… | |
… | |
14 | |
14 | |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
16 | |
16 | |
17 | =cut |
17 | =cut |
18 | |
18 | |
19 | our $VERSION = 4.232; |
19 | our $VERSION = 4.3; |
20 | |
20 | |
21 | =head1 SYNOPSIS |
21 | =head1 SYNOPSIS |
22 | |
22 | |
23 | use AnyEvent; |
23 | use AnyEvent; |
24 | use AnyEvent::Handle; |
24 | use AnyEvent::Handle; |
… | |
… | |
59 | treatment of characters applies to this module as well. |
59 | treatment of characters applies to this module as well. |
60 | |
60 | |
61 | All callbacks will be invoked with the handle object as their first |
61 | All callbacks will be invoked with the handle object as their first |
62 | argument. |
62 | argument. |
63 | |
63 | |
|
|
64 | =head2 SIGPIPE is not handled by this module |
|
|
65 | |
|
|
66 | SIGPIPE is not handled by this module, so one of the practical |
|
|
67 | requirements of using it is to ignore SIGPIPE (C<$SIG{PIPE} = |
|
|
68 | 'IGNORE'>). At least, this is highly recommend in a networked program: If |
|
|
69 | you use AnyEvent::Handle in a filter program (like sort), exiting on |
|
|
70 | SIGPIPE is probably the right thing to do. |
|
|
71 | |
64 | =head1 METHODS |
72 | =head1 METHODS |
65 | |
73 | |
66 | =over 4 |
74 | =over 4 |
67 | |
75 | |
68 | =item B<new (%args)> |
76 | =item B<new (%args)> |
… | |
… | |
103 | occured, such as not being able to resolve the hostname, failure to |
111 | occured, such as not being able to resolve the hostname, failure to |
104 | connect or a read error. |
112 | connect or a read error. |
105 | |
113 | |
106 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
114 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
107 | fatal errors the handle object will be shut down and will not be usable |
115 | fatal errors the handle object will be shut down and will not be usable |
108 | (but you are free to look at the current C< ->rbuf >). Examples of fatal |
116 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
109 | errors are an EOF condition with active (but unsatisifable) read watchers |
117 | errors are an EOF condition with active (but unsatisifable) read watchers |
110 | (C<EPIPE>) or I/O errors. |
118 | (C<EPIPE>) or I/O errors. |
111 | |
119 | |
112 | Non-fatal errors can be retried by simply returning, but it is recommended |
120 | Non-fatal errors can be retried by simply returning, but it is recommended |
113 | to simply ignore this parameter and instead abondon the handle object |
121 | to simply ignore this parameter and instead abondon the handle object |
… | |
… | |
152 | =item timeout => $fractional_seconds |
160 | =item timeout => $fractional_seconds |
153 | |
161 | |
154 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
162 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
155 | seconds pass without a successful read or write on the underlying file |
163 | seconds pass without a successful read or write on the underlying file |
156 | handle, the C<on_timeout> callback will be invoked (and if that one is |
164 | handle, the C<on_timeout> callback will be invoked (and if that one is |
157 | missing, an C<ETIMEDOUT> error will be raised). |
165 | missing, a non-fatal C<ETIMEDOUT> error will be raised). |
158 | |
166 | |
159 | Note that timeout processing is also active when you currently do not have |
167 | Note that timeout processing is also active when you currently do not have |
160 | any outstanding read or write requests: If you plan to keep the connection |
168 | any outstanding read or write requests: If you plan to keep the connection |
161 | idle then you should disable the timout temporarily or ignore the timeout |
169 | idle then you should disable the timout temporarily or ignore the timeout |
162 | in the C<on_timeout> callback. |
170 | in the C<on_timeout> callback, in which case AnyEvent::Handle will simply |
|
|
171 | restart the timeout. |
163 | |
172 | |
164 | Zero (the default) disables this timeout. |
173 | Zero (the default) disables this timeout. |
165 | |
174 | |
166 | =item on_timeout => $cb->($handle) |
175 | =item on_timeout => $cb->($handle) |
167 | |
176 | |
… | |
… | |
171 | |
180 | |
172 | =item rbuf_max => <bytes> |
181 | =item rbuf_max => <bytes> |
173 | |
182 | |
174 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
183 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
175 | when the read buffer ever (strictly) exceeds this size. This is useful to |
184 | when the read buffer ever (strictly) exceeds this size. This is useful to |
176 | avoid denial-of-service attacks. |
185 | avoid some forms of denial-of-service attacks. |
177 | |
186 | |
178 | For example, a server accepting connections from untrusted sources should |
187 | For example, a server accepting connections from untrusted sources should |
179 | be configured to accept only so-and-so much data that it cannot act on |
188 | be configured to accept only so-and-so much data that it cannot act on |
180 | (for example, when expecting a line, an attacker could send an unlimited |
189 | (for example, when expecting a line, an attacker could send an unlimited |
181 | amount of data without a callback ever being called as long as the line |
190 | amount of data without a callback ever being called as long as the line |
182 | isn't finished). |
191 | isn't finished). |
183 | |
192 | |
184 | =item autocork => <boolean> |
193 | =item autocork => <boolean> |
185 | |
194 | |
186 | When disabled (the default), then C<push_write> will try to immediately |
195 | When disabled (the default), then C<push_write> will try to immediately |
187 | write the data to the handle if possible. This avoids having to register |
196 | write the data to the handle, if possible. This avoids having to register |
188 | a write watcher and wait for the next event loop iteration, but can be |
197 | a write watcher and wait for the next event loop iteration, but can |
189 | inefficient if you write multiple small chunks (this disadvantage is |
198 | be inefficient if you write multiple small chunks (on the wire, this |
190 | usually avoided by your kernel's nagle algorithm, see C<low_delay>). |
199 | disadvantage is usually avoided by your kernel's nagle algorithm, see |
|
|
200 | C<no_delay>, but this option can save costly syscalls). |
191 | |
201 | |
192 | When enabled, then writes will always be queued till the next event loop |
202 | When enabled, then writes will always be queued till the next event loop |
193 | iteration. This is efficient when you do many small writes per iteration, |
203 | iteration. This is efficient when you do many small writes per iteration, |
194 | but less efficient when you do a single write only. |
204 | but less efficient when you do a single write only per iteration (or when |
|
|
205 | the write buffer often is full). It also increases write latency. |
195 | |
206 | |
196 | =item no_delay => <boolean> |
207 | =item no_delay => <boolean> |
197 | |
208 | |
198 | When doing small writes on sockets, your operating system kernel might |
209 | When doing small writes on sockets, your operating system kernel might |
199 | wait a bit for more data before actually sending it out. This is called |
210 | wait a bit for more data before actually sending it out. This is called |
200 | the Nagle algorithm, and usually it is beneficial. |
211 | the Nagle algorithm, and usually it is beneficial. |
201 | |
212 | |
202 | In some situations you want as low a delay as possible, which cna be |
213 | In some situations you want as low a delay as possible, which can be |
203 | accomplishd by setting this option to true. |
214 | accomplishd by setting this option to a true value. |
204 | |
215 | |
205 | The default is your opertaing system's default behaviour, this option |
216 | The default is your opertaing system's default behaviour (most likely |
206 | explicitly enables or disables it, if possible. |
217 | enabled), this option explicitly enables or disables it, if possible. |
207 | |
218 | |
208 | =item read_size => <bytes> |
219 | =item read_size => <bytes> |
209 | |
220 | |
210 | The default read block size (the amount of bytes this module will try to read |
221 | The default read block size (the amount of bytes this module will |
211 | during each (loop iteration). Default: C<8192>. |
222 | try to read during each loop iteration, which affects memory |
|
|
223 | requirements). Default: C<8192>. |
212 | |
224 | |
213 | =item low_water_mark => <bytes> |
225 | =item low_water_mark => <bytes> |
214 | |
226 | |
215 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
227 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
216 | buffer: If the write reaches this size or gets even samller it is |
228 | buffer: If the write reaches this size or gets even samller it is |
217 | considered empty. |
229 | considered empty. |
218 | |
230 | |
|
|
231 | Sometimes it can be beneficial (for performance reasons) to add data to |
|
|
232 | the write buffer before it is fully drained, but this is a rare case, as |
|
|
233 | the operating system kernel usually buffers data as well, so the default |
|
|
234 | is good in almost all cases. |
|
|
235 | |
219 | =item linger => <seconds> |
236 | =item linger => <seconds> |
220 | |
237 | |
221 | If non-zero (default: C<3600>), then the destructor of the |
238 | If non-zero (default: C<3600>), then the destructor of the |
222 | AnyEvent::Handle object will check wether there is still outstanding write |
239 | AnyEvent::Handle object will check whether there is still outstanding |
223 | data and will install a watcher that will write out this data. No errors |
240 | write data and will install a watcher that will write this data to the |
224 | will be reported (this mostly matches how the operating system treats |
241 | socket. No errors will be reported (this mostly matches how the operating |
225 | outstanding data at socket close time). |
242 | system treats outstanding data at socket close time). |
226 | |
243 | |
227 | This will not work for partial TLS data that could not yet been |
244 | This will not work for partial TLS data that could not be encoded |
228 | encoded. This data will be lost. |
245 | yet. This data will be lost. Calling the C<stoptls> method in time might |
|
|
246 | help. |
229 | |
247 | |
230 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
248 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
231 | |
249 | |
232 | When this parameter is given, it enables TLS (SSL) mode, that means it |
250 | When this parameter is given, it enables TLS (SSL) mode, that means |
233 | will start making tls handshake and will transparently encrypt/decrypt |
251 | AnyEvent will start a TLS handshake as soon as the conenction has been |
234 | data. |
252 | established and will transparently encrypt/decrypt data afterwards. |
235 | |
253 | |
236 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
254 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
237 | automatically when you try to create a TLS handle). |
255 | automatically when you try to create a TLS handle): this module doesn't |
|
|
256 | have a dependency on that module, so if your module requires it, you have |
|
|
257 | to add the dependency yourself. |
238 | |
258 | |
239 | For the TLS server side, use C<accept>, and for the TLS client side of a |
259 | Unlike TCP, TLS has a server and client side: for the TLS server side, use |
240 | connection, use C<connect> mode. |
260 | C<accept>, and for the TLS client side of a connection, use C<connect> |
|
|
261 | mode. |
241 | |
262 | |
242 | You can also provide your own TLS connection object, but you have |
263 | You can also provide your own TLS connection object, but you have |
243 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
264 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
244 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
265 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
245 | AnyEvent::Handle. |
266 | AnyEvent::Handle. |
246 | |
267 | |
247 | See the C<starttls> method if you need to start TLS negotiation later. |
268 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
248 | |
269 | |
249 | =item tls_ctx => $ssl_ctx |
270 | =item tls_ctx => $ssl_ctx |
250 | |
271 | |
251 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
272 | Use the given C<Net::SSLeay::CTX> object to create the new TLS connection |
252 | (unless a connection object was specified directly). If this parameter is |
273 | (unless a connection object was specified directly). If this parameter is |
253 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
274 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
254 | |
275 | |
255 | =item json => JSON or JSON::XS object |
276 | =item json => JSON or JSON::XS object |
256 | |
277 | |
257 | This is the json coder object used by the C<json> read and write types. |
278 | This is the json coder object used by the C<json> read and write types. |
258 | |
279 | |
259 | If you don't supply it, then AnyEvent::Handle will create and use a |
280 | If you don't supply it, then AnyEvent::Handle will create and use a |
260 | suitable one, which will write and expect UTF-8 encoded JSON texts. |
281 | suitable one (on demand), which will write and expect UTF-8 encoded JSON |
|
|
282 | texts. |
261 | |
283 | |
262 | Note that you are responsible to depend on the JSON module if you want to |
284 | Note that you are responsible to depend on the JSON module if you want to |
263 | use this functionality, as AnyEvent does not have a dependency itself. |
285 | use this functionality, as AnyEvent does not have a dependency itself. |
264 | |
|
|
265 | =item filter_r => $cb |
|
|
266 | |
|
|
267 | =item filter_w => $cb |
|
|
268 | |
|
|
269 | These exist, but are undocumented at this time. |
|
|
270 | |
286 | |
271 | =back |
287 | =back |
272 | |
288 | |
273 | =cut |
289 | =cut |
274 | |
290 | |
… | |
… | |
304 | delete $self->{_tw}; |
320 | delete $self->{_tw}; |
305 | delete $self->{_rw}; |
321 | delete $self->{_rw}; |
306 | delete $self->{_ww}; |
322 | delete $self->{_ww}; |
307 | delete $self->{fh}; |
323 | delete $self->{fh}; |
308 | |
324 | |
309 | $self->stoptls; |
325 | &_freetls; |
310 | |
326 | |
311 | delete $self->{on_read}; |
327 | delete $self->{on_read}; |
312 | delete $self->{_queue}; |
328 | delete $self->{_queue}; |
313 | } |
329 | } |
314 | |
330 | |
… | |
… | |
327 | } |
343 | } |
328 | } |
344 | } |
329 | |
345 | |
330 | =item $fh = $handle->fh |
346 | =item $fh = $handle->fh |
331 | |
347 | |
332 | This method returns the file handle of the L<AnyEvent::Handle> object. |
348 | This method returns the file handle used to create the L<AnyEvent::Handle> object. |
333 | |
349 | |
334 | =cut |
350 | =cut |
335 | |
351 | |
336 | sub fh { $_[0]{fh} } |
352 | sub fh { $_[0]{fh} } |
337 | |
353 | |
… | |
… | |
355 | $_[0]{on_eof} = $_[1]; |
371 | $_[0]{on_eof} = $_[1]; |
356 | } |
372 | } |
357 | |
373 | |
358 | =item $handle->on_timeout ($cb) |
374 | =item $handle->on_timeout ($cb) |
359 | |
375 | |
360 | Replace the current C<on_timeout> callback, or disables the callback |
376 | Replace the current C<on_timeout> callback, or disables the callback (but |
361 | (but not the timeout) if C<$cb> = C<undef>. See C<timeout> constructor |
377 | not the timeout) if C<$cb> = C<undef>. See the C<timeout> constructor |
362 | argument. |
378 | argument and method. |
363 | |
379 | |
364 | =cut |
380 | =cut |
365 | |
381 | |
366 | sub on_timeout { |
382 | sub on_timeout { |
367 | $_[0]{on_timeout} = $_[1]; |
383 | $_[0]{on_timeout} = $_[1]; |
… | |
… | |
473 | my ($self, $cb) = @_; |
489 | my ($self, $cb) = @_; |
474 | |
490 | |
475 | $self->{on_drain} = $cb; |
491 | $self->{on_drain} = $cb; |
476 | |
492 | |
477 | $cb->($self) |
493 | $cb->($self) |
478 | if $cb && $self->{low_water_mark} >= length $self->{wbuf}; |
494 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
479 | } |
495 | } |
480 | |
496 | |
481 | =item $handle->push_write ($data) |
497 | =item $handle->push_write ($data) |
482 | |
498 | |
483 | Queues the given scalar to be written. You can push as much data as you |
499 | Queues the given scalar to be written. You can push as much data as you |
… | |
… | |
500 | substr $self->{wbuf}, 0, $len, ""; |
516 | substr $self->{wbuf}, 0, $len, ""; |
501 | |
517 | |
502 | $self->{_activity} = AnyEvent->now; |
518 | $self->{_activity} = AnyEvent->now; |
503 | |
519 | |
504 | $self->{on_drain}($self) |
520 | $self->{on_drain}($self) |
505 | if $self->{low_water_mark} >= length $self->{wbuf} |
521 | if $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}) |
506 | && $self->{on_drain}; |
522 | && $self->{on_drain}; |
507 | |
523 | |
508 | delete $self->{_ww} unless length $self->{wbuf}; |
524 | delete $self->{_ww} unless length $self->{wbuf}; |
509 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
525 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
510 | $self->_error ($!, 1); |
526 | $self->_error ($!, 1); |
… | |
… | |
534 | |
550 | |
535 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
551 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
536 | ->($self, @_); |
552 | ->($self, @_); |
537 | } |
553 | } |
538 | |
554 | |
539 | if ($self->{filter_w}) { |
555 | if ($self->{tls}) { |
540 | $self->{filter_w}($self, \$_[0]); |
556 | $self->{_tls_wbuf} .= $_[0]; |
|
|
557 | &_dotls ($self); |
541 | } else { |
558 | } else { |
542 | $self->{wbuf} .= $_[0]; |
559 | $self->{wbuf} .= $_[0]; |
543 | $self->_drain_wbuf; |
560 | $self->_drain_wbuf; |
544 | } |
561 | } |
545 | } |
562 | } |
… | |
… | |
781 | |
798 | |
782 | last; # more data might arrive |
799 | last; # more data might arrive |
783 | } |
800 | } |
784 | } else { |
801 | } else { |
785 | # read side becomes idle |
802 | # read side becomes idle |
786 | delete $self->{_rw}; |
803 | delete $self->{_rw} unless $self->{tls}; |
787 | last; |
804 | last; |
788 | } |
805 | } |
789 | } |
806 | } |
790 | |
807 | |
791 | if ($self->{_eof}) { |
808 | if ($self->{_eof}) { |
… | |
… | |
1249 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
1266 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
1250 | you change the C<on_read> callback or push/unshift a read callback, and it |
1267 | you change the C<on_read> callback or push/unshift a read callback, and it |
1251 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
1268 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
1252 | there are any read requests in the queue. |
1269 | there are any read requests in the queue. |
1253 | |
1270 | |
|
|
1271 | These methods will have no effect when in TLS mode (as TLS doesn't support |
|
|
1272 | half-duplex connections). |
|
|
1273 | |
1254 | =cut |
1274 | =cut |
1255 | |
1275 | |
1256 | sub stop_read { |
1276 | sub stop_read { |
1257 | my ($self) = @_; |
1277 | my ($self) = @_; |
1258 | |
1278 | |
1259 | delete $self->{_rw}; |
1279 | delete $self->{_rw} unless $self->{tls}; |
1260 | } |
1280 | } |
1261 | |
1281 | |
1262 | sub start_read { |
1282 | sub start_read { |
1263 | my ($self) = @_; |
1283 | my ($self) = @_; |
1264 | |
1284 | |
1265 | unless ($self->{_rw} || $self->{_eof}) { |
1285 | unless ($self->{_rw} || $self->{_eof}) { |
1266 | Scalar::Util::weaken $self; |
1286 | Scalar::Util::weaken $self; |
1267 | |
1287 | |
1268 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
1288 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
1269 | my $rbuf = $self->{filter_r} ? \my $buf : \$self->{rbuf}; |
1289 | my $rbuf = \($self->{tls} ? my $buf : $self->{rbuf}); |
1270 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
1290 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
1271 | |
1291 | |
1272 | if ($len > 0) { |
1292 | if ($len > 0) { |
1273 | $self->{_activity} = AnyEvent->now; |
1293 | $self->{_activity} = AnyEvent->now; |
1274 | |
1294 | |
1275 | $self->{filter_r} |
1295 | if ($self->{tls}) { |
1276 | ? $self->{filter_r}($self, $rbuf) |
1296 | Net::SSLeay::BIO_write ($self->{_rbio}, $$rbuf); |
1277 | : $self->{_in_drain} || $self->_drain_rbuf; |
1297 | &_dotls ($self); |
|
|
1298 | } else { |
|
|
1299 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1300 | } |
1278 | |
1301 | |
1279 | } elsif (defined $len) { |
1302 | } elsif (defined $len) { |
1280 | delete $self->{_rw}; |
1303 | delete $self->{_rw}; |
1281 | $self->{_eof} = 1; |
1304 | $self->{_eof} = 1; |
1282 | $self->_drain_rbuf unless $self->{_in_drain}; |
1305 | $self->_drain_rbuf unless $self->{_in_drain}; |
… | |
… | |
1297 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1320 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1298 | substr $self->{_tls_wbuf}, 0, $len, ""; |
1321 | substr $self->{_tls_wbuf}, 0, $len, ""; |
1299 | } |
1322 | } |
1300 | } |
1323 | } |
1301 | |
1324 | |
1302 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
1303 | $self->{wbuf} .= $buf; |
|
|
1304 | $self->_drain_wbuf; |
|
|
1305 | } |
|
|
1306 | |
|
|
1307 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
1325 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
1308 | if (length $buf) { |
1326 | unless (length $buf) { |
1309 | $self->{rbuf} .= $buf; |
|
|
1310 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1311 | } else { |
|
|
1312 | # let's treat SSL-eof as we treat normal EOF |
1327 | # let's treat SSL-eof as we treat normal EOF |
|
|
1328 | delete $self->{_rw}; |
1313 | $self->{_eof} = 1; |
1329 | $self->{_eof} = 1; |
1314 | $self->_shutdown; |
1330 | &_freetls; |
1315 | return; |
|
|
1316 | } |
1331 | } |
|
|
1332 | |
|
|
1333 | $self->{rbuf} .= $buf; |
|
|
1334 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1335 | $self->{tls} or return; # tls session might have gone away in callback |
1317 | } |
1336 | } |
1318 | |
1337 | |
1319 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
1338 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
1320 | |
1339 | |
1321 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
1340 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
… | |
… | |
1325 | return $self->_error (&Errno::EIO, 1); |
1344 | return $self->_error (&Errno::EIO, 1); |
1326 | } |
1345 | } |
1327 | |
1346 | |
1328 | # all others are fine for our purposes |
1347 | # all others are fine for our purposes |
1329 | } |
1348 | } |
|
|
1349 | |
|
|
1350 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
1351 | $self->{wbuf} .= $buf; |
|
|
1352 | $self->_drain_wbuf; |
|
|
1353 | } |
1330 | } |
1354 | } |
1331 | |
1355 | |
1332 | =item $handle->starttls ($tls[, $tls_ctx]) |
1356 | =item $handle->starttls ($tls[, $tls_ctx]) |
1333 | |
1357 | |
1334 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
1358 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
… | |
… | |
1343 | |
1367 | |
1344 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1368 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1345 | call and can be used or changed to your liking. Note that the handshake |
1369 | call and can be used or changed to your liking. Note that the handshake |
1346 | might have already started when this function returns. |
1370 | might have already started when this function returns. |
1347 | |
1371 | |
|
|
1372 | If it an error to start a TLS handshake more than once per |
|
|
1373 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
|
|
1374 | |
1348 | =cut |
1375 | =cut |
1349 | |
1376 | |
1350 | sub starttls { |
1377 | sub starttls { |
1351 | my ($self, $ssl, $ctx) = @_; |
1378 | my ($self, $ssl, $ctx) = @_; |
1352 | |
1379 | |
1353 | $self->stoptls; |
1380 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
1354 | |
1381 | if $self->{tls}; |
|
|
1382 | |
1355 | if ($ssl eq "accept") { |
1383 | if ($ssl eq "accept") { |
1356 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1384 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1357 | Net::SSLeay::set_accept_state ($ssl); |
1385 | Net::SSLeay::set_accept_state ($ssl); |
1358 | } elsif ($ssl eq "connect") { |
1386 | } elsif ($ssl eq "connect") { |
1359 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1387 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
… | |
… | |
1365 | # basically, this is deep magic (because SSL_read should have the same issues) |
1393 | # basically, this is deep magic (because SSL_read should have the same issues) |
1366 | # but the openssl maintainers basically said: "trust us, it just works". |
1394 | # but the openssl maintainers basically said: "trust us, it just works". |
1367 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1395 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1368 | # and mismaintained ssleay-module doesn't even offer them). |
1396 | # and mismaintained ssleay-module doesn't even offer them). |
1369 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
1397 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
|
|
1398 | # |
|
|
1399 | # in short: this is a mess. |
|
|
1400 | # |
|
|
1401 | # note that we do not try to keep the length constant between writes as we are required to do. |
|
|
1402 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
|
|
1403 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
|
|
1404 | # have identity issues in that area. |
1370 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1405 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1371 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1406 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1372 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1407 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1373 | |
1408 | |
1374 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1409 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1375 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1410 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1376 | |
1411 | |
1377 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1412 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1378 | |
1413 | |
1379 | $self->{filter_w} = sub { |
1414 | &_dotls; # need to trigger the initial handshake |
1380 | $_[0]{_tls_wbuf} .= ${$_[1]}; |
1415 | $self->start_read; # make sure we actually do read |
1381 | &_dotls; |
|
|
1382 | }; |
|
|
1383 | $self->{filter_r} = sub { |
|
|
1384 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
|
|
1385 | &_dotls; |
|
|
1386 | }; |
|
|
1387 | } |
1416 | } |
1388 | |
1417 | |
1389 | =item $handle->stoptls |
1418 | =item $handle->stoptls |
1390 | |
1419 | |
1391 | Destroys the SSL connection, if any. Partial read or write data will be |
1420 | Shuts down the SSL connection - this makes a proper EOF handshake by |
1392 | lost. |
1421 | sending a close notify to the other side, but since OpenSSL doesn't |
|
|
1422 | support non-blocking shut downs, it is not possible to re-use the stream |
|
|
1423 | afterwards. |
1393 | |
1424 | |
1394 | =cut |
1425 | =cut |
1395 | |
1426 | |
1396 | sub stoptls { |
1427 | sub stoptls { |
1397 | my ($self) = @_; |
1428 | my ($self) = @_; |
1398 | |
1429 | |
|
|
1430 | if ($self->{tls}) { |
|
|
1431 | Net::SSLeay::shutdown $self->{tls}; |
|
|
1432 | |
|
|
1433 | &_dotls; |
|
|
1434 | |
|
|
1435 | # we don't give a shit. no, we do, but we can't. no... |
|
|
1436 | # we, we... have to use openssl :/ |
|
|
1437 | &_freetls; |
|
|
1438 | } |
|
|
1439 | } |
|
|
1440 | |
|
|
1441 | sub _freetls { |
|
|
1442 | my ($self) = @_; |
|
|
1443 | |
|
|
1444 | return unless $self->{tls}; |
|
|
1445 | |
1399 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
1446 | Net::SSLeay::free (delete $self->{tls}); |
1400 | |
1447 | |
1401 | delete $self->{_rbio}; |
1448 | delete @$self{qw(_rbio _wbio _tls_wbuf)}; |
1402 | delete $self->{_wbio}; |
|
|
1403 | delete $self->{_tls_wbuf}; |
|
|
1404 | delete $self->{filter_r}; |
|
|
1405 | delete $self->{filter_w}; |
|
|
1406 | } |
1449 | } |
1407 | |
1450 | |
1408 | sub DESTROY { |
1451 | sub DESTROY { |
1409 | my $self = shift; |
1452 | my $self = shift; |
1410 | |
1453 | |
1411 | $self->stoptls; |
1454 | &_freetls; |
1412 | |
1455 | |
1413 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1456 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1414 | |
1457 | |
1415 | if ($linger && length $self->{wbuf}) { |
1458 | if ($linger && length $self->{wbuf}) { |
1416 | my $fh = delete $self->{fh}; |
1459 | my $fh = delete $self->{fh}; |