Condition Coverage

blib/lib/IO/Socket/SSL.pm

Criterion	Covered	Total	%
condition	306	561	54.5

and 2 conditions

line	l	!l	condition
1404	0	0	do { *$self }->{'_SSL_object'} && 1
1565	0	0	bless $socket, $original_class and return
2078	1	0	$check_partial_chain && 1
2823	164	84	($verify_cb \|\| @accept_fp) && sub { my($ok, $ctx_store) = @_; my($certname, $cert, $error, $depth); if ($ctx_store) { $cert = &Net::SSLeay::X509_STORE_CTX_get_current_cert($ctx_store); $error = &Net::SSLeay::X509_STORE_CTX_get_error($ctx_store); $depth = &Net::SSLeay::X509_STORE_CTX_get_error_depth($ctx_store); $certname = &Net::SSLeay::X509_NAME_oneline(scalar &Net::SSLeay::X509_get_issuer_name($cert)) . &Net::SSLeay::X509_NAME_oneline(scalar &Net::SSLeay::X509_get_subject_name($cert)); $error &&= &Net::SSLeay::ERR_error_string($error); }; DEBUG("ok=$ok [$depth] $certname") if $IO::Socket::SSL::DEBUG >= 3; $ok = &$verify_cb($ok, $ctx_store, $certname, $error, $cert, $depth) if $verify_cb; $ok = &$verify_fingerprint($ok, $cert, $depth) if $verify_fingerprint and $cert; return $ok; }

and 3 conditions

line	!l	l&&!r	l&&r	condition
89	0	0	80	defined &Net::SSLeay::P_next_proto_negotiated && !&Net::SSLeay::constant('LIBRESSL_VERSION_NUMBER')
94	0	0	80	defined &Net::SSLeay::CTX_set_tmp_ecdh && ($openssl_version != 268439631 \|\| length pack('P', 0) == 4)
107	0	0	80	$can_ecdh && $openssl_version >= 268443648
109	0	0	80	defined &Net::SSLeay::OCSP_cert2ids && ($netssleay_version < 1.75 \|\| $netssleay_version > 1.77)
112	0	0	80	$can_ocsp && defined &Net::SSLeay::set_tlsext_status_type
114	0	0	80	defined &Net::SSLeay::CTX_set_tlsext_ticket_getkey_cb && $netssleay_version >= 1.8
123	80	0	0	$session_upref and defined &Net::SSLeay::CTX_sess_set_new_cb
	80	0	0	$session_upref and defined &Net::SSLeay::CTX_sess_set_new_cb and defined &Net::SSLeay::CTX_sess_set_remove_cb
132	80	0	0	defined &Net::SSLeay::CTX_get0_param && eval { do { Net::SSLeay::X509_V_FLAG_PARTIAL_CHAIN() } }
540	45	0	0	not %default_ca and do { local $SIG{'__DIE__'}; eval { do { require Mozilla::CA; 1 } } }
646	0	0	68	$IOCLASS eq "IO::Socket::IP" and not defined $arg_hash->{'GetAddrInfoFlags'}
651	104	0	2	defined $blocking and not $blocking
717	62	0	12	defined $sh and not $sh
817	160	4	8	$ctx->{'session_cache'} and my $session = $ctx->{'session_cache'}->get_session($arg_hash->{'SSL_session_key'})
830	159	0	17	defined $timeout and $timeout > 0
	159	0	17	defined $timeout and $timeout > 0 and $self->blocking(0)
840	159	0	17	defined $timeout && time
936	0	130	12	not %sess_cb and $ctx->{'session_cache'}
	130	0	12	not %sess_cb and $ctx->{'session_cache'} and my $session = &Net::SSLeay::get1_session($ssl)
987	42	0	16	defined $sh and not $sh
1006	71	9	42	@_ && UNIVERSAL::isa($_[0], 'IO::Handle')
1044	108	0	14	defined $timeout and $timeout > 0
	108	0	14	defined $timeout and $timeout > 0 and $socket->blocking(0)
1053	108	0	14	defined $timeout && time
1143	0	0	0	not $! and $err == $Net_SSLeay_ERROR_SSL \|\| $err == $Net_SSLeay_ERROR_SYSCALL
1218	59	0	0	not $written and $errs
1342	20	0	58	$pending and (my $pb = &Net::SSLeay::peek($ssl, $pending)) ne ""
1376	3	53	2	$eod and $delim1 eq '' \|\| $eod < length $buf
1428	94	18	41	$status & 1 and $status & 2 \|\| $stop_args->{'SSL_fast_shutdown'}
1534	0	0	0	$ctx_object && $ctx_object->{'context'}
1586	38	0	0	not $was_blocking and $socket->can("blocking")
1626	0	3	0	@chain and not $self->peer_certificate
1667	80	0	0	$reload and do { *$self }->{'_SSL_certificate'}
1849	106	87	116	$wtyp eq "anywhere" and $name =~ /^([a-zA-Z0-9_\-])\(.+)/
	97	70	26	$wtyp =~ /^(?:full_label\|leftmost)$/ and $name =~ /^\*(\..+)$/
1850	82	30	4	$1 ne "" and substr($identity, 0, 4) eq "xn--"
1873	269	50	42	$ipn and $type == GEN_IPADD()
	50	47	222	not $ipn and $type == GEN_DNS()
1886	0	14	87	$scheme->{'check_cn'} eq "when_only" and not $alt_dnsNames
1984	0	0	46	ref $self && do { *$self }->{'_SSL_last_err'}
1993	44	0	1	defined $error_trap and ref $error_trap eq "CODE"
2030	53	3	19	not ref $self and $CURRENT_SSL_OBJECT
2184	1	4	0	IO::Handle::opened($self) && do { *$self }->{'_SSL_opened'}
2284	2	0	24	$ctx->isa("IO::Socket::SSL::SSL_Context") and $ctx->{'context'}
2296	91	153	6	not $is_server \|\| defined $arg_hash->{'SSL_use_cert'} and grep {$arg_hash->{$_};} "SSL_cert", "SSL_cert_file"
	244	0	6	not $is_server \|\| defined $arg_hash->{'SSL_use_cert'} and grep {$arg_hash->{$_};} "SSL_cert", "SSL_cert_file" and grep {$arg_hash->{$_};} "SSL_key", "SSL_key_file"
2326	1707	293	0	defined $arg_hash->{$_} and $arg_hash->{$_} eq ""
2349	89	77	84	not $is_server and $verify_mode & 1
	166	42	42	not $is_server and $verify_mode & 1 and !$vcn_scheme \|\| $vcn_scheme ne 'none'
2390	89	0	0	$arg_hash->{'SSL_ticket_keycb'} and not $can_tckt_keycb
2408	250	0	0	$ver and $v ne $ver
2471	8	235	19	$ver eq "SSLv23" and not $ssl_op & $SSL_OP_NO{'SSLv3'}
2479	262	0	0	$IO::Socket::SSL::DEBUG >= 2 and $set_msg_callback
2489	159	94	9	$arg_hash->{'SSL_server'} and my $id = $arg_hash->{'SSL_session_id_context'} \|\| $arg_hash->{'SSL_verify_mode'} & 1 && "$ctx"
2541	107	0	0	ref $file eq "SCALAR" and not $$file
2543	107	0	0	ref $dir eq "SCALAR" and not $$dir
2553	32	75	0	$file \|\| $dir and not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($file \|\| ''), scalar($dir \|\| ''))
2563	155	0	0	not &Net::SSLeay::CTX_load_verify_locations($ctx, scalar($ca{'SSL_ca_file'} \|\| ''), scalar($dir \|\| '')) and $verify_mode != $Net_SSLeay_VERIFY_NONE
2571	159	94	9	$is_server and $verify_mode & $Net_SSLeay_VERIFY_PEER
2641	1	0	1	not $cert and $arg_hash->{'SSL_passwd_cb'}
	0	0	1	not $cert and $arg_hash->{'SSL_passwd_cb'} and defined(my $pw = $arg_hash->{'SSL_passwd_cb'}->(0))
2657	0	2	0	$key and not &Net::SSLeay::CTX_use_PrivateKey($ctx, $key)
2697	105	159	0	not $is_server and $can_pha
	264	0	0	not $is_server and $can_pha and $havecert
	159	0	0	not $is_server and $can_pha and $havecert and $havekey
2731	0	103	0	$arg_hash->{'SSL_server'} and $curve eq "auto"
2789	239	0	9	@accept_fp && do { my $fail; sub { my($ok, $cert, $depth) = @_; $fail = 1 unless $ok; return 1 if $depth > 0; my %fp; foreach $_ (@accept_fp) { my $fp = ($fp{join $;, $_->[0], $_->[1]} \|\|= $_->[1] ? &Net::SSLeay::X509_pubkey_digest($cert, scalar &$algo2digest($_->[0])) : &Net::SSLeay::X509_digest($cert, scalar &$algo2digest($_->[0]))); next if $fp ne $_->[2]; return 1; }; return !$fail; } }
2817	164	0	19	$error &&= &Net::SSLeay::ERR_error_string($error)
2842	89	0	159	not $is_server and $can_ocsp_staple
	89	9	150	not $is_server and $can_ocsp_staple and not $verify_fingerprint
2890	0	2	1	$status and $status->[2]
2915	0	0	1	@results and $chain[0] == $iossl->peer_certificate
2985	245	3	0	$self->{'session_cache'} and %sess_cb
3127	4	12	0	$v && $v->[0]
3249	0	0	0	$e->{'expire'} and time < $e->{'expire'}
3253	0	0	0	$e->{'nextUpdate'} and time < $e->{'nextUpdate'}
3423	2	0	0	@miss and @found
3475	0	0	2	$resp->{'success'} && $resp->{'content'}
3623	0	0	0	$ssl_ver and $content_type != $trace_constants{'SSL3_RT_INNER_CONTENT_TYPE'}
3633	0	0	0	$ssl_ver == $trace_constants{'SSL3_VERSION_MAJOR'} && $content_type

or 2 conditions

line	l	!l	condition
154	0	0	eval { do { Net::SSLeay::MODE_AUTO_RETRY() } } \|\| 4
368	80	0	eval { do { require Socket; 'Socket'->VERSION(1.95); die unless Socket::inet_pton(10, '::1') and 10; 'Socket'->import('inet_pton', 'NI_NUMERICHOST', 'NI_NUMERICSERV'); _getnameinfo = sub { return unless my($err, $host, $port) = Socket::getnameinfo(@_); return if $err; return $host, $port; } ; 'Socket' } } \|\| eval { do { require Socket6; die unless Socket6::inet_pton(10, '::1') and 10; 'Socket6'->import('inet_pton', 'NI_NUMERICHOST', 'NI_NUMERICSERV'); _getnameinfo = sub { return Socket6::getnameinfo(@_); } ; 'Socket6' } } \|\| undef
446	0	240	UNIVERSAL::can('Net::SSLeay', $name) \|\| sub { $value; }
658	0	269	$arg_hash->{'Proto'} \|\|= "tcp"
661	18	172	$arg_hash->{'Listen'} \|\| 0
689	62	0	$! \|\|= 11
698	74	0	shift() \|\| (return _invalid_object())
725	0	174	$_[0] \|\| {}
741	172	0	&Net::SSLeay::new($ctx->{'context'}) \|\| (return $self->error('SSL structure creation failed'))
879	1	0	$! \|\|= 110
975	58	0	shift() \|\| (return _invalid_object())
976	0	58	shift() \|\| 'IO::Socket::SSL'
982	58	0	$self->SUPER::accept($class) \|\| (return)
1007	0	113	$_[0] \|\| {}
1027	119	0	&Net::SSLeay::new(do { *$socket }->{'_SSL_ctx'}{'context'}) \|\| (return $socket->error('SSL structure creation failed'))
1086	1	0	$! \|\|= 110
1134	6117	0	do { *$self }->{'_SSL_object'} \|\| (return)
1155	10	6106	$offset \|\|= 0
1202	7742	0	do { *$self }->{'_SSL_object'} \|\| (return)
1207	2	7740	$offset \|\|= 0
1227	2	0	$! \|\|= 32
1259	0	57	$, \|\| ''
	0	57	$\ \|\| ''
1385	245	0	shift() \|\| (return _invalid_object())
1408	291	0	shift() \|\| (return _invalid_object())
1435	104	0	do { *$self }->{'_SSL_opened'} \|\| 0
1450	0	0	$! \|\|= 32
1544	1	0	(shift())->_get_ssl_object \|\| (return)
1605	1	0	$IO::Socket::SSL::ISA[0]->new_from_fd($fd, '+<') \|\| (return $class->error('Could not create socket from file descriptor.'))
1616	1	0	(shift())->_get_ssl_object \|\| (return)
1624	3	0	$self->_get_ssl_object \|\| (return)
1684	6	0	$self->_get_ssl_object \|\| (return)
1685	6	0	&Net::SSLeay::get_certificate($ssl) \|\| (return)
1791	161	42	shift() \|\| 'default'
1838	299	10	$wtyp \|\|= ""
1924	8	0	$algo \|\| 'sha256'
	14	0	$algo \|\| 'sha256'
1931	20	2	$algo \|\|= "sha256"
1937	12	0	(shift())->_get_ssl_object \|\| (return)
1942	28	0	(shift())->_get_ssl_object \|\| (return)
1956	0	0	(shift())->_get_ssl_object \|\| (return)
1961	3	0	(shift())->_get_ssl_object \|\| (return)
1969	2	0	$self->_get_ssl_object \|\| (return)
1985	0	0	$IO::Socket::SSL::SSL_ERROR \|\| ''
2012	0	1	Net::SSLeay::print_errs('SSL error: ') \|\| ''
2171	2	0	$self->_get_ssl_object \|\| (return)
2178	2	0	$self->_get_ssl_object \|\| (return)
2307	0	32	undef $arg_hash->{'SSL_ca_path'} \|\|= undef
2309	0	0	$arg_hash->{'SSL_ca_file'} \|\|= undef
2310	0	61	$arg_hash->{'SSL_ca_path'} \|\|= undef
2335	87	163	$arg_hash->{'SSL_verify_mode'} \|\| 0
2338	22	152	$arg_hash->{$_} \|\| (next)
2553	75	0	$file \|\| ''
	0	75	$dir \|\| ''
2563	22	133	$ca{'SSL_ca_file'} \|\| ''
	133	22	$dir \|\| ''
2704	0	0	&Net::SSLeay::BIO_new_file($f, 'r') \|\| (return 'IO::Socket::SSL'->error("Failed to open DH file $f"))
2755	89	0	&Net::SSLeay::OBJ_txt2nid($curve) \|\| (return 'IO::Socket::SSL'->error("cannot find NID for curve name '${curve}'"))
2786	1	10	$pubkey \|\| ''
2929	0	0	$cl->{$_} \|\| $cl->{''} \|\| $DEFAULT_SSL_ARGS{'SSL_cipher_list'} \|\| (next)
2939	0	0	$cl->{$_} \|\| $cl->{''} \|\| $DEFAULT_SSL_ARGS{'SSL_cipher_list'} \|\| (next)
3096	0	0	~~@del \|\| 'none'
3241	0	2	$size \|\| 100
3314	0	0	$hard_error \|\|= ""
3644	0	0	eval { do { Net::SSLeay::SSL_alert_desc_string_long($msg_type) } } \|\| 'Unknown alert'

or 3 conditions

line	l	!l&&r	!l&&!r	condition
512	0	45	0	$openssldir \|\|= &Net::SSLeay::SSLeay_version(5) =~ /^OPENSSLDIR: "(.+)"$/ ? $1 : (&Net::SSLeay::SSLeay_version(4) =~ /^OPENSSLDIR: "(.+)"$/ ? $1 : "cannot-determine-openssldir-from-ssleay-version")
519	0	45	0	$ENV{'SSL_CERT_DIR'} \|\| ($^O =~ /vms/i ? 'SSLCERTS:' : "$openssldir/certs")
531	0	45	0	$ENV{'SSL_CERT_FILE'} \|\| ($^O =~ /vms/i ? 'SSLCERTS:cert.pem' : "$openssldir/cert.pem")
565	0	0	0	UNIVERSAL::isa($class, "IO::Socket::INET6") or UNIVERSAL::isa($class, "IO::Socket::IP")
640	68	0	44	$arg_hash->{'Domain'} \|\| $arg_hash->{'Family'}
	0	68	44	$arg_hash->{$family_key} \|\|= $arg_hash->{'Domain'} \|\| $arg_hash->{'Family'}
747	6	6	0	$arg_hash->{'SSL_session_key'} \|\|= do { my $host = $arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'} \|\| $self->_update_peer; my $port = $arg_hash->{'PeerPort'} \|\| $arg_hash->{'PeerService'}; $port ? "${host}:$port" : $host }
749	5	1	0	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'} \|\| $self->_update_peer
750	1	5	0	$arg_hash->{'PeerPort'} \|\| $arg_hash->{'PeerService'}
760	2	60	89	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'}
768	62	0	0	not $host =~ /[a-z_]/i or $host =~ /:/
785	2	75	95	$arg_hash->{'PeerAddr'} or $arg_hash->{'PeerHost'}
789	42	11	44	$arg_hash->{'SSL_verifycn_name'} \|\| $arg_hash->{'SSL_hostname'}
791	23	21	0	$arg_hash->{'PeerAddr'} \|\| $arg_hash->{'PeerHost'}
824	172	4	0	$ssl \|\|= do { *$self }->{'_SSL_object'}
911	140	2	0	$ctx \|\|= do { *$self }->{'_SSL_ctx'}
1036	119	3	0	$ssl \|\|= do { *$socket }->{'_SSL_object'}
1143	0	0	0	$err == $Net_SSLeay_ERROR_SSL \|\| $err == $Net_SSLeay_ERROR_SYSCALL
1206	7682	60	0	$length \|\|= $buf_len
1277	2	5	76	not defined $/ or wantarray
1285	0	0	0	$! == 11 or $! == 11
1315	0	0	0	$! == 11 or $! == 11
1334	1	20	58	not defined $poke or $poke eq ""
1376	54	1	0	$delim1 eq '' \|\| $eod < length $buf
1428	10	39	10	$status & 2 \|\| $stop_args->{'SSL_fast_shutdown'}
1500	0	46	51	$downgrade or not defined $downgrade
1526	235	0	0	do { *$self }->{'_SSL_object'} \|\| 'IO::Socket::SSL'->_internal_error('Undefined SSL object', 9)
1572	151	0	4	not defined $start_handshake or $start_handshake
1669	45	35	0	do { *$self }->{'_SSL_certificate'} \|\|= &Net::SSLeay::get_peer_certificate($ssl)
1795	203	0	0	$scheme{$scheme} \|\| croak("scheme $scheme not defined")
1820	0	3	43	4 != @ip or 4 != grep({$_ < 256 if defined $_;} @ip)
1886	18	87	14	$scheme->{'check_cn'} eq "always" or $scheme->{'check_cn'} eq "when_only" and not $alt_dnsNames
1915	0	8	0	do { *$self }->{'_SSL_servername'} \|\|= do { return unless my $ssl = $self->_get_ssl_object; &Net::SSLeay::get_servername($ssl) }
1923	2	20	0	$cert \|\|= $self->peer_certificate
1976	1	1	0	$ctx->{'ocsp_cache'} \|\|= "IO::Socket::SSL::OCSP_Cache"->new
1993	36	0	8	do { $self }->{'_SSL_ioclass_upgraded'} or do { $self }->{'_SSL_arguments'}{'SSL_keepSocketOnError'}
2033	41	6	25	not $oe or $oe->[1] <= $severity
2084	194	0	0	not $use_threads or delete $CREATED_IN_THIS_THREAD{$ssl}
2296	89	2	159	$is_server \|\| defined $arg_hash->{'SSL_use_cert'}
2307	0	0	32	$arg_hash->{'SSL_ca_file'} \|\|= (undef $arg_hash->{'SSL_ca_path'} \|\|= undef)
2318	2696	1544	0	defined $arg_hash->{$_} or delete $arg_hash->{$_}
2349	42	42	0	!$vcn_scheme \|\| $vcn_scheme ne 'none'
2364	84	0	0	$verify_name \|\| ref $vcn_scheme && $vcn_scheme->{'callback'} && 'unknown'
2404	683	27	0	$2 \|\| $3
2489	0	9	94	$arg_hash->{'SSL_session_id_context'} \|\| $arg_hash->{'SSL_verify_mode'} & 1 && "$ctx"
2537	32	75	155	$arg_hash->{'SSL_ca'} or defined $arg_hash->{'SSL_ca_file'}
	107	0	155	$arg_hash->{'SSL_ca'} or defined $arg_hash->{'SSL_ca_file'} or defined $arg_hash->{'SSL_ca_path'}
2553	75	0	32	$file \|\| $dir
2678	153	2	109	not $havecert or $havekey
	80	1	0	$arg_hash->{'SSL_key_file'} \|\| ($havecert eq 'PEM' ? $arg_hash->{'SSL_cert_file'} : undef)
2779	11	0	0	$algo \|\|= length $digest == 32 ? "md5" : (length $digest == 40 ? "sha1" : (length $digest == 64 ? "sha256" : (return "IO::Socket::SSL"->_internal_error("cannot detect hash algorithm from fingerprint '${_}'", 9))))
2798	1	12	0	$fp{join $;, $_->[0], $_->[1]} \|\|= $_->[1] ? &Net::SSLeay::X509_pubkey_digest($cert, scalar &$algo2digest($_->[0])) : &Net::SSLeay::X509_digest($cert, scalar &$algo2digest($_->[0]))
2945	248	0	0	$ctx{''} \|\| (values %ctx)[0]
2946	6	0	242	keys %ctx > 1 or not exists $ctx{''}
2954	13	6	0	$ctx{lc $host} \|\| $ctx{''}
2991	0	0	0	$SSL_OBJECT{$ssl} \|\| do { warn "callback session new: no known SSL object for $ssl"; return }
3025	246	0	0	not $use_threads or delete $CTX_CREATED_IN_THIS_THREAD{$ctx}
3340	0	0	2	not $todo or $self->{'error'}
3617	0	0	0	$tc_ver2s{$ssl_ver} \|\| "(version=$ssl_ver)"
3633	0	0	0	$tc_type2s{$content_type} \|\| "TLS Unknown (type=$content_type)"
3647	0	0	0	$tc_msgtype2s{join $;, $ssl_ver, $msg_type} \|\| "Unknown (ssl_ver=$ssl_ver, msg=$msg_type)"