… | |
… | |
1856 | is handled, up to the fictituous protocol 4.x (but both SSL3+ and |
1856 | is handled, up to the fictituous protocol 4.x (but both SSL3+ and |
1857 | SSL2-compatible framing is supported). |
1857 | SSL2-compatible framing is supported). |
1858 | |
1858 | |
1859 | If it detects that the input data is likely TLS, it calls the callback |
1859 | If it detects that the input data is likely TLS, it calls the callback |
1860 | with a true value for C<$detect> and the (on-wire) TLS version as second |
1860 | with a true value for C<$detect> and the (on-wire) TLS version as second |
1861 | and third argument (C<$major> is C<3>, and C<$minor> is 0..3 for SSL |
1861 | and third argument (C<$major> is C<3>, and C<$minor> is 0..4 for SSL |
1862 | 3.0, TLS 1.0, 1.1 and 1.2, respectively). If it detects the input to |
1862 | 3.0, TLS 1.0, 1.1, 1.2 and 1.3, respectively). If it detects the input |
1863 | be definitely not TLS, it calls the callback with a false value for |
1863 | to be definitely not TLS, it calls the callback with a false value for |
1864 | C<$detect>. |
1864 | C<$detect>. |
1865 | |
1865 | |
1866 | The callback could use this information to decide whether or not to start |
1866 | The callback could use this information to decide whether or not to start |
1867 | TLS negotiation. |
1867 | TLS negotiation. |
1868 | |
1868 | |
… | |
… | |
1914 | ) { |
1914 | ) { |
1915 | return if 3 != length $1; # partial match, can't decide yet |
1915 | return if 3 != length $1; # partial match, can't decide yet |
1916 | |
1916 | |
1917 | # full match, valid TLS record |
1917 | # full match, valid TLS record |
1918 | my ($major, $minor) = unpack "CC", $1; |
1918 | my ($major, $minor) = unpack "CC", $1; |
1919 | $cb->($self, "accept", $major + $minor * 0.1); |
1919 | $cb->($self, "accept", $major, $minor); |
1920 | } else { |
1920 | } else { |
1921 | # mismatch == guaranteed not TLS |
1921 | # mismatch == guaranteed not TLS |
1922 | $cb->($self, undef); |
1922 | $cb->($self, undef); |
1923 | } |
1923 | } |
1924 | |
1924 | |
… | |
… | |
2056 | } |
2056 | } |
2057 | } |
2057 | } |
2058 | |
2058 | |
2059 | # poll the write BIO and send the data if applicable |
2059 | # poll the write BIO and send the data if applicable |
2060 | # also decode read data if possible |
2060 | # also decode read data if possible |
2061 | # this is basiclaly our TLS state machine |
2061 | # this is basically our TLS state machine |
2062 | # more efficient implementations are possible with openssl, |
2062 | # more efficient implementations are possible with openssl, |
2063 | # but not with the buggy and incomplete Net::SSLeay. |
2063 | # but not with the buggy and incomplete Net::SSLeay. |
2064 | sub _dotls { |
2064 | sub _dotls { |
2065 | my ($self) = @_; |
2065 | my ($self) = @_; |
2066 | |
2066 | |
… | |
… | |
2255 | |
2255 | |
2256 | return unless $self->{tls}; |
2256 | return unless $self->{tls}; |
2257 | |
2257 | |
2258 | $self->{tls_ctx}->_put_session (delete $self->{tls}) |
2258 | $self->{tls_ctx}->_put_session (delete $self->{tls}) |
2259 | if $self->{tls} > 0; |
2259 | if $self->{tls} > 0; |
2260 | |
2260 | |
2261 | delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)}; |
2261 | delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)}; |
2262 | } |
2262 | } |
2263 | |
2263 | |
2264 | =item $handle->resettls |
2264 | =item $handle->resettls |
2265 | |
2265 | |