I'm calling it using exec and a lot of weird Unix specific pipeline stuff. I've posted just about all of my source code to this list in the past year or so, so you could probably get a lot of good stuff out of the archives.
Or I can send you some examples privately. Let me know.
Short example
=====
# Run a new forked process (which is passed as an anonymous subroutine)
# $pid = forkcode(sub{code});
# Returns zero if the fork failed # If return is nonzero then # The code passed is running in the child process # The return value is the process ID of the child
sub forkcode {
my $pid; # Process ID
my $childcode = $_[0]; # Code to run as child
while ( !defined($pid=fork) ) { # Retry until fork succeeds
if ($! !~ /No more process/) { # Under some conditions retry
return 0; # Return failure
}
sleep 5; # Delay between retries
}
if ($pid) { # If fork succeeded and parent
return $pid; # Return PID to parent
}
&$childcode; # If child then run child code
exit; # Bad children cannot return
}# Call OpenSSL to display a Certificate in text format
sub certtext {
my $cert = $_[0]; # Cert to be made readable my $openssl = $ENV{'UMCPCA_OPENSSL'}; # Location of OpenSSL binary
my $pid, $text; # Process ID and result string
pipe KIR,KIW; # kid (standard) in read/write
pipe KOR,KOW; # kid (standard) out read/write
if ( !($pid=forkcode(sub{ # Run code in forked process
close KIW; # Close parent's pipe end
close KOR; # Close parent's pipe end
open STDIN,'<&KIR'; # Bind standard input to pipe
open STDOUT,'>&KOW'; # Bind standard output to pipe
exec "$openssl x509 -noout -text"; # Do OpenSSL command
die "Could not EXEC OpenSSL (certtext): $!"; # NOT REACHED
})) ) {
htmlfail "Could not FORK (certtext): $!" ;
}
close KIR; # Close kid's pipe end
close KOW; # Close kid's pipe end
print KIW $cert; # Send data to kid
close KIW; # Make EOF
read KOR,$text,8192; # Read kid's standard output
waitpid($pid,0); # Wait for kid process
close KOR; # Close pipe from kid
return $text; # Return readable text to caller
}Chris Ochs wrote:
I've been debating in my head over the best way to call openssl from perl. So far, what I am doing is calling it with 'system' and writing/reading temporary files when there is no password involved, and opening it for writing via a pipe when a password is used and passing it the password via stdin. I've used this method before and it's actually pretty reliable in my own experience. Worst case I am not able to open a file for writing, or openssl outputs an empty file, but that's easy to check for.
Any thoughts?
-- Charles B. (Ben) Cranston mailto:[EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
