Branch Coverage

blib/lib/IO/Socket/SSL.pm
Criterion Covered Total %
branch 782 1410 55.4


line true false branch
93 0 0 defined &Net::SSLeay::CTX_set_tmp_ecdh && ($openssl_version != 268439631 || length pack('P', 0) == 4) ? :
0 0 defined &Net::SSLeay::CTX_set_ecdh_auto ? :
89 0 $openssl_version >= 269484047 ? :
102 0 0 defined &Net::SSLeay::CTX_set1_curves_list ? :
89 0 defined &Net::SSLeay::CTX_set1_groups_list ? :
120 89 0 if (defined &Net::SSLeay::SESSION_up_ref)
124 89 0 if ($session_upref and defined &Net::SSLeay::CTX_sess_set_new_cb and defined &Net::SSLeay::CTX_sess_set_remove_cb)
133 89 0 if (my $c = defined &Net::SSLeay::CTX_get0_param && eval { do { Net::SSLeay::X509_V_FLAG_PARTIAL_CHAIN() } })
142 89 0 unless (defined &Net::SSLeay::clear_mode)
150 89 0 if ($openssl_version >= 269488128)
158 329 40 if ($on) { }
165 89 0 if ($openssl_version >= 268435456)
232 88 89 unless &Net::SSLeay::library_init()
242 0 0 $can_ecdh eq 'tmp_ecdh' ? :
0 0 $can_ecdh eq 'can_auto' ? :
89 0 $can_ecdh eq 'auto' ? :
257 0 89 unless $dh
372 89 0 if ($ip6)
375 88 1 if (eval { do { require IO::Socket::IP; 'IO::Socket::IP'->VERSION(0.31) } }) { }
0 1 elsif (eval { do { require IO::Socket::INET6; 'IO::Socket::INET6'->VERSION(2.62) } }) { }
397 1 88 unless ($ip6)
401 0 1 unless (defined $ip6)
416 0 0 unless $DEBUG
418 0 0 if ($sub =~ /^IO::Socket::SSL::(?:error|(_internal_error))$/) { }
419 0 0 if $1
424 0 0 if length $file > 20
425 0 0 if @_
488 3 184 if (@_)
490 0 3 if (@_ > 1) { }
3 0 elsif (my $path = shift()) { }
500 133 54 if defined $ca_detected
505 54 0 &Net::SSLeay::SSLeay_version(4) =~ /^OPENSSLDIR: "(.+)"$/ ? :
0 54 &Net::SSLeay::SSLeay_version(5) =~ /^OPENSSLDIR: "(.+)"$/ ? :
513 54 0 if (opendir my $dh, $dir)
515 0 54 unless open my $fh, "<", "$dir/$f"
517 0 54 unless $line =~ /^-+BEGIN (X509 |TRUSTED |)CERTIFICATE-/
525 54 0 if (open my $fh, "<", $file)
527 0 54 unless $line =~ /^-+BEGIN (X509 |TRUSTED |)CERTIFICATE-/
533 0 0 if not %default_ca and do { local $SIG{'__DIE__'}; eval { do { require Mozilla::CA; 1 } } }
552 0 1 if (/^inet4$/i) { }
0 1 elsif (/^inet6$/i) { }
1 0 elsif (/^:?debug(\d+)/) { }
558 0 0 unless (UNIVERSAL::isa($class, "IO::Socket::INET6") or UNIVERSAL::isa($class, "IO::Socket::IP"))
634 0 141 unless $self
646 2 139 if defined $blocking
649 141 0 unless exists $arg_hash->{'SSL_keepSocketOnError'}
650 1 140 unless $self->configure_SSL($arg_hash)
652 72 68 if ($arg_hash->{$family_key} ||= $arg_hash->{'Domain'} || $arg_hash->{'Family'})
658 72 0 if $IOCLASS eq "IO::Socket::IP" and not defined $arg_hash->{'GetAddrInfoFlags'}
660 13 127 unless $self->SUPER::configure($arg_hash)
663 2 125 if defined $blocking and not $blocking
672 216 88 unless (defined $is_server)
677 0 304 if $FILTER_SSL_ARGS
680 163 141 unless exists $arg_hash->{'SSL_keepSocketOnError'}
688 1 303 unless do { *$self }->{'_SSL_ctx'} = "IO::Socket::SSL::SSL_Context"->new($arg_hash)
698 84 79 if ($err == $Net_SSLeay_ERROR_WANT_READ) { }
2 77 elsif ($err == $Net_SSLeay_ERROR_WANT_WRITE) { }
706 86 0 if ref $self
715 0 97 if do { *$self }->{'_SSL_opened'}
717 97 0 unless (do { *$self }->{'_SSL_opening'})
722 0 97 if $DEBUG >= 2
723 0 97 unless $self->SUPER::connect(@_)
724 0 97 if $DEBUG >= 2
733 15 82 if defined $sh and not $sh
741 2 197 @_ > 1 ? :
742 0 199 if do { *$self }->{'_SSL_opened'}
745 197 2 unless (do { *$self }->{'_SSL_opening'})
747 0 197 if $DEBUG >= 2
752 0 197 if $args->{'SSL_usebio'} and not $biosock
757 0 197 if $use_threads
761 12 185 if ($ctx->{'session_cache'})
766 6 0 $port ? :
770 3 194 if ($biosock) { }
775 0 194 unless defined $fileno
777 0 194 unless &Net::SSLeay::set_fd($ssl, $fileno)
781 0 197 if $DEBUG >= 2 or do { *$self }->{'_SSL_msg_callback'}
783 197 0 if ($can_client_sni) { }
0 0 elsif ($arg_hash->{'SSL_hostname'}) { }
785 17 180 if (exists $arg_hash->{'SSL_hostname'}) { }
85 95 elsif ($host = $arg_hash->{'PeerAddr'} || $arg_hash->{'PeerHost'}) { }
793 85 0 if not $host =~ /[a-z_]/i or $host =~ /:/
797 17 180 if ($host) { }
798 0 17 if $DEBUG >= 2
801 0 180 if $DEBUG >= 2
807 0 0 if $DEBUG >= 2
810 97 98 unless $arg_hash->{'PeerAddr'} or $arg_hash->{'PeerHost'}
811 114 83 if ($ctx->{'verify_name_ref'})
815 64 50 unless (defined $host)
816 64 0 if ($host = $arg_hash->{'PeerAddr'} || $arg_hash->{'PeerHost'})
830 0 197 if ($ocsp & 1) { }
0 197 elsif (not $can_ocsp_staple) { }
114 83 elsif ($ocsp & 18) { }
833 0 0 if $ocsp & 2
839 0 114 if $DEBUG >= 2
842 7 190 if ($ctx->{'session_cache'} and my $session = $ctx->{'session_cache'}->get_session($arg_hash->{'SSL_session_key'}))
855 2 197 exists $args->{'Timeout'} ? :
856 11 188 if (defined $timeout and $timeout > 0 and $self->blocking(0)) { }
857 0 11 if $DEBUG >= 2
863 188 0 if $auto_retry
871 0 231 if $DEBUG >= 3
874 0 231 if $DEBUG >= 3
875 69 162 if ($rv < 0) { }
0 162 elsif ($rv == 0) { }
877 18 51 if (not $err and $dobio)
878 18 0 if &$dobio($self, $SSL_ERROR == "SSL wants a read first", $SSL_ERROR == "SSL wants a write first", \$err)
883 34 17 if ($err)
887 0 34 if $DEBUG >= 1
891 0 17 if $DEBUG >= 2
894 2 15 unless defined $timeout
898 15 0 if ($timeout > 0) { }
901 0 15 if $DEBUG >= 2
902 0 0 $SSL_ERROR == 104523711984072 ? :
15 0 $SSL_ERROR == 104523711983568 ? :
907 0 0 if $DEBUG >= 2
910 1 14 unless ($rv)
911 0 1 if $DEBUG >= 2
921 0 14 if $DEBUG >= 2
929 0 0 if $DEBUG >= 2
936 0 162 if $DEBUG >= 2
940 8 154 if (defined $timeout)
950 0 162 if (my $ocsp_result = do { *$self }->{'_SSL_ocsp_verify'}) { }
0 162 elsif ($ctx->{'ocsp_mode'} & 2) { }
952 0 0 if ($ocsp_result->[0] > 0) { }
0 0 elsif ($ocsp_result->[0] < 0) { }
953 0 0 if $DEBUG >= 3
959 0 0 if $DEBUG >= 3
963 0 0 if $DEBUG >= 3
973 0 0 if (not %sess_cb and $ctx->{'session_cache'} and my $session = &Net::SSLeay::get1_session($ssl))
996 0 95 if ($af == 10) { }
1016 67 0 unless ($socket)
1018 0 67 if $DEBUG >= 2
1020 0 67 if $DEBUG >= 2
1024 19 48 if (defined $sh and not $sh)
1026 0 19 if $DEBUG >= 2
1027 0 19 wantarray ? :
1031 4 44 unless $self->accept_SSL($socket)
1032 0 44 if $DEBUG >= 2
1034 2 42 wantarray ? :
1042 67 0 if ($socket != $self) { }
0 0 elsif ($usebio and not $biosock) { }
1043 0 67 if $usebio
1054 48 89 @_ && UNIVERSAL::isa($_[0], 'IO::Handle') ? :
1055 9 128 @_ > 1 ? :
1058 134 3 unless (do { *$self }->{'_SSL_opening'})
1059 0 134 if $DEBUG >= 2
1060 48 86 if $socket != $self
1066 0 134 if $use_threads
1071 3 131 if (do { *$socket }->{'_SSL_bio_socket'}) { }
1074 0 131 unless defined $fileno
1076 0 131 unless &Net::SSLeay::set_fd($ssl, $fileno)
1080 0 134 if $DEBUG >= 2 or do { *$self }->{'_SSL_msg_callback'}
1091 9 128 exists $args->{'Timeout'} ? :
1092 14 123 if (defined $timeout and $timeout > 0 and $socket->blocking(0)) { }
1098 123 0 if $auto_retry
1108 0 162 if $DEBUG >= 3
1109 46 116 if ($rv < 0) { }
0 116 elsif ($rv == 0) { }
1111 9 37 if (not $err and $dobio)
1112 9 0 if &$dobio($self, $SSL_ERROR == "SSL wants a read first", $SSL_ERROR == "SSL wants a write first", \$err)
1117 17 20 if ($err)
1126 3 17 unless defined $timeout
1130 17 0 if ($timeout > 0) { }
1133 0 0 $SSL_ERROR == 104523711984072 ? :
17 0 $SSL_ERROR == 104523711983568 ? :
1140 1 16 unless ($rv)
1163 0 116 if $DEBUG >= 2
1167 12 104 if (defined $timeout)
1186 0 6 unless my $ssl = do { *$self }->{'_SSL_object'}
1196 0 61 unless my $biosock = do { *$self }->{'_SSL_bio_socket'}
1200 21 0 if ($wbuf eq "")
1202 0 21 if (not defined $buf or $buf eq '') { }
1209 21 0 if ($n) { }
0 0 elsif (not defined $n) { }
1214 0 0 unless $!{'EAGAIN'} or $!{'EWOULDBLOCK'}
1227 16 45 unless $read
1234 0 45 unless $n
1240 0 45 unless $n
1244 0 45 unless &Net::SSLeay::BIO_write($rbio, $rbuf) > 0
1250 0 0 if (defined $n) { }
0 0 elsif ($!{'EAGAIN'} or $!{'EWOULDBLOCK'}) { }
1266 0 0 if $DEBUG >= 2
1275 0 0 if $DEBUG >= 2
1277 0 0 if (my $cb = do { *$self }->{'_SSL_msg_callback'})
1288 0 0 if (@_)
1289 0 0 if ($_[0]) { }
1291 0 0 unless $ssleay_set_msg_callback
1301 0 0 if ($ssleay_set_msg_callback and my $ssl = do { *$self }->{'_SSL_object'})
1303 0 0 $DEBUG >= 2 || do { *$self }->{'_SSL_msg_callback'} ? :
1312 218 501 if @_ and $auto_retry
1313 17 702 if (my $biosock = do { *$self }->{'_SSL_bio_socket'}) { }
1328 6235 42 if defined $data
1330 42 0 defined $err ? :
1331 18 24 unless ($err)
1332 12 6 unless defined $dobio
1333 16 2 if ($dobio)
1335 16 0 if &$dobio($self, 1, $SSL_ERROR == "SSL wants a write first", \$err)
1337 2 0 unless $err
1342 8 0 if (not $! and $err == $Net_SSLeay_ERROR_SSL || $err == $Net_SSLeay_ERROR_SYSCALL)
1354 6178 65 unless defined $$buffer
1356 1 6242 if ($offset > length $$buffer)
1361 14 8 unless ($length or $justpeek)
1363 7 7 if ($status & 2)
1364 3 4 if ($status & 1) { }
1 3 elsif (my $cb = do { *$self }->{'_SSL_arguments'}{'SSL_on_peer_shutdown'}) { }
1378 1 2 if $dobio
1408 0 3 if ($biosock and UNIVERSAL::can($biosock, 'peek')) { }
1414 0 3 unless defined $rv
1415 1 2 if $buf eq ""
1423 6 0 if (my $ssl = !$rc && do { *$self }->{'_SSL_object'})
1424 5 1 $self->blocking ? :
1429 0 0 if $rc < 0
1432 0 0 if (my $biosock = do { *$self }->{'_SSL_bio_socket'}) { }
1435 0 0 $rc ? :
1443 6167 3 if (my $ssl = !$rc && do { *$self }->{'_SSL_object'})
1447 2 1 if $rc < 0
1450 1 0 if (my $biosock = do { *$self }->{'_SSL_bio_socket'}) { }
1453 0 0 $rc ? :
1460 88 6 if (my $ssl = !$rc && do { *$self }->{'_SSL_object'})
1464 1 5 if $rc < 0
1468 0 5 if $fd and UNIVERSAL::can($fd, "peek")
1471 0 5 unless defined CORE::recv($fd, my $buf, $_[1], 2)
1472 0 5 $_[2] ? :
1484 0 9617 if $offset > $buf_len
1486 0 9617 if $offset == $buf_len
1491 63 9554 if ($write_all) { }
1492 0 63 $length < $buf_len - $offset ? :
1495 0 63 if not $written and $errs
1499 4 9550 if $written <= 0
1501 4 9613 unless (defined $written)
1502 2 2 if (my $err = $self->_skip_rw_error($ssl, -1))
1504 2 0 if $err == $Net_SSLeay_ERROR_SYSCALL
1509 7 9610 if (my $dobio = do { *$self }->{'_SSL_bio_sub'})
1515 0 7 !defined($written) ? :
0 7 if &$dobio($self, $wr, !defined($written) ? 2 : 1, \$err) >= 2
1516 0 7 if ($err)
1530 64 0 if (my $ssl = !$wc && do { *$self }->{'_SSL_object'})
1535 0 0 if ($wc < 0)
1541 0 0 if (my $biosock = do { *$self }->{'_SSL_bio_socket'}) { }
1544 0 0 $wc ? :
1553 9553 6 if (my $ssl = !$wc && do { *$self }->{'_SSL_object'})
1558 2 4 if ($wc < 0)
1564 2 2 if (my $biosock = do { *$self }->{'_SSL_bio_socket'}) { }
1567 2 0 $wc ? :
1584 2 0 if $self->read($buffer, 1, 0)
1589 0 92 unless do { *$self }->{'_SSL_object'}
1591 7 85 if (not defined $/ or wantarray)
1597 0 14 if (not defined $rv) { }
7 7 elsif (not $rv) { }
1598 0 0 if $! == 4
1599 0 0 if $! == 11 or $! == 11
1606 2 5 if (not defined $/) { }
1 4 elsif (ref $/) { }
1 3 elsif ($/ eq '') { }
1610 0 1 unless $size > 0
1620 1 84 if (ref $/)
1623 0 1 unless $size > 0
1627 0 1 if (not defined $rv) { }
0 1 elsif (not $rv) { }
1628 0 0 if $! == 4
1629 0 0 if $! == 11 or $! == 11
1638 1 83 $/ eq '' ? :
1643 0 84 unless my $ssl = $self->_get_ssl_object
1650 26 62 if (not defined $poke or $poke eq "")
1651 1 25 if $! == 4
1660 62 25 if ($pending and (my $pb = &Net::SSLeay::peek($ssl, $pending)) ne '') { }
1664 24 1 $buf eq '' ? :
1666 62 0 unless ($eod)
1668 3 59 if ($pos < 0) { }
1675 59 3 if ($eod)
1676 1 58 if ($delim1 ne "")
1687 62 0 if ($self->sysread(my $p, $skip, 0))
1691 0 0 unless $! == 4
1694 59 0 if ($eod and $delim1 eq '' || $eod < length $buf)
1704 0 278 ref $_[0] eq 'HASH' ? :
1706 0 278 unless $self->stop_SSL("SSL_fast_shutdown", 1, %$close_args, "_SSL_ioclass_downgrade", 0)
1712 67 211 unless ($close_args->{'_SSL_in_DESTROY'})
1722 3 20 unless do { *$self }->{'_SSL_object'}
1724 2 18 do { *$self }->{'_SSL_read_closed'} ? :
4 16 do { *$self }->{'_SSL_write_closed'} ? :
1729 0 335 ref $_[0] eq 'HASH' ? :
1730 2 333 unless do { *$self }->{'_SSL_opened'}
1733 332 3 if (my $ssl = do { *$self }->{'_SSL_object'})
1734 0 332 if (delete do { *$self }->{'_SSL_opening'}) { }
117 215 elsif (not $stop_args->{'SSL_no_shutdown'}) { }
1742 0 110 exists $stop_args->{'Timeout'} ? :
7 110 !$self->blocking ? :
1743 3 114 if ($timeout)
1749 66 14 if ($status & 1 and $status & 2 || $stop_args->{'SSL_fast_shutdown'})
1756 51 78 if ((do { *$self }->{'_SSL_opened'} || 0) <= 0)
1768 8 72 if $dobio
1769 2 78 if ($rv < 0)
1771 2 0 unless ($timeout)
1773 2 0 if (not $err and $dobio)
1774 2 0 if &$dobio($self, $SSL_ERROR == "SSL wants a read first", $SSL_ERROR == "SSL wants a write first", \$err)
1779 0 0 if ($err)
1781 0 0 if $err == $Net_SSLeay_ERROR_SYSCALL
1791 0 0 if $wait <= 0
1794 0 0 if ($err == $Net_SSLeay_ERROR_WANT_READ) { }
0 0 elsif ($err == $Net_SSLeay_ERROR_WANT_WRITE) { }
1799 0 0 if ($err)
1801 0 0 if $err == $Net_SSLeay_ERROR_SYSCALL
1809 15 63 if $rv > 0
1811 3 114 if $timeout
1812 76 41 unless ($status & 2)
1825 2 257 if ($stop_args->{'SSL_ctx_free'} and my $ctx = delete do { *$self }->{'_SSL_ctx'})
1831 48 211 unless ($stop_args->{'_SSL_in_DESTROY'})
1832 4 44 $dobio ? :
1833 31 17 if ($downgrade or not defined $downgrade)
1835 24 7 if (my $orig_class = delete do { *$self }->{'_SSL_ioclass_upgraded'})
1840 24 0 if @sslkeys
1850 563 91 if (@except)
1858 14 640 if (do { *$self }->{'_SSL_bio_socket'})
1859 2 12 unless @except
1860 12 2 if (not $keys->{'_SSL_bio_socket'}) { }
1869 310 344 if ($keys->{'_SSL_object'} and my $ssl = do { *$self }->{'_SSL_object'})
1876 34 620 if ($keys->{'_SSL_certificate'} and my $cert = delete do { *$self }->{'_SSL_certificate'})
1885 0 654 if exists do { *$self }->{'_SSL_opened'}
1888 306 348 if $untie and not do { *$self }->{'_SSL_bio_socket'}
1896 9563 142 defined $fn ? :
1924 0 1 if (my $outer = do { *$self }->{'_SSL_bio_socket'})
1925 0 0 if UNIVERSAL::can($outer, "pending")
1932 0 164 unless ref $socket
1933 1 163 @_ == 1 ? :
1934 11 153 exists $arg_hash->{'Timeout'} ? :
1938 164 0 UNIVERSAL::can($socket, 'fileno') ? :
1940 1 157 unless $usebio or defined $original_fileno
1943 6 157 if ($usebio) { }
1950 0 163 unless ($socket->configure_SSL($arg_hash))
1951 0 0 if $original_class
1956 162 1 if $class ne $original_class
1960 159 4 if (not defined $start_handshake or $start_handshake) { }
1962 0 159 if $DEBUG >= 2
1965 63 96 do { *$socket }->{'_SSL_arguments'}{'SSL_server'} ? :
1967 0 159 unless $was_blocking
1968 123 36 if ($result) { }
1972 36 0 if $original_class
1976 0 4 if $DEBUG >= 2
1984 1 0 if (length $_[0] < 4)
1986 1 0 unless length $mode
2009 0 0 if @chain and not $self->peer_certificate
2010 0 0 if (do { *$self }->{'_SSL_arguments'}{'SSL_server'})
2014 0 0 if (my $peer = &Net::SSLeay::get_peer_certificate($ssl))
2047 0 79 unless my $ssl = $self->_get_ssl_object
2050 0 0 if $reload and do { *$self }->{'_SSL_certificate'}
2052 2 77 unless my $cert = (do { *$self }->{'_SSL_certificate'} ||= &Net::SSLeay::get_peer_certificate($ssl))
2055 17 60 if ($field) { }
2056 0 17 unless my $sub = $dispatcher{$field}
2069 4 2 if ($field) { }
2070 0 4 unless my $sub = $dispatcher{$field}
2176 209 0 unless (ref $scheme)
2177 0 209 if $DEBUG >= 3
2181 0 209 unless %$scheme
2187 0 209 if $DEBUG >= 3
2189 0 209 if (my $sub = $scheme->{'callback'})
2197 12 197 if ($identity =~ /:/) { }
55 142 elsif (my(@ip) = $identity =~ /^(\d+)(?:\.(\d+)\.(\d+)\.(\d+)|[\d\.]*)$/) { }
2199 3 9 if $identity =~ /[^\da-fA-F:\.]/
2200 0 9 unless $ipn = inet_pton(10, $identity)
2203 214 6 if defined $_
3 52 if 4 != @ip or 4 != grep({$_ < 256 if defined $_;} @ip)
2207 5 137 if ($identity =~ /[^a-zA-Z0-9_.\-]/)
2208 0 5 if $identity =~ /\0/
2209 0 5 unless $identity = idn_to_ascii($identity)
2211 2 3 if $identity =~ /[^a-zA-Z0-9_.\-]/
2220 1 288 if $name eq ""
2232 116 172 if ($wtyp eq 'anywhere' and $name =~ /^([a-zA-Z0-9_\-]*)\*(.+)/) { }
26 146 elsif ($wtyp =~ /^(?:full_label|leftmost)$/ and $name =~ /^\*(\..+)$/) { }
2233 4 112 if $1 ne "" and substr($identity, 0, 4) eq "xn--"
2241 56 82 if ($identity =~ /$pattern/)
2242 56 0 unless defined $publicsuffix
2244 0 56 if $publicsuffix eq ""
2247 56 0 $tld ? :
41 15 if @labels > ($tld ? 0 + @$tld : 1)
2256 53 294 if ($ipn and $type == GEN_IPADD()) { }
201 139 elsif (not $ipn and $type == GEN_DNS()) { }
2259 46 7 if $ipn eq $name
2264 38 163 if &$check_name($name, $identity, $scheme->{'wildcards_in_alt'}, $publicsuffix)
2269 103 14 if ($scheme->{'check_cn'} eq "always" or $scheme->{'check_cn'} eq "when_only" and not $alt_dnsNames)
2271 88 15 if (not $ipn) { }
15 0 elsif ($scheme->{'ip_in_cn'}) { }
2272 44 44 if &$check_name($commonName, $identity, $scheme->{'wildcards_in_cn'}, $publicsuffix)
2275 5 10 if ($identity eq $commonName)
2278 0 0 $scheme->{'ip_in_cn'} == 6 ? :
5 0 $scheme->{'ip_in_cn'} == 4 ? :
3 2 if $scheme->{'ip_in_cn'} == 4 ? length $ipn == 4 : ($scheme->{'ip_in_cn'} == 6 ? length $ipn == 16 : 1)
2299 0 8 unless my $ssl = $self->_get_ssl_object
2306 0 21 unless $cert ||= $self->peer_certificate
2307 7 14 $key_only ? :
2315 0 21 unless my $fp = get_fingerprint_bin($self, $algo, $cert, $key_only)
2316 7 14 $key_only ? :
2326 0 34 unless my $version = &Net::SSLeay::version($ssl)
2328 0 0 $version == 65279 ? :
0 0 $version == 2 ? :
0 0 $version == 768 ? :
6 0 $version == 769 ? :
6 6 $version == 770 ? :
6 12 $version == 771 ? :
16 18 $version == 772 ? :
2359 0 0 $ctx->{'ocsp_mode'} & 8 ? :
0 0 @_ ? :
2368 52 0 $oe ? :
2376 1 50 if (defined $error_trap and ref $error_trap eq 'CODE') { }
34 16 elsif (do { *$self }->{'_SSL_ioclass_upgraded'} or do { *$self }->{'_SSL_arguments'}{'SSL_keepSocketOnError'}) { }
2381 0 34 if $DEBUG >= 3
2387 51 0 if $saved_error
2413 17 86 if not ref $self and $CURRENT_SSL_OBJECT
2414 101 2 if (ref $self) { }
2416 71 30 if (not $oe or $oe->[1] <= $severity) { }
2419 0 71 if $DEBUG
2421 0 30 if $DEBUG
2425 0 2 if $DEBUG
2436 0 51 if $DEBUG >= 2
2438 51 20 if @err
2439 71 0 if $error
2465 1 0 if $can_client_psk
2466 1 0 if $can_server_psk
2467 1 0 %can ? :
2472 0 324 unless my $self = shift()
2473 211 113 if (my $ssl = do { *$self }->{'_SSL_object'})
2475 211 0 if (not $use_threads or delete $CREATED_IN_THIS_THREAD{$ssl})
2493 0 2 ref $_[0] eq 'HASH' ? :
2545 0 0 if (ref $sub) { }
0 0 elsif ($sub eq 'use_defaults') { }
2551 0 0 $is_server ? :
2561 0 2 unless $can_npn
2568 0 2 unless $can_alpn
2590 1 0 if wantarray
2665 304 9 ref $_[0] eq 'HASH' ? :
2668 112 201 $is_server ? :
2671 6 307 if ($defaults{'SSL_reuse_ctx'})
2674 0 6 if grep {/^SSL_(?!verifycn_name|hostname)$/;} keys %$arg_hash
2676 313 0 if %defaults
2678 26 287 if (my $ctx = $arg_hash->{'SSL_reuse_ctx'})
2679 24 2 if ($ctx->isa('IO::Socket::SSL::SSL_Context')) { }
2 0 elsif (eval { do { $ctx = do { *$ctx }->{'_SSL_ctx'} } }) { }
2680 24 0 if $ctx->{'context'}
2691 6 179 if (not $is_server || defined $arg_hash->{'SSL_use_cert'} and grep {$arg_hash->{$_};} "SSL_cert", "SSL_cert_file" and grep {$arg_hash->{$_};} "SSL_key", "SSL_key_file")
2699 34 253 if ($arg_hash->{'SSL_ca'}) { }
0 253 elsif ($arg_hash->{'SSL_ca_path'}) { }
69 184 elsif ($arg_hash->{'SSL_ca_file'}) { }
2709 277 10 unless defined $arg_hash->{'SSL_use_cert'}
2721 0 2296 if defined $arg_hash->{$_} and $arg_hash->{$_} eq ""
2724 422 152 unless defined(my $file = $arg_hash->{$_})
2725 12 140 ref $file eq 'HASH' ? :
2726 0 184 unless open my $fh, "<", $f
2731 106 181 if ($verify_mode != $Net_SSLeay_VERIFY_NONE) { }
0 181 elsif ($verify_mode ne '0') { }
2744 103 0 if (not $is_server and $verify_mode & 1 and !$vcn_scheme || $vcn_scheme ne 'none')
2754 4 183 if $vcb
2755 10 177 unless $ok
2757 87 90 if $depth != 0
2760 0 90 unless ($host)
2761 0 0 if ($vcn_scheme)
2776 17 73 unless ($rv)
2784 100 187 if ($is_server)
2785 0 100 if ($arg_hash->{'SSL_ticket_keycb'} and not $can_tckt_keycb)
2796 0 1266 unless m[^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1(?:_?[123])?))$]i
2800 979 287 if ($not) { }
2803 0 287 if $ver and $v ne $ver
2811 12 260 $ver eq 'TLSv1_2' ? :
2 272 $ver eq 'TLSv1_1' ? :
2 274 $ver eq 'TLSv1' ? :
1 276 $ver eq 'SSLv3' ? :
0 277 $ver eq 'SSLv2' ? :
10 277 $ver eq 'TLSv1_3' ? :
1 286 unless my $ctx_new_sub = $ver eq "TLSv1_3" ? $CTX_tlsv1_3_new : UNIVERSAL::can("Net::SSLeay", $ver eq "SSLv2" ? "CTX_v2_new" : ($ver eq "SSLv3" ? "CTX_v3_new" : ($ver eq "TLSv1" ? "CTX_tlsv1_new" : ($ver eq "TLSv1_1" ? "CTX_tlsv1_1_new" : ($ver eq "TLSv1_2" ? "CTX_tlsv1_2_new" : "CTX_new")))))
2825 100 186 if ($is_server)
2828 207 193 unless my $val = $arg_hash->{$opt}
2829 12 181 if (ref $val eq "HASH")
2836 2 20 $host =~ /%/ ? :
2839 280 6 unless %ctx
2844 2 300 if ($host =~ /^([^%]*)%/)
2845 0 2 unless $ctx = $ctx{$1}
2847 0 2 if (my(@k) = grep({not /^SSL_(?:cert|key)(?:_file)?$/;} keys %$arg_hash))
2852 0 2 unless $can_multi_cert
2858 0 300 unless $ctx = &$ctx_new_sub()
2860 0 300 if $use_threads
2864 110 190 if $arg_hash->{'SSL_honor_cipher_order'}
2866 20 280 if ($ver eq "SSLv23" and not $ssl_op & $SSL_OP_NO{'SSLv3'})
2876 300 0 if $check_partial_chain
2882 9 291 if ($arg_hash->{'SSL_server'} and my $id = $arg_hash->{'SSL_session_id_context'} || $arg_hash->{'SSL_verify_mode'} & 1 && "$ctx")
2895 0 300 $arg_hash->{'SSL_mode_release_buffers'} ? :
2898 3 297 if (my $proto_list = $arg_hash->{'SSL_npn_protocols'})
2899 0 3 unless $can_npn
2901 2 1 if ($arg_hash->{'SSL_server'}) { }
2911 3 297 if (my $proto_list = $arg_hash->{'SSL_alpn_protocols'})
2912 0 3 unless $can_alpn
2914 2 1 if ($arg_hash->{'SSL_server'}) { }
2921 0 300 if ($arg_hash->{'SSL_ticket_keycb'})
2923 0 0 ref $cb eq 'CODE' ? :
2927 15 285 if ($arg_hash->{'SSL_psk'})
2929 1 14 if ($arg_hash->{'SSL_server'}) { }
2930 0 1 unless $can_server_psk
2934 0 0 if (ref $psk eq 'HASH') { }
2943 0 14 unless $can_client_psk
2948 0 14 if (ref $psk eq 'HASH') { }
12 2 elsif (ref $psk) { }
2949 0 0 unless defined $hint
2950 0 0 unless $p = $psk->{$hint}
2968 117 183 if ($arg_hash->{'SSL_ca'} or defined $arg_hash->{'SSL_ca_file'} or defined $arg_hash->{'SSL_ca_path'}) { }
183 0 elsif (my(%ca) = IO::Socket::SSL::default_ca()) { }
2972 0 117 if ref $file eq "SCALAR" and not $$file
2974 0 117 if ref $dir eq "SCALAR" and not $$dir
2975 34 83 if ($arg_hash->{'SSL_ca'})
2978 0 37 unless &Net::SSLeay::X509_STORE_add_cert($store, $_)
2983 0 117 if ref $dir
2984 0 117 if ($file || $dir and not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($file || ''), scalar($dir || '')))
2986 0 0 if $verify_mode != $Net_SSLeay_VERIFY_NONE
2993 0 183 if ref $dir
2994 0 183 if (not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($ca{'SSL_ca_file'} || ''), scalar($dir || '')) and $verify_mode != $Net_SSLeay_VERIFY_NONE)
3002 9 291 if ($is_server and $verify_mode & $Net_SSLeay_VERIFY_PEER)
3003 0 9 if ($arg_hash->{'SSL_client_ca'})
3005 0 0 unless &Net::SSLeay::CTX_add_client_CA($ctx, $_)
3010 0 9 if ($arg_hash->{'SSL_client_ca_file'})
3012 0 0 unless my $list = &Net::SSLeay::load_client_CA_file($arg_hash->{'SSL_client_ca_file'})
3020 0 300 if ($arg_hash->{'SSL_check_crl'})
3022 0 0 if ($arg_hash->{'SSL_crl_file'})
3026 0 0 if ($crl) { }
3036 300 0 if $X509_STORE_flags
3041 12 288 if $arg_hash->{'SSL_passwd_cb'}
3045 31 271 if (my $x509 = $arg_hash->{'SSL_cert'}) { }
90 181 elsif (my $f = $arg_hash->{'SSL_cert_file'}) { }
3049 1 30 ref $x509 eq 'ARRAY' ? :
3051 0 31 unless &Net::SSLeay::CTX_use_certificate($ctx, $cert)
3054 0 1 unless &Net::SSLeay::CTX_add_extra_chain_cert($ctx, $ca)
3061 87 3 if (&Net::SSLeay::CTX_use_certificate_chain_file($ctx, $f)) { }
1 2 elsif (do { push @err, ['PEM', _errstack()]; &Net::SSLeay::CTX_use_certificate_file($ctx, $f, 2) }) { }
3072 1 0 if (not $cert and $arg_hash->{'SSL_passwd_cb'} and defined(my $pw = $arg_hash->{'SSL_passwd_cb'}->(0)))
3077 0 2 unless &Net::SSLeay::CTX_use_certificate($ctx, $cert)
3085 0 0 if &Net::SSLeay::CTX_add_extra_chain_cert($ctx, $ca)
3091 0 2 if $key and not &Net::SSLeay::CTX_use_PrivateKey($ctx, $key)
3095 2 0 if $key
3096 2 0 if $cert
3097 2 0 if $key
3101 0 90 unless ($havecert)
3106 0 0 if @e
3112 183 119 if (not $havecert or $havekey) { }
28 91 elsif (my $pkey = $arg_hash->{'SSL_key'}) { }
91 0 elsif (my $f = $arg_hash->{'SSL_key_file'} || ($havecert eq 'PEM' ? $arg_hash->{'SSL_cert_file'} : undef)) { }
3116 0 28 unless &Net::SSLeay::CTX_use_PrivateKey($ctx, $pkey)
3122 91 1 if (&Net::SSLeay::CTX_use_PrivateKey_file($ctx, $f, $ft))
3123 90 1 $ft == 1 ? :
3127 0 91 unless $havekey
3131 8 178 if not $is_server and $can_pha and $havecert and $havekey
3135 100 186 if ($arg_hash->{'SSL_server'})
3137 0 100 if (my $f = $arg_hash->{'SSL_dh_file'}) { }
100 0 elsif (my $dh = $arg_hash->{'SSL_dh'}) { }
3142 0 0 unless $dh
3145 0 0 unless $rv = &Net::SSLeay::CTX_set_tmp_dh($_, $dh)
3148 0 0 unless $rv
3153 0 114 unless &Net::SSLeay::CTX_set_tmp_dh($_, $dh)
3159 10 276 if (my $curve = $arg_hash->{'SSL_ecdh_curve'})
3160 0 10 unless $can_ecdh
3165 0 10 if ($arg_hash->{'SSL_server'} and $curve eq 'auto') { }
10 0 elsif ($set_groups_list) { }
0 0 elsif ($curve =~ /:/) { }
0 0 elsif ($arg_hash->{'SSL_server'}) { }
3166 0 0 if ($can_ecdh eq 'can_auto') { }
0 0 elsif ($can_ecdh eq 'auto') { }
3167 0 0 unless Net::SSLeay::CTX_set_ecdh_auto($_, 1)
3178 0 10 unless &$set_groups_list($_, $curve)
3181 0 10 if $can_ecdh eq "can_auto"
3187 0 0 unless ($curve =~ /^\d+$/)
3193 0 0 unless my $ecdh = &Net::SSLeay::EC_KEY_new_by_curve_name($curve)
3197 0 0 unless &Net::SSLeay::CTX_set_tmp_ecdh($_, $ecdh)
3208 11 275 if (my $fp = $arg_hash->{'SSL_fingerprint'})
3209 2 9 ref $fp ? :
3210 0 13 unless my($algo, $pubkey, $digest) = /^(?:([\w-]+)\$)?(pub\$)?([a-f\d:]+)$/i
3213 0 0 length $digest == 64 ? :
0 0 length $digest == 40 ? :
0 0 length $digest == 32 ? :
3233 2 12 $_->[1] ? :
3239 1 3 $force ? :
3260 0 286 if ($^O eq "darwin")
3265 0 0 $vcb ? :
3266 0 0 if ($rv != 1)
3277 175 11 if (not $is_server and $can_ocsp_staple and not $verify_fingerprint)
3281 0 80 unless my $iossl = $SSL_OBJECT{$ssl}
3283 0 80 if ($iossl->[1])
3294 0 80 if ($staple_callback)
3306 80 0 unless ($resp)
3307 0 80 if $IO::Socket::SSL::DEBUG >= 3
3310 0 0 if $IO::Socket::SSL::DEBUG >= 3
3312 0 0 if ($status != Net::SSLeay::OCSP_RESPONSE_STATUS_SUCCESSFUL())
3314 0 0 if $IO::Socket::SSL::DEBUG >= 3
3318 0 0 unless (eval { do { &Net::SSLeay::OCSP_response_verify($ssl, $resp) } })
3320 0 0 if $IO::Socket::SSL::DEBUG >= 3
3327 0 0 unless ($certid)
3328 0 0 if $IO::Socket::SSL::DEBUG >= 3
3333 0 0 if ($status and $status->[2])
3335 0 0 if (not $status->[1]) { }
0 0 elsif ($status->[2]{'statusType'} == Net::SSLeay::V_OCSP_CERTSTATUS_GOOD()) { }
3337 0 0 if $cache
3342 0 0 if $cache
3349 0 0 if $cache
3358 0 0 if ($hard_error) { }
0 0 elsif (@results and $chain[0] == $iossl->peer_certificate) { }
3368 286 0 if (my $cl = $arg_hash->{'SSL_cipher_list'})
3372 0 300 ref $cl ? :
0 300 unless &Net::SSLeay::CTX_set_cipher_list($ctx{$_}, scalar(ref $cl ? $cl->{$_} || $cl->{''} || $DEFAULT_SSL_ARGS{'SSL_cipher_list'} || (next) : $cl))
3376 0 286 if (my $cl = $arg_hash->{'SSL_ciphersuites'})
3377 0 0 unless $can_ciphersuites
3382 0 0 ref $cl ? :
0 0 unless &Net::SSLeay::CTX_set_ciphersuites($ctx{$_}, scalar(ref $cl ? $cl->{$_} || $cl->{''} || $DEFAULT_SSL_ARGS{'SSL_cipher_list'} || (next) : $cl))
3389 6 280 if (keys %ctx > 1 or not exists $ctx{''})
3390 0 6 unless $can_server_sni
3396 4 15 unless defined $host
3397 0 19 unless (my $snictx = $ctx{lc $host} || $ctx{''})
3398 0 0 if $IO::Socket::SSL::DEBUG > 1
3402 0 19 if $IO::Socket::SSL::DEBUG > 1
3403 9 10 if $snictx != $ctx
3408 0 286 if (my $cb = $arg_hash->{'SSL_create_ctx_callback'})
3416 106 180 $self->{'verify_mode'} ? :
0 286 defined $arg_hash->{'SSL_ocsp_mode'} ? :
3418 0 286 if $IO::Socket::SSL::DEBUG >= 3
3420 0 286 if (my $cache = $arg_hash->{'SSL_session_cache'}) { }
3 283 elsif (my $size = $arg_hash->{'SSL_session_cache_size'}) { }
3428 3 283 if ($self->{'session_cache'} and %sess_cb)
3439 0 15 unless (my $key = $args->{'SSL_session_key'})
3443 0 15 if $IO::Socket::SSL::DEBUG >= 3
3449 0 12 if $IO::Socket::SSL::DEBUG >= 3
3466 284 3 if (my $ctx = $self->{'context'})
3467 0 284 if $IO::Socket::SSL::DEBUG >= 3
3468 284 0 if (not $use_threads or delete $CTX_CREATED_IN_THIS_THREAD{$ctx})
3470 105 179 if ($self->{'verify_mode'})
3471 0 105 if $IO::Socket::SSL::DEBUG >= 3
3474 0 284 if ($self->{'ocsp_error_ref'})
3475 0 0 if $IO::Socket::SSL::DEBUG >= 3
3478 0 284 if $IO::Socket::SSL::DEBUG >= 3
3506 0 3 unless $size > 0
3521 0 19 if $IO::Socket::SSL::DEBUG >= 3
3537 1 12 $key ? :
3541 3 15 if (not $session) { }
12 3 elsif ($v->[0] == $session) { }
3548 1 5 if $v == $head
3550 0 0 $key ? :
0 0 $session ? :
0 13 if $IO::Socket::SSL::DEBUG >= 3
3556 12 3 if $_->[0]
3568 3 13 if ($session)
3571 0 3 if $IO::Socket::SSL::DEBUG >= 3
3572 3 0 if $v->[0] == $session
3574 0 0 if $v == $shead
3579 11 5 if $v
3581 0 0 $session ? :
0 0 $v ? :
0 16 if $IO::Socket::SSL::DEBUG >= 3
3597 27 11 if ($$rhead) { }
3613 1 18 if ($self->{'room'} < 0)
3616 0 1 if $l->[0]
3630 0 32 unless $$rhead
3633 5 27 if ($v != $$rhead) { }
7 20 elsif ($v->[$inext] == $v) { }
3637 4 3 if ($inext == 4) { }
3660 0 22 unless $$rhead
3661 16 6 if $$rhead == $v
3682 0 0 if exists $v2i{$v}
3685 0 0 if $v == $self->{'ghead'}
3695 0 0 if $v == $self->{'ghead'}
3707 0 0 if $v == $shead
3718 0 0 if $v->[0]
3737 0 0 unless my $e = $self->{$id}
3739 0 0 if ($e->{'expire'} and time < $e->{'expire'})
3743 0 0 if ($e->{'nextUpdate'} and time < $e->{'nextUpdate'})
3755 0 0 if ($del > 0)
3777 0 0 unless (my $uri = &Net::SSLeay::P_X509_get_ocsp_uri($cert))
3778 0 0 if $IO::Socket::SSL::DEBUG > 2
3782 0 0 unless (my $certid = eval { do { &Net::SSLeay::OCSP_cert2ids($ssl, $cert) } })
3783 0 0 if $IO::Socket::SSL::DEBUG > 2
3787 0 0 if (not $done = $cache->get($certid)) { }
0 0 elsif ($done->{'hard_error'}) { }
0 0 elsif ($done->{'soft_error'}) { }
3805 0 0 unless %todo
3806 0 0 @soft_error ? :
3831 0 0 if not $todo or $self->{'error'}
3836 0 0 if (not $resp_d) { }
0 0 elsif (not eval { do { $resp = &Net::SSLeay::d2i_OCSP_RESPONSE($resp_d) } }) { }
0 0 elsif ((my $status = &Net::SSLeay::OCSP_response_status($resp)) != Net::SSLeay::OCSP_RESPONSE_STATUS_SUCCESSFUL()) { }
0 0 elsif (not eval { do { $req = &Net::SSLeay::d2i_OCSP_REQUEST($todo->{'req'}); &Net::SSLeay::OCSP_response_verify($self->{'ssl'}, $resp, $req) } }) { }
0 0 elsif (my(@result) = &Net::SSLeay::OCSP_response_results($resp, @{$$todo{'ids'};})) { }
3868 0 0 if ($@) { }
3876 0 0 unless @soft_error
3889 0 0 if ($rv->[2]) { }
3891 0 0 if (not $rv->[1]) { }
0 0 elsif ($rv->[2]{'statusType'} == Net::SSLeay::V_OCSP_CERTSTATUS_GOOD()) { }
3914 0 0 if (@miss and @found)
3922 0 0 if $IO::Socket::SSL::DEBUG >= 2
3934 0 0 if $resp
3935 0 0 if $req
3936 0 0 if ($self->{'failhard'})
3940 0 0 if (@soft_error)
3941 0 0 if $self->{'soft_error'}
3944 0 0 if (@hard_error) { }
0 0 elsif (not %{$self->{'todo'};}) { }
3957 0 0 unless eval { do { require HTTP::Tiny } }
3961 0 0 if $IO::Socket::SSL::DEBUG
3966 0 0 if $IO::Socket::SSL::DEBUG
3968 0 0 if defined $self->add_response($uri, $resp->{'success'} && $resp->{'content'})
3972 0 0 if $IO::Socket::SSL::DEBUG >= 2
4107 0 0 unless $IO::Socket::SSL::DEBUG >= 2
4119 0 0 if ($ssl_ver and $content_type != $trace_constants{'SSL3_RT_HEADER'} and $content_type != $trace_constants{'SSL3_RT_INNER_CONTENT_TYPE'})
4132 0 0 $ssl_ver == $trace_constants{'SSL3_VERSION_MAJOR'} && $content_type ? :
4137 0 0 if ($content_type == $trace_constants{'SSL3_RT_CHANGE_CIPHER_SPEC'}) { }
0 0 elsif ($content_type == $trace_constants{'SSL3_RT_ALERT'}) { }
4148 0 0 $direction ? :