Segmentation fault while using IO::Socket::SSL::Utils::PEM_cert2file with CERT_create about p5-io-socket-ssl HOT 2 CLOSED

CERT_create returns (cert,key) and this is also documented.
If you use in in scalar context you will end up with the last entry of the return list, i.e. key - this is how Perl works. Trying to use the key within PEM_cert2file will result in a segmentation fault, because the key is in effect a OpenSSL EV_PKEY* and using it as an OpenSSL X509* will crash OpenSSL. While this is not the optimal behavior there is not much I can do about it, since IO::Socket::SSL::Utils just wraps around Net::SSLeay which simply wraps objects around pointers to OpenSSL structures and you have to make sure yourself that you use the right kind of handle at the right place or OpenSSL will crash.

When using it directly inside PEM_cert2file it will be called in array context, so that the first argument will be the certificate. But the second argument will not be the file name but instead the key, and thus you will end up with the certificate written to a file name with some number (i.e. the value of EV_PKEY*) and not the name you've intended.

from p5-io-socket-ssl.

Well, it looks like I'm an idiot then! I shouldn't write code and report issues after being awake for 19 hours... The segmentation fault really had me thinking about a problem in the library.

One suggestion I could give is to use wantarray to return an arrayref in scalar context (and maybe automatically dereference - if necessary - in the subroutines using certificates), to make the errors more explicit. But really, that shouldn't be necessary with someone who carefully reads the documentation.

Sorry for wasting your time, and keep up the good work. Have a good day!

from p5-io-socket-ssl.