Condition Coverage

blib/lib/IO/Socket/SSL.pm

Criterion	Covered	Total	%
condition	307	575	53.3

and 2 conditions

line	l	!l	condition
1443	0	0	do { *$self }->{'_SSL_object'} && 1
1604	0	0	bless $socket, $original_class and return
2117	1	0	$check_partial_chain && 1
2861	166	90	($verify_cb \|\| @accept_fp) && sub { my($ok, $ctx_store) = @_; my($certname, $cert, $error, $depth); if ($ctx_store) { $cert = &Net::SSLeay::X509_STORE_CTX_get_current_cert($ctx_store); $error = &Net::SSLeay::X509_STORE_CTX_get_error($ctx_store); $depth = &Net::SSLeay::X509_STORE_CTX_get_error_depth($ctx_store); $certname = &Net::SSLeay::X509_NAME_oneline(scalar &Net::SSLeay::X509_get_issuer_name($cert)) . &Net::SSLeay::X509_NAME_oneline(scalar &Net::SSLeay::X509_get_subject_name($cert)); $error &&= &Net::SSLeay::ERR_error_string($error); }; DEBUG("ok=$ok [$depth] $certname") if $IO::Socket::SSL::DEBUG >= 3; $ok = &$verify_cb($ok, $ctx_store, $certname, $error, $cert, $depth) if $verify_cb; $ok = &$verify_fingerprint($ok, $cert, $depth) if $verify_fingerprint and $cert; return $ok; }

and 3 conditions

line	!l	l&&!r	l&&r	condition
89	0	0	80	defined &Net::SSLeay::P_next_proto_negotiated && !&Net::SSLeay::constant('LIBRESSL_VERSION_NUMBER')
94	0	0	80	defined &Net::SSLeay::CTX_set_tmp_ecdh && ($openssl_version != 268439631 \|\| length pack('P', 0) == 4)
107	0	0	80	$can_ecdh && $openssl_version >= 268443648
109	0	0	80	defined &Net::SSLeay::OCSP_cert2ids && ($netssleay_version < 1.75 \|\| $netssleay_version > 1.77)
112	0	0	80	$can_ocsp && defined &Net::SSLeay::set_tlsext_status_type
114	0	0	80	defined &Net::SSLeay::CTX_set_tlsext_ticket_getkey_cb && $netssleay_version >= 1.8
123	80	0	0	$session_upref and defined &Net::SSLeay::CTX_sess_set_new_cb
	80	0	0	$session_upref and defined &Net::SSLeay::CTX_sess_set_new_cb and defined &Net::SSLeay::CTX_sess_set_remove_cb
132	80	0	0	defined &Net::SSLeay::CTX_get0_param && eval { do { Net::SSLeay::X509_V_FLAG_PARTIAL_CHAIN() } }
538	45	0	0	not %default_ca and do { local $SIG{'__DIE__'}; eval { do { require Mozilla::CA; 1 } } }
645	0	0	68	$IOCLASS eq "IO::Socket::IP" and not defined $arg_hash->{'GetAddrInfoFlags'}
650	104	0	2	defined $blocking and not $blocking
716	62	0	12	defined $sh and not $sh
818	166	4	8	$ctx->{'session_cache'} and my $session = $ctx->{'session_cache'}->get_session($arg_hash->{'SSL_session_key'})
831	159	0	23	defined $timeout and $timeout > 0
	159	0	23	defined $timeout and $timeout > 0 and $self->blocking(0)
841	159	0	23	defined $timeout && time
937	0	133	12	not %sess_cb and $ctx->{'session_cache'}
	133	0	12	not %sess_cb and $ctx->{'session_cache'} and my $session = &Net::SSLeay::get1_session($ssl)
988	42	0	16	defined $sh and not $sh
1007	71	9	42	@_ && UNIVERSAL::isa($_[0], 'IO::Handle')
1047	108	0	14	defined $timeout and $timeout > 0
	108	0	14	defined $timeout and $timeout > 0 and $socket->blocking(0)
1056	108	0	14	defined $timeout && time
1154	0	0	0	$ssleay_set_msg_callback and my $ssl = do { *$self }->{'_SSL_object'}
1182	0	0	0	not $! and $err == $Net_SSLeay_ERROR_SSL \|\| $err == $Net_SSLeay_ERROR_SYSCALL
1257	59	0	0	not $written and $errs
1381	20	0	58	$pending and (my $pb = &Net::SSLeay::peek($ssl, $pending)) ne ""
1415	3	53	2	$eod and $delim1 eq '' \|\| $eod < length $buf
1467	97	18	41	$status & 1 and $status & 2 \|\| $stop_args->{'SSL_fast_shutdown'}
1573	0	0	0	$ctx_object && $ctx_object->{'context'}
1625	41	0	0	not $was_blocking and $socket->can("blocking")
1665	0	6	0	@chain and not $self->peer_certificate
1706	85	0	0	$reload and do { *$self }->{'_SSL_certificate'}
1888	106	90	116	$wtyp eq "anywhere" and $name =~ /^([a-zA-Z0-9_\-])\(.+)/
	100	70	26	$wtyp =~ /^(?:full_label\|leftmost)$/ and $name =~ /^\*(\..+)$/
1889	82	30	4	$1 ne "" and substr($identity, 0, 4) eq "xn--"
1912	272	80	42	$ipn and $type == GEN_IPADD()
	80	47	225	not $ipn and $type == GEN_DNS()
1925	0	14	87	$scheme->{'check_cn'} eq "when_only" and not $alt_dnsNames
2023	0	0	49	ref $self && do { *$self }->{'_SSL_last_err'}
2032	47	0	1	defined $error_trap and ref $error_trap eq "CODE"
2069	56	5	22	not ref $self and $CURRENT_SSL_OBJECT
2224	1	4	0	IO::Handle::opened($self) && do { *$self }->{'_SSL_opened'}
2324	2	0	24	$ctx->isa("IO::Socket::SSL::SSL_Context") and $ctx->{'context'}
2336	93	159	6	not $is_server \|\| defined $arg_hash->{'SSL_use_cert'} and grep {$arg_hash->{$_};} "SSL_cert", "SSL_cert_file"
	252	0	6	not $is_server \|\| defined $arg_hash->{'SSL_use_cert'} and grep {$arg_hash->{$_};} "SSL_cert", "SSL_cert_file" and grep {$arg_hash->{$_};} "SSL_key", "SSL_key_file"
2366	1767	297	0	defined $arg_hash->{$_} and $arg_hash->{$_} eq ""
2389	91	77	90	not $is_server and $verify_mode & 1
	168	48	42	not $is_server and $verify_mode & 1 and !$vcn_scheme \|\| $vcn_scheme ne 'none'
2430	91	0	0	$arg_hash->{'SSL_ticket_keycb'} and not $can_tckt_keycb
2448	258	0	0	$ver and $v ne $ver
2511	8	241	21	$ver eq "SSLv23" and not $ssl_op & $SSL_OP_NO{'SSLv3'}
2527	165	96	9	$arg_hash->{'SSL_server'} and my $id = $arg_hash->{'SSL_session_id_context'} \|\| $arg_hash->{'SSL_verify_mode'} & 1 && "$ctx"
2579	107	0	0	ref $file eq "SCALAR" and not $$file
2581	107	0	0	ref $dir eq "SCALAR" and not $$dir
2591	32	75	0	$file \|\| $dir and not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($file \|\| ''), scalar($dir \|\| ''))
2601	163	0	0	not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($ca{'SSL_ca_file'} \|\| ''), scalar($dir \|\| '')) and $verify_mode != $Net_SSLeay_VERIFY_NONE
2609	165	96	9	$is_server and $verify_mode & $Net_SSLeay_VERIFY_PEER
2679	1	0	1	not $cert and $arg_hash->{'SSL_passwd_cb'}
	0	0	1	not $cert and $arg_hash->{'SSL_passwd_cb'} and defined(my $pw = $arg_hash->{'SSL_passwd_cb'}->(0))
2695	0	2	0	$key and not &Net::SSLeay::CTX_use_PrivateKey($ctx, $key)
2735	107	165	0	not $is_server and $can_pha
	272	0	0	not $is_server and $can_pha and $havecert
	165	0	0	not $is_server and $can_pha and $havecert and $havekey
2769	0	105	0	$arg_hash->{'SSL_server'} and $curve eq "auto"
2827	247	0	9	@accept_fp && do { my $fail; sub { my($ok, $cert, $depth) = @_; $fail = 1 unless $ok; return 1 if $depth > 0; my %fp; foreach $_ (@accept_fp) { my $fp = ($fp{join $;, $_->[0], $_->[1]} \|\|= $_->[1] ? &Net::SSLeay::X509_pubkey_digest($cert, scalar &$algo2digest($_->[0])) : &Net::SSLeay::X509_digest($cert, scalar &$algo2digest($_->[0]))); next if $fp ne $_->[2]; return 1; }; return !$fail; } }
2855	182	0	19	$error &&= &Net::SSLeay::ERR_error_string($error)
2880	91	0	165	not $is_server and $can_ocsp_staple
	91	9	156	not $is_server and $can_ocsp_staple and not $verify_fingerprint
2928	0	3	2	$status and $status->[2]
2953	0	0	2	@results and $chain[0] == $iossl->peer_certificate
3023	251	3	0	$self->{'session_cache'} and %sess_cb
3165	4	12	0	$v && $v->[0]
3287	0	0	0	$e->{'expire'} and time < $e->{'expire'}
3291	0	0	0	$e->{'nextUpdate'} and time < $e->{'nextUpdate'}
3461	5	0	0	@miss and @found
3513	0	0	5	$resp->{'success'} && $resp->{'content'}
3661	0	0	0	$ssl_ver and $content_type != $trace_constants{'SSL3_RT_HEADER'}
	0	0	0	$ssl_ver and $content_type != $trace_constants{'SSL3_RT_HEADER'} and $content_type != $trace_constants{'SSL3_RT_INNER_CONTENT_TYPE'}
3674	0	0	0	$ssl_ver == $trace_constants{'SSL3_VERSION_MAJOR'} && $content_type

or 2 conditions

line	l	!l	condition
154	0	0	eval { do { Net::SSLeay::MODE_AUTO_RETRY() } } \|\| 4
366	80	0	eval { do { require Socket; 'Socket'->VERSION(1.95); die unless Socket::inet_pton(10, '::1') and 10; 'Socket'->import('inet_pton', 'NI_NUMERICHOST', 'NI_NUMERICSERV'); _getnameinfo = sub { return unless my($err, $host, $port) = Socket::getnameinfo(@_); return if $err; return $host, $port; } ; 'Socket' } } \|\| eval { do { require Socket6; die unless Socket6::inet_pton(10, '::1') and 10; 'Socket6'->import('inet_pton', 'NI_NUMERICHOST', 'NI_NUMERICSERV'); _getnameinfo = sub { return Socket6::getnameinfo(@_); } ; 'Socket6' } } \|\| undef
444	0	240	UNIVERSAL::can('Net::SSLeay', $name) \|\| sub { $value; }
657	0	277	$arg_hash->{'Proto'} \|\|= "tcp"
660	18	178	$arg_hash->{'Listen'} \|\| 0
688	73	0	$! \|\|= 11
697	74	0	shift() \|\| (return _invalid_object())
724	0	180	$_[0] \|\| {}
740	178	0	&Net::SSLeay::new($ctx->{'context'}) \|\| (return $self->error('SSL structure creation failed'))
880	1	0	$! \|\|= 110
976	58	0	shift() \|\| (return _invalid_object())
977	0	58	shift() \|\| 'IO::Socket::SSL'
983	58	0	$self->SUPER::accept($class) \|\| (return)
1008	0	113	$_[0] \|\| {}
1028	119	0	&Net::SSLeay::new(do { *$socket }->{'_SSL_ctx'}{'context'}) \|\| (return $socket->error('SSL structure creation failed'))
1089	1	0	$! \|\|= 110
1129	0	0	+($SSL_OBJECT{$_[5]} \|\| (return))->[0] \|\| (return)
1173	6117	0	do { *$self }->{'_SSL_object'} \|\| (return)
1194	10	6106	$offset \|\|= 0
1241	7229	0	do { *$self }->{'_SSL_object'} \|\| (return)
1246	2	7227	$offset \|\|= 0
1266	2	0	$! \|\|= 32
1298	0	57	$, \|\| ''
	0	57	$\ \|\| ''
1424	248	0	shift() \|\| (return _invalid_object())
1447	297	0	shift() \|\| (return _invalid_object())
1474	107	0	do { *$self }->{'_SSL_opened'} \|\| 0
1489	0	0	$! \|\|= 32
1583	1	0	(shift())->_get_ssl_object \|\| (return)
1644	1	0	$IO::Socket::SSL::ISA[0]->new_from_fd($fd, '+<') \|\| (return $class->error('Could not create socket from file descriptor.'))
1655	1	0	(shift())->_get_ssl_object \|\| (return)
1663	6	0	$self->_get_ssl_object \|\| (return)
1723	6	0	$self->_get_ssl_object \|\| (return)
1724	6	0	&Net::SSLeay::get_certificate($ssl) \|\| (return)
1830	161	48	shift() \|\| 'default'
1877	302	10	$wtyp \|\|= ""
1963	8	0	$algo \|\| 'sha256'
	14	0	$algo \|\| 'sha256'
1970	20	2	$algo \|\|= "sha256"
1976	12	0	(shift())->_get_ssl_object \|\| (return)
1981	28	0	(shift())->_get_ssl_object \|\| (return)
1995	0	0	(shift())->_get_ssl_object \|\| (return)
2000	3	0	(shift())->_get_ssl_object \|\| (return)
2008	4	0	$self->_get_ssl_object \|\| (return)
2024	0	0	$IO::Socket::SSL::SSL_ERROR \|\| ''
2051	0	1	Net::SSLeay::print_errs('SSL error: ') \|\| ''
2211	2	0	$self->_get_ssl_object \|\| (return)
2218	2	0	$self->_get_ssl_object \|\| (return)
2347	0	32	undef $arg_hash->{'SSL_ca_path'} \|\|= undef
2349	0	0	$arg_hash->{'SSL_ca_file'} \|\|= undef
2350	0	61	$arg_hash->{'SSL_ca_path'} \|\|= undef
2375	93	165	$arg_hash->{'SSL_verify_mode'} \|\| 0
2378	22	164	$arg_hash->{$_} \|\| (next)
2591	75	0	$file \|\| ''
	0	75	$dir \|\| ''
2601	22	141	$ca{'SSL_ca_file'} \|\| ''
	141	22	$dir \|\| ''
2742	0	0	&Net::SSLeay::BIO_new_file($f, 'r') \|\| (return 'IO::Socket::SSL'->error("Failed to open DH file $f"))
2793	91	0	&Net::SSLeay::OBJ_txt2nid($curve) \|\| (return 'IO::Socket::SSL'->error("cannot find NID for curve name '${curve}'"))
2824	1	10	$pubkey \|\| ''
2967	0	0	$cl->{$_} \|\| $cl->{''} \|\| $DEFAULT_SSL_ARGS{'SSL_cipher_list'} \|\| (next)
2977	0	0	$cl->{$_} \|\| $cl->{''} \|\| $DEFAULT_SSL_ARGS{'SSL_cipher_list'} \|\| (next)
3134	0	0	~~@del \|\| 'none'
3279	0	4	$size \|\| 100
3352	0	0	$hard_error \|\|= ""
3685	0	0	eval { do { &Net::SSLeay::alert_desc_string_long($msg_type) } } \|\| 'Unknown alert'

or 3 conditions

line	l	!l&&r	!l&&!r	condition
510	0	45	0	$openssldir \|\|= &Net::SSLeay::SSLeay_version(5) =~ /^OPENSSLDIR: "(.+)"$/ ? $1 : (&Net::SSLeay::SSLeay_version(4) =~ /^OPENSSLDIR: "(.+)"$/ ? $1 : "cannot-determine-openssldir-from-ssleay-version")
517	0	45	0	$ENV{'SSL_CERT_DIR'} \|\| ($^O =~ /vms/i ? 'SSLCERTS:' : "$openssldir/certs")
529	0	45	0	$ENV{'SSL_CERT_FILE'} \|\| ($^O =~ /vms/i ? 'SSLCERTS:cert.pem' : "$openssldir/cert.pem")
563	0	0	0	UNIVERSAL::isa($class, "IO::Socket::INET6") or UNIVERSAL::isa($class, "IO::Socket::IP")
639	68	0	44	$arg_hash->{'Domain'} \|\| $arg_hash->{'Family'}
	0	68	44	$arg_hash->{$family_key} \|\|= $arg_hash->{'Domain'} \|\| $arg_hash->{'Family'}
746	6	6	0	$arg_hash->{'SSL_session_key'} \|\|= do { my $host = $arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'} \|\| $self->_update_peer; my $port = $arg_hash->{'PeerPort'} \|\| $arg_hash->{'PeerService'}; $port ? "${host}:$port" : $host }
748	5	1	0	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'} \|\| $self->_update_peer
749	1	5	0	$arg_hash->{'PeerPort'} \|\| $arg_hash->{'PeerService'}
757	0	0	178	$DEBUG >= 2 or do { *$self }->{'_SSL_msg_callback'}
761	2	60	92	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'}
769	62	0	0	not $host =~ /[a-z_]/i or $host =~ /:/
786	2	75	101	$arg_hash->{'PeerAddr'} or $arg_hash->{'PeerHost'}
790	42	14	47	$arg_hash->{'SSL_verifycn_name'} \|\| $arg_hash->{'SSL_hostname'}
792	26	21	0	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'}
825	178	4	0	$ssl \|\|= do { *$self }->{'_SSL_object'}
912	143	2	0	$ctx \|\|= do { *$self }->{'_SSL_ctx'}
1036	0	0	119	$DEBUG >= 2 or do { *$self }->{'_SSL_msg_callback'}
1039	119	3	0	$ssl \|\|= do { *$socket }->{'_SSL_object'}
1156	0	0	0	$DEBUG >= 2 \|\| do { *$self }->{'_SSL_msg_callback'}
1182	0	0	0	$err == $Net_SSLeay_ERROR_SSL \|\| $err == $Net_SSLeay_ERROR_SYSCALL
1245	7169	60	0	$length \|\|= $buf_len
1316	2	5	76	not defined $/ or wantarray
1324	0	0	0	$! == 11 or $! == 11
1354	0	0	0	$! == 11 or $! == 11
1373	1	20	58	not defined $poke or $poke eq ""
1415	54	1	0	$delim1 eq '' \|\| $eod < length $buf
1467	10	39	10	$status & 2 \|\| $stop_args->{'SSL_fast_shutdown'}
1539	0	49	51	$downgrade or not defined $downgrade
1565	245	0	0	do { *$self }->{'_SSL_object'} \|\| 'IO::Socket::SSL'->_internal_error('Undefined SSL object', 9)
1611	157	0	4	not defined $start_handshake or $start_handshake
1708	48	37	0	do { *$self }->{'_SSL_certificate'} \|\|= &Net::SSLeay::get_peer_certificate($ssl)
1834	209	0	0	$scheme{$scheme} \|\| croak("scheme $scheme not defined")
1859	0	3	46	4 != @ip or 4 != grep({$_ < 256 if defined $_;} @ip)
1925	21	87	14	$scheme->{'check_cn'} eq "always" or $scheme->{'check_cn'} eq "when_only" and not $alt_dnsNames
1954	0	8	0	do { *$self }->{'_SSL_servername'} \|\|= do { return unless my $ssl = $self->_get_ssl_object; &Net::SSLeay::get_servername($ssl) }
1962	2	20	0	$cert \|\|= $self->peer_certificate
2015	2	2	0	$ctx->{'ocsp_cache'} \|\|= "IO::Socket::SSL::OCSP_Cache"->new
2032	39	0	8	do { $self }->{'_SSL_ioclass_upgraded'} or do { $self }->{'_SSL_arguments'}{'SSL_keepSocketOnError'}
2072	41	9	28	not $oe or $oe->[1] <= $severity
2124	197	0	0	not $use_threads or delete $CREATED_IN_THIS_THREAD{$ssl}
2336	91	2	165	$is_server \|\| defined $arg_hash->{'SSL_use_cert'}
2347	0	0	32	$arg_hash->{'SSL_ca_file'} \|\|= (undef $arg_hash->{'SSL_ca_path'} \|\|= undef)
2358	2776	1596	0	defined $arg_hash->{$_} or delete $arg_hash->{$_}
2389	48	42	0	!$vcn_scheme \|\| $vcn_scheme ne 'none'
2404	90	0	0	$verify_name \|\| ref $vcn_scheme && $vcn_scheme->{'callback'} && 'unknown'
2444	703	477	0	$2 \|\| $3
2527	0	9	96	$arg_hash->{'SSL_session_id_context'} \|\| $arg_hash->{'SSL_verify_mode'} & 1 && "$ctx"
2575	32	75	163	$arg_hash->{'SSL_ca'} or defined $arg_hash->{'SSL_ca_file'}
	107	0	163	$arg_hash->{'SSL_ca'} or defined $arg_hash->{'SSL_ca_file'} or defined $arg_hash->{'SSL_ca_path'}
2591	75	0	32	$file \|\| $dir
2716	159	2	111	not $havecert or $havekey
	82	1	0	$arg_hash->{'SSL_key_file'} \|\| ($havecert eq 'PEM' ? $arg_hash->{'SSL_cert_file'} : undef)
2817	11	0	0	$algo \|\|= length $digest == 32 ? "md5" : (length $digest == 40 ? "sha1" : (length $digest == 64 ? "sha256" : (return "IO::Socket::SSL"->_internal_error("cannot detect hash algorithm from fingerprint '${_}'", 9))))
2836	1	12	0	$fp{join $;, $_->[0], $_->[1]} \|\|= $_->[1] ? &Net::SSLeay::X509_pubkey_digest($cert, scalar &$algo2digest($_->[0])) : &Net::SSLeay::X509_digest($cert, scalar &$algo2digest($_->[0]))
2983	254	0	0	$ctx{''} \|\| (values %ctx)[0]
2984	6	0	248	keys %ctx > 1 or not exists $ctx{''}
2992	13	6	0	$ctx{lc $host} \|\| $ctx{''}
3029	0	0	0	$SSL_OBJECT{$ssl} \|\| do { warn "callback session new: no known SSL object for $ssl"; return }
3063	252	0	0	not $use_threads or delete $CTX_CREATED_IN_THIS_THREAD{$ctx}
3378	0	0	5	not $todo or $self->{'error'}
3655	0	0	0	$tc_ver2s{$ssl_ver} \|\| "(version=$ssl_ver)"
3674	0	0	0	$tc_type2s{$content_type} \|\| "TLS Unknown (type=$content_type)"
3688	0	0	0	$tc_msgtype2s{join $;, $ssl_ver, $msg_type} \|\| "Unknown (ssl_ver=$ssl_ver, msg=$msg_type)"