On Wed, 11 May 2005, Michael Holzt wrote:
...I'm currently trying to hack TLS support for qpsmtpd. The idea is to use IO::Socket::TLS.
Because the current qpsmtpd implementation uses stdin and stdout for network communication i need to retransform stdin/stdout into an ssl-capable socket by using IO::Socket::SSL->new_from_fd.
Did you consider using just Net::SSLeay, as swak, does? You'd need to set it up a little differently, for a server connection, but it does look feasible.
Here's the code from swak:
...
sub start_tls {
my $s = shift;
$G::tls_res = undef; # shut up -wNet::SSLeay::load_error_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
Net::SSLeay::randomize();
$G::tls_con = Net::SSLeay::CTX_new() || return(0);
Net::SSLeay::CTX_set_options($G::tls_con, &Net::SSLeay::OP_ALL); # error check
$G::tls_ssl = Net::SSLeay::new($G::tls_con) || return(0);
Net::SSLeay::set_fd($G::tls_ssl, fileno($s)); # error check?
$G::tls_active = Net::SSLeay::connect($G::tls_ssl) == 1 ? 1 : 0;
$G::tls_res = Net::SSLeay::ERR_error_string(Net::SSLeay::ERR_get_error())
if (!$G::tls_active);
$G::tls_cipher = Net::SSLeay::get_cipher($G::tls_ssl);
return($G::tls_active); } ...
