[PATCH] AnyEvent::TLS and TLSv1.[12]

Marc Lehmann schmorp at schmorp.de
Fri Aug 30 22:58:45 CEST 2013


On Fri, Aug 30, 2013 at 04:36:07PM +0200, Maxime Soulé <btik-cpan at scoubidou.com> wrote:
> With the attached patch, it is now possible to handle specifically
> TLSv1.1 and TLSv1.2 protocols.

Looks good, except that these options require specific versions of
Net::SSLeay. Could you find out which version is required and add it to
the docs similar to e.g.t he check_crl option? I also wonder what could
be done if these protocols are requested but the underlying Net::SSLeay
or openssl don't support it - normally I'd do best effort, but with TLS,
that's not a good approach :)

Probably better, the code should be modified to die with an explanatory
message about Net::SSLeay or openssl being too old, depending on what
error message is currently generated.

> To avoid modifying AnyEvent::TLS each time a new protocol or option
> is available in Net::SSLeay, perhaps it could be a good thing to put
> the CTX creation and $op initialisation in a special class method, so
> we can inherit from AnyEvent::TLS and just redefine this method to
> add new options or new protocols?

You can already create and request the underlying ctx object so the first
is certainly possible until the underlying implementation changes, and I
don't know what "$op" is.

-- 
                The choice of a       Deliantra, the free code+content MORPG
      -----==-     _GNU_              http://www.deliantra.net
      ----==-- _       generation
      ---==---(_)__  __ ____  __      Marc Lehmann
      --==---/ / _ \/ // /\ \/ /      schmorp at schmorp.de
      -=====/_/_//_/\_,_/ /_/\_\



More information about the anyevent mailing list