| … | |
… | |
| 14 | |
14 | |
| 15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
| 16 | |
16 | |
| 17 | =cut |
17 | =cut |
| 18 | |
18 | |
| 19 | our $VERSION = 4.232; |
19 | our $VERSION = 4.3; |
| 20 | |
20 | |
| 21 | =head1 SYNOPSIS |
21 | =head1 SYNOPSIS |
| 22 | |
22 | |
| 23 | use AnyEvent; |
23 | use AnyEvent; |
| 24 | use AnyEvent::Handle; |
24 | use AnyEvent::Handle; |
| … | |
… | |
| 59 | treatment of characters applies to this module as well. |
59 | treatment of characters applies to this module as well. |
| 60 | |
60 | |
| 61 | All callbacks will be invoked with the handle object as their first |
61 | All callbacks will be invoked with the handle object as their first |
| 62 | argument. |
62 | argument. |
| 63 | |
63 | |
|
|
64 | =head2 SIGPIPE is not handled by this module |
|
|
65 | |
|
|
66 | SIGPIPE is not handled by this module, so one of the practical |
|
|
67 | requirements of using it is to ignore SIGPIPE (C<$SIG{PIPE} = |
|
|
68 | 'IGNORE'>). At least, this is highly recommend in a networked program: If |
|
|
69 | you use AnyEvent::Handle in a filter program (like sort), exiting on |
|
|
70 | SIGPIPE is probably the right thing to do. |
|
|
71 | |
| 64 | =head1 METHODS |
72 | =head1 METHODS |
| 65 | |
73 | |
| 66 | =over 4 |
74 | =over 4 |
| 67 | |
75 | |
| 68 | =item B<new (%args)> |
76 | =item B<new (%args)> |
| … | |
… | |
| 103 | occured, such as not being able to resolve the hostname, failure to |
111 | occured, such as not being able to resolve the hostname, failure to |
| 104 | connect or a read error. |
112 | connect or a read error. |
| 105 | |
113 | |
| 106 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
114 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
| 107 | fatal errors the handle object will be shut down and will not be usable |
115 | fatal errors the handle object will be shut down and will not be usable |
| 108 | (but you are free to look at the current C< ->rbuf >). Examples of fatal |
116 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
| 109 | errors are an EOF condition with active (but unsatisifable) read watchers |
117 | errors are an EOF condition with active (but unsatisifable) read watchers |
| 110 | (C<EPIPE>) or I/O errors. |
118 | (C<EPIPE>) or I/O errors. |
| 111 | |
119 | |
| 112 | Non-fatal errors can be retried by simply returning, but it is recommended |
120 | Non-fatal errors can be retried by simply returning, but it is recommended |
| 113 | to simply ignore this parameter and instead abondon the handle object |
121 | to simply ignore this parameter and instead abondon the handle object |
| … | |
… | |
| 152 | =item timeout => $fractional_seconds |
160 | =item timeout => $fractional_seconds |
| 153 | |
161 | |
| 154 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
162 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
| 155 | seconds pass without a successful read or write on the underlying file |
163 | seconds pass without a successful read or write on the underlying file |
| 156 | handle, the C<on_timeout> callback will be invoked (and if that one is |
164 | handle, the C<on_timeout> callback will be invoked (and if that one is |
| 157 | missing, an C<ETIMEDOUT> error will be raised). |
165 | missing, a non-fatal C<ETIMEDOUT> error will be raised). |
| 158 | |
166 | |
| 159 | Note that timeout processing is also active when you currently do not have |
167 | Note that timeout processing is also active when you currently do not have |
| 160 | any outstanding read or write requests: If you plan to keep the connection |
168 | any outstanding read or write requests: If you plan to keep the connection |
| 161 | idle then you should disable the timout temporarily or ignore the timeout |
169 | idle then you should disable the timout temporarily or ignore the timeout |
| 162 | in the C<on_timeout> callback. |
170 | in the C<on_timeout> callback, in which case AnyEvent::Handle will simply |
|
|
171 | restart the timeout. |
| 163 | |
172 | |
| 164 | Zero (the default) disables this timeout. |
173 | Zero (the default) disables this timeout. |
| 165 | |
174 | |
| 166 | =item on_timeout => $cb->($handle) |
175 | =item on_timeout => $cb->($handle) |
| 167 | |
176 | |
| … | |
… | |
| 171 | |
180 | |
| 172 | =item rbuf_max => <bytes> |
181 | =item rbuf_max => <bytes> |
| 173 | |
182 | |
| 174 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
183 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
| 175 | when the read buffer ever (strictly) exceeds this size. This is useful to |
184 | when the read buffer ever (strictly) exceeds this size. This is useful to |
| 176 | avoid denial-of-service attacks. |
185 | avoid some forms of denial-of-service attacks. |
| 177 | |
186 | |
| 178 | For example, a server accepting connections from untrusted sources should |
187 | For example, a server accepting connections from untrusted sources should |
| 179 | be configured to accept only so-and-so much data that it cannot act on |
188 | be configured to accept only so-and-so much data that it cannot act on |
| 180 | (for example, when expecting a line, an attacker could send an unlimited |
189 | (for example, when expecting a line, an attacker could send an unlimited |
| 181 | amount of data without a callback ever being called as long as the line |
190 | amount of data without a callback ever being called as long as the line |
| 182 | isn't finished). |
191 | isn't finished). |
| 183 | |
192 | |
| 184 | =item autocork => <boolean> |
193 | =item autocork => <boolean> |
| 185 | |
194 | |
| 186 | When disabled (the default), then C<push_write> will try to immediately |
195 | When disabled (the default), then C<push_write> will try to immediately |
| 187 | write the data to the handle if possible. This avoids having to register |
196 | write the data to the handle, if possible. This avoids having to register |
| 188 | a write watcher and wait for the next event loop iteration, but can be |
197 | a write watcher and wait for the next event loop iteration, but can |
| 189 | inefficient if you write multiple small chunks (this disadvantage is |
198 | be inefficient if you write multiple small chunks (on the wire, this |
| 190 | usually avoided by your kernel's nagle algorithm, see C<low_delay>). |
199 | disadvantage is usually avoided by your kernel's nagle algorithm, see |
|
|
200 | C<no_delay>, but this option can save costly syscalls). |
| 191 | |
201 | |
| 192 | When enabled, then writes will always be queued till the next event loop |
202 | When enabled, then writes will always be queued till the next event loop |
| 193 | iteration. This is efficient when you do many small writes per iteration, |
203 | iteration. This is efficient when you do many small writes per iteration, |
| 194 | but less efficient when you do a single write only. |
204 | but less efficient when you do a single write only per iteration (or when |
|
|
205 | the write buffer often is full). It also increases write latency. |
| 195 | |
206 | |
| 196 | =item no_delay => <boolean> |
207 | =item no_delay => <boolean> |
| 197 | |
208 | |
| 198 | When doing small writes on sockets, your operating system kernel might |
209 | When doing small writes on sockets, your operating system kernel might |
| 199 | wait a bit for more data before actually sending it out. This is called |
210 | wait a bit for more data before actually sending it out. This is called |
| 200 | the Nagle algorithm, and usually it is beneficial. |
211 | the Nagle algorithm, and usually it is beneficial. |
| 201 | |
212 | |
| 202 | In some situations you want as low a delay as possible, which cna be |
213 | In some situations you want as low a delay as possible, which can be |
| 203 | accomplishd by setting this option to true. |
214 | accomplishd by setting this option to a true value. |
| 204 | |
215 | |
| 205 | The default is your opertaing system's default behaviour, this option |
216 | The default is your opertaing system's default behaviour (most likely |
| 206 | explicitly enables or disables it, if possible. |
217 | enabled), this option explicitly enables or disables it, if possible. |
| 207 | |
218 | |
| 208 | =item read_size => <bytes> |
219 | =item read_size => <bytes> |
| 209 | |
220 | |
| 210 | The default read block size (the amount of bytes this module will try to read |
221 | The default read block size (the amount of bytes this module will |
| 211 | during each (loop iteration). Default: C<8192>. |
222 | try to read during each loop iteration, which affects memory |
|
|
223 | requirements). Default: C<8192>. |
| 212 | |
224 | |
| 213 | =item low_water_mark => <bytes> |
225 | =item low_water_mark => <bytes> |
| 214 | |
226 | |
| 215 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
227 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
| 216 | buffer: If the write reaches this size or gets even samller it is |
228 | buffer: If the write reaches this size or gets even samller it is |
| 217 | considered empty. |
229 | considered empty. |
| 218 | |
230 | |
|
|
231 | Sometimes it can be beneficial (for performance reasons) to add data to |
|
|
232 | the write buffer before it is fully drained, but this is a rare case, as |
|
|
233 | the operating system kernel usually buffers data as well, so the default |
|
|
234 | is good in almost all cases. |
|
|
235 | |
| 219 | =item linger => <seconds> |
236 | =item linger => <seconds> |
| 220 | |
237 | |
| 221 | If non-zero (default: C<3600>), then the destructor of the |
238 | If non-zero (default: C<3600>), then the destructor of the |
| 222 | AnyEvent::Handle object will check wether there is still outstanding write |
239 | AnyEvent::Handle object will check whether there is still outstanding |
| 223 | data and will install a watcher that will write out this data. No errors |
240 | write data and will install a watcher that will write this data to the |
| 224 | will be reported (this mostly matches how the operating system treats |
241 | socket. No errors will be reported (this mostly matches how the operating |
| 225 | outstanding data at socket close time). |
242 | system treats outstanding data at socket close time). |
| 226 | |
243 | |
| 227 | This will not work for partial TLS data that could not yet been |
244 | This will not work for partial TLS data that could not be encoded |
| 228 | encoded. This data will be lost. |
245 | yet. This data will be lost. |
| 229 | |
246 | |
| 230 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
247 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
| 231 | |
248 | |
| 232 | When this parameter is given, it enables TLS (SSL) mode, that means it |
249 | When this parameter is given, it enables TLS (SSL) mode, that means |
| 233 | will start making tls handshake and will transparently encrypt/decrypt |
250 | AnyEvent will start a TLS handshake as soon as the conenction has been |
| 234 | data. |
251 | established and will transparently encrypt/decrypt data afterwards. |
| 235 | |
252 | |
| 236 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
253 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
| 237 | automatically when you try to create a TLS handle). |
254 | automatically when you try to create a TLS handle): this module doesn't |
|
|
255 | have a dependency on that module, so if your module requires it, you have |
|
|
256 | to add the dependency yourself. |
| 238 | |
257 | |
| 239 | For the TLS server side, use C<accept>, and for the TLS client side of a |
258 | Unlike TCP, TLS has a server and client side: for the TLS server side, use |
| 240 | connection, use C<connect> mode. |
259 | C<accept>, and for the TLS client side of a connection, use C<connect> |
|
|
260 | mode. |
| 241 | |
261 | |
| 242 | You can also provide your own TLS connection object, but you have |
262 | You can also provide your own TLS connection object, but you have |
| 243 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
263 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
| 244 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
264 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
| 245 | AnyEvent::Handle. |
265 | AnyEvent::Handle. |
| 246 | |
266 | |
| 247 | See the C<starttls> method if you need to start TLS negotiation later. |
267 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
| 248 | |
268 | |
| 249 | =item tls_ctx => $ssl_ctx |
269 | =item tls_ctx => $ssl_ctx |
| 250 | |
270 | |
| 251 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
271 | Use the given C<Net::SSLeay::CTX> object to create the new TLS connection |
| 252 | (unless a connection object was specified directly). If this parameter is |
272 | (unless a connection object was specified directly). If this parameter is |
| 253 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
273 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
| 254 | |
274 | |
| 255 | =item json => JSON or JSON::XS object |
275 | =item json => JSON or JSON::XS object |
| 256 | |
276 | |
| 257 | This is the json coder object used by the C<json> read and write types. |
277 | This is the json coder object used by the C<json> read and write types. |
| 258 | |
278 | |
| 259 | If you don't supply it, then AnyEvent::Handle will create and use a |
279 | If you don't supply it, then AnyEvent::Handle will create and use a |
| 260 | suitable one, which will write and expect UTF-8 encoded JSON texts. |
280 | suitable one (on demand), which will write and expect UTF-8 encoded JSON |
|
|
281 | texts. |
| 261 | |
282 | |
| 262 | Note that you are responsible to depend on the JSON module if you want to |
283 | Note that you are responsible to depend on the JSON module if you want to |
| 263 | use this functionality, as AnyEvent does not have a dependency itself. |
284 | use this functionality, as AnyEvent does not have a dependency itself. |
| 264 | |
285 | |
| 265 | =item filter_r => $cb |
286 | =item filter_r => $cb |
| 266 | |
287 | |
| 267 | =item filter_w => $cb |
288 | =item filter_w => $cb |
| 268 | |
289 | |
| 269 | These exist, but are undocumented at this time. |
290 | These exist, but are undocumented at this time. (They are used internally |
|
|
291 | by the TLS code). |
| 270 | |
292 | |
| 271 | =back |
293 | =back |
| 272 | |
294 | |
| 273 | =cut |
295 | =cut |
| 274 | |
296 | |
| … | |
… | |
| 304 | delete $self->{_tw}; |
326 | delete $self->{_tw}; |
| 305 | delete $self->{_rw}; |
327 | delete $self->{_rw}; |
| 306 | delete $self->{_ww}; |
328 | delete $self->{_ww}; |
| 307 | delete $self->{fh}; |
329 | delete $self->{fh}; |
| 308 | |
330 | |
| 309 | $self->stoptls; |
331 | &_freetls; |
| 310 | |
332 | |
| 311 | delete $self->{on_read}; |
333 | delete $self->{on_read}; |
| 312 | delete $self->{_queue}; |
334 | delete $self->{_queue}; |
| 313 | } |
335 | } |
| 314 | |
336 | |
| … | |
… | |
| 327 | } |
349 | } |
| 328 | } |
350 | } |
| 329 | |
351 | |
| 330 | =item $fh = $handle->fh |
352 | =item $fh = $handle->fh |
| 331 | |
353 | |
| 332 | This method returns the file handle of the L<AnyEvent::Handle> object. |
354 | This method returns the file handle used to create the L<AnyEvent::Handle> object. |
| 333 | |
355 | |
| 334 | =cut |
356 | =cut |
| 335 | |
357 | |
| 336 | sub fh { $_[0]{fh} } |
358 | sub fh { $_[0]{fh} } |
| 337 | |
359 | |
| … | |
… | |
| 355 | $_[0]{on_eof} = $_[1]; |
377 | $_[0]{on_eof} = $_[1]; |
| 356 | } |
378 | } |
| 357 | |
379 | |
| 358 | =item $handle->on_timeout ($cb) |
380 | =item $handle->on_timeout ($cb) |
| 359 | |
381 | |
| 360 | Replace the current C<on_timeout> callback, or disables the callback |
382 | Replace the current C<on_timeout> callback, or disables the callback (but |
| 361 | (but not the timeout) if C<$cb> = C<undef>. See C<timeout> constructor |
383 | not the timeout) if C<$cb> = C<undef>. See the C<timeout> constructor |
| 362 | argument. |
384 | argument and method. |
| 363 | |
385 | |
| 364 | =cut |
386 | =cut |
| 365 | |
387 | |
| 366 | sub on_timeout { |
388 | sub on_timeout { |
| 367 | $_[0]{on_timeout} = $_[1]; |
389 | $_[0]{on_timeout} = $_[1]; |
| … | |
… | |
| 1297 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1319 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
| 1298 | substr $self->{_tls_wbuf}, 0, $len, ""; |
1320 | substr $self->{_tls_wbuf}, 0, $len, ""; |
| 1299 | } |
1321 | } |
| 1300 | } |
1322 | } |
| 1301 | |
1323 | |
| 1302 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
| 1303 | $self->{wbuf} .= $buf; |
|
|
| 1304 | $self->_drain_wbuf; |
|
|
| 1305 | } |
|
|
| 1306 | |
|
|
| 1307 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
1324 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
| 1308 | if (length $buf) { |
1325 | unless (length $buf) { |
| 1309 | $self->{rbuf} .= $buf; |
|
|
| 1310 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
| 1311 | } else { |
|
|
| 1312 | # let's treat SSL-eof as we treat normal EOF |
1326 | # let's treat SSL-eof as we treat normal EOF |
|
|
1327 | delete $self->{_rw}; |
| 1313 | $self->{_eof} = 1; |
1328 | $self->{_eof} = 1; |
| 1314 | $self->_shutdown; |
1329 | &_freetls; |
| 1315 | return; |
|
|
| 1316 | } |
1330 | } |
|
|
1331 | |
|
|
1332 | $self->{rbuf} .= $buf; |
|
|
1333 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1334 | $self->{tls} or return; # tls session might have gone away in callback |
| 1317 | } |
1335 | } |
| 1318 | |
1336 | |
| 1319 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
1337 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
| 1320 | |
1338 | |
| 1321 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
1339 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
| … | |
… | |
| 1325 | return $self->_error (&Errno::EIO, 1); |
1343 | return $self->_error (&Errno::EIO, 1); |
| 1326 | } |
1344 | } |
| 1327 | |
1345 | |
| 1328 | # all others are fine for our purposes |
1346 | # all others are fine for our purposes |
| 1329 | } |
1347 | } |
|
|
1348 | |
|
|
1349 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
1350 | $self->{wbuf} .= $buf; |
|
|
1351 | $self->_drain_wbuf; |
|
|
1352 | } |
| 1330 | } |
1353 | } |
| 1331 | |
1354 | |
| 1332 | =item $handle->starttls ($tls[, $tls_ctx]) |
1355 | =item $handle->starttls ($tls[, $tls_ctx]) |
| 1333 | |
1356 | |
| 1334 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
1357 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
| … | |
… | |
| 1343 | |
1366 | |
| 1344 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1367 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
| 1345 | call and can be used or changed to your liking. Note that the handshake |
1368 | call and can be used or changed to your liking. Note that the handshake |
| 1346 | might have already started when this function returns. |
1369 | might have already started when this function returns. |
| 1347 | |
1370 | |
|
|
1371 | If it an error to start a TLS handshake more than once per |
|
|
1372 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
|
|
1373 | |
| 1348 | =cut |
1374 | =cut |
| 1349 | |
1375 | |
| 1350 | sub starttls { |
1376 | sub starttls { |
| 1351 | my ($self, $ssl, $ctx) = @_; |
1377 | my ($self, $ssl, $ctx) = @_; |
| 1352 | |
1378 | |
| 1353 | $self->stoptls; |
1379 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
| 1354 | |
1380 | if $self->{tls}; |
|
|
1381 | |
| 1355 | if ($ssl eq "accept") { |
1382 | if ($ssl eq "accept") { |
| 1356 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1383 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| 1357 | Net::SSLeay::set_accept_state ($ssl); |
1384 | Net::SSLeay::set_accept_state ($ssl); |
| 1358 | } elsif ($ssl eq "connect") { |
1385 | } elsif ($ssl eq "connect") { |
| 1359 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1386 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| … | |
… | |
| 1365 | # basically, this is deep magic (because SSL_read should have the same issues) |
1392 | # basically, this is deep magic (because SSL_read should have the same issues) |
| 1366 | # but the openssl maintainers basically said: "trust us, it just works". |
1393 | # but the openssl maintainers basically said: "trust us, it just works". |
| 1367 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1394 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
| 1368 | # and mismaintained ssleay-module doesn't even offer them). |
1395 | # and mismaintained ssleay-module doesn't even offer them). |
| 1369 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
1396 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
|
|
1397 | # |
|
|
1398 | # in short: this is a mess. |
|
|
1399 | # |
|
|
1400 | # note that we do not try to kepe the length constant between writes as we are required to do. |
|
|
1401 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
|
|
1402 | # and we drive openssl fully in blocking mode here. |
| 1370 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1403 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
| 1371 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1404 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
| 1372 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1405 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
| 1373 | |
1406 | |
| 1374 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1407 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| … | |
… | |
| 1382 | }; |
1415 | }; |
| 1383 | $self->{filter_r} = sub { |
1416 | $self->{filter_r} = sub { |
| 1384 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
1417 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
| 1385 | &_dotls; |
1418 | &_dotls; |
| 1386 | }; |
1419 | }; |
|
|
1420 | |
|
|
1421 | &_dotls; # need to trigger the initial negotiation exchange |
| 1387 | } |
1422 | } |
| 1388 | |
1423 | |
| 1389 | =item $handle->stoptls |
1424 | =item $handle->stoptls |
| 1390 | |
1425 | |
| 1391 | Destroys the SSL connection, if any. Partial read or write data will be |
1426 | Shuts down the SSL connection - this makes a proper EOF handshake by |
| 1392 | lost. |
1427 | sending a close notify to the other side, but since OpenSSL doesn't |
|
|
1428 | support non-blocking shut downs, it is not possible to re-use the stream |
|
|
1429 | afterwards. |
| 1393 | |
1430 | |
| 1394 | =cut |
1431 | =cut |
| 1395 | |
1432 | |
| 1396 | sub stoptls { |
1433 | sub stoptls { |
| 1397 | my ($self) = @_; |
1434 | my ($self) = @_; |
| 1398 | |
1435 | |
|
|
1436 | if ($self->{tls}) { |
|
|
1437 | Net::SSLeay::shutdown $self->{tls}; |
|
|
1438 | |
|
|
1439 | &_dotls; |
|
|
1440 | |
|
|
1441 | # we don't give a shit. no, we do, but we can't. no... |
|
|
1442 | # we, we... have to use openssl :/ |
|
|
1443 | &_freetls; |
|
|
1444 | } |
|
|
1445 | } |
|
|
1446 | |
|
|
1447 | sub _freetls { |
|
|
1448 | my ($self) = @_; |
|
|
1449 | |
|
|
1450 | return unless $self->{tls}; |
|
|
1451 | |
| 1399 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
1452 | Net::SSLeay::free (delete $self->{tls}); |
| 1400 | |
1453 | |
| 1401 | delete $self->{_rbio}; |
1454 | delete @$self{qw(_rbio filter_w _wbio filter_r)}; |
| 1402 | delete $self->{_wbio}; |
|
|
| 1403 | delete $self->{_tls_wbuf}; |
|
|
| 1404 | delete $self->{filter_r}; |
|
|
| 1405 | delete $self->{filter_w}; |
|
|
| 1406 | } |
1455 | } |
| 1407 | |
1456 | |
| 1408 | sub DESTROY { |
1457 | sub DESTROY { |
| 1409 | my $self = shift; |
1458 | my $self = shift; |
| 1410 | |
1459 | |
| 1411 | $self->stoptls; |
1460 | &_freetls; |
| 1412 | |
1461 | |
| 1413 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1462 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
| 1414 | |
1463 | |
| 1415 | if ($linger && length $self->{wbuf}) { |
1464 | if ($linger && length $self->{wbuf}) { |
| 1416 | my $fh = delete $self->{fh}; |
1465 | my $fh = delete $self->{fh}; |
