ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/AnyEvent/lib/AnyEvent/Handle.pm
(Generate patch)

Comparing AnyEvent/lib/AnyEvent/Handle.pm (file contents):
Revision 1.107 by root, Wed Nov 26 06:40:47 2008 UTC vs.
Revision 1.142 by root, Mon Jul 6 20:24:47 2009 UTC

14 14
15AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent 15AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent
16 16
17=cut 17=cut
18 18
19our $VERSION = 4.33; 19our $VERSION = 4.452;
20 20
21=head1 SYNOPSIS 21=head1 SYNOPSIS
22 22
23 use AnyEvent; 23 use AnyEvent;
24 use AnyEvent::Handle; 24 use AnyEvent::Handle;
63 63
64=head1 METHODS 64=head1 METHODS
65 65
66=over 4 66=over 4
67 67
68=item B<new (%args)> 68=item $handle = B<new> AnyEvent::TLS fh => $filehandle, key => value...
69 69
70The constructor supports these arguments (all as key => value pairs). 70The constructor supports these arguments (all as C<< key => value >> pairs).
71 71
72=over 4 72=over 4
73 73
74=item fh => $filehandle [MANDATORY] 74=item fh => $filehandle [MANDATORY]
75 75
95waiting for data. 95waiting for data.
96 96
97If an EOF condition has been detected but no C<on_eof> callback has been 97If an EOF condition has been detected but no C<on_eof> callback has been
98set, then a fatal error will be raised with C<$!> set to <0>. 98set, then a fatal error will be raised with C<$!> set to <0>.
99 99
100=item on_error => $cb->($handle, $fatal) 100=item on_error => $cb->($handle, $fatal, $message)
101 101
102This is the error callback, which is called when, well, some error 102This is the error callback, which is called when, well, some error
103occured, such as not being able to resolve the hostname, failure to 103occured, such as not being able to resolve the hostname, failure to
104connect or a read error. 104connect or a read error.
105 105
107fatal errors the handle object will be shut down and will not be usable 107fatal errors the handle object will be shut down and will not be usable
108(but you are free to look at the current C<< ->rbuf >>). Examples of fatal 108(but you are free to look at the current C<< ->rbuf >>). Examples of fatal
109errors are an EOF condition with active (but unsatisifable) read watchers 109errors are an EOF condition with active (but unsatisifable) read watchers
110(C<EPIPE>) or I/O errors. 110(C<EPIPE>) or I/O errors.
111 111
112AnyEvent::Handle tries to find an appropriate error code for you to check
113against, but in some cases (TLS errors), this does not work well. It is
114recommended to always output the C<$message> argument in human-readable
115error messages (it's usually the same as C<"$!">).
116
112Non-fatal errors can be retried by simply returning, but it is recommended 117Non-fatal errors can be retried by simply returning, but it is recommended
113to simply ignore this parameter and instead abondon the handle object 118to simply ignore this parameter and instead abondon the handle object
114when this callback is invoked. Examples of non-fatal errors are timeouts 119when this callback is invoked. Examples of non-fatal errors are timeouts
115C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). 120C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>).
116 121
117On callback entrance, the value of C<$!> contains the operating system 122On callback entrance, the value of C<$!> contains the operating system
118error (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT> or C<EBADMSG>). 123error code (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT>, C<EBADMSG> or
124C<EPROTO>).
119 125
120While not mandatory, it is I<highly> recommended to set this callback, as 126While not mandatory, it is I<highly> recommended to set this callback, as
121you will not be notified of errors otherwise. The default simply calls 127you will not be notified of errors otherwise. The default simply calls
122C<croak>. 128C<croak>.
123 129
127and no read request is in the queue (unlike read queue callbacks, this 133and no read request is in the queue (unlike read queue callbacks, this
128callback will only be called when at least one octet of data is in the 134callback will only be called when at least one octet of data is in the
129read buffer). 135read buffer).
130 136
131To access (and remove data from) the read buffer, use the C<< ->rbuf >> 137To access (and remove data from) the read buffer, use the C<< ->rbuf >>
132method or access the C<$handle->{rbuf}> member directly. 138method or access the C<< $handle->{rbuf} >> member directly. Note that you
139must not enlarge or modify the read buffer, you can only remove data at
140the beginning from it.
133 141
134When an EOF condition is detected then AnyEvent::Handle will first try to 142When an EOF condition is detected then AnyEvent::Handle will first try to
135feed all the remaining data to the queued callbacks and C<on_read> before 143feed all the remaining data to the queued callbacks and C<on_read> before
136calling the C<on_eof> callback. If no progress can be made, then a fatal 144calling the C<on_eof> callback. If no progress can be made, then a fatal
137error will be raised (with C<$!> set to C<EPIPE>). 145error will be raised (with C<$!> set to C<EPIPE>).
235 243
236This will not work for partial TLS data that could not be encoded 244This will not work for partial TLS data that could not be encoded
237yet. This data will be lost. Calling the C<stoptls> method in time might 245yet. This data will be lost. Calling the C<stoptls> method in time might
238help. 246help.
239 247
248=item peername => $string
249
250A string used to identify the remote site - usually the DNS hostname
251(I<not> IDN!) used to create the connection, rarely the IP address.
252
253Apart from being useful in error messages, this string is also used in TLS
254peername verification (see C<verify_peername> in L<AnyEvent::TLS>).
255
240=item tls => "accept" | "connect" | Net::SSLeay::SSL object 256=item tls => "accept" | "connect" | Net::SSLeay::SSL object
241 257
242When this parameter is given, it enables TLS (SSL) mode, that means 258When this parameter is given, it enables TLS (SSL) mode, that means
243AnyEvent will start a TLS handshake as soon as the conenction has been 259AnyEvent will start a TLS handshake as soon as the conenction has been
244established and will transparently encrypt/decrypt data afterwards. 260established and will transparently encrypt/decrypt data afterwards.
261
262All TLS protocol errors will be signalled as C<EPROTO>, with an
263appropriate error message.
245 264
246TLS mode requires Net::SSLeay to be installed (it will be loaded 265TLS mode requires Net::SSLeay to be installed (it will be loaded
247automatically when you try to create a TLS handle): this module doesn't 266automatically when you try to create a TLS handle): this module doesn't
248have a dependency on that module, so if your module requires it, you have 267have a dependency on that module, so if your module requires it, you have
249to add the dependency yourself. 268to add the dependency yourself.
253mode. 272mode.
254 273
255You can also provide your own TLS connection object, but you have 274You can also provide your own TLS connection object, but you have
256to make sure that you call either C<Net::SSLeay::set_connect_state> 275to make sure that you call either C<Net::SSLeay::set_connect_state>
257or C<Net::SSLeay::set_accept_state> on it before you pass it to 276or C<Net::SSLeay::set_accept_state> on it before you pass it to
258AnyEvent::Handle. 277AnyEvent::Handle. Also, this module will take ownership of this connection
278object.
279
280At some future point, AnyEvent::Handle might switch to another TLS
281implementation, then the option to use your own session object will go
282away.
283
284B<IMPORTANT:> since Net::SSLeay "objects" are really only integers,
285passing in the wrong integer will lead to certain crash. This most often
286happens when one uses a stylish C<< tls => 1 >> and is surprised about the
287segmentation fault.
259 288
260See the C<< ->starttls >> method for when need to start TLS negotiation later. 289See the C<< ->starttls >> method for when need to start TLS negotiation later.
261 290
262=item tls_ctx => $ssl_ctx 291=item tls_ctx => $anyevent_tls
263 292
264Use the given C<Net::SSLeay::CTX> object to create the new TLS connection 293Use the given C<AnyEvent::TLS> object to create the new TLS connection
265(unless a connection object was specified directly). If this parameter is 294(unless a connection object was specified directly). If this parameter is
266missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. 295missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>.
296
297Instead of an object, you can also specify a hash reference with C<< key
298=> value >> pairs. Those will be passed to L<AnyEvent::TLS> to create a
299new TLS context object.
300
301=item on_starttls => $cb->($handle, $success)
302
303This callback will be invoked when the TLS/SSL handshake has finished. If
304C<$success> is true, then the TLS handshake succeeded, otherwise it failed
305(C<on_stoptls> will not be called in this case).
306
307The session in C<< $handle->{tls} >> can still be examined in this
308callback, even when the handshake was not successful.
309
310=item on_stoptls => $cb->($handle)
311
312When a SSLv3/TLS shutdown/close notify/EOF is detected and this callback is
313set, then it will be invoked after freeing the TLS session. If it is not,
314then a TLS shutdown condition will be treated like a normal EOF condition
315on the handle.
316
317The session in C<< $handle->{tls} >> can still be examined in this
318callback.
319
320This callback will only be called on TLS shutdowns, not when the
321underlying handle signals EOF.
267 322
268=item json => JSON or JSON::XS object 323=item json => JSON or JSON::XS object
269 324
270This is the json coder object used by the C<json> read and write types. 325This is the json coder object used by the C<json> read and write types.
271 326
280 335
281=cut 336=cut
282 337
283sub new { 338sub new {
284 my $class = shift; 339 my $class = shift;
285
286 my $self = bless { @_ }, $class; 340 my $self = bless { @_ }, $class;
287 341
288 $self->{fh} or Carp::croak "mandatory argument fh is missing"; 342 $self->{fh} or Carp::croak "mandatory argument fh is missing";
289 343
290 AnyEvent::Util::fh_nonblocking $self->{fh}, 1; 344 AnyEvent::Util::fh_nonblocking $self->{fh}, 1;
345
346 $self->{_activity} = AnyEvent->now;
347 $self->_timeout;
348
349 $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay};
291 350
292 $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}) 351 $self->starttls (delete $self->{tls}, delete $self->{tls_ctx})
293 if $self->{tls}; 352 if $self->{tls};
294 353
295 $self->{_activity} = AnyEvent->now;
296 $self->_timeout;
297
298 $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain}; 354 $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain};
299 $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay};
300 355
301 $self->start_read 356 $self->start_read
302 if $self->{on_read}; 357 if $self->{on_read};
303 358
304 $self 359 $self->{fh} && $self
305} 360}
306 361
307sub _shutdown { 362sub _shutdown {
308 my ($self) = @_; 363 my ($self) = @_;
309 364
310 delete $self->{_tw}; 365 delete @$self{qw(_tw _rw _ww fh wbuf on_read _queue)};
311 delete $self->{_rw}; 366 $self->{_eof} = 1; # tell starttls et. al to stop trying
312 delete $self->{_ww};
313 delete $self->{fh};
314 367
315 &_freetls; 368 &_freetls;
316
317 delete $self->{on_read};
318 delete $self->{_queue};
319} 369}
320 370
321sub _error { 371sub _error {
322 my ($self, $errno, $fatal) = @_; 372 my ($self, $errno, $fatal, $message) = @_;
323 373
324 $self->_shutdown 374 $self->_shutdown
325 if $fatal; 375 if $fatal;
326 376
327 $! = $errno; 377 $! = $errno;
378 $message ||= "$!";
328 379
329 if ($self->{on_error}) { 380 if ($self->{on_error}) {
330 $self->{on_error}($self, $fatal); 381 $self->{on_error}($self, $fatal, $message);
331 } elsif ($self->{fh}) { 382 } elsif ($self->{fh}) {
332 Carp::croak "AnyEvent::Handle uncaught error: $!"; 383 Carp::croak "AnyEvent::Handle uncaught error: $message";
333 } 384 }
334} 385}
335 386
336=item $fh = $handle->fh 387=item $fh = $handle->fh
337 388
396 447
397 eval { 448 eval {
398 local $SIG{__DIE__}; 449 local $SIG{__DIE__};
399 setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1]; 450 setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1];
400 }; 451 };
452}
453
454=item $handle->on_starttls ($cb)
455
456Replace the current C<on_starttls> callback (see the C<on_starttls> constructor argument).
457
458=cut
459
460sub on_starttls {
461 $_[0]{on_starttls} = $_[1];
462}
463
464=item $handle->on_stoptls ($cb)
465
466Replace the current C<on_stoptls> callback (see the C<on_stoptls> constructor argument).
467
468=cut
469
470sub on_starttls {
471 $_[0]{on_stoptls} = $_[1];
401} 472}
402 473
403############################################################################# 474#############################################################################
404 475
405=item $handle->timeout ($seconds) 476=item $handle->timeout ($seconds)
649 720
650 pack "w/a*", Storable::nfreeze ($ref) 721 pack "w/a*", Storable::nfreeze ($ref)
651}; 722};
652 723
653=back 724=back
725
726=item $handle->push_shutdown
727
728Sometimes you know you want to close the socket after writing your data
729before it was actually written. One way to do that is to replace your
730C<on_drain> handler by a callback that shuts down the socket (and set
731C<low_water_mark> to C<0>). This method is a shorthand for just that, and
732replaces the C<on_drain> callback with:
733
734 sub { shutdown $_[0]{fh}, 1 } # for push_shutdown
735
736This simply shuts down the write side and signals an EOF condition to the
737the peer.
738
739You can rely on the normal read queue and C<on_eof> handling
740afterwards. This is the cleanest way to close a connection.
741
742=cut
743
744sub push_shutdown {
745 my ($self) = @_;
746
747 delete $self->{low_water_mark};
748 $self->on_drain (sub { shutdown $_[0]{fh}, 1 });
749}
654 750
655=item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) 751=item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args)
656 752
657This function (not method) lets you add your own types to C<push_write>. 753This function (not method) lets you add your own types to C<push_write>.
658Whenever the given C<type> is used, C<push_write> will invoke the code 754Whenever the given C<type> is used, C<push_write> will invoke the code
762 ) { 858 ) {
763 $self->_error (&Errno::ENOSPC, 1), return; 859 $self->_error (&Errno::ENOSPC, 1), return;
764 } 860 }
765 861
766 while () { 862 while () {
863 # we need to use a separate tls read buffer, as we must not receive data while
864 # we are draining the buffer, and this can only happen with TLS.
865 $self->{rbuf} .= delete $self->{_tls_rbuf} if exists $self->{_tls_rbuf};
866
767 my $len = length $self->{rbuf}; 867 my $len = length $self->{rbuf};
768 868
769 if (my $cb = shift @{ $self->{_queue} }) { 869 if (my $cb = shift @{ $self->{_queue} }) {
770 unless ($cb->($self)) { 870 unless ($cb->($self)) {
771 if ($self->{_eof}) { 871 if ($self->{_eof}) {
802 902
803 if ($self->{_eof}) { 903 if ($self->{_eof}) {
804 if ($self->{on_eof}) { 904 if ($self->{on_eof}) {
805 $self->{on_eof}($self) 905 $self->{on_eof}($self)
806 } else { 906 } else {
807 $self->_error (0, 1); 907 $self->_error (0, 1, "Unexpected end-of-file");
808 } 908 }
809 } 909 }
810 910
811 # may need to restart read watcher 911 # may need to restart read watcher
812 unless ($self->{_rw}) { 912 unless ($self->{_rw}) {
832 932
833=item $handle->rbuf 933=item $handle->rbuf
834 934
835Returns the read buffer (as a modifiable lvalue). 935Returns the read buffer (as a modifiable lvalue).
836 936
837You can access the read buffer directly as the C<< ->{rbuf} >> member, if 937You can access the read buffer directly as the C<< ->{rbuf} >>
838you want. 938member, if you want. However, the only operation allowed on the
939read buffer (apart from looking at it) is removing data from its
940beginning. Otherwise modifying or appending to it is not allowed and will
941lead to hard-to-track-down bugs.
839 942
840NOTE: The read buffer should only be used or modified if the C<on_read>, 943NOTE: The read buffer should only be used or modified if the C<on_read>,
841C<push_read> or C<unshift_read> methods are used. The other read methods 944C<push_read> or C<unshift_read> methods are used. The other read methods
842automatically manage the read buffer. 945automatically manage the read buffer.
843 946
1139 } 1242 }
1140}; 1243};
1141 1244
1142=item json => $cb->($handle, $hash_or_arrayref) 1245=item json => $cb->($handle, $hash_or_arrayref)
1143 1246
1144Reads a JSON object or array, decodes it and passes it to the callback. 1247Reads a JSON object or array, decodes it and passes it to the
1248callback. When a parse error occurs, an C<EBADMSG> error will be raised.
1145 1249
1146If a C<json> object was passed to the constructor, then that will be used 1250If a C<json> object was passed to the constructor, then that will be used
1147for the final decode, otherwise it will create a JSON coder expecting UTF-8. 1251for the final decode, otherwise it will create a JSON coder expecting UTF-8.
1148 1252
1149This read type uses the incremental parser available with JSON version 1253This read type uses the incremental parser available with JSON version
1158=cut 1262=cut
1159 1263
1160register_read_type json => sub { 1264register_read_type json => sub {
1161 my ($self, $cb) = @_; 1265 my ($self, $cb) = @_;
1162 1266
1163 require JSON; 1267 my $json = $self->{json} ||=
1268 eval { require JSON::XS; JSON::XS->new->utf8 }
1269 || do { require JSON; JSON->new->utf8 };
1164 1270
1165 my $data; 1271 my $data;
1166 my $rbuf = \$self->{rbuf}; 1272 my $rbuf = \$self->{rbuf};
1167 1273
1168 my $json = $self->{json} ||= JSON->new->utf8;
1169
1170 sub { 1274 sub {
1171 my $ref = $json->incr_parse ($self->{rbuf}); 1275 my $ref = eval { $json->incr_parse ($self->{rbuf}) };
1172 1276
1173 if ($ref) { 1277 if ($ref) {
1174 $self->{rbuf} = $json->incr_text; 1278 $self->{rbuf} = $json->incr_text;
1175 $json->incr_text = ""; 1279 $json->incr_text = "";
1176 $cb->($self, $ref); 1280 $cb->($self, $ref);
1177 1281
1178 1 1282 1
1283 } elsif ($@) {
1284 # error case
1285 $json->incr_skip;
1286
1287 $self->{rbuf} = $json->incr_text;
1288 $json->incr_text = "";
1289
1290 $self->_error (&Errno::EBADMSG);
1291
1292 ()
1179 } else { 1293 } else {
1180 $self->{rbuf} = ""; 1294 $self->{rbuf} = "";
1295
1181 () 1296 ()
1182 } 1297 }
1183 } 1298 }
1184}; 1299};
1185 1300
1306 } 1421 }
1307 }); 1422 });
1308 } 1423 }
1309} 1424}
1310 1425
1426our $ERROR_SYSCALL;
1427our $ERROR_WANT_READ;
1428
1429sub _tls_error {
1430 my ($self, $err) = @_;
1431
1432 return $self->_error ($!, 1)
1433 if $err == Net::SSLeay::ERROR_SYSCALL ();
1434
1435 my $err =Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ());
1436
1437 # reduce error string to look less scary
1438 $err =~ s/^error:[0-9a-fA-F]{8}:[^:]+:([^:]+):/\L$1: /;
1439
1440 $self->_error (&Errno::EPROTO, 1, $err);
1441}
1442
1311# poll the write BIO and send the data if applicable 1443# poll the write BIO and send the data if applicable
1444# also decode read data if possible
1445# this is basiclaly our TLS state machine
1446# more efficient implementations are possible with openssl,
1447# but not with the buggy and incomplete Net::SSLeay.
1312sub _dotls { 1448sub _dotls {
1313 my ($self) = @_; 1449 my ($self) = @_;
1314 1450
1315 my $tmp; 1451 my $tmp;
1316 1452
1317 if (length $self->{_tls_wbuf}) { 1453 if (length $self->{_tls_wbuf}) {
1318 while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { 1454 while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) {
1319 substr $self->{_tls_wbuf}, 0, $tmp, ""; 1455 substr $self->{_tls_wbuf}, 0, $tmp, "";
1320 } 1456 }
1457
1458 $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp);
1459 return $self->_tls_error ($tmp)
1460 if $tmp != $ERROR_WANT_READ
1461 && ($tmp != $ERROR_SYSCALL || $!);
1321 } 1462 }
1322 1463
1323 while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { 1464 while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) {
1324 unless (length $tmp) { 1465 unless (length $tmp) {
1325 # let's treat SSL-eof as we treat normal EOF
1326 delete $self->{_rw};
1327 $self->{_eof} = 1;
1328 &_freetls; 1466 &_freetls;
1467 if ($self->{on_stoptls}) {
1468 $self->{on_stoptls}($self);
1469 return;
1470 } else {
1471 # let's treat SSL-eof as we treat normal EOF
1472 delete $self->{_rw};
1473 $self->{_eof} = 1;
1474 }
1329 } 1475 }
1330 1476
1331 $self->{rbuf} .= $tmp; 1477 $self->{_tls_rbuf} .= $tmp;
1332 $self->_drain_rbuf unless $self->{_in_drain}; 1478 $self->_drain_rbuf unless $self->{_in_drain};
1333 $self->{tls} or return; # tls session might have gone away in callback 1479 $self->{tls} or return; # tls session might have gone away in callback
1334 } 1480 }
1335 1481
1336 $tmp = Net::SSLeay::get_error ($self->{tls}, -1); 1482 $tmp = Net::SSLeay::get_error ($self->{tls}, -1);
1337
1338 if ($tmp != Net::SSLeay::ERROR_WANT_READ ()) {
1339 if ($tmp == Net::SSLeay::ERROR_SYSCALL ()) {
1340 return $self->_error ($!, 1); 1483 return $self->_tls_error ($tmp)
1341 } elsif ($tmp == Net::SSLeay::ERROR_SSL ()) { 1484 if $tmp != $ERROR_WANT_READ
1342 return $self->_error (&Errno::EIO, 1); 1485 && ($tmp != $ERROR_SYSCALL || $!);
1343 }
1344
1345 # all other errors are fine for our purposes
1346 }
1347 1486
1348 while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { 1487 while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) {
1349 $self->{wbuf} .= $tmp; 1488 $self->{wbuf} .= $tmp;
1350 $self->_drain_wbuf; 1489 $self->_drain_wbuf;
1351 } 1490 }
1491
1492 $self->{_on_starttls}
1493 and Net::SSLeay::state ($self->{tls}) == Net::SSLeay::ST_OK ()
1494 and (delete $self->{_on_starttls})->($self, 1);
1352} 1495}
1353 1496
1354=item $handle->starttls ($tls[, $tls_ctx]) 1497=item $handle->starttls ($tls[, $tls_ctx])
1355 1498
1356Instead of starting TLS negotiation immediately when the AnyEvent::Handle 1499Instead of starting TLS negotiation immediately when the AnyEvent::Handle
1358C<starttls>. 1501C<starttls>.
1359 1502
1360The first argument is the same as the C<tls> constructor argument (either 1503The first argument is the same as the C<tls> constructor argument (either
1361C<"connect">, C<"accept"> or an existing Net::SSLeay object). 1504C<"connect">, C<"accept"> or an existing Net::SSLeay object).
1362 1505
1363The second argument is the optional C<Net::SSLeay::CTX> object that is 1506The second argument is the optional C<AnyEvent::TLS> object that is used
1364used when AnyEvent::Handle has to create its own TLS connection object. 1507when AnyEvent::Handle has to create its own TLS connection object, or
1508a hash reference with C<< key => value >> pairs that will be used to
1509construct a new context.
1365 1510
1366The TLS connection object will end up in C<< $handle->{tls} >> after this 1511The TLS connection object will end up in C<< $handle->{tls} >>, the TLS
1367call and can be used or changed to your liking. Note that the handshake 1512context in C<< $handle->{tls_ctx} >> after this call and can be used or
1368might have already started when this function returns. 1513changed to your liking. Note that the handshake might have already started
1514when this function returns.
1369 1515
1370If it an error to start a TLS handshake more than once per 1516If it an error to start a TLS handshake more than once per
1371AnyEvent::Handle object (this is due to bugs in OpenSSL). 1517AnyEvent::Handle object (this is due to bugs in OpenSSL).
1372 1518
1373=cut 1519=cut
1374 1520
1521our %TLS_CACHE; #TODO not yet documented, should we?
1522
1375sub starttls { 1523sub starttls {
1376 my ($self, $ssl, $ctx) = @_; 1524 my ($self, $ssl, $ctx) = @_;
1377 1525
1378 require Net::SSLeay; 1526 require Net::SSLeay;
1379 1527
1380 Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" 1528 Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object"
1381 if $self->{tls}; 1529 if $self->{tls};
1530
1531 $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL ();
1532 $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ ();
1533
1534 $ctx ||= $self->{tls_ctx};
1535
1536 if ("HASH" eq ref $ctx) {
1537 require AnyEvent::TLS;
1538
1539 local $Carp::CarpLevel = 1; # skip ourselves when creating a new context
1540
1541 if ($ctx->{cache}) {
1542 my $key = $ctx+0;
1543 $ctx = $TLS_CACHE{$key} ||= new AnyEvent::TLS %$ctx;
1544 } else {
1545 $ctx = new AnyEvent::TLS %$ctx;
1546 }
1547 }
1382 1548
1383 if ($ssl eq "accept") { 1549 $self->{tls_ctx} = $ctx || TLS_CTX ();
1384 $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); 1550 $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername});
1385 Net::SSLeay::set_accept_state ($ssl);
1386 } elsif ($ssl eq "connect") {
1387 $ssl = Net::SSLeay::new ($ctx || TLS_CTX ());
1388 Net::SSLeay::set_connect_state ($ssl);
1389 }
1390
1391 $self->{tls} = $ssl;
1392 1551
1393 # basically, this is deep magic (because SSL_read should have the same issues) 1552 # basically, this is deep magic (because SSL_read should have the same issues)
1394 # but the openssl maintainers basically said: "trust us, it just works". 1553 # but the openssl maintainers basically said: "trust us, it just works".
1395 # (unfortunately, we have to hardcode constants because the abysmally misdesigned 1554 # (unfortunately, we have to hardcode constants because the abysmally misdesigned
1396 # and mismaintained ssleay-module doesn't even offer them). 1555 # and mismaintained ssleay-module doesn't even offer them).
1400 # 1559 #
1401 # note that we do not try to keep the length constant between writes as we are required to do. 1560 # note that we do not try to keep the length constant between writes as we are required to do.
1402 # we assume that most (but not all) of this insanity only applies to non-blocking cases, 1561 # we assume that most (but not all) of this insanity only applies to non-blocking cases,
1403 # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to 1562 # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to
1404 # have identity issues in that area. 1563 # have identity issues in that area.
1405 Net::SSLeay::CTX_set_mode ($self->{tls}, 1564# Net::SSLeay::CTX_set_mode ($ssl,
1406 (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) 1565# (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1)
1407 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); 1566# | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2));
1567 Net::SSLeay::CTX_set_mode ($ssl, 1|2);
1408 1568
1409 $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); 1569 $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ());
1410 $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); 1570 $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ());
1411 1571
1412 Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); 1572 Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio});
1573
1574 $self->{_on_starttls} = sub { $_[0]{on_starttls}(@_) }
1575 if exists $self->{on_starttls};
1413 1576
1414 &_dotls; # need to trigger the initial handshake 1577 &_dotls; # need to trigger the initial handshake
1415 $self->start_read; # make sure we actually do read 1578 $self->start_read; # make sure we actually do read
1416} 1579}
1417 1580
1430 if ($self->{tls}) { 1593 if ($self->{tls}) {
1431 Net::SSLeay::shutdown ($self->{tls}); 1594 Net::SSLeay::shutdown ($self->{tls});
1432 1595
1433 &_dotls; 1596 &_dotls;
1434 1597
1435 # we don't give a shit. no, we do, but we can't. no... 1598# # we don't give a shit. no, we do, but we can't. no...#d#
1436 # we, we... have to use openssl :/ 1599# # we, we... have to use openssl :/#d#
1437 &_freetls; 1600# &_freetls;#d#
1438 } 1601 }
1439} 1602}
1440 1603
1441sub _freetls { 1604sub _freetls {
1442 my ($self) = @_; 1605 my ($self) = @_;
1443 1606
1444 return unless $self->{tls}; 1607 return unless $self->{tls};
1445 1608
1446 Net::SSLeay::free (delete $self->{tls}); 1609 $self->{_on_starttls}
1610 and (delete $self->{_on_starttls})->($self, undef);
1611
1612 $self->{tls_ctx}->_put_session (delete $self->{tls});
1447 1613
1448 delete @$self{qw(_rbio _wbio _tls_wbuf)}; 1614 delete @$self{qw(_rbio _wbio _tls_wbuf)};
1449} 1615}
1450 1616
1451sub DESTROY { 1617sub DESTROY {
1452 my $self = shift; 1618 my ($self) = @_;
1453 1619
1454 &_freetls; 1620 &_freetls;
1455 1621
1456 my $linger = exists $self->{linger} ? $self->{linger} : 3600; 1622 my $linger = exists $self->{linger} ? $self->{linger} : 3600;
1457 1623
1477} 1643}
1478 1644
1479=item $handle->destroy 1645=item $handle->destroy
1480 1646
1481Shuts down the handle object as much as possible - this call ensures that 1647Shuts down the handle object as much as possible - this call ensures that
1482no further callbacks will be invoked and resources will be freed as much 1648no further callbacks will be invoked and as many resources as possible
1483as possible. You must not call any methods on the object afterwards. 1649will be freed. You must not call any methods on the object afterwards.
1484 1650
1485Normally, you can just "forget" any references to an AnyEvent::Handle 1651Normally, you can just "forget" any references to an AnyEvent::Handle
1486object and it will simply shut down. This works in fatal error and EOF 1652object and it will simply shut down. This works in fatal error and EOF
1487callbacks, as well as code outside. It does I<NOT> work in a read or write 1653callbacks, as well as code outside. It does I<NOT> work in a read or write
1488callback, so when you want to destroy the AnyEvent::Handle object from 1654callback, so when you want to destroy the AnyEvent::Handle object from
1501 %$self = (); 1667 %$self = ();
1502} 1668}
1503 1669
1504=item AnyEvent::Handle::TLS_CTX 1670=item AnyEvent::Handle::TLS_CTX
1505 1671
1506This function creates and returns the Net::SSLeay::CTX object used by 1672This function creates and returns the AnyEvent::TLS object used by default
1507default for TLS mode. 1673for TLS mode.
1508 1674
1509The context is created like this: 1675The context is created by calling L<AnyEvent::TLS> without any arguments.
1510
1511 Net::SSLeay::load_error_strings;
1512 Net::SSLeay::SSLeay_add_ssl_algorithms;
1513 Net::SSLeay::randomize;
1514
1515 my $CTX = Net::SSLeay::CTX_new;
1516
1517 Net::SSLeay::CTX_set_options $CTX, Net::SSLeay::OP_ALL
1518 1676
1519=cut 1677=cut
1520 1678
1521our $TLS_CTX; 1679our $TLS_CTX;
1522 1680
1523sub TLS_CTX() { 1681sub TLS_CTX() {
1524 $TLS_CTX || do { 1682 $TLS_CTX ||= do {
1525 require Net::SSLeay; 1683 require AnyEvent::TLS;
1526 1684
1527 Net::SSLeay::load_error_strings (); 1685 new AnyEvent::TLS
1528 Net::SSLeay::SSLeay_add_ssl_algorithms ();
1529 Net::SSLeay::randomize ();
1530
1531 $TLS_CTX = Net::SSLeay::CTX_new ();
1532
1533 Net::SSLeay::CTX_set_options ($TLS_CTX, Net::SSLeay::OP_ALL ());
1534
1535 $TLS_CTX
1536 } 1686 }
1537} 1687}
1538 1688
1539=back 1689=back
1540 1690

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines