Brad Fitzpatrick (brad) wrote,
Brad Fitzpatrick

Net::SSLeay, djabberd, OO SSL....

Is it just me, or is Net::SSLeay a total piece of shit?

The code is terrible, usage feels dirty, docs are terrible/wrong/incomplete. This is really the best Perl option for low-level SSL? I came down this far because all the high-level Perl SSL stuff is worse. I thought, "Oh, maybe they just couldn't use the low-level stuff correctly...." Nope, I don't think I can blame them.

Hackathon idea: new (Object-oriented) SSL library for Perl, wrapping either Net::SSLeay (to start, perhaps) but eventually just some XS around the relatively clean (not perfectly clean) OpenSSL libraries. Even the OpenSSL docs are marked [INCOMPLETE] all over.

I'm here because while I thought we were done with SSL stuff for DJabberd, it turns out we're not. I can connect over SSL with Adium or Gaim, other servers (well, Wildfire, which is really nice) can't connect inbound to it over SSL. I get:

SSL_read 5428: 1 - error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

After the socket becomes readable after the SSL_accept(). Doesn't seem to matter whether I force TLS, SSLv3, or let it auto-negotiate.
Tags: djabberd, hate, perl, tech

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.