… | |
… | |
83 | Try to connect to the specified host and service (port), using |
83 | Try to connect to the specified host and service (port), using |
84 | C<AnyEvent::Socket::tcp_connect>. The C<$host> additionally becomes the |
84 | C<AnyEvent::Socket::tcp_connect>. The C<$host> additionally becomes the |
85 | default C<peername>. |
85 | default C<peername>. |
86 | |
86 | |
87 | You have to specify either this parameter, or C<fh>, above. |
87 | You have to specify either this parameter, or C<fh>, above. |
|
|
88 | |
|
|
89 | It is possible to push requests on the read and write queues, and modify |
|
|
90 | properties of the stream, even while AnyEvent::Handle is connecting. |
88 | |
91 | |
89 | When this parameter is specified, then the C<on_prepare>, |
92 | When this parameter is specified, then the C<on_prepare>, |
90 | C<on_connect_error> and C<on_connect> callbacks will be called under the |
93 | C<on_connect_error> and C<on_connect> callbacks will be called under the |
91 | appropriate circumstances: |
94 | appropriate circumstances: |
92 | |
95 | |
… | |
… | |
478 | |
481 | |
479 | $self->on_drain (delete $self->{on_drain}) if $self->{on_drain}; |
482 | $self->on_drain (delete $self->{on_drain}) if $self->{on_drain}; |
480 | |
483 | |
481 | $self->start_read |
484 | $self->start_read |
482 | if $self->{on_read} || @{ $self->{_queue} }; |
485 | if $self->{on_read} || @{ $self->{_queue} }; |
|
|
486 | |
|
|
487 | $self->_drain_wbuf; |
483 | } |
488 | } |
484 | |
489 | |
485 | #sub _shutdown { |
490 | #sub _shutdown { |
486 | # my ($self) = @_; |
491 | # my ($self) = @_; |
487 | # |
492 | # |
… | |
… | |
740 | ->($self, @_); |
745 | ->($self, @_); |
741 | } |
746 | } |
742 | |
747 | |
743 | if ($self->{tls}) { |
748 | if ($self->{tls}) { |
744 | $self->{_tls_wbuf} .= $_[0]; |
749 | $self->{_tls_wbuf} .= $_[0]; |
745 | |
750 | &_dotls ($self) if $self->{fh}; |
746 | &_dotls ($self); |
|
|
747 | } else { |
751 | } else { |
748 | $self->{wbuf} .= $_[0]; |
752 | $self->{wbuf} .= $_[0]; |
749 | $self->_drain_wbuf if $self->{fh}; |
753 | $self->_drain_wbuf if $self->{fh}; |
750 | } |
754 | } |
751 | } |
755 | } |
752 | |
756 | |
753 | =item $handle->push_write (type => @args) |
757 | =item $handle->push_write (type => @args) |
… | |
… | |
1649 | The TLS connection object will end up in C<< $handle->{tls} >>, the TLS |
1653 | The TLS connection object will end up in C<< $handle->{tls} >>, the TLS |
1650 | context in C<< $handle->{tls_ctx} >> after this call and can be used or |
1654 | context in C<< $handle->{tls_ctx} >> after this call and can be used or |
1651 | changed to your liking. Note that the handshake might have already started |
1655 | changed to your liking. Note that the handshake might have already started |
1652 | when this function returns. |
1656 | when this function returns. |
1653 | |
1657 | |
1654 | If it an error to start a TLS handshake more than once per |
1658 | Due to bugs in OpenSSL, it might or might not be possible to do multiple |
1655 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
1659 | handshakes on the same stream. Best do not attempt to use the stream after |
|
|
1660 | stopping TLS. |
1656 | |
1661 | |
1657 | =cut |
1662 | =cut |
1658 | |
1663 | |
1659 | our %TLS_CACHE; #TODO not yet documented, should we? |
1664 | our %TLS_CACHE; #TODO not yet documented, should we? |
1660 | |
1665 | |
1661 | sub starttls { |
1666 | sub starttls { |
1662 | my ($self, $ssl, $ctx) = @_; |
1667 | my ($self, $tls, $ctx) = @_; |
|
|
1668 | |
|
|
1669 | Carp::croak "It is an error to call starttls on an AnyEvent::Handle object while TLS is already active, caught" |
|
|
1670 | if $self->{tls}; |
|
|
1671 | |
|
|
1672 | $self->{tls} = $tls; |
|
|
1673 | $self->{tls_ctx} = $ctx if @_ > 2; |
|
|
1674 | |
|
|
1675 | return unless $self->{fh}; |
1663 | |
1676 | |
1664 | require Net::SSLeay; |
1677 | require Net::SSLeay; |
1665 | |
|
|
1666 | Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" |
|
|
1667 | if $self->{tls}; |
|
|
1668 | |
1678 | |
1669 | $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL (); |
1679 | $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL (); |
1670 | $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ (); |
1680 | $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ (); |
1671 | |
1681 | |
|
|
1682 | $tls = $self->{tls}; |
1672 | $ctx ||= $self->{tls_ctx}; |
1683 | $ctx = $self->{tls_ctx}; |
1673 | |
1684 | |
1674 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context or session |
1685 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context or session |
1675 | |
1686 | |
1676 | if ("HASH" eq ref $ctx) { |
1687 | if ("HASH" eq ref $ctx) { |
1677 | require AnyEvent::TLS; |
1688 | require AnyEvent::TLS; |
… | |
… | |
1683 | $ctx = new AnyEvent::TLS %$ctx; |
1694 | $ctx = new AnyEvent::TLS %$ctx; |
1684 | } |
1695 | } |
1685 | } |
1696 | } |
1686 | |
1697 | |
1687 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1698 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1688 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); |
1699 | $self->{tls} = $tls = $self->{tls_ctx}->_get_session ($tls, $self, $self->{peername}); |
1689 | |
1700 | |
1690 | # basically, this is deep magic (because SSL_read should have the same issues) |
1701 | # basically, this is deep magic (because SSL_read should have the same issues) |
1691 | # but the openssl maintainers basically said: "trust us, it just works". |
1702 | # but the openssl maintainers basically said: "trust us, it just works". |
1692 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1703 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1693 | # and mismaintained ssleay-module doesn't even offer them). |
1704 | # and mismaintained ssleay-module doesn't even offer them). |
… | |
… | |
1700 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
1711 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
1701 | # have identity issues in that area. |
1712 | # have identity issues in that area. |
1702 | # Net::SSLeay::CTX_set_mode ($ssl, |
1713 | # Net::SSLeay::CTX_set_mode ($ssl, |
1703 | # (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1714 | # (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1704 | # | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1715 | # | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1705 | Net::SSLeay::CTX_set_mode ($ssl, 1|2); |
1716 | Net::SSLeay::CTX_set_mode ($tls, 1|2); |
1706 | |
1717 | |
1707 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1718 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1708 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1719 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1709 | |
1720 | |
1710 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1721 | Net::SSLeay::set_bio ($tls, $self->{_rbio}, $self->{_wbio}); |
1711 | |
1722 | |
1712 | $self->{_on_starttls} = sub { $_[0]{on_starttls}(@_) } |
1723 | $self->{_on_starttls} = sub { $_[0]{on_starttls}(@_) } |
1713 | if $self->{on_starttls}; |
1724 | if $self->{on_starttls}; |
1714 | |
1725 | |
1715 | &_dotls; # need to trigger the initial handshake |
1726 | &_dotls; # need to trigger the initial handshake |
… | |
… | |
1718 | |
1729 | |
1719 | =item $handle->stoptls |
1730 | =item $handle->stoptls |
1720 | |
1731 | |
1721 | Shuts down the SSL connection - this makes a proper EOF handshake by |
1732 | Shuts down the SSL connection - this makes a proper EOF handshake by |
1722 | sending a close notify to the other side, but since OpenSSL doesn't |
1733 | sending a close notify to the other side, but since OpenSSL doesn't |
1723 | support non-blocking shut downs, it is not possible to re-use the stream |
1734 | support non-blocking shut downs, it is not guarenteed that you can re-use |
1724 | afterwards. |
1735 | the stream afterwards. |
1725 | |
1736 | |
1726 | =cut |
1737 | =cut |
1727 | |
1738 | |
1728 | sub stoptls { |
1739 | sub stoptls { |
1729 | my ($self) = @_; |
1740 | my ($self) = @_; |
… | |
… | |
1742 | sub _freetls { |
1753 | sub _freetls { |
1743 | my ($self) = @_; |
1754 | my ($self) = @_; |
1744 | |
1755 | |
1745 | return unless $self->{tls}; |
1756 | return unless $self->{tls}; |
1746 | |
1757 | |
1747 | $self->{tls_ctx}->_put_session (delete $self->{tls}); |
1758 | $self->{tls_ctx}->_put_session (delete $self->{tls}) |
|
|
1759 | if ref $self->{tls}; |
1748 | |
1760 | |
1749 | delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)}; |
1761 | delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)}; |
1750 | } |
1762 | } |
1751 | |
1763 | |
1752 | sub DESTROY { |
1764 | sub DESTROY { |