| … | |
… | |
| 14 | |
14 | |
| 15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
| 16 | |
16 | |
| 17 | =cut |
17 | =cut |
| 18 | |
18 | |
| 19 | our $VERSION = 4.22; |
19 | our $VERSION = 4.3; |
| 20 | |
20 | |
| 21 | =head1 SYNOPSIS |
21 | =head1 SYNOPSIS |
| 22 | |
22 | |
| 23 | use AnyEvent; |
23 | use AnyEvent; |
| 24 | use AnyEvent::Handle; |
24 | use AnyEvent::Handle; |
| … | |
… | |
| 49 | |
49 | |
| 50 | This module is a helper module to make it easier to do event-based I/O on |
50 | This module is a helper module to make it easier to do event-based I/O on |
| 51 | filehandles. For utility functions for doing non-blocking connects and accepts |
51 | filehandles. For utility functions for doing non-blocking connects and accepts |
| 52 | on sockets see L<AnyEvent::Util>. |
52 | on sockets see L<AnyEvent::Util>. |
| 53 | |
53 | |
|
|
54 | The L<AnyEvent::Intro> tutorial contains some well-documented |
|
|
55 | AnyEvent::Handle examples. |
|
|
56 | |
| 54 | In the following, when the documentation refers to of "bytes" then this |
57 | In the following, when the documentation refers to of "bytes" then this |
| 55 | means characters. As sysread and syswrite are used for all I/O, their |
58 | means characters. As sysread and syswrite are used for all I/O, their |
| 56 | treatment of characters applies to this module as well. |
59 | treatment of characters applies to this module as well. |
| 57 | |
60 | |
| 58 | All callbacks will be invoked with the handle object as their first |
61 | All callbacks will be invoked with the handle object as their first |
| 59 | argument. |
62 | argument. |
| 60 | |
63 | |
|
|
64 | =head2 SIGPIPE is not handled by this module |
|
|
65 | |
|
|
66 | SIGPIPE is not handled by this module, so one of the practical |
|
|
67 | requirements of using it is to ignore SIGPIPE (C<$SIG{PIPE} = |
|
|
68 | 'IGNORE'>). At least, this is highly recommend in a networked program: If |
|
|
69 | you use AnyEvent::Handle in a filter program (like sort), exiting on |
|
|
70 | SIGPIPE is probably the right thing to do. |
|
|
71 | |
| 61 | =head1 METHODS |
72 | =head1 METHODS |
| 62 | |
73 | |
| 63 | =over 4 |
74 | =over 4 |
| 64 | |
75 | |
| 65 | =item B<new (%args)> |
76 | =item B<new (%args)> |
| … | |
… | |
| 70 | |
81 | |
| 71 | =item fh => $filehandle [MANDATORY] |
82 | =item fh => $filehandle [MANDATORY] |
| 72 | |
83 | |
| 73 | The filehandle this L<AnyEvent::Handle> object will operate on. |
84 | The filehandle this L<AnyEvent::Handle> object will operate on. |
| 74 | |
85 | |
| 75 | NOTE: The filehandle will be set to non-blocking (using |
86 | NOTE: The filehandle will be set to non-blocking mode (using |
| 76 | AnyEvent::Util::fh_nonblocking). |
87 | C<AnyEvent::Util::fh_nonblocking>) by the constructor and needs to stay in |
|
|
88 | that mode. |
| 77 | |
89 | |
| 78 | =item on_eof => $cb->($handle) |
90 | =item on_eof => $cb->($handle) |
| 79 | |
91 | |
| 80 | Set the callback to be called when an end-of-file condition is detected, |
92 | Set the callback to be called when an end-of-file condition is detected, |
| 81 | i.e. in the case of a socket, when the other side has closed the |
93 | i.e. in the case of a socket, when the other side has closed the |
| 82 | connection cleanly. |
94 | connection cleanly. |
| 83 | |
95 | |
|
|
96 | For sockets, this just means that the other side has stopped sending data, |
|
|
97 | you can still try to write data, and, in fact, one can return from the eof |
|
|
98 | callback and continue writing data, as only the read part has been shut |
|
|
99 | down. |
|
|
100 | |
| 84 | While not mandatory, it is highly recommended to set an eof callback, |
101 | While not mandatory, it is I<highly> recommended to set an eof callback, |
| 85 | otherwise you might end up with a closed socket while you are still |
102 | otherwise you might end up with a closed socket while you are still |
| 86 | waiting for data. |
103 | waiting for data. |
|
|
104 | |
|
|
105 | If an EOF condition has been detected but no C<on_eof> callback has been |
|
|
106 | set, then a fatal error will be raised with C<$!> set to <0>. |
| 87 | |
107 | |
| 88 | =item on_error => $cb->($handle, $fatal) |
108 | =item on_error => $cb->($handle, $fatal) |
| 89 | |
109 | |
| 90 | This is the error callback, which is called when, well, some error |
110 | This is the error callback, which is called when, well, some error |
| 91 | occured, such as not being able to resolve the hostname, failure to |
111 | occured, such as not being able to resolve the hostname, failure to |
| 92 | connect or a read error. |
112 | connect or a read error. |
| 93 | |
113 | |
| 94 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
114 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
| 95 | fatal errors the handle object will be shut down and will not be |
115 | fatal errors the handle object will be shut down and will not be usable |
|
|
116 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
|
|
117 | errors are an EOF condition with active (but unsatisifable) read watchers |
|
|
118 | (C<EPIPE>) or I/O errors. |
|
|
119 | |
| 96 | usable. Non-fatal errors can be retried by simply returning, but it is |
120 | Non-fatal errors can be retried by simply returning, but it is recommended |
| 97 | recommended to simply ignore this parameter and instead abondon the handle |
121 | to simply ignore this parameter and instead abondon the handle object |
| 98 | object when this callback is invoked. |
122 | when this callback is invoked. Examples of non-fatal errors are timeouts |
|
|
123 | C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). |
| 99 | |
124 | |
| 100 | On callback entrance, the value of C<$!> contains the operating system |
125 | On callback entrance, the value of C<$!> contains the operating system |
| 101 | error (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT> or C<EBADMSG>). |
126 | error (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT> or C<EBADMSG>). |
| 102 | |
127 | |
| 103 | While not mandatory, it is I<highly> recommended to set this callback, as |
128 | While not mandatory, it is I<highly> recommended to set this callback, as |
| … | |
… | |
| 135 | =item timeout => $fractional_seconds |
160 | =item timeout => $fractional_seconds |
| 136 | |
161 | |
| 137 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
162 | If non-zero, then this enables an "inactivity" timeout: whenever this many |
| 138 | seconds pass without a successful read or write on the underlying file |
163 | seconds pass without a successful read or write on the underlying file |
| 139 | handle, the C<on_timeout> callback will be invoked (and if that one is |
164 | handle, the C<on_timeout> callback will be invoked (and if that one is |
| 140 | missing, an C<ETIMEDOUT> error will be raised). |
165 | missing, a non-fatal C<ETIMEDOUT> error will be raised). |
| 141 | |
166 | |
| 142 | Note that timeout processing is also active when you currently do not have |
167 | Note that timeout processing is also active when you currently do not have |
| 143 | any outstanding read or write requests: If you plan to keep the connection |
168 | any outstanding read or write requests: If you plan to keep the connection |
| 144 | idle then you should disable the timout temporarily or ignore the timeout |
169 | idle then you should disable the timout temporarily or ignore the timeout |
| 145 | in the C<on_timeout> callback. |
170 | in the C<on_timeout> callback, in which case AnyEvent::Handle will simply |
|
|
171 | restart the timeout. |
| 146 | |
172 | |
| 147 | Zero (the default) disables this timeout. |
173 | Zero (the default) disables this timeout. |
| 148 | |
174 | |
| 149 | =item on_timeout => $cb->($handle) |
175 | =item on_timeout => $cb->($handle) |
| 150 | |
176 | |
| … | |
… | |
| 154 | |
180 | |
| 155 | =item rbuf_max => <bytes> |
181 | =item rbuf_max => <bytes> |
| 156 | |
182 | |
| 157 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
183 | If defined, then a fatal error will be raised (with C<$!> set to C<ENOSPC>) |
| 158 | when the read buffer ever (strictly) exceeds this size. This is useful to |
184 | when the read buffer ever (strictly) exceeds this size. This is useful to |
| 159 | avoid denial-of-service attacks. |
185 | avoid some forms of denial-of-service attacks. |
| 160 | |
186 | |
| 161 | For example, a server accepting connections from untrusted sources should |
187 | For example, a server accepting connections from untrusted sources should |
| 162 | be configured to accept only so-and-so much data that it cannot act on |
188 | be configured to accept only so-and-so much data that it cannot act on |
| 163 | (for example, when expecting a line, an attacker could send an unlimited |
189 | (for example, when expecting a line, an attacker could send an unlimited |
| 164 | amount of data without a callback ever being called as long as the line |
190 | amount of data without a callback ever being called as long as the line |
| 165 | isn't finished). |
191 | isn't finished). |
| 166 | |
192 | |
| 167 | =item autocork => <boolean> |
193 | =item autocork => <boolean> |
| 168 | |
194 | |
| 169 | When disabled (the default), then C<push_write> will try to immediately |
195 | When disabled (the default), then C<push_write> will try to immediately |
| 170 | write the data to the handle if possible. This avoids having to register |
196 | write the data to the handle, if possible. This avoids having to register |
| 171 | a write watcher and wait for the next event loop iteration, but can be |
197 | a write watcher and wait for the next event loop iteration, but can |
| 172 | inefficient if you write multiple small chunks (this disadvantage is |
198 | be inefficient if you write multiple small chunks (on the wire, this |
| 173 | usually avoided by your kernel's nagle algorithm, see C<low_delay>). |
199 | disadvantage is usually avoided by your kernel's nagle algorithm, see |
|
|
200 | C<no_delay>, but this option can save costly syscalls). |
| 174 | |
201 | |
| 175 | When enabled, then writes will always be queued till the next event loop |
202 | When enabled, then writes will always be queued till the next event loop |
| 176 | iteration. This is efficient when you do many small writes per iteration, |
203 | iteration. This is efficient when you do many small writes per iteration, |
| 177 | but less efficient when you do a single write only. |
204 | but less efficient when you do a single write only per iteration (or when |
|
|
205 | the write buffer often is full). It also increases write latency. |
| 178 | |
206 | |
| 179 | =item no_delay => <boolean> |
207 | =item no_delay => <boolean> |
| 180 | |
208 | |
| 181 | When doing small writes on sockets, your operating system kernel might |
209 | When doing small writes on sockets, your operating system kernel might |
| 182 | wait a bit for more data before actually sending it out. This is called |
210 | wait a bit for more data before actually sending it out. This is called |
| 183 | the Nagle algorithm, and usually it is beneficial. |
211 | the Nagle algorithm, and usually it is beneficial. |
| 184 | |
212 | |
| 185 | In some situations you want as low a delay as possible, which cna be |
213 | In some situations you want as low a delay as possible, which can be |
| 186 | accomplishd by setting this option to true. |
214 | accomplishd by setting this option to a true value. |
| 187 | |
215 | |
| 188 | The default is your opertaing system's default behaviour, this option |
216 | The default is your opertaing system's default behaviour (most likely |
| 189 | explicitly enables or disables it, if possible. |
217 | enabled), this option explicitly enables or disables it, if possible. |
| 190 | |
218 | |
| 191 | =item read_size => <bytes> |
219 | =item read_size => <bytes> |
| 192 | |
220 | |
| 193 | The default read block size (the amount of bytes this module will try to read |
221 | The default read block size (the amount of bytes this module will |
| 194 | during each (loop iteration). Default: C<8192>. |
222 | try to read during each loop iteration, which affects memory |
|
|
223 | requirements). Default: C<8192>. |
| 195 | |
224 | |
| 196 | =item low_water_mark => <bytes> |
225 | =item low_water_mark => <bytes> |
| 197 | |
226 | |
| 198 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
227 | Sets the amount of bytes (default: C<0>) that make up an "empty" write |
| 199 | buffer: If the write reaches this size or gets even samller it is |
228 | buffer: If the write reaches this size or gets even samller it is |
| 200 | considered empty. |
229 | considered empty. |
| 201 | |
230 | |
|
|
231 | Sometimes it can be beneficial (for performance reasons) to add data to |
|
|
232 | the write buffer before it is fully drained, but this is a rare case, as |
|
|
233 | the operating system kernel usually buffers data as well, so the default |
|
|
234 | is good in almost all cases. |
|
|
235 | |
| 202 | =item linger => <seconds> |
236 | =item linger => <seconds> |
| 203 | |
237 | |
| 204 | If non-zero (default: C<3600>), then the destructor of the |
238 | If non-zero (default: C<3600>), then the destructor of the |
| 205 | AnyEvent::Handle object will check wether there is still outstanding write |
239 | AnyEvent::Handle object will check whether there is still outstanding |
| 206 | data and will install a watcher that will write out this data. No errors |
240 | write data and will install a watcher that will write this data to the |
| 207 | will be reported (this mostly matches how the operating system treats |
241 | socket. No errors will be reported (this mostly matches how the operating |
| 208 | outstanding data at socket close time). |
242 | system treats outstanding data at socket close time). |
| 209 | |
243 | |
| 210 | This will not work for partial TLS data that could not yet been |
244 | This will not work for partial TLS data that could not be encoded |
| 211 | encoded. This data will be lost. |
245 | yet. This data will be lost. |
| 212 | |
246 | |
| 213 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
247 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
| 214 | |
248 | |
| 215 | When this parameter is given, it enables TLS (SSL) mode, that means it |
249 | When this parameter is given, it enables TLS (SSL) mode, that means |
| 216 | will start making tls handshake and will transparently encrypt/decrypt |
250 | AnyEvent will start a TLS handshake as soon as the conenction has been |
| 217 | data. |
251 | established and will transparently encrypt/decrypt data afterwards. |
| 218 | |
252 | |
| 219 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
253 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
| 220 | automatically when you try to create a TLS handle). |
254 | automatically when you try to create a TLS handle): this module doesn't |
|
|
255 | have a dependency on that module, so if your module requires it, you have |
|
|
256 | to add the dependency yourself. |
| 221 | |
257 | |
| 222 | For the TLS server side, use C<accept>, and for the TLS client side of a |
258 | Unlike TCP, TLS has a server and client side: for the TLS server side, use |
| 223 | connection, use C<connect> mode. |
259 | C<accept>, and for the TLS client side of a connection, use C<connect> |
|
|
260 | mode. |
| 224 | |
261 | |
| 225 | You can also provide your own TLS connection object, but you have |
262 | You can also provide your own TLS connection object, but you have |
| 226 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
263 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
| 227 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
264 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
| 228 | AnyEvent::Handle. |
265 | AnyEvent::Handle. |
| 229 | |
266 | |
| 230 | See the C<starttls> method if you need to start TLS negotiation later. |
267 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
| 231 | |
268 | |
| 232 | =item tls_ctx => $ssl_ctx |
269 | =item tls_ctx => $ssl_ctx |
| 233 | |
270 | |
| 234 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
271 | Use the given C<Net::SSLeay::CTX> object to create the new TLS connection |
| 235 | (unless a connection object was specified directly). If this parameter is |
272 | (unless a connection object was specified directly). If this parameter is |
| 236 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
273 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
| 237 | |
274 | |
| 238 | =item json => JSON or JSON::XS object |
275 | =item json => JSON or JSON::XS object |
| 239 | |
276 | |
| 240 | This is the json coder object used by the C<json> read and write types. |
277 | This is the json coder object used by the C<json> read and write types. |
| 241 | |
278 | |
| 242 | If you don't supply it, then AnyEvent::Handle will create and use a |
279 | If you don't supply it, then AnyEvent::Handle will create and use a |
| 243 | suitable one, which will write and expect UTF-8 encoded JSON texts. |
280 | suitable one (on demand), which will write and expect UTF-8 encoded JSON |
|
|
281 | texts. |
| 244 | |
282 | |
| 245 | Note that you are responsible to depend on the JSON module if you want to |
283 | Note that you are responsible to depend on the JSON module if you want to |
| 246 | use this functionality, as AnyEvent does not have a dependency itself. |
284 | use this functionality, as AnyEvent does not have a dependency itself. |
| 247 | |
285 | |
| 248 | =item filter_r => $cb |
286 | =item filter_r => $cb |
| 249 | |
287 | |
| 250 | =item filter_w => $cb |
288 | =item filter_w => $cb |
| 251 | |
289 | |
| 252 | These exist, but are undocumented at this time. |
290 | These exist, but are undocumented at this time. (They are used internally |
|
|
291 | by the TLS code). |
| 253 | |
292 | |
| 254 | =back |
293 | =back |
| 255 | |
294 | |
| 256 | =cut |
295 | =cut |
| 257 | |
296 | |
| … | |
… | |
| 287 | delete $self->{_tw}; |
326 | delete $self->{_tw}; |
| 288 | delete $self->{_rw}; |
327 | delete $self->{_rw}; |
| 289 | delete $self->{_ww}; |
328 | delete $self->{_ww}; |
| 290 | delete $self->{fh}; |
329 | delete $self->{fh}; |
| 291 | |
330 | |
| 292 | $self->stoptls; |
331 | &_freetls; |
|
|
332 | |
|
|
333 | delete $self->{on_read}; |
|
|
334 | delete $self->{_queue}; |
| 293 | } |
335 | } |
| 294 | |
336 | |
| 295 | sub _error { |
337 | sub _error { |
| 296 | my ($self, $errno, $fatal) = @_; |
338 | my ($self, $errno, $fatal) = @_; |
| 297 | |
339 | |
| … | |
… | |
| 307 | } |
349 | } |
| 308 | } |
350 | } |
| 309 | |
351 | |
| 310 | =item $fh = $handle->fh |
352 | =item $fh = $handle->fh |
| 311 | |
353 | |
| 312 | This method returns the file handle of the L<AnyEvent::Handle> object. |
354 | This method returns the file handle used to create the L<AnyEvent::Handle> object. |
| 313 | |
355 | |
| 314 | =cut |
356 | =cut |
| 315 | |
357 | |
| 316 | sub fh { $_[0]{fh} } |
358 | sub fh { $_[0]{fh} } |
| 317 | |
359 | |
| … | |
… | |
| 335 | $_[0]{on_eof} = $_[1]; |
377 | $_[0]{on_eof} = $_[1]; |
| 336 | } |
378 | } |
| 337 | |
379 | |
| 338 | =item $handle->on_timeout ($cb) |
380 | =item $handle->on_timeout ($cb) |
| 339 | |
381 | |
| 340 | Replace the current C<on_timeout> callback, or disables the callback |
382 | Replace the current C<on_timeout> callback, or disables the callback (but |
| 341 | (but not the timeout) if C<$cb> = C<undef>. See C<timeout> constructor |
383 | not the timeout) if C<$cb> = C<undef>. See the C<timeout> constructor |
| 342 | argument. |
384 | argument and method. |
| 343 | |
385 | |
| 344 | =cut |
386 | =cut |
| 345 | |
387 | |
| 346 | sub on_timeout { |
388 | sub on_timeout { |
| 347 | $_[0]{on_timeout} = $_[1]; |
389 | $_[0]{on_timeout} = $_[1]; |
| … | |
… | |
| 726 | |
768 | |
| 727 | if ( |
769 | if ( |
| 728 | defined $self->{rbuf_max} |
770 | defined $self->{rbuf_max} |
| 729 | && $self->{rbuf_max} < length $self->{rbuf} |
771 | && $self->{rbuf_max} < length $self->{rbuf} |
| 730 | ) { |
772 | ) { |
| 731 | return $self->_error (&Errno::ENOSPC, 1); |
773 | $self->_error (&Errno::ENOSPC, 1), return; |
| 732 | } |
774 | } |
| 733 | |
775 | |
| 734 | while () { |
776 | while () { |
| 735 | my $len = length $self->{rbuf}; |
777 | my $len = length $self->{rbuf}; |
| 736 | |
778 | |
| 737 | if (my $cb = shift @{ $self->{_queue} }) { |
779 | if (my $cb = shift @{ $self->{_queue} }) { |
| 738 | unless ($cb->($self)) { |
780 | unless ($cb->($self)) { |
| 739 | if ($self->{_eof}) { |
781 | if ($self->{_eof}) { |
| 740 | # no progress can be made (not enough data and no data forthcoming) |
782 | # no progress can be made (not enough data and no data forthcoming) |
| 741 | $self->_error (&Errno::EPIPE, 1), last; |
783 | $self->_error (&Errno::EPIPE, 1), return; |
| 742 | } |
784 | } |
| 743 | |
785 | |
| 744 | unshift @{ $self->{_queue} }, $cb; |
786 | unshift @{ $self->{_queue} }, $cb; |
| 745 | last; |
787 | last; |
| 746 | } |
788 | } |
| … | |
… | |
| 754 | && !@{ $self->{_queue} } # and the queue is still empty |
796 | && !@{ $self->{_queue} } # and the queue is still empty |
| 755 | && $self->{on_read} # but we still have on_read |
797 | && $self->{on_read} # but we still have on_read |
| 756 | ) { |
798 | ) { |
| 757 | # no further data will arrive |
799 | # no further data will arrive |
| 758 | # so no progress can be made |
800 | # so no progress can be made |
| 759 | $self->_error (&Errno::EPIPE, 1), last |
801 | $self->_error (&Errno::EPIPE, 1), return |
| 760 | if $self->{_eof}; |
802 | if $self->{_eof}; |
| 761 | |
803 | |
| 762 | last; # more data might arrive |
804 | last; # more data might arrive |
| 763 | } |
805 | } |
| 764 | } else { |
806 | } else { |
| … | |
… | |
| 766 | delete $self->{_rw}; |
808 | delete $self->{_rw}; |
| 767 | last; |
809 | last; |
| 768 | } |
810 | } |
| 769 | } |
811 | } |
| 770 | |
812 | |
|
|
813 | if ($self->{_eof}) { |
|
|
814 | if ($self->{on_eof}) { |
| 771 | $self->{on_eof}($self) |
815 | $self->{on_eof}($self) |
| 772 | if $self->{_eof} && $self->{on_eof}; |
816 | } else { |
|
|
817 | $self->_error (0, 1); |
|
|
818 | } |
|
|
819 | } |
| 773 | |
820 | |
| 774 | # may need to restart read watcher |
821 | # may need to restart read watcher |
| 775 | unless ($self->{_rw}) { |
822 | unless ($self->{_rw}) { |
| 776 | $self->start_read |
823 | $self->start_read |
| 777 | if $self->{on_read} || @{ $self->{_queue} }; |
824 | if $self->{on_read} || @{ $self->{_queue} }; |
| … | |
… | |
| 1272 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1319 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
| 1273 | substr $self->{_tls_wbuf}, 0, $len, ""; |
1320 | substr $self->{_tls_wbuf}, 0, $len, ""; |
| 1274 | } |
1321 | } |
| 1275 | } |
1322 | } |
| 1276 | |
1323 | |
| 1277 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
| 1278 | $self->{wbuf} .= $buf; |
|
|
| 1279 | $self->_drain_wbuf; |
|
|
| 1280 | } |
|
|
| 1281 | |
|
|
| 1282 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
1324 | while (defined ($buf = Net::SSLeay::read ($self->{tls}))) { |
| 1283 | if (length $buf) { |
1325 | unless (length $buf) { |
| 1284 | $self->{rbuf} .= $buf; |
|
|
| 1285 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
| 1286 | } else { |
|
|
| 1287 | # let's treat SSL-eof as we treat normal EOF |
1326 | # let's treat SSL-eof as we treat normal EOF |
|
|
1327 | delete $self->{_rw}; |
| 1288 | $self->{_eof} = 1; |
1328 | $self->{_eof} = 1; |
| 1289 | $self->_shutdown; |
1329 | &_freetls; |
| 1290 | return; |
|
|
| 1291 | } |
1330 | } |
|
|
1331 | |
|
|
1332 | $self->{rbuf} .= $buf; |
|
|
1333 | $self->_drain_rbuf unless $self->{_in_drain}; |
|
|
1334 | $self->{tls} or return; # tls session might have gone away in callback |
| 1292 | } |
1335 | } |
| 1293 | |
1336 | |
| 1294 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
1337 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
| 1295 | |
1338 | |
| 1296 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
1339 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
| … | |
… | |
| 1300 | return $self->_error (&Errno::EIO, 1); |
1343 | return $self->_error (&Errno::EIO, 1); |
| 1301 | } |
1344 | } |
| 1302 | |
1345 | |
| 1303 | # all others are fine for our purposes |
1346 | # all others are fine for our purposes |
| 1304 | } |
1347 | } |
|
|
1348 | |
|
|
1349 | if (length ($buf = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
|
|
1350 | $self->{wbuf} .= $buf; |
|
|
1351 | $self->_drain_wbuf; |
|
|
1352 | } |
| 1305 | } |
1353 | } |
| 1306 | |
1354 | |
| 1307 | =item $handle->starttls ($tls[, $tls_ctx]) |
1355 | =item $handle->starttls ($tls[, $tls_ctx]) |
| 1308 | |
1356 | |
| 1309 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
1357 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
| … | |
… | |
| 1318 | |
1366 | |
| 1319 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1367 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
| 1320 | call and can be used or changed to your liking. Note that the handshake |
1368 | call and can be used or changed to your liking. Note that the handshake |
| 1321 | might have already started when this function returns. |
1369 | might have already started when this function returns. |
| 1322 | |
1370 | |
|
|
1371 | If it an error to start a TLS handshake more than once per |
|
|
1372 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
|
|
1373 | |
| 1323 | =cut |
1374 | =cut |
| 1324 | |
1375 | |
| 1325 | sub starttls { |
1376 | sub starttls { |
| 1326 | my ($self, $ssl, $ctx) = @_; |
1377 | my ($self, $ssl, $ctx) = @_; |
| 1327 | |
1378 | |
| 1328 | $self->stoptls; |
1379 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
| 1329 | |
1380 | if $self->{tls}; |
|
|
1381 | |
| 1330 | if ($ssl eq "accept") { |
1382 | if ($ssl eq "accept") { |
| 1331 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1383 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| 1332 | Net::SSLeay::set_accept_state ($ssl); |
1384 | Net::SSLeay::set_accept_state ($ssl); |
| 1333 | } elsif ($ssl eq "connect") { |
1385 | } elsif ($ssl eq "connect") { |
| 1334 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1386 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
| … | |
… | |
| 1340 | # basically, this is deep magic (because SSL_read should have the same issues) |
1392 | # basically, this is deep magic (because SSL_read should have the same issues) |
| 1341 | # but the openssl maintainers basically said: "trust us, it just works". |
1393 | # but the openssl maintainers basically said: "trust us, it just works". |
| 1342 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1394 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
| 1343 | # and mismaintained ssleay-module doesn't even offer them). |
1395 | # and mismaintained ssleay-module doesn't even offer them). |
| 1344 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
1396 | # http://www.mail-archive.com/openssl-dev@openssl.org/msg22420.html |
|
|
1397 | # |
|
|
1398 | # in short: this is a mess. |
|
|
1399 | # |
|
|
1400 | # note that we do not try to kepe the length constant between writes as we are required to do. |
|
|
1401 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
|
|
1402 | # and we drive openssl fully in blocking mode here. |
| 1345 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1403 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
| 1346 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1404 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
| 1347 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1405 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
| 1348 | |
1406 | |
| 1349 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1407 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
| … | |
… | |
| 1357 | }; |
1415 | }; |
| 1358 | $self->{filter_r} = sub { |
1416 | $self->{filter_r} = sub { |
| 1359 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
1417 | Net::SSLeay::BIO_write ($_[0]{_rbio}, ${$_[1]}); |
| 1360 | &_dotls; |
1418 | &_dotls; |
| 1361 | }; |
1419 | }; |
|
|
1420 | |
|
|
1421 | &_dotls; # need to trigger the initial negotiation exchange |
| 1362 | } |
1422 | } |
| 1363 | |
1423 | |
| 1364 | =item $handle->stoptls |
1424 | =item $handle->stoptls |
| 1365 | |
1425 | |
| 1366 | Destroys the SSL connection, if any. Partial read or write data will be |
1426 | Shuts down the SSL connection - this makes a proper EOF handshake by |
| 1367 | lost. |
1427 | sending a close notify to the other side, but since OpenSSL doesn't |
|
|
1428 | support non-blocking shut downs, it is not possible to re-use the stream |
|
|
1429 | afterwards. |
| 1368 | |
1430 | |
| 1369 | =cut |
1431 | =cut |
| 1370 | |
1432 | |
| 1371 | sub stoptls { |
1433 | sub stoptls { |
| 1372 | my ($self) = @_; |
1434 | my ($self) = @_; |
| 1373 | |
1435 | |
|
|
1436 | if ($self->{tls}) { |
|
|
1437 | Net::SSLeay::shutdown $self->{tls}; |
|
|
1438 | |
|
|
1439 | &_dotls; |
|
|
1440 | |
|
|
1441 | # we don't give a shit. no, we do, but we can't. no... |
|
|
1442 | # we, we... have to use openssl :/ |
|
|
1443 | &_freetls; |
|
|
1444 | } |
|
|
1445 | } |
|
|
1446 | |
|
|
1447 | sub _freetls { |
|
|
1448 | my ($self) = @_; |
|
|
1449 | |
|
|
1450 | return unless $self->{tls}; |
|
|
1451 | |
| 1374 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
1452 | Net::SSLeay::free (delete $self->{tls}); |
| 1375 | |
1453 | |
| 1376 | delete $self->{_rbio}; |
1454 | delete @$self{qw(_rbio filter_w _wbio filter_r)}; |
| 1377 | delete $self->{_wbio}; |
|
|
| 1378 | delete $self->{_tls_wbuf}; |
|
|
| 1379 | delete $self->{filter_r}; |
|
|
| 1380 | delete $self->{filter_w}; |
|
|
| 1381 | } |
1455 | } |
| 1382 | |
1456 | |
| 1383 | sub DESTROY { |
1457 | sub DESTROY { |
| 1384 | my $self = shift; |
1458 | my $self = shift; |
| 1385 | |
1459 | |
| 1386 | $self->stoptls; |
1460 | &_freetls; |
| 1387 | |
1461 | |
| 1388 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1462 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
| 1389 | |
1463 | |
| 1390 | if ($linger && length $self->{wbuf}) { |
1464 | if ($linger && length $self->{wbuf}) { |
| 1391 | my $fh = delete $self->{fh}; |
1465 | my $fh = delete $self->{fh}; |
