NAME
Net::BEEP::Lite::TLSProfile - A TLS tuning profile for Net::BEEP::Lite.
SYNOPSIS
use
Net::BEEP::Lite;
my
$c_session
= Net::BEEP::Lite::beep_connect(
Host
=> localhost,
Port
=> 12345) ||
die
"could not connect to beep peer: $!"
;
if
(
$c_session
->has_remote_profile(
$Net::BEEP::Lite::TLSProfile::URI
)) {
my
$tls_profile
= new Net::BEEP::Lite::TLSProfile(
SSL_verify_mode
=> 0x01);
$tls_profile
->start_TLS(
$c_session
) ||
die
"could not establish TLS"
;
"peer certificate info: "
,
$session
->{peer_certificate},
"\n"
;
}
---
use
Net::BEEP::Lite;
my
$other_profile
= ...;
my
$tls_profile
= Net::BEEP::Lite::TLSProfile
(
Server
=> 1,
Callback
=>
sub
{
my
$session
=
shift
;
$session
->add_local_profile(
$other_profile
); },
SSL_cert_file
=>
'my_cert.pem'
,
SSL_key_file
=>
'my_key.pem'
,
SSL_ca_file
=>
'my_ca.pem'
,
SSL_passwd_db
=>
sub
{
"some-passwd"
});
Net::BEEP::Lite::beep_listen(
Port
=> 12345,
Method
=>
'fork'
,
Profiles
=> [
$tls_profile
]);
ABSTRACT
<Net::BEEP::Lite::TLSProfile> is a TLS profile for BEEP as defined by RFC 3080 for use with the Net::BEEP::Lite
module.
DESCRIPTION
This is a TLS profile for BEEP as defined by RFC 3080 for use with the Net::BEEP::Lite
module. It can be use for both the initiator and listener roles. This module relies heavily on the IO::Socket::SSL
module for the TLS implementation.
CONSTRUCTOR
- new( ARGS )
-
This is the main constructor. It takes a named parameter lists as its argument. See the
initialize
method of a list of valid parameters. It also takes the named parameters ofNet::BEEP::Lite::BaseProfile
.
METHODS
- initialize( ARGS )
-
Initialze this profile. This is generally called by the constructor. It takes the following named parameters:
- Server
-
Set this to true when this profile is being used by a BEEP peer in the Listener role. This will tell the underlying TLS negotation that it is the server. If this isn't set correctly, the TLS negotiation will fail.
- Callback
-
If this is set to a sub reference, this subroutine will be called upon a successful TLS negotiation. It will be passed a reference to the session as its first and only argument. For example, this might be used to change the local profiles offered.
- SSL_*
-
These are parameters that are understood by
IO::Socket::SSL::new
. You will probably want to use a few of them: SSL_cert_file, SSL_key_file, and SSL_verify_mode are typical.
- start_TLS($session)
-
This is the main routine for the client side. This will initiate a request for TLS. It will return undef if it failed, setting $errstr, true if it succeeded. The peer certificate info will be placed in $session->{peer_certificate}.
SEE ALSO
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 444:
=over without closing =back