| … | |
… | |
| 14 | |
14 | |
| 15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
| 16 | |
16 | |
| 17 | =cut |
17 | =cut |
| 18 | |
18 | |
| 19 | our $VERSION = 4.232; |
19 | our $VERSION = 4.3; |
| 20 | |
20 | |
| 21 | =head1 SYNOPSIS |
21 | =head1 SYNOPSIS |
| 22 | |
22 | |
| 23 | use AnyEvent; |
23 | use AnyEvent; |
| 24 | use AnyEvent::Handle; |
24 | use AnyEvent::Handle; |
| … | |
… | |
| 59 | treatment of characters applies to this module as well. |
59 | treatment of characters applies to this module as well. |
| 60 | |
60 | |
| 61 | All callbacks will be invoked with the handle object as their first |
61 | All callbacks will be invoked with the handle object as their first |
| 62 | argument. |
62 | argument. |
| 63 | |
63 | |
|
|
64 | =head2 SIGPIPE is not handled by this module |
|
|
65 | |
|
|
66 | SIGPIPE is not handled by this module, so one of the practical |
|
|
67 | requirements of using it is to ignore SIGPIPE (C<$SIG{PIPE} = |
|
|
68 | 'IGNORE'>). At least, this is highly recommend in a networked program: If |
|
|
69 | you use AnyEvent::Handle in a filter program (like sort), exiting on |
|
|
70 | SIGPIPE is probably the right thing to do. |
|
|
71 | |
| 64 | =head1 METHODS |
72 | =head1 METHODS |
| 65 | |
73 | |
| 66 | =over 4 |
74 | =over 4 |
| 67 | |
75 | |
| 68 | =item B<new (%args)> |
76 | =item B<new (%args)> |
| … | |
… | |
| 103 | occured, such as not being able to resolve the hostname, failure to |
111 | occured, such as not being able to resolve the hostname, failure to |
| 104 | connect or a read error. |
112 | connect or a read error. |
| 105 | |
113 | |
| 106 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
114 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
| 107 | fatal errors the handle object will be shut down and will not be usable |
115 | fatal errors the handle object will be shut down and will not be usable |
| 108 | (but you are free to look at the current C< ->rbuf >). Examples of fatal |
116 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
| 109 | errors are an EOF condition with active (but unsatisifable) read watchers |
117 | errors are an EOF condition with active (but unsatisifable) read watchers |
| 110 | (C<EPIPE>) or I/O errors. |
118 | (C<EPIPE>) or I/O errors. |
| 111 | |
119 | |
| 112 | Non-fatal errors can be retried by simply returning, but it is recommended |
120 | Non-fatal errors can be retried by simply returning, but it is recommended |
| 113 | to simply ignore this parameter and instead abondon the handle object |
121 | to simply ignore this parameter and instead abondon the handle object |
| … | |
… | |
| 152 | =item timeout => $fractional_seconds |
160 | =item timeout => $fractional_seconds |
| 153 | |
161 | |
| 154 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
162 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
| 155 | seconds pass without a successful read or write on the underlying file |
163 | seconds pass without a successful read or write on the underlying file |
| 156 | handle, the C<on_timeout> callback will be invoked (and if that one is |
164 | handle, the C<on_timeout> callback will be invoked (and if that one is |
| 157 | missing, an C<ETIMEDOUT> error will be raised). |
165 | missing, a non-fatal C<ETIMEDOUT> error will be raised). |
| 158 | |
166 | |
| 159 | Note that timeout processing is also active when you currently do not have |
167 | Note that timeout processing is also active when you currently do not have |
| 160 | any outstanding read or write requests: If you plan to keep the connection |
168 | any outstanding read or write requests: If you plan to keep the connection |
| 161 | idle then you should disable the timout temporarily or ignore the timeout |
169 | idle then you should disable the timout temporarily or ignore the timeout |
| 162 | in the C<on_timeout> callback. |
170 | in the C<on_timeout> callback, in which case AnyEvent::Handle will simply |
|
|
171 | restart the timeout. |
| 163 | |
172 | |
| 164 | Zero (the default) disables this timeout. |
173 | Zero (the default) disables this timeout. |
| 165 | |
174 | |
| 166 | =item on_timeout => $cb->($handle) |
175 | =item on_timeout => $cb->($handle) |
| 167 | |
176 | |
| … | |
… | |
| 171 | |
180 | |
| 172 | =item rbuf_max => <bytes> |
181 | =item rbuf_max => <bytes> |
| 173 | |
182 | |
| 174 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
183 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
| 175 | when the read buffer ever (strictly) exceeds this size. This is useful to |
184 | when the read buffer ever (strictly) exceeds this size. This is useful to |
| 176 | avoid denial-of-service attacks. |
185 | avoid some forms of denial-of-service attacks. |
| 177 | |
186 | |
| 178 | For example, a server accepting connections from untrusted sources should |
187 | For example, a server accepting connections from untrusted sources should |
| 179 | be configured to accept only so-and-so much data that it cannot act on |
188 | be configured to accept only so-and-so much data that it cannot act on |
| 180 | (for example, when expecting a line, an attacker could send an unlimited |
189 | (for example, when expecting a line, an attacker could send an unlimited |
| 181 | amount of data without a callback ever being called as long as the line |
190 | amount of data without a callback ever being called as long as the line |
| 182 | isn't finished). |
191 | isn't finished). |
| 183 | |
192 | |
| 184 | =item autocork => <boolean> |
193 | =item autocork => <boolean> |
| 185 | |
194 | |
| 186 | When disabled (the default), then C<push_write> will try to immediately |
195 | When disabled (the default), then C<push_write> will try to immediately |
| 187 | write the data to the handle if possible. This avoids having to register |
196 | write the data to the handle, if possible. This avoids having to register |
| 188 | a write watcher and wait for the next event loop iteration, but can be |
197 | a write watcher and wait for the next event loop iteration, but can |
| 189 | inefficient if you write multiple small chunks (this disadvantage is |
198 | be inefficient if you write multiple small chunks (on the wire, this |
| 190 | usually avoided by your kernel's nagle algorithm, see C<low_delay>). |
199 | disadvantage is usually avoided by your kernel's nagle algorithm, see |
|
|
200 | C<no_delay>, but this option can save costly syscalls). |
| 191 | |
201 | |
| 192 | When enabled, then writes will always be queued till the next event loop |
202 | When enabled, then writes will always be queued till the next event loop |
| 193 | iteration. This is efficient when you do many small writes per iteration, |
203 | iteration. This is efficient when you do many small writes per iteration, |
| 194 | but less efficient when you do a single write only. |
204 | but less efficient when you do a single write only per iteration (or when |
|
|
205 | the write buffer often is full). It also increases write latency. |
| 195 | |
206 | |
| 196 | =item no_delay => <boolean> |
207 | =item no_delay => <boolean> |
| 197 | |
208 | |
| 198 | When doing small writes on sockets, your operating system kernel might |
209 | When doing small writes on sockets, your operating system kernel might |
| 199 | wait a bit for more data before actually sending it out. This is called |
210 | wait a bit for more data before actually sending it out. This is called |
| 200 | the Nagle algorithm, and usually it is beneficial. |
211 | the Nagle algorithm, and usually it is beneficial. |
| 201 | |
212 | |
| 202 | In some situations you want as low a delay as possible, which cna be |
213 | In some situations you want as low a delay as possible, which can be |
| 203 | accomplishd by setting this option to true. |
214 | accomplishd by setting this option to a true value. |
| 204 | |
215 | |
| 205 | The default is your opertaing system's default behaviour, this option |
216 | The default is your opertaing system's default behaviour (most likely |
| 206 | explicitly enables or disables it, if possible. |
217 | enabled), this option explicitly enables or disables it, if possible. |
| 207 | |
218 | |
| 208 | =item read_size => <bytes> |
219 | =item read_size => <bytes> |
| 209 | |
220 | |
| 210 | The default read block size (the amount of bytes this module will try to read |
221 | The default read block size (the amount of bytes this module will |
| 211 | during each (loop iteration). Default: C<8192>. |
222 | try to read during each loop iteration, which affects memory |
|
|
223 | requirements). Default: C<8192>. |
| 212 | |
224 | |
| 213 | =item low_water_mark => <bytes> |
225 | =item low_water_mark => <bytes> |
| 214 | |
226 | |
| 215 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
227 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
| 216 | buffer: If the write reaches this size or gets even samller it is |
228 | buffer: If the write reaches this size or gets even samller it is |
| 217 | considered empty. |
229 | considered empty. |
| 218 | |
230 | |
|
|
231 | Sometimes it can be beneficial (for performance reasons) to add data to |
|
|
232 | the write buffer before it is fully drained, but this is a rare case, as |
|
|
233 | the operating system kernel usually buffers data as well, so the default |
|
|
234 | is good in almost all cases. |
|
|
235 | |
| 219 | =item linger => <seconds> |
236 | =item linger => <seconds> |
| 220 | |
237 | |
| 221 | If non-zero (default: C<3600>), then the destructor of the |
238 | If non-zero (default: C<3600>), then the destructor of the |
| 222 | AnyEvent::Handle object will check wether there is still outstanding write |
239 | AnyEvent::Handle object will check whether there is still outstanding |
| 223 | data and will install a watcher that will write out this data. No errors |
240 | write data and will install a watcher that will write this data to the |
| 224 | will be reported (this mostly matches how the operating system treats |
241 | socket. No errors will be reported (this mostly matches how the operating |
| 225 | outstanding data at socket close time). |
242 | system treats outstanding data at socket close time). |
| 226 | |
243 | |
| 227 | This will not work for partial TLS data that could not yet been |
244 | This will not work for partial TLS data that could not be encoded |
| 228 | encoded. This data will be lost. |
245 | yet. This data will be lost. Calling the C<stoptls> method in time might |
|
|
246 | help. |
| 229 | |
247 | |
| 230 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
248 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
| 231 | |
249 | |
| 232 | When this parameter is given, it enables TLS (SSL) mode, that means it |
250 | When this parameter is given, it enables TLS (SSL) mode, that means |
| 233 | will start making tls handshake and will transparently encrypt/decrypt |
251 | AnyEvent will start a TLS handshake as soon as the conenction has been |
| 234 | data. |
252 | established and will transparently encrypt/decrypt data afterwards. |
| 235 | |
253 | |
| 236 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
254 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
| 237 | automatically when you try to create a TLS handle). |
255 | automatically when you try to create a TLS handle): this module doesn't |
|
|
256 | have a dependency on that module, so if your module requires it, you have |
|
|
257 | to add the dependency yourself. |
| 238 | |
258 | |
| 239 | For the TLS server side, use C<accept>, and for the TLS client side of a |
259 | Unlike TCP, TLS has a server and client side: for the TLS server side, use |
| 240 | connection, use C<connect> mode. |
260 | C<accept>, and for the TLS client side of a connection, use C<connect> |
|
|
261 | mode. |
| 241 | |
262 | |
| 242 | You can also provide your own TLS connection object, but you have |
263 | You can also provide your own TLS connection object, but you have |
| 243 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
264 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
| 244 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
265 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
| 245 | AnyEvent::Handle. |
266 | AnyEvent::Handle. |
| 246 | |
267 | |
| 247 | See the C<starttls> method if you need to start TLS negotiation later. |
268 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
| 248 | |
269 | |
| 249 | =item tls_ctx => $ssl_ctx |
270 | =item tls_ctx => $ssl_ctx |
| 250 | |
271 | |
| 251 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
272 | Use the given C<Net::SSLeay::CTX> object to create the new TLS connection |
| 252 | (unless a connection object was specified directly). If this parameter is |
273 | (unless a connection object was specified directly). If this parameter is |
| 253 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
274 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
| 254 | |
275 | |
| 255 | =item json => JSON or JSON::XS object |
276 | =item json => JSON or JSON::XS object |
| 256 | |
277 | |
| 257 | This is the json coder object used by the C<json> read and write types. |
278 | This is the json coder object used by the C<json> read and write types. |
| 258 | |
279 | |
| 259 | If you don't supply it, then AnyEvent::Handle will create and use a |
280 | If you don't supply it, then AnyEvent::Handle will create and use a |
| 260 | suitable one, which will write and expect UTF-8 encoded JSON texts. |
281 | suitable one (on demand), which will write and expect UTF-8 encoded JSON |
|
|
282 | texts. |
| 261 | |
283 | |
| 262 | Note that you are responsible to depend on the JSON module if you want to |
284 | Note that you are responsible to depend on the JSON module if you want to |
| 263 | use this functionality, as AnyEvent does not have a dependency itself. |
285 | use this functionality, as AnyEvent does not have a dependency itself. |
| 264 | |
|
|
| 265 | =item filter_r => $cb |
|
|
| 266 | |
|
|
| 267 | =item filter_w => $cb |
|
|
| 268 | |
|
|
| 269 | These exist, but are undocumented at this time. |
|
|
| 270 | |
286 | |
| 271 | =back |
287 | =back |
| 272 | |
288 | |
| 273 | =cut |
289 | =cut |
| 274 | |
290 | |
| … | |
… | |
| 304 | delete $self->{_tw}; |
320 | delete $self->{_tw}; |
| 305 | delete $self->{_rw}; |
321 | delete $self->{_rw}; |
| 306 | delete $self->{_ww}; |
322 | delete $self->{_ww}; |
| 307 | delete $self->{fh}; |
323 | delete $self->{fh}; |
| 308 | |
324 | |
| 309 | $self->stoptls; |
325 | &_freetls; |
| 310 | |
326 | |
| 311 | delete $self->{on_read}; |
327 | delete $self->{on_read}; |
| 312 | delete $self->{_queue}; |
328 | delete $self->{_queue}; |
| 313 | } |
329 | } |
| 314 | |
330 | |
| … | |
… | |
| 327 | } |
343 | } |
| 328 | } |
344 | } |
| 329 | |
345 | |
| 330 | =item $fh = $handle->fh |
346 | =item $fh = $handle->fh |
| 331 | |
347 | |
| 332 | This method returns the file handle of the L<AnyEvent::Handle> object. |
348 | This method returns the file handle used to create the L<AnyEvent::Handle> object. |
| 333 | |
349 | |
| 334 | =cut |
350 | =cut |
| 335 | |
351 | |
| 336 | sub fh { $_[0]{fh} } |
352 | sub fh { $_[0]{fh} } |
| 337 | |
353 | |
| … | |
… | |
| 355 | $_[0]{on_eof} = $_[1]; |
371 | $_[0]{on_eof} = $_[1]; |
| 356 | } |
372 | } |
| 357 | |
373 | |
| 358 | =item $handle->on_timeout ($cb) |
374 | =item $handle->on_timeout ($cb) |
| 359 | |
375 | |
| 360 | Replace the current C<on_timeout> callback, or disables the callback |
376 | Replace the current C<on_timeout> callback, or disables the callback (but |
| 361 | (but not the timeout) if C<$cb> = C<undef>. See C<timeout> constructor |
377 | not the timeout) if C<$cb> = C<undef>. See the C<timeout> constructor |
| 362 | argument. |
378 | argument and method. |
| 363 | |
379 | |
| 364 | =cut |
380 | =cut |
| 365 | |
381 | |
| 366 | sub on_timeout { |
382 | sub on_timeout { |
| 367 | $_[0]{on_timeout} = $_[1]; |
383 | $_[0]{on_timeout} = $_[1]; |
| … | |
… | |
| 473 | my ($self, $cb) = @_; |
489 | my ($self, $cb) = @_; |
| 474 | |
490 | |
| 475 | $self->{on_drain} = $cb; |
491 | $self->{on_drain} = $cb; |
| 476 | |
492 | |
| 477 | $cb->($self) |
493 | $cb->($self) |
| 478 | if $cb && $self->{low_water_mark} >= length $self->{wbuf}; |
494 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
| 479 | } |
495 | } |
| 480 | |
496 | |
| 481 | =item $handle->push_write ($data) |
497 | =item $handle->push_write ($data) |
| 482 | |
498 | |
| 483 | Queues the given scalar to be written. You can push as much data as you |
499 | Queues the given scalar to be written. You can push as much data as you |
| … | |
… | |
| 500 | substr $self->{wbuf}, 0, $len, ""; |
516 | substr $self->{wbuf}, 0, $len, ""; |
| 501 | |
517 | |
| 502 | $self->{_activity} = AnyEvent->now; |
518 | $self->{_activity} = AnyEvent->now; |
| 503 | |
519 | |
| 504 | $self->{on_drain}($self) |
520 | $self->{on_drain}($self) |
| 505 | if $self->{low_water_mark} >= length $self->{wbuf} |
521 | if $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}) |
| 506 | && $self->{on_drain}; |
522 | && $self->{on_drain}; |
| 507 | |
523 | |
| 508 | delete $self->{_ww} unless length $self->{wbuf}; |
524 | delete $self->{_ww} unless length $self->{wbuf}; |
| 509 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
525 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
| 510 | $self->_error ($!, 1); |
526 | $self->_error ($!, 1); |
| … | |
… | |
| 534 | |
550 | |
| 535 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
551 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
| 536 | ->($self, @_); |
552 | ->($self, @_); |
| 537 | } |
553 | } |
| 538 | |
554 | |
| 539 | if ($self->{filter_w}) { |
555 | if ($self->{tls}) { |
| 540 | $self->{filter_w}($self, \$_[0]); |
556 | $self->{_tls_wbuf} .= $_[0]; |
|
|
557 | &_dotls ($self); |
| 541 | } else { |
558 | } else { |
| 542 | $self->{wbuf} .= $_[0]; |
559 | $self->{wbuf} .= $_[0]; |
| 543 | $self->_drain_wbuf; |
560 | $self->_drain_wbuf; |
| 544 | } |
561 | } |
| 545 | } |
562 | } |
| … | |
… | |
| 781 | |
798 | |
| 782 | last; # more data might arrive |
799 | last; # more data might arrive |
| 783 | } |
800 | } |
| 784 | } else { |
801 | } else { |
| 785 | # read side becomes idle |
802 | # read side becomes idle |
| 786 | delete $self->{_rw}; |
803 | delete $self->{_rw} unless $self->{tls}; |
| 787 | last; |
804 | last; |
| 788 | } |
805 | } |
| 789 | } |
806 | } |
| 790 | |
807 | |
| 791 | if ($self->{_eof}) { |
808 | if ($self->{_eof}) { |
| … | |
… | |
| 1249 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
1266 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
| 1250 | you change the C<on_read> callback or push/unshift a read callback, and it |
1267 | you change the C<on_read> callback or push/unshift a read callback, and it |
| 1251 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
1268 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
| 1252 | there are any read requests in the queue. |
1269 | there are any read requests in the queue. |
| 1253 | |
1270 | |
|
|
1271 | These methods will have no effect when in TLS mode (as TLS doesn't support |
|
|
1272 | half-duplex connections). |
|
|
1273 | |
| 1254 | =cut |
1274 | =cut |
| 1255 | |
1275 | |
| 1256 | sub stop_read { |
1276 | sub stop_read { |
| 1257 | my ($self) = @_; |
1277 | my ($self) = @_; |
| 1258 | |
1278 | |
| 1259 | delete $self->{_rw}; |
1279 | delete $self->{_rw} unless $self->{tls}; |
| 1260 | } |
1280 | } |
| 1261 | |
1281 | |
| 1262 | sub start_read { |
1282 | sub start_read { |
| 1263 | my ($self) = @_; |
1283 | my ($self) = @_; |
| 1264 | |
1284 | |
| 1265 | unless ($self->{_rw} || $self->{_eof}) { |
1285 | unless ($self->{_rw} || $self->{_eof}) { |
| 1266 | Scalar::Util::weaken $self; |
1286 | Scalar::Util::weaken $self; |
| 1267 | |
1287 | |
| 1268 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
1288 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
| 1269 | my $rbuf = $self->{filter_r} ? \my $buf : \$self->{rbuf}; |
1289 | my $rbuf = \($self->{tls} ? my $buf : $self->{rbuf}); |
| 1270 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
1290 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
| 1271 | |
1291 | |
| 1272 | if ($len > 0) { |
1292 | if ($len > 0) { |
| 1273 | $self->{_activity} = AnyEvent->now; |
1293 | $self->{_activity} = AnyEvent->now; |
| 1274 | |
1294 | |
| 1275 | $self->{filter_r} |
1295 | if ($self->{tls}) { |
| 1276 | ? $self->{filter_r}($self, $rbuf) |
1296 | Net::SSLeay::BIO_write ($self->{_rbio}, $$rbuf); |
| 1277 | : $self->{_in_drain} || $self->_drain_rbuf; |
1297 | &_dotls ($self); |
|
|
1298 | } else { |
|
|
1299 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1300 | } |
| 1278 | |
1301 | |
| 1279 | } elsif (defined $len) { |
1302 | } elsif (defined $len) { |
| 1280 | delete $self->{_rw}; |
1303 | delete $self->{_rw}; |
| 1281 | $self->{_eof} = 1; |
1304 | $self->{_eof} = 1; |
| 1282 | $self->_drain_rbuf unless $self->{_in_drain}; |
1305 | $self->_drain_rbuf unless $self->{_in_drain}; |
| … | |
… | |
| 1297 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1320 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
| 1298 | substr $self->{_tls_wbuf}, 0, $len, ""; |
1321 | substr $self->{_tls_wbuf}, 0, $len, ""; |
| 1299 | } |
1322 | } |
| 1300 | } |
1323 | } |
| 1301 | |
1324 | |
| 1302 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
| 1303 | $self->{wbuf} .= $buf; |
|
|
| 1304 | $self->_drain_wbuf; |
|
|
| 1305 | } |
|
|
| 1306 | |
|
|
| 1307 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
1325 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
| 1308 | if (length $buf) { |
1326 | unless (length $buf) { |
| 1309 | $self->{rbuf} .= $buf; |
|
|
| 1310 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
| 1311 | } else { |
|
|
| 1312 | # let's treat SSL-eof as we treat normal EOF |
1327 | # let's treat SSL-eof as we treat normal EOF |
|
|
1328 | delete $self->{_rw}; |
| 1313 | $self->{_eof} = 1; |
1329 | $self->{_eof} = 1; |
| 1314 | $self->_shutdown; |
1330 | &_freetls; |
| 1315 | return; |
|
|
| 1316 | } |
1331 | } |
|
|
1332 | |
|
|
1333 | $self->{rbuf} .= $buf; |
|
|
1334 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1335 | $self->{tls} or return; # tls session might have gone away in callback |
| 1317 | } |
1336 | } |
| 1318 | |
1337 | |
| 1319 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
1338 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
| 1320 | |
1339 | |
| 1321 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
1340 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
| … | |
… | |
| 1325 | return $self->_error (&Errno::EIO, 1); |
1344 | return $self->_error (&Errno::EIO, 1); |
| 1326 | } |
1345 | } |
| 1327 | |
1346 | |
| 1328 | # all others are fine for our purposes |
1347 | # all others are fine for our purposes |
| 1329 | } |
1348 | } |
|
|
1349 | |
|
|
1350 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
1351 | $self->{wbuf} .= $buf; |
|
|
1352 | $self->_drain_wbuf; |
|
|
1353 | } |
| 1330 | } |
1354 | } |
| 1331 | |
1355 | |
| 1332 | =item $handle->starttls ($tls[, $tls_ctx]) |
1356 | =item $handle->starttls ($tls[, $tls_ctx]) |
| 1333 | |
1357 | |
| 1334 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
1358 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
| … | |
… | |
| 1343 | |
1367 | |
| 1344 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1368 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
| 1345 | call and can be used or changed to your liking. Note that the handshake |
1369 | call and can be used or changed to your liking. Note that the handshake |
| 1346 | might have already started when this function returns. |
1370 | might have already started when this function returns. |
| 1347 | |
1371 | |
|
|
1372 | If it an error to start a TLS handshake more than once per |
|
|
1373 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
|
|
1374 | |
| 1348 | =cut |
1375 | =cut |
| 1349 | |
1376 | |
| 1350 | sub starttls { |
1377 | sub starttls { |
| 1351 | my ($self, $ssl, $ctx) = @_; |
1378 | my ($self, $ssl, $ctx) = @_; |
| 1352 | |
1379 | |
| 1353 | $self->stoptls; |
1380 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
| 1354 | |
1381 | if $self->{tls}; |
|
|
1382 | |
| 1355 | if ($ssl eq "accept") { |
1383 | if ($ssl eq "accept") { |
| 1356 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1384 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| 1357 | Net::SSLeay::set_accept_state ($ssl); |
1385 | Net::SSLeay::set_accept_state ($ssl); |
| 1358 | } elsif ($ssl eq "connect") { |
1386 | } elsif ($ssl eq "connect") { |
| 1359 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1387 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| … | |
… | |
| 1365 | # basically, this is deep magic (because SSL_read should have the same issues) |
1393 | # basically, this is deep magic (because SSL_read should have the same issues) |
| 1366 | # but the openssl maintainers basically said: "trust us, it just works". |
1394 | # but the openssl maintainers basically said: "trust us, it just works". |
| 1367 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1395 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
| 1368 | # and mismaintained ssleay-module doesn't even offer them). |
1396 | # and mismaintained ssleay-module doesn't even offer them). |
| 1369 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
1397 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
|
|
1398 | # |
|
|
1399 | # in short: this is a mess. |
|
|
1400 | # |
|
|
1401 | # note that we do not try to keep the length constant between writes as we are required to do. |
|
|
1402 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
|
|
1403 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
|
|
1404 | # have identity issues in that area. |
| 1370 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1405 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
| 1371 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1406 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
| 1372 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1407 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
| 1373 | |
1408 | |
| 1374 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1409 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| 1375 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1410 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| 1376 | |
1411 | |
| 1377 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1412 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
| 1378 | |
1413 | |
| 1379 | $self->{filter_w} = sub { |
1414 | &_dotls; # need to trigger the initial handshake |
| 1380 | $_[0]{_tls_wbuf} .= ${$_[1]}; |
1415 | $self->start_read; # make sure we actually do read |
| 1381 | &_dotls; |
|
|
| 1382 | }; |
|
|
| 1383 | $self->{filter_r} = sub { |
|
|
| 1384 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
|
|
| 1385 | &_dotls; |
|
|
| 1386 | }; |
|
|
| 1387 | } |
1416 | } |
| 1388 | |
1417 | |
| 1389 | =item $handle->stoptls |
1418 | =item $handle->stoptls |
| 1390 | |
1419 | |
| 1391 | Destroys the SSL connection, if any. Partial read or write data will be |
1420 | Shuts down the SSL connection - this makes a proper EOF handshake by |
| 1392 | lost. |
1421 | sending a close notify to the other side, but since OpenSSL doesn't |
|
|
1422 | support non-blocking shut downs, it is not possible to re-use the stream |
|
|
1423 | afterwards. |
| 1393 | |
1424 | |
| 1394 | =cut |
1425 | =cut |
| 1395 | |
1426 | |
| 1396 | sub stoptls { |
1427 | sub stoptls { |
| 1397 | my ($self) = @_; |
1428 | my ($self) = @_; |
| 1398 | |
1429 | |
|
|
1430 | if ($self->{tls}) { |
|
|
1431 | Net::SSLeay::shutdown $self->{tls}; |
|
|
1432 | |
|
|
1433 | &_dotls; |
|
|
1434 | |
|
|
1435 | # we don't give a shit. no, we do, but we can't. no... |
|
|
1436 | # we, we... have to use openssl :/ |
|
|
1437 | &_freetls; |
|
|
1438 | } |
|
|
1439 | } |
|
|
1440 | |
|
|
1441 | sub _freetls { |
|
|
1442 | my ($self) = @_; |
|
|
1443 | |
|
|
1444 | return unless $self->{tls}; |
|
|
1445 | |
| 1399 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
1446 | Net::SSLeay::free (delete $self->{tls}); |
| 1400 | |
1447 | |
| 1401 | delete $self->{_rbio}; |
1448 | delete @$self{qw(_rbio _wbio _tls_wbuf)}; |
| 1402 | delete $self->{_wbio}; |
|
|
| 1403 | delete $self->{_tls_wbuf}; |
|
|
| 1404 | delete $self->{filter_r}; |
|
|
| 1405 | delete $self->{filter_w}; |
|
|
| 1406 | } |
1449 | } |
| 1407 | |
1450 | |
| 1408 | sub DESTROY { |
1451 | sub DESTROY { |
| 1409 | my $self = shift; |
1452 | my $self = shift; |
| 1410 | |
1453 | |
| 1411 | $self->stoptls; |
1454 | &_freetls; |
| 1412 | |
1455 | |
| 1413 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1456 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
| 1414 | |
1457 | |
| 1415 | if ($linger && length $self->{wbuf}) { |
1458 | if ($linger && length $self->{wbuf}) { |
| 1416 | my $fh = delete $self->{fh}; |
1459 | my $fh = delete $self->{fh}; |
