… | |
… | |
1381 | our $ERROR_WANT_READ; |
1381 | our $ERROR_WANT_READ; |
1382 | our $ERROR_ZERO_RETURN; |
1382 | our $ERROR_ZERO_RETURN; |
1383 | |
1383 | |
1384 | sub _tls_error { |
1384 | sub _tls_error { |
1385 | my ($self, $err) = @_; |
1385 | my ($self, $err) = @_; |
1386 | warn "$err,$!\n";#d# |
|
|
1387 | |
1386 | |
1388 | return $self->_error ($!, 1) |
1387 | return $self->_error ($!, 1) |
1389 | if $err == Net::SSLeay::ERROR_SYSCALL (); |
1388 | if $err == Net::SSLeay::ERROR_SYSCALL (); |
1390 | |
1389 | |
|
|
1390 | my $err =Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ()); |
|
|
1391 | |
|
|
1392 | # reduce error string to look less scary |
|
|
1393 | $err =~ s/^error:[0-9a-fA-F]{8}:[^:]+:([^:]+):/\L$1: /; |
|
|
1394 | |
1391 | $self->_error (&Errno::EPROTO, 1, |
1395 | $self->_error (&Errno::EPROTO, 1, $err); |
1392 | Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ())); |
|
|
1393 | } |
1396 | } |
1394 | |
1397 | |
1395 | # poll the write BIO and send the data if applicable |
1398 | # poll the write BIO and send the data if applicable |
1396 | # also decode read data if possible |
1399 | # also decode read data if possible |
1397 | # this is basiclaly our TLS state machine |
1400 | # this is basiclaly our TLS state machine |
… | |
… | |
1461 | If it an error to start a TLS handshake more than once per |
1464 | If it an error to start a TLS handshake more than once per |
1462 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
1465 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
1463 | |
1466 | |
1464 | =cut |
1467 | =cut |
1465 | |
1468 | |
|
|
1469 | our %TLS_CACHE; #TODO not yet documented, should we? |
|
|
1470 | |
1466 | sub starttls { |
1471 | sub starttls { |
1467 | my ($self, $ssl, $ctx) = @_; |
1472 | my ($self, $ssl, $ctx) = @_; |
1468 | |
1473 | |
1469 | require Net::SSLeay; |
1474 | require Net::SSLeay; |
1470 | |
1475 | |
… | |
… | |
1479 | |
1484 | |
1480 | if ("HASH" eq ref $ctx) { |
1485 | if ("HASH" eq ref $ctx) { |
1481 | require AnyEvent::TLS; |
1486 | require AnyEvent::TLS; |
1482 | |
1487 | |
1483 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context |
1488 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context |
|
|
1489 | |
|
|
1490 | if ($ctx->{cache}) { |
|
|
1491 | my $key = $ctx+0; |
|
|
1492 | $ctx = $TLS_CACHE{$key} ||= new AnyEvent::TLS %$ctx; |
|
|
1493 | } else { |
1484 | $ctx = new AnyEvent::TLS %$ctx; |
1494 | $ctx = new AnyEvent::TLS %$ctx; |
|
|
1495 | } |
1485 | } |
1496 | } |
1486 | |
1497 | |
1487 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1498 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1488 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); |
1499 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); |
1489 | |
1500 | |