… | |
… | |
145 | |
145 | |
146 | When this parameter is given, it enables TLS (SSL) mode, that means it |
146 | When this parameter is given, it enables TLS (SSL) mode, that means it |
147 | will start making tls handshake and will transparently encrypt/decrypt |
147 | will start making tls handshake and will transparently encrypt/decrypt |
148 | data. |
148 | data. |
149 | |
149 | |
|
|
150 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
|
|
151 | automatically when you try to create a TLS handle). |
|
|
152 | |
150 | For the TLS server side, use C<accept>, and for the TLS client side of a |
153 | For the TLS server side, use C<accept>, and for the TLS client side of a |
151 | connection, use C<connect> mode. |
154 | connection, use C<connect> mode. |
152 | |
155 | |
153 | You can also provide your own TLS connection object, but you have |
156 | You can also provide your own TLS connection object, but you have |
154 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
157 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
155 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
158 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
156 | AnyEvent::Handle. |
159 | AnyEvent::Handle. |
157 | |
160 | |
|
|
161 | See the C<starttls> method if you need to start TLs negotiation later. |
|
|
162 | |
158 | =item tls_ctx => $ssl_ctx |
163 | =item tls_ctx => $ssl_ctx |
159 | |
164 | |
160 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
165 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
161 | (unless a connection object was specified directly). If this parameter is |
166 | (unless a connection object was specified directly). If this parameter is |
162 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
167 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
163 | |
168 | |
164 | =back |
169 | =back |
165 | |
170 | |
166 | =cut |
171 | =cut |
|
|
172 | |
|
|
173 | our (%RH, %WH); |
|
|
174 | |
|
|
175 | sub register_read_type($$) { |
|
|
176 | $RH{$_[0]} = $_[1]; |
|
|
177 | } |
|
|
178 | |
|
|
179 | sub register_write_type($$) { |
|
|
180 | $WH{$_[0]} = $_[1]; |
|
|
181 | } |
167 | |
182 | |
168 | sub new { |
183 | sub new { |
169 | my $class = shift; |
184 | my $class = shift; |
170 | |
185 | |
171 | my $self = bless { @_ }, $class; |
186 | my $self = bless { @_ }, $class; |
… | |
… | |
501 | true, it will be removed from the queue. |
516 | true, it will be removed from the queue. |
502 | |
517 | |
503 | =cut |
518 | =cut |
504 | |
519 | |
505 | sub push_read { |
520 | sub push_read { |
506 | my ($self, $cb) = @_; |
521 | my $self = shift; |
|
|
522 | my $cb = pop; |
|
|
523 | |
|
|
524 | if (@_) { |
|
|
525 | my $type = shift; |
|
|
526 | |
|
|
527 | $cb = ($RH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_read") |
|
|
528 | ->($self, $cb, @_); |
|
|
529 | } |
507 | |
530 | |
508 | push @{ $self->{queue} }, $cb; |
531 | push @{ $self->{queue} }, $cb; |
509 | $self->_drain_rbuf; |
532 | $self->_drain_rbuf; |
510 | } |
533 | } |
511 | |
534 | |
512 | sub unshift_read { |
535 | sub unshift_read { |
513 | my ($self, $cb) = @_; |
536 | my $self = shift; |
|
|
537 | my $cb = pop; |
514 | |
538 | |
|
|
539 | if (@_) { |
|
|
540 | my $type = shift; |
|
|
541 | |
|
|
542 | $cb = ($RH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::unshift_read") |
|
|
543 | ->($self, $cb, @_); |
|
|
544 | } |
|
|
545 | |
|
|
546 | |
515 | push @{ $self->{queue} }, $cb; |
547 | unshift @{ $self->{queue} }, $cb; |
516 | $self->_drain_rbuf; |
548 | $self->_drain_rbuf; |
517 | } |
549 | } |
518 | |
550 | |
519 | =item $handle->push_read_chunk ($len, $cb->($self, $data)) |
551 | =item $handle->push_read (type => @args, $cb) |
520 | |
552 | |
521 | =item $handle->unshift_read_chunk ($len, $cb->($self, $data)) |
553 | =item $handle->unshift_read (type => @args, $cb) |
522 | |
554 | |
523 | Append the given callback to the end of the queue (C<push_read_chunk>) or |
555 | Instead of providing a callback that parses the data itself you can chose |
524 | prepend it (C<unshift_read_chunk>). |
556 | between a number of predefined parsing formats, for chunks of data, lines |
|
|
557 | etc. |
525 | |
558 | |
526 | The callback will be called only once C<$len> bytes have been read, and |
559 | The types currently supported are: |
527 | these C<$len> bytes will be passed to the callback. |
|
|
528 | |
560 | |
529 | =cut |
561 | =over 4 |
530 | |
562 | |
531 | sub _read_chunk($$) { |
563 | =item chunk => $octets, $cb->($self, $data) |
|
|
564 | |
|
|
565 | Invoke the callback only once C<$octets> bytes have been read. Pass the |
|
|
566 | data read to the callback. The callback will never be called with less |
|
|
567 | data. |
|
|
568 | |
|
|
569 | Example: read 2 bytes. |
|
|
570 | |
|
|
571 | $handle->push_read (chunk => 2, sub { |
|
|
572 | warn "yay ", unpack "H*", $_[1]; |
|
|
573 | }); |
|
|
574 | |
|
|
575 | =cut |
|
|
576 | |
|
|
577 | register_read_type chunk => sub { |
532 | my ($self, $len, $cb) = @_; |
578 | my ($self, $cb, $len) = @_; |
533 | |
579 | |
534 | sub { |
580 | sub { |
535 | $len <= length $_[0]{rbuf} or return; |
581 | $len <= length $_[0]{rbuf} or return; |
536 | $cb->($_[0], substr $_[0]{rbuf}, 0, $len, ""); |
582 | $cb->($_[0], substr $_[0]{rbuf}, 0, $len, ""); |
537 | 1 |
583 | 1 |
538 | } |
584 | } |
539 | } |
585 | }; |
540 | |
586 | |
|
|
587 | # compatibility with older API |
541 | sub push_read_chunk { |
588 | sub push_read_chunk { |
542 | $_[0]->push_read (&_read_chunk); |
589 | $_[0]->push_read (chunk => $_[1], $_[2]); |
543 | } |
590 | } |
544 | |
|
|
545 | |
591 | |
546 | sub unshift_read_chunk { |
592 | sub unshift_read_chunk { |
547 | $_[0]->unshift_read (&_read_chunk); |
593 | $_[0]->unshift_read (chunk => $_[1], $_[2]); |
548 | } |
594 | } |
549 | |
595 | |
550 | =item $handle->push_read_line ([$eol, ]$cb->($self, $line, $eol)) |
596 | =item line => [$eol, ]$cb->($self, $line, $eol) |
551 | |
|
|
552 | =item $handle->unshift_read_line ([$eol, ]$cb->($self, $line, $eol)) |
|
|
553 | |
|
|
554 | Append the given callback to the end of the queue (C<push_read_line>) or |
|
|
555 | prepend it (C<unshift_read_line>). |
|
|
556 | |
597 | |
557 | The callback will be called only once a full line (including the end of |
598 | The callback will be called only once a full line (including the end of |
558 | line marker, C<$eol>) has been read. This line (excluding the end of line |
599 | line marker, C<$eol>) has been read. This line (excluding the end of line |
559 | marker) will be passed to the callback as second argument (C<$line>), and |
600 | marker) will be passed to the callback as second argument (C<$line>), and |
560 | the end of line marker as the third argument (C<$eol>). |
601 | the end of line marker as the third argument (C<$eol>). |
… | |
… | |
571 | Partial lines at the end of the stream will never be returned, as they are |
612 | Partial lines at the end of the stream will never be returned, as they are |
572 | not marked by the end of line marker. |
613 | not marked by the end of line marker. |
573 | |
614 | |
574 | =cut |
615 | =cut |
575 | |
616 | |
576 | sub _read_line($$) { |
617 | register_read_type line => sub { |
577 | my $self = shift; |
618 | my ($self, $cb, $eol) = @_; |
578 | my $cb = pop; |
|
|
579 | my $eol = @_ ? shift : qr|(\015?\012)|; |
|
|
580 | my $pos; |
|
|
581 | |
619 | |
|
|
620 | $eol = qr|(\015?\012)| if @_ < 3; |
582 | $eol = quotemeta $eol unless ref $eol; |
621 | $eol = quotemeta $eol unless ref $eol; |
583 | $eol = qr|^(.*?)($eol)|s; |
622 | $eol = qr|^(.*?)($eol)|s; |
584 | |
623 | |
585 | sub { |
624 | sub { |
586 | $_[0]{rbuf} =~ s/$eol// or return; |
625 | $_[0]{rbuf} =~ s/$eol// or return; |
587 | |
626 | |
588 | $cb->($_[0], $1, $2); |
627 | $cb->($_[0], $1, $2); |
589 | 1 |
628 | 1 |
590 | } |
629 | } |
591 | } |
630 | }; |
592 | |
631 | |
|
|
632 | # compatibility with older API |
593 | sub push_read_line { |
633 | sub push_read_line { |
594 | $_[0]->push_read (&_read_line); |
634 | my $self = shift; |
|
|
635 | $self->push_read (line => @_); |
595 | } |
636 | } |
596 | |
637 | |
597 | sub unshift_read_line { |
638 | sub unshift_read_line { |
598 | $_[0]->unshift_read (&_read_line); |
639 | my $self = shift; |
|
|
640 | $self->unshift_read (line => @_); |
599 | } |
641 | } |
|
|
642 | |
|
|
643 | =back |
600 | |
644 | |
601 | =item $handle->stop_read |
645 | =item $handle->stop_read |
602 | |
646 | |
603 | =item $handle->start_read |
647 | =item $handle->start_read |
604 | |
648 | |
… | |
… | |
659 | while (defined (my $buf = Net::SSLeay::read ($self->{tls}))) { |
703 | while (defined (my $buf = Net::SSLeay::read ($self->{tls}))) { |
660 | $self->{rbuf} .= $buf; |
704 | $self->{rbuf} .= $buf; |
661 | $self->_drain_rbuf; |
705 | $self->_drain_rbuf; |
662 | } |
706 | } |
663 | |
707 | |
664 | if ( |
|
|
665 | (my $err = Net::SSLeay::get_error ($self->{tls}, -1)) |
708 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
|
|
709 | |
666 | != Net::SSLeay::ERROR_WANT_READ () |
710 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
667 | ) { |
|
|
668 | if ($err == Net::SSLeay::ERROR_SYSCALL ()) { |
711 | if ($err == Net::SSLeay::ERROR_SYSCALL ()) { |
669 | $self->error; |
712 | $self->error; |
670 | } elsif ($err == Net::SSLeay::ERROR_SSL ()) { |
713 | } elsif ($err == Net::SSLeay::ERROR_SSL ()) { |
671 | $! = &Errno::EIO; |
714 | $! = &Errno::EIO; |
672 | $self->error; |
715 | $self->error; |
… | |
… | |
674 | |
717 | |
675 | # all others are fine for our purposes |
718 | # all others are fine for our purposes |
676 | } |
719 | } |
677 | } |
720 | } |
678 | |
721 | |
|
|
722 | =item $handle->starttls ($tls[, $tls_ctx]) |
|
|
723 | |
|
|
724 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
|
|
725 | object is created, you can also do that at a later time by calling |
|
|
726 | C<starttls>. |
|
|
727 | |
|
|
728 | The first argument is the same as the C<tls> constructor argument (either |
|
|
729 | C<"connect">, C<"accept"> or an existing Net::SSLeay object). |
|
|
730 | |
|
|
731 | The second argument is the optional C<Net::SSLeay::CTX> object that is |
|
|
732 | used when AnyEvent::Handle has to create its own TLS connection object. |
|
|
733 | |
|
|
734 | =cut |
|
|
735 | |
679 | # TODO: maybe document... |
736 | # TODO: maybe document... |
680 | sub starttls { |
737 | sub starttls { |
681 | my ($self, $ssl, $ctx) = @_; |
738 | my ($self, $ssl, $ctx) = @_; |
|
|
739 | |
|
|
740 | $self->stoptls; |
682 | |
741 | |
683 | if ($ssl eq "accept") { |
742 | if ($ssl eq "accept") { |
684 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
743 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
685 | Net::SSLeay::set_accept_state ($ssl); |
744 | Net::SSLeay::set_accept_state ($ssl); |
686 | } elsif ($ssl eq "connect") { |
745 | } elsif ($ssl eq "connect") { |
… | |
… | |
692 | |
751 | |
693 | # basically, this is deep magic (because SSL_read should have the same issues) |
752 | # basically, this is deep magic (because SSL_read should have the same issues) |
694 | # but the openssl maintainers basically said: "trust us, it just works". |
753 | # but the openssl maintainers basically said: "trust us, it just works". |
695 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
754 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
696 | # and mismaintained ssleay-module doesn't even offer them). |
755 | # and mismaintained ssleay-module doesn't even offer them). |
|
|
756 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
697 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
757 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
698 | (eval { Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
758 | (eval { Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
699 | | (eval { Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
759 | | (eval { Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
700 | |
760 | |
701 | $self->{tls_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
761 | $self->{tls_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
… | |
… | |
711 | Net::SSLeay::BIO_write ($_[0]{tls_rbio}, ${$_[1]}); |
771 | Net::SSLeay::BIO_write ($_[0]{tls_rbio}, ${$_[1]}); |
712 | &_dotls; |
772 | &_dotls; |
713 | }; |
773 | }; |
714 | } |
774 | } |
715 | |
775 | |
|
|
776 | =item $handle->stoptls |
|
|
777 | |
|
|
778 | Destroys the SSL connection, if any. Partial read or write data will be |
|
|
779 | lost. |
|
|
780 | |
|
|
781 | =cut |
|
|
782 | |
|
|
783 | sub stoptls { |
|
|
784 | my ($self) = @_; |
|
|
785 | |
|
|
786 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
|
|
787 | delete $self->{tls_rbio}; |
|
|
788 | delete $self->{tls_wbio}; |
|
|
789 | delete $self->{tls_wbuf}; |
|
|
790 | delete $self->{filter_r}; |
|
|
791 | delete $self->{filter_w}; |
|
|
792 | } |
|
|
793 | |
716 | sub DESTROY { |
794 | sub DESTROY { |
717 | my $self = shift; |
795 | my $self = shift; |
718 | |
796 | |
719 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
797 | $self->stoptls; |
720 | } |
798 | } |
721 | |
799 | |
722 | =item AnyEvent::Handle::TLS_CTX |
800 | =item AnyEvent::Handle::TLS_CTX |
723 | |
801 | |
724 | This function creates and returns the Net::SSLeay::CTX object used by |
802 | This function creates and returns the Net::SSLeay::CTX object used by |