, xml ) Need Help??
fwingx has asked for the wisdom of the Perl Monks concerning the following question:

I try to use Net::SSLeay to make one SSL client. After the ssl connection was done successfully, if the server want to shutdown the ssl connection, it would send one encrypted ssl alert--close nodify.

My question is how to read this alert record in perl code?

use Net::SSLeay; use IO::Socket::INET; Net::SSLeay::initialize(); my $sock = IO::Socket::INET->new(PeerAddr=>'server_address:443') or d +ie; my $ctx = Net::SSLeay::CTX_new() or die; Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL); my $ssl = Net::SSLeay::new($ctx) or die; Net::SSLeay::set_fd($ssl, fileno($sock)) or die; Net::SSLeay::connect($ssl); # The SSL connection is setup. # Here, after some times, the server sent one close nodify # alert record to shutdown its direction of ssl connection. # How to check or read the alert record from the server?

Replies are listed 'Best First'.
Re: Use Net::SSLeay, how to read the encrypted ssl alert record.
by vsespb (Chaplain) on Aug 14, 2013 at 17:55 UTC
    Have you tried
    Low level API: ERR_* and SSL_alert_* related functions
    (found in the documentation)

      Have you?   :-/   The documentation that you refer-to here is frankly almost nonexistent:   the SSL_alert_ functions listed here show you how to extract bits of information from the alert record, but give no clue as to how one goes about getting one.

      It’s pretty obvious that this library is a “wrapper” for functionality described, more-or-just-barely, at, which also does not readily dish-up the answer.   So, if anyone here actually knows the answer, and can offer a snippet of working Perl code, I am sure that it would be well received in the spirit of what PerlMonks should be.

        The code
        print Net::SSLeay::alert_desc_string(0);
        simply returns 'CN' (close notify).
        Did OP tried that? Did he have some problem with this function? Did he mention it in original post? No.

        I have checked all the DESCRIPTION of Net::SSLeay, even check the code of the IO::Socket::SSL, that module used the Net::SSLeay to make ssl connection. But I can not find any help.

        The only clue is about set_info_callback function in Net::SSLeay. But the description is disillusionary:

        "Sets the callback function, that can be used to obtain state information for $ssl during connection setup and use. When callback is 0 (NULL), the callback setting currently valid for ctx is used. ??? (does this function really work?)"

        Net::SSLeay::set_info_callback($ssl, $cb); # $ssl - value corresponding to openssl's SSL structure # $cb - pointer to function ??? # # returns: no return value

        And I have a try, it seem that function can not work well in perl.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1049430]
Approved by vsespb
Front-paged by vsespb
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (1)
As of 2018-04-22 09:08 GMT
Find Nodes?
    Voting Booth?