| … | |
… | |
| 240 | write data and will install a watcher that will write this data to the |
240 | write data and will install a watcher that will write this data to the |
| 241 | socket. No errors will be reported (this mostly matches how the operating |
241 | socket. No errors will be reported (this mostly matches how the operating |
| 242 | system treats outstanding data at socket close time). |
242 | system treats outstanding data at socket close time). |
| 243 | |
243 | |
| 244 | This will not work for partial TLS data that could not be encoded |
244 | This will not work for partial TLS data that could not be encoded |
| 245 | yet. This data will be lost. |
245 | yet. This data will be lost. Calling the C<stoptls> method in time might |
|
|
246 | help. |
| 246 | |
247 | |
| 247 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
248 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
| 248 | |
249 | |
| 249 | When this parameter is given, it enables TLS (SSL) mode, that means |
250 | When this parameter is given, it enables TLS (SSL) mode, that means |
| 250 | AnyEvent will start a TLS handshake as soon as the conenction has been |
251 | AnyEvent will start a TLS handshake as soon as the conenction has been |
| … | |
… | |
| 281 | texts. |
282 | texts. |
| 282 | |
283 | |
| 283 | Note that you are responsible to depend on the JSON module if you want to |
284 | Note that you are responsible to depend on the JSON module if you want to |
| 284 | use this functionality, as AnyEvent does not have a dependency itself. |
285 | use this functionality, as AnyEvent does not have a dependency itself. |
| 285 | |
286 | |
| 286 | =item filter_r => $cb |
|
|
| 287 | |
|
|
| 288 | =item filter_w => $cb |
|
|
| 289 | |
|
|
| 290 | These exist, but are undocumented at this time. (They are used internally |
|
|
| 291 | by the TLS code). |
|
|
| 292 | |
|
|
| 293 | =back |
287 | =back |
| 294 | |
288 | |
| 295 | =cut |
289 | =cut |
| 296 | |
290 | |
| 297 | sub new { |
291 | sub new { |
| … | |
… | |
| 301 | |
295 | |
| 302 | $self->{fh} or Carp::croak "mandatory argument fh is missing"; |
296 | $self->{fh} or Carp::croak "mandatory argument fh is missing"; |
| 303 | |
297 | |
| 304 | AnyEvent::Util::fh_nonblocking $self->{fh}, 1; |
298 | AnyEvent::Util::fh_nonblocking $self->{fh}, 1; |
| 305 | |
299 | |
| 306 | if ($self->{tls}) { |
|
|
| 307 | require Net::SSLeay; |
|
|
| 308 | $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}); |
300 | $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}) |
| 309 | } |
301 | if $self->{tls}; |
| 310 | |
302 | |
| 311 | $self->{_activity} = AnyEvent->now; |
303 | $self->{_activity} = AnyEvent->now; |
| 312 | $self->_timeout; |
304 | $self->_timeout; |
| 313 | |
305 | |
| 314 | $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain}; |
306 | $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain}; |
| … | |
… | |
| 495 | my ($self, $cb) = @_; |
487 | my ($self, $cb) = @_; |
| 496 | |
488 | |
| 497 | $self->{on_drain} = $cb; |
489 | $self->{on_drain} = $cb; |
| 498 | |
490 | |
| 499 | $cb->($self) |
491 | $cb->($self) |
| 500 | if $cb && $self->{low_water_mark} >= length $self->{wbuf}; |
492 | if $cb && $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}); |
| 501 | } |
493 | } |
| 502 | |
494 | |
| 503 | =item $handle->push_write ($data) |
495 | =item $handle->push_write ($data) |
| 504 | |
496 | |
| 505 | Queues the given scalar to be written. You can push as much data as you |
497 | Queues the given scalar to be written. You can push as much data as you |
| … | |
… | |
| 522 | substr $self->{wbuf}, 0, $len, ""; |
514 | substr $self->{wbuf}, 0, $len, ""; |
| 523 | |
515 | |
| 524 | $self->{_activity} = AnyEvent->now; |
516 | $self->{_activity} = AnyEvent->now; |
| 525 | |
517 | |
| 526 | $self->{on_drain}($self) |
518 | $self->{on_drain}($self) |
| 527 | if $self->{low_water_mark} >= length $self->{wbuf} |
519 | if $self->{low_water_mark} >= (length $self->{wbuf}) + (length $self->{_tls_wbuf}) |
| 528 | && $self->{on_drain}; |
520 | && $self->{on_drain}; |
| 529 | |
521 | |
| 530 | delete $self->{_ww} unless length $self->{wbuf}; |
522 | delete $self->{_ww} unless length $self->{wbuf}; |
| 531 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
523 | } elsif ($! != EAGAIN && $! != EINTR && $! != WSAEWOULDBLOCK) { |
| 532 | $self->_error ($!, 1); |
524 | $self->_error ($!, 1); |
| … | |
… | |
| 556 | |
548 | |
| 557 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
549 | @_ = ($WH{$type} or Carp::croak "unsupported type passed to AnyEvent::Handle::push_write") |
| 558 | ->($self, @_); |
550 | ->($self, @_); |
| 559 | } |
551 | } |
| 560 | |
552 | |
| 561 | if ($self->{filter_w}) { |
553 | if ($self->{tls}) { |
| 562 | $self->{filter_w}($self, \$_[0]); |
554 | $self->{_tls_wbuf} .= $_[0]; |
|
|
555 | &_dotls ($self); |
| 563 | } else { |
556 | } else { |
| 564 | $self->{wbuf} .= $_[0]; |
557 | $self->{wbuf} .= $_[0]; |
| 565 | $self->_drain_wbuf; |
558 | $self->_drain_wbuf; |
| 566 | } |
559 | } |
| 567 | } |
560 | } |
| … | |
… | |
| 803 | |
796 | |
| 804 | last; # more data might arrive |
797 | last; # more data might arrive |
| 805 | } |
798 | } |
| 806 | } else { |
799 | } else { |
| 807 | # read side becomes idle |
800 | # read side becomes idle |
| 808 | delete $self->{_rw}; |
801 | delete $self->{_rw} unless $self->{tls}; |
| 809 | last; |
802 | last; |
| 810 | } |
803 | } |
| 811 | } |
804 | } |
| 812 | |
805 | |
| 813 | if ($self->{_eof}) { |
806 | if ($self->{_eof}) { |
| … | |
… | |
| 1271 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
1264 | Note that AnyEvent::Handle will automatically C<start_read> for you when |
| 1272 | you change the C<on_read> callback or push/unshift a read callback, and it |
1265 | you change the C<on_read> callback or push/unshift a read callback, and it |
| 1273 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
1266 | will automatically C<stop_read> for you when neither C<on_read> is set nor |
| 1274 | there are any read requests in the queue. |
1267 | there are any read requests in the queue. |
| 1275 | |
1268 | |
|
|
1269 | These methods will have no effect when in TLS mode (as TLS doesn't support |
|
|
1270 | half-duplex connections). |
|
|
1271 | |
| 1276 | =cut |
1272 | =cut |
| 1277 | |
1273 | |
| 1278 | sub stop_read { |
1274 | sub stop_read { |
| 1279 | my ($self) = @_; |
1275 | my ($self) = @_; |
| 1280 | |
1276 | |
| 1281 | delete $self->{_rw}; |
1277 | delete $self->{_rw} unless $self->{tls}; |
| 1282 | } |
1278 | } |
| 1283 | |
1279 | |
| 1284 | sub start_read { |
1280 | sub start_read { |
| 1285 | my ($self) = @_; |
1281 | my ($self) = @_; |
| 1286 | |
1282 | |
| 1287 | unless ($self->{_rw} || $self->{_eof}) { |
1283 | unless ($self->{_rw} || $self->{_eof}) { |
| 1288 | Scalar::Util::weaken $self; |
1284 | Scalar::Util::weaken $self; |
| 1289 | |
1285 | |
| 1290 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
1286 | $self->{_rw} = AnyEvent->io (fh => $self->{fh}, poll => "r", cb => sub { |
| 1291 | my $rbuf = $self->{filter_r} ? \my $buf : \$self->{rbuf}; |
1287 | my $rbuf = \($self->{tls} ? my $buf : $self->{rbuf}); |
| 1292 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
1288 | my $len = sysread $self->{fh}, $$rbuf, $self->{read_size} || 8192, length $$rbuf; |
| 1293 | |
1289 | |
| 1294 | if ($len > 0) { |
1290 | if ($len > 0) { |
| 1295 | $self->{_activity} = AnyEvent->now; |
1291 | $self->{_activity} = AnyEvent->now; |
| 1296 | |
1292 | |
| 1297 | $self->{filter_r} |
1293 | if ($self->{tls}) { |
| 1298 | ? $self->{filter_r}($self, $rbuf) |
1294 | Net::SSLeay::BIO_write ($self->{_rbio}, $$rbuf); |
| 1299 | : $self->{_in_drain} || $self->_drain_rbuf; |
1295 | &_dotls ($self); |
|
|
1296 | } else { |
|
|
1297 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1298 | } |
| 1300 | |
1299 | |
| 1301 | } elsif (defined $len) { |
1300 | } elsif (defined $len) { |
| 1302 | delete $self->{_rw}; |
1301 | delete $self->{_rw}; |
| 1303 | $self->{_eof} = 1; |
1302 | $self->{_eof} = 1; |
| 1304 | $self->_drain_rbuf unless $self->{_in_drain}; |
1303 | $self->_drain_rbuf unless $self->{_in_drain}; |
| … | |
… | |
| 1373 | |
1372 | |
| 1374 | =cut |
1373 | =cut |
| 1375 | |
1374 | |
| 1376 | sub starttls { |
1375 | sub starttls { |
| 1377 | my ($self, $ssl, $ctx) = @_; |
1376 | my ($self, $ssl, $ctx) = @_; |
|
|
1377 | |
|
|
1378 | require Net::SSLeay; |
| 1378 | |
1379 | |
| 1379 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
1380 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
| 1380 | if $self->{tls}; |
1381 | if $self->{tls}; |
| 1381 | |
1382 | |
| 1382 | if ($ssl eq "accept") { |
1383 | if ($ssl eq "accept") { |
| … | |
… | |
| 1395 | # and mismaintained ssleay-module doesn't even offer them). |
1396 | # and mismaintained ssleay-module doesn't even offer them). |
| 1396 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
1397 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
| 1397 | # |
1398 | # |
| 1398 | # in short: this is a mess. |
1399 | # in short: this is a mess. |
| 1399 | # |
1400 | # |
| 1400 | # note that we do not try to kepe the length constant between writes as we are required to do. |
1401 | # note that we do not try to keep the length constant between writes as we are required to do. |
| 1401 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
1402 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
| 1402 | # and we drive openssl fully in blocking mode here. |
1403 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
|
|
1404 | # have identity issues in that area. |
| 1403 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1405 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
| 1404 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1406 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
| 1405 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1407 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
| 1406 | |
1408 | |
| 1407 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1409 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| 1408 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1410 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| 1409 | |
1411 | |
| 1410 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1412 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
| 1411 | |
1413 | |
| 1412 | $self->{filter_w} = sub { |
|
|
| 1413 | $_[0]{_tls_wbuf} .= ${$_[1]}; |
|
|
| 1414 | &_dotls; |
|
|
| 1415 | }; |
|
|
| 1416 | $self->{filter_r} = sub { |
|
|
| 1417 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
|
|
| 1418 | &_dotls; |
|
|
| 1419 | }; |
|
|
| 1420 | |
|
|
| 1421 | &_dotls; # need to trigger the initial negotiation exchange |
1414 | &_dotls; # need to trigger the initial handshake |
|
|
1415 | $self->start_read; # make sure we actually do read |
| 1422 | } |
1416 | } |
| 1423 | |
1417 | |
| 1424 | =item $handle->stoptls |
1418 | =item $handle->stoptls |
| 1425 | |
1419 | |
| 1426 | Shuts down the SSL connection - this makes a proper EOF handshake by |
1420 | Shuts down the SSL connection - this makes a proper EOF handshake by |
| … | |
… | |
| 1432 | |
1426 | |
| 1433 | sub stoptls { |
1427 | sub stoptls { |
| 1434 | my ($self) = @_; |
1428 | my ($self) = @_; |
| 1435 | |
1429 | |
| 1436 | if ($self->{tls}) { |
1430 | if ($self->{tls}) { |
| 1437 | Net::SSLeay::shutdown $self->{tls}; |
1431 | Net::SSLeay::shutdown ($self->{tls}); |
| 1438 | |
1432 | |
| 1439 | &_dotls; |
1433 | &_dotls; |
| 1440 | |
1434 | |
| 1441 | # we don't give a shit. no, we do, but we can't. no... |
1435 | # we don't give a shit. no, we do, but we can't. no... |
| 1442 | # we, we... have to use openssl :/ |
1436 | # we, we... have to use openssl :/ |
| … | |
… | |
| 1449 | |
1443 | |
| 1450 | return unless $self->{tls}; |
1444 | return unless $self->{tls}; |
| 1451 | |
1445 | |
| 1452 | Net::SSLeay::free (delete $self->{tls}); |
1446 | Net::SSLeay::free (delete $self->{tls}); |
| 1453 | |
1447 | |
| 1454 | delete @$self{qw(_rbio filter_w _wbio filter_r)}; |
1448 | delete @$self{qw(_rbio _wbio _tls_wbuf)}; |
| 1455 | } |
1449 | } |
| 1456 | |
1450 | |
| 1457 | sub DESTROY { |
1451 | sub DESTROY { |
| 1458 | my $self = shift; |
1452 | my $self = shift; |
| 1459 | |
1453 | |
