| … | |
… | |
| 95 | waiting for data. |
95 | waiting for data. |
| 96 | |
96 | |
| 97 | If an EOF condition has been detected but no C<on_eof> callback has been |
97 | If an EOF condition has been detected but no C<on_eof> callback has been |
| 98 | set, then a fatal error will be raised with C<$!> set to <0>. |
98 | set, then a fatal error will be raised with C<$!> set to <0>. |
| 99 | |
99 | |
| 100 | =item on_error => $cb->($handle, $fatal) |
100 | =item on_error => $cb->($handle, $fatal, $message) |
| 101 | |
101 | |
| 102 | This is the error callback, which is called when, well, some error |
102 | This is the error callback, which is called when, well, some error |
| 103 | occured, such as not being able to resolve the hostname, failure to |
103 | occured, such as not being able to resolve the hostname, failure to |
| 104 | connect or a read error. |
104 | connect or a read error. |
| 105 | |
105 | |
| … | |
… | |
| 107 | fatal errors the handle object will be shut down and will not be usable |
107 | fatal errors the handle object will be shut down and will not be usable |
| 108 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
108 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
| 109 | errors are an EOF condition with active (but unsatisifable) read watchers |
109 | errors are an EOF condition with active (but unsatisifable) read watchers |
| 110 | (C<EPIPE>) or I/O errors. |
110 | (C<EPIPE>) or I/O errors. |
| 111 | |
111 | |
|
|
112 | AnyEvent::Handle tries to find an appropriate error code for you to check |
|
|
113 | against, but in some cases (TLS errors), this does not work well. It is |
|
|
114 | recommended to always output the C<$message> argument in human-readable |
|
|
115 | error messages (it's usually the same as C<"$!">). |
|
|
116 | |
| 112 | Non-fatal errors can be retried by simply returning, but it is recommended |
117 | Non-fatal errors can be retried by simply returning, but it is recommended |
| 113 | to simply ignore this parameter and instead abondon the handle object |
118 | to simply ignore this parameter and instead abondon the handle object |
| 114 | when this callback is invoked. Examples of non-fatal errors are timeouts |
119 | when this callback is invoked. Examples of non-fatal errors are timeouts |
| 115 | C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). |
120 | C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). |
| 116 | |
121 | |
| 117 | On callback entrance, the value of C<$!> contains the operating system |
122 | On callback entrance, the value of C<$!> contains the operating system |
| 118 | error (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT> or C<EBADMSG>). |
123 | error code (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT>, C<EBADMSG> or |
|
|
124 | C<EPROTO>). |
| 119 | |
125 | |
| 120 | While not mandatory, it is I<highly> recommended to set this callback, as |
126 | While not mandatory, it is I<highly> recommended to set this callback, as |
| 121 | you will not be notified of errors otherwise. The default simply calls |
127 | you will not be notified of errors otherwise. The default simply calls |
| 122 | C<croak>. |
128 | C<croak>. |
| 123 | |
129 | |
| … | |
… | |
| 237 | |
243 | |
| 238 | This will not work for partial TLS data that could not be encoded |
244 | This will not work for partial TLS data that could not be encoded |
| 239 | yet. This data will be lost. Calling the C<stoptls> method in time might |
245 | yet. This data will be lost. Calling the C<stoptls> method in time might |
| 240 | help. |
246 | help. |
| 241 | |
247 | |
| 242 | =item common_name => $string |
248 | =item peername => $string |
| 243 | |
249 | |
| 244 | The common name used by some verification methods (most notably SSL/TLS) |
250 | A string used to identify the remote site - usually the DNS hostname used |
| 245 | associated with this connection. Usually this is the remote hostname used |
251 | to create the connection. |
| 246 | to connect, but can be almost anything. |
252 | |
|
|
253 | Apart from being useful in error messages, this string is also used in TLS |
|
|
254 | common name verification (see C<verify_cn> in L<AnyEvent::TLS>). |
| 247 | |
255 | |
| 248 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
256 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
| 249 | |
257 | |
| 250 | When this parameter is given, it enables TLS (SSL) mode, that means |
258 | When this parameter is given, it enables TLS (SSL) mode, that means |
| 251 | AnyEvent will start a TLS handshake as soon as the conenction has been |
259 | AnyEvent will start a TLS handshake as soon as the conenction has been |
| 252 | established and will transparently encrypt/decrypt data afterwards. |
260 | established and will transparently encrypt/decrypt data afterwards. |
|
|
261 | |
|
|
262 | All TLS protocol errors will be signalled as C<EPROTO>, with an |
|
|
263 | appropriate error message. |
| 253 | |
264 | |
| 254 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
265 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
| 255 | automatically when you try to create a TLS handle): this module doesn't |
266 | automatically when you try to create a TLS handle): this module doesn't |
| 256 | have a dependency on that module, so if your module requires it, you have |
267 | have a dependency on that module, so if your module requires it, you have |
| 257 | to add the dependency yourself. |
268 | to add the dependency yourself. |
| … | |
… | |
| 334 | |
345 | |
| 335 | &_freetls; |
346 | &_freetls; |
| 336 | } |
347 | } |
| 337 | |
348 | |
| 338 | sub _error { |
349 | sub _error { |
| 339 | my ($self, $errno, $fatal) = @_; |
350 | my ($self, $errno, $fatal, $message) = @_; |
| 340 | |
351 | |
| 341 | $self->_shutdown |
352 | $self->_shutdown |
| 342 | if $fatal; |
353 | if $fatal; |
| 343 | |
354 | |
| 344 | $! = $errno; |
355 | $! = $errno; |
|
|
356 | $message ||= "$!"; |
| 345 | |
357 | |
| 346 | if ($self->{on_error}) { |
358 | if ($self->{on_error}) { |
| 347 | $self->{on_error}($self, $fatal); |
359 | $self->{on_error}($self, $fatal, $message); |
| 348 | } elsif ($self->{fh}) { |
360 | } elsif ($self->{fh}) { |
| 349 | Carp::croak "AnyEvent::Handle uncaught error: $!"; |
361 | Carp::croak "AnyEvent::Handle uncaught error: $message"; |
| 350 | } |
362 | } |
| 351 | } |
363 | } |
| 352 | |
364 | |
| 353 | =item $fh = $handle->fh |
365 | =item $fh = $handle->fh |
| 354 | |
366 | |
| … | |
… | |
| 666 | |
678 | |
| 667 | pack "w/a*", Storable::nfreeze ($ref) |
679 | pack "w/a*", Storable::nfreeze ($ref) |
| 668 | }; |
680 | }; |
| 669 | |
681 | |
| 670 | =back |
682 | =back |
|
|
683 | |
|
|
684 | =item $handle->push_shutdown |
|
|
685 | |
|
|
686 | Sometimes you know you want to close the socket after writing your data |
|
|
687 | before it was actually written. One way to do that is to replace your |
|
|
688 | C<on_drain> handler by a callback that shuts down the socket. This method |
|
|
689 | is a shorthand for just that, and replaces the C<on_drain> callback with: |
|
|
690 | |
|
|
691 | sub { shutdown $_[0]{fh}, 1 } # for push_shutdown |
|
|
692 | |
|
|
693 | This simply shuts down the write side and signals an EOF condition to the |
|
|
694 | the peer. |
|
|
695 | |
|
|
696 | You can rely on the normal read queue and C<on_eof> handling |
|
|
697 | afterwards. This is the cleanest way to close a connection. |
|
|
698 | |
|
|
699 | =cut |
|
|
700 | |
|
|
701 | sub push_shutdown { |
|
|
702 | $_[0]->{on_drain} = sub { shutdown $_[0]{fh}, 1 }; |
|
|
703 | } |
| 671 | |
704 | |
| 672 | =item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) |
705 | =item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) |
| 673 | |
706 | |
| 674 | This function (not method) lets you add your own types to C<push_write>. |
707 | This function (not method) lets you add your own types to C<push_write>. |
| 675 | Whenever the given C<type> is used, C<push_write> will invoke the code |
708 | Whenever the given C<type> is used, C<push_write> will invoke the code |
| … | |
… | |
| 1342 | } |
1375 | } |
| 1343 | }); |
1376 | }); |
| 1344 | } |
1377 | } |
| 1345 | } |
1378 | } |
| 1346 | |
1379 | |
|
|
1380 | our $ERROR_SYSCALL; |
|
|
1381 | our $ERROR_WANT_READ; |
|
|
1382 | our $ERROR_ZERO_RETURN; |
|
|
1383 | |
|
|
1384 | sub _tls_error { |
|
|
1385 | my ($self, $err) = @_; |
|
|
1386 | warn "$err,$!\n";#d# |
|
|
1387 | |
|
|
1388 | return $self->_error ($!, 1) |
|
|
1389 | if $err == Net::SSLeay::ERROR_SYSCALL (); |
|
|
1390 | |
|
|
1391 | $self->_error (&Errno::EPROTO, 1, |
|
|
1392 | Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ())); |
|
|
1393 | } |
|
|
1394 | |
| 1347 | # poll the write BIO and send the data if applicable |
1395 | # poll the write BIO and send the data if applicable |
|
|
1396 | # also decode read data if possible |
|
|
1397 | # this is basiclaly our TLS state machine |
|
|
1398 | # more efficient implementations are possible with openssl, |
|
|
1399 | # but not with the buggy and incomplete Net::SSLeay. |
| 1348 | sub _dotls { |
1400 | sub _dotls { |
| 1349 | my ($self) = @_; |
1401 | my ($self) = @_; |
| 1350 | |
1402 | |
| 1351 | my $tmp; |
1403 | my $tmp; |
| 1352 | |
1404 | |
| 1353 | if (length $self->{_tls_wbuf}) { |
1405 | if (length $self->{_tls_wbuf}) { |
| 1354 | while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1406 | while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
| 1355 | substr $self->{_tls_wbuf}, 0, $tmp, ""; |
1407 | substr $self->{_tls_wbuf}, 0, $tmp, ""; |
| 1356 | } |
1408 | } |
|
|
1409 | |
|
|
1410 | $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp); |
|
|
1411 | return $self->_tls_error ($tmp) |
|
|
1412 | if $tmp != $ERROR_WANT_READ |
|
|
1413 | && ($tmp != $ERROR_SYSCALL || $!) |
|
|
1414 | && $tmp != $ERROR_ZERO_RETURN; |
| 1357 | } |
1415 | } |
| 1358 | |
1416 | |
| 1359 | while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { |
1417 | while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { |
| 1360 | unless (length $tmp) { |
1418 | unless (length $tmp) { |
| 1361 | # let's treat SSL-eof as we treat normal EOF |
1419 | # let's treat SSL-eof as we treat normal EOF |
| … | |
… | |
| 1368 | $self->_drain_rbuf unless $self->{_in_drain}; |
1426 | $self->_drain_rbuf unless $self->{_in_drain}; |
| 1369 | $self->{tls} or return; # tls session might have gone away in callback |
1427 | $self->{tls} or return; # tls session might have gone away in callback |
| 1370 | } |
1428 | } |
| 1371 | |
1429 | |
| 1372 | $tmp = Net::SSLeay::get_error ($self->{tls}, -1); |
1430 | $tmp = Net::SSLeay::get_error ($self->{tls}, -1); |
| 1373 | |
|
|
| 1374 | if ($tmp != Net::SSLeay::ERROR_WANT_READ ()) { |
|
|
| 1375 | if ($tmp == Net::SSLeay::ERROR_SYSCALL ()) { |
|
|
| 1376 | return $self->_error ($!, 1); |
1431 | return $self->_tls_error ($tmp) |
| 1377 | } elsif ($tmp == Net::SSLeay::ERROR_SSL ()) { |
1432 | if $tmp != $ERROR_WANT_READ |
| 1378 | return $self->_error (&Errno::EIO, 1); |
1433 | && ($tmp != $ERROR_SYSCALL || $!) |
| 1379 | } |
1434 | && $tmp != $ERROR_ZERO_RETURN; |
| 1380 | |
|
|
| 1381 | # all other errors are fine for our purposes |
|
|
| 1382 | } |
|
|
| 1383 | |
1435 | |
| 1384 | while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
1436 | while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
| 1385 | $self->{wbuf} .= $tmp; |
1437 | $self->{wbuf} .= $tmp; |
| 1386 | $self->_drain_wbuf; |
1438 | $self->_drain_wbuf; |
| 1387 | } |
1439 | } |
| … | |
… | |
| 1417 | require Net::SSLeay; |
1469 | require Net::SSLeay; |
| 1418 | |
1470 | |
| 1419 | Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" |
1471 | Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" |
| 1420 | if $self->{tls}; |
1472 | if $self->{tls}; |
| 1421 | |
1473 | |
|
|
1474 | $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL (); |
|
|
1475 | $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ (); |
|
|
1476 | $ERROR_ZERO_RETURN = Net::SSLeay::ERROR_ZERO_RETURN (); |
|
|
1477 | |
| 1422 | $ctx ||= $self->{tls_ctx}; |
1478 | $ctx ||= $self->{tls_ctx}; |
| 1423 | |
1479 | |
| 1424 | if ("HASH" eq ref $ctx) { |
1480 | if ("HASH" eq ref $ctx) { |
| 1425 | require AnyEvent::TLS; |
1481 | require AnyEvent::TLS; |
| 1426 | |
1482 | |
| 1427 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context |
1483 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context |
| 1428 | $ctx = new AnyEvent::TLS %$ctx; |
1484 | $ctx = new AnyEvent::TLS %$ctx; |
| 1429 | } |
1485 | } |
| 1430 | |
1486 | |
| 1431 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1487 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
| 1432 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self); |
1488 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); |
| 1433 | |
1489 | |
| 1434 | # basically, this is deep magic (because SSL_read should have the same issues) |
1490 | # basically, this is deep magic (because SSL_read should have the same issues) |
| 1435 | # but the openssl maintainers basically said: "trust us, it just works". |
1491 | # but the openssl maintainers basically said: "trust us, it just works". |
| 1436 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1492 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
| 1437 | # and mismaintained ssleay-module doesn't even offer them). |
1493 | # and mismaintained ssleay-module doesn't even offer them). |
