return "-----BEGIN $label-----\n$b64\n-----END $label-----\n";
}
-my $ssl_die = sub {
+my sub ssl_die {
my ($msg) = @_;
- Net::SSLeay::die_now($msg);
-};
-
-my $ssl_warn = sub {
- my ($msg) = @_;
- Net::SSLeay::print_errs();
- warn $msg if $msg;
+ Net::SSLeay::die_now("$msg\n");
};
my $read_certificate = sub {
die "'$cert_path' does not exist!\n" if ! -e $cert_path;
my $bio = Net::SSLeay::BIO_new_file($cert_path, 'r')
- or $ssl_die->("unable to read '$cert_path' - $!\n");
+ or ssl_die("unable to read '$cert_path' - $!");
my $cert = Net::SSLeay::PEM_read_bio_X509($bio);
Net::SSLeay::BIO_free($bio);
sub convert_asn1_to_epoch {
my ($asn1_time) = @_;
- $ssl_die->("invalid ASN1 time object\n") if !$asn1_time;
+ ssl_die("invalid ASN1 time object") if !$asn1_time;
my $iso_time = Net::SSLeay::P_ASN1_TIME_get_isotime($asn1_time);
- $ssl_die->("unable to parse ASN1 time\n") if $iso_time eq '';
+ ssl_die("unable to parse ASN1 time") if $iso_time eq '';
return Date::Parse::str2time($iso_time);
}
return $fp;
}
-sub certificate_matches_key {
+sub check_certificate_matches_key {
my ($cert_path, $key_path) = @_;
die "No certificate path given!\n" if !$cert_path;
die "Certificate key '$key_path' does not exist!\n" if ! -e $key_path;
my $ctx = Net::SSLeay::CTX_new()
- or $ssl_die->(
- "Failed to create SSL context in order to verify private key"
- );
+ or ssl_die("Failed to create SSL context in order to verify private key");
eval {
my $filetype = &Net::SSLeay::FILETYPE_PEM;
Net::SSLeay::CTX_use_PrivateKey_file($ctx, $key_path, $filetype)
- or $ssl_die->(
- "Failed to load private key from '$key_path' into SSL context"
- );
+ or ssl_die("Failed to load private key from '$key_path' into SSL context");
Net::SSLeay::CTX_use_certificate_file($ctx, $cert_path, $filetype)
- or $ssl_die->(
- "Failed to load certificate from '$cert_path' into SSL context"
- );
+ or ssl_die("Failed to load certificate from '$cert_path' into SSL context");
Net::SSLeay::CTX_check_private_key($ctx)
- or $ssl_die->(
- "Failed to validate private key and certificate"
- );
+ or ssl_die("Failed to validate private key and certificate");
};
my $err = $@;
my $cleanup = sub {
my ($warn, $die_msg) = @_;
- $ssl_warn->() if $warn;
+ Net::SSLeay::print_errs() if $warn;
Net::SSLeay::X509_REQ_free($req) if $req;
Net::SSLeay::EVP_PKEY_free($pk) if $pk;
# this unfortunately causes a small memory leak, since there is no
# X509_NAME_free() (yet)
my $name = Net::SSLeay::X509_NAME_new();
- $ssl_die->("Failed to allocate X509_NAME object\n") if !$name;
+ ssl_die("Failed to allocate X509_NAME object") if !$name;
my $add_name_entry = sub {
my ($k, $v) = @_;