ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/AnyEvent/lib/AnyEvent/Handle.pm
(Generate patch)

Comparing AnyEvent/lib/AnyEvent/Handle.pm (file contents):
Revision 1.135 by root, Fri Jul 3 08:51:48 2009 UTC vs.
Revision 1.144 by root, Mon Jul 6 21:38:25 2009 UTC

14 14
15AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent 15AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent
16 16
17=cut 17=cut
18 18
19our $VERSION = 4.45; 19our $VERSION = 4.452;
20 20
21=head1 SYNOPSIS 21=head1 SYNOPSIS
22 22
23 use AnyEvent; 23 use AnyEvent;
24 use AnyEvent::Handle; 24 use AnyEvent::Handle;
133and no read request is in the queue (unlike read queue callbacks, this 133and no read request is in the queue (unlike read queue callbacks, this
134callback will only be called when at least one octet of data is in the 134callback will only be called when at least one octet of data is in the
135read buffer). 135read buffer).
136 136
137To access (and remove data from) the read buffer, use the C<< ->rbuf >> 137To access (and remove data from) the read buffer, use the C<< ->rbuf >>
138method or access the C<$handle->{rbuf}> member directly. Note that you 138method or access the C<< $handle->{rbuf} >> member directly. Note that you
139must not enlarge or modify the read buffer, you can only remove data at 139must not enlarge or modify the read buffer, you can only remove data at
140the beginning from it. 140the beginning from it.
141 141
142When an EOF condition is detected then AnyEvent::Handle will first try to 142When an EOF condition is detected then AnyEvent::Handle will first try to
143feed all the remaining data to the queued callbacks and C<on_read> before 143feed all the remaining data to the queued callbacks and C<on_read> before
249 249
250A string used to identify the remote site - usually the DNS hostname 250A string used to identify the remote site - usually the DNS hostname
251(I<not> IDN!) used to create the connection, rarely the IP address. 251(I<not> IDN!) used to create the connection, rarely the IP address.
252 252
253Apart from being useful in error messages, this string is also used in TLS 253Apart from being useful in error messages, this string is also used in TLS
254common name verification (see C<verify_cn> in L<AnyEvent::TLS>). 254peername verification (see C<verify_peername> in L<AnyEvent::TLS>). This
255verification will be skipped when C<peername> is not specified or
256C<undef>.
255 257
256=item tls => "accept" | "connect" | Net::SSLeay::SSL object 258=item tls => "accept" | "connect" | Net::SSLeay::SSL object
257 259
258When this parameter is given, it enables TLS (SSL) mode, that means 260When this parameter is given, it enables TLS (SSL) mode, that means
259AnyEvent will start a TLS handshake as soon as the conenction has been 261AnyEvent will start a TLS handshake as soon as the conenction has been
296 298
297Instead of an object, you can also specify a hash reference with C<< key 299Instead of an object, you can also specify a hash reference with C<< key
298=> value >> pairs. Those will be passed to L<AnyEvent::TLS> to create a 300=> value >> pairs. Those will be passed to L<AnyEvent::TLS> to create a
299new TLS context object. 301new TLS context object.
300 302
303=item on_starttls => $cb->($handle, $success[, $error_message])
304
305This callback will be invoked when the TLS/SSL handshake has finished. If
306C<$success> is true, then the TLS handshake succeeded, otherwise it failed
307(C<on_stoptls> will not be called in this case).
308
309The session in C<< $handle->{tls} >> can still be examined in this
310callback, even when the handshake was not successful.
311
312TLS handshake failures will not cause C<on_error> to be invoked when this
313callback is in effect, instead, the error message will be passed to C<on_starttls>.
314
315Without this callback, handshake failures lead to C<on_error> being
316called, as normal.
317
318Note that you cannot call C<starttls> right again in this callback. If you
319need to do that, start an zero-second timer instead whose callback can
320then call C<< ->starttls >> again.
321
322=item on_stoptls => $cb->($handle)
323
324When a SSLv3/TLS shutdown/close notify/EOF is detected and this callback is
325set, then it will be invoked after freeing the TLS session. If it is not,
326then a TLS shutdown condition will be treated like a normal EOF condition
327on the handle.
328
329The session in C<< $handle->{tls} >> can still be examined in this
330callback.
331
332This callback will only be called on TLS shutdowns, not when the
333underlying handle signals EOF.
334
301=item json => JSON or JSON::XS object 335=item json => JSON or JSON::XS object
302 336
303This is the json coder object used by the C<json> read and write types. 337This is the json coder object used by the C<json> read and write types.
304 338
305If you don't supply it, then AnyEvent::Handle will create and use a 339If you don't supply it, then AnyEvent::Handle will create and use a
327 $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay}; 361 $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay};
328 362
329 $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}) 363 $self->starttls (delete $self->{tls}, delete $self->{tls_ctx})
330 if $self->{tls}; 364 if $self->{tls};
331 365
332 $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain}; 366 $self->on_drain (delete $self->{on_drain}) if $self->{on_drain};
333 367
334 $self->start_read 368 $self->start_read
335 if $self->{on_read}; 369 if $self->{on_read};
336 370
337 $self->{fh} && $self 371 $self->{fh} && $self
425 459
426 eval { 460 eval {
427 local $SIG{__DIE__}; 461 local $SIG{__DIE__};
428 setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1]; 462 setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1];
429 }; 463 };
464}
465
466=item $handle->on_starttls ($cb)
467
468Replace the current C<on_starttls> callback (see the C<on_starttls> constructor argument).
469
470=cut
471
472sub on_starttls {
473 $_[0]{on_starttls} = $_[1];
474}
475
476=item $handle->on_stoptls ($cb)
477
478Replace the current C<on_stoptls> callback (see the C<on_stoptls> constructor argument).
479
480=cut
481
482sub on_starttls {
483 $_[0]{on_stoptls} = $_[1];
430} 484}
431 485
432############################################################################# 486#############################################################################
433 487
434=item $handle->timeout ($seconds) 488=item $handle->timeout ($seconds)
683 737
684=item $handle->push_shutdown 738=item $handle->push_shutdown
685 739
686Sometimes you know you want to close the socket after writing your data 740Sometimes you know you want to close the socket after writing your data
687before it was actually written. One way to do that is to replace your 741before it was actually written. One way to do that is to replace your
688C<on_drain> handler by a callback that shuts down the socket. This method 742C<on_drain> handler by a callback that shuts down the socket (and set
689is a shorthand for just that, and replaces the C<on_drain> callback with: 743C<low_water_mark> to C<0>). This method is a shorthand for just that, and
744replaces the C<on_drain> callback with:
690 745
691 sub { shutdown $_[0]{fh}, 1 } # for push_shutdown 746 sub { shutdown $_[0]{fh}, 1 } # for push_shutdown
692 747
693This simply shuts down the write side and signals an EOF condition to the 748This simply shuts down the write side and signals an EOF condition to the
694the peer. 749the peer.
697afterwards. This is the cleanest way to close a connection. 752afterwards. This is the cleanest way to close a connection.
698 753
699=cut 754=cut
700 755
701sub push_shutdown { 756sub push_shutdown {
757 my ($self) = @_;
758
759 delete $self->{low_water_mark};
702 $_[0]->{on_drain} = sub { shutdown $_[0]{fh}, 1 }; 760 $self->on_drain (sub { shutdown $_[0]{fh}, 1 });
703} 761}
704 762
705=item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) 763=item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args)
706 764
707This function (not method) lets you add your own types to C<push_write>. 765This function (not method) lets you add your own types to C<push_write>.
856 914
857 if ($self->{_eof}) { 915 if ($self->{_eof}) {
858 if ($self->{on_eof}) { 916 if ($self->{on_eof}) {
859 $self->{on_eof}($self) 917 $self->{on_eof}($self)
860 } else { 918 } else {
861 $self->_error (0, 1); 919 $self->_error (0, 1, "Unexpected end-of-file");
862 } 920 }
863 } 921 }
864 922
865 # may need to restart read watcher 923 # may need to restart read watcher
866 unless ($self->{_rw}) { 924 unless ($self->{_rw}) {
1377 } 1435 }
1378} 1436}
1379 1437
1380our $ERROR_SYSCALL; 1438our $ERROR_SYSCALL;
1381our $ERROR_WANT_READ; 1439our $ERROR_WANT_READ;
1382our $ERROR_ZERO_RETURN;
1383 1440
1384sub _tls_error { 1441sub _tls_error {
1385 my ($self, $err) = @_; 1442 my ($self, $err) = @_;
1386 warn "$err,$!\n";#d#
1387 1443
1388 return $self->_error ($!, 1) 1444 return $self->_error ($!, 1)
1389 if $err == Net::SSLeay::ERROR_SYSCALL (); 1445 if $err == Net::SSLeay::ERROR_SYSCALL ();
1390 1446
1447 my $err =Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ());
1448
1449 # reduce error string to look less scary
1450 $err =~ s/^error:[0-9a-fA-F]{8}:[^:]+:([^:]+):/\L$1: /;
1451
1452 if ($self->{_on_starttls}) {
1453 (delete $self->{_on_starttls})->($self, undef, $err);
1454 &_freetls;
1455 } else {
1456 &_freetls;
1391 $self->_error (&Errno::EPROTO, 1, 1457 $self->_error (&Errno::EPROTO, 1, $err);
1392 Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ())); 1458 }
1393} 1459}
1394 1460
1395# poll the write BIO and send the data if applicable 1461# poll the write BIO and send the data if applicable
1396# also decode read data if possible 1462# also decode read data if possible
1397# this is basiclaly our TLS state machine 1463# this is basiclaly our TLS state machine
1408 } 1474 }
1409 1475
1410 $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp); 1476 $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp);
1411 return $self->_tls_error ($tmp) 1477 return $self->_tls_error ($tmp)
1412 if $tmp != $ERROR_WANT_READ 1478 if $tmp != $ERROR_WANT_READ
1413 && ($tmp != $ERROR_SYSCALL || $!) 1479 && ($tmp != $ERROR_SYSCALL || $!);
1414 && $tmp != $ERROR_ZERO_RETURN;
1415 } 1480 }
1416 1481
1417 while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { 1482 while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) {
1418 unless (length $tmp) { 1483 unless (length $tmp) {
1419 # let's treat SSL-eof as we treat normal EOF 1484 $self->{_on_starttls}
1420 delete $self->{_rw}; 1485 and (delete $self->{_on_starttls})->($self, undef, "EOF during handshake"); # ???
1421 $self->{_eof} = 1;
1422 &_freetls; 1486 &_freetls;
1487
1488 if ($self->{on_stoptls}) {
1489 $self->{on_stoptls}($self);
1490 return;
1491 } else {
1492 # let's treat SSL-eof as we treat normal EOF
1493 delete $self->{_rw};
1494 $self->{_eof} = 1;
1495 }
1423 } 1496 }
1424 1497
1425 $self->{_tls_rbuf} .= $tmp; 1498 $self->{_tls_rbuf} .= $tmp;
1426 $self->_drain_rbuf unless $self->{_in_drain}; 1499 $self->_drain_rbuf unless $self->{_in_drain};
1427 $self->{tls} or return; # tls session might have gone away in callback 1500 $self->{tls} or return; # tls session might have gone away in callback
1428 } 1501 }
1429 1502
1430 $tmp = Net::SSLeay::get_error ($self->{tls}, -1); 1503 $tmp = Net::SSLeay::get_error ($self->{tls}, -1);
1431 return $self->_tls_error ($tmp) 1504 return $self->_tls_error ($tmp)
1432 if $tmp != $ERROR_WANT_READ 1505 if $tmp != $ERROR_WANT_READ
1433 && ($tmp != $ERROR_SYSCALL || $!) 1506 && ($tmp != $ERROR_SYSCALL || $!);
1434 && $tmp != $ERROR_ZERO_RETURN;
1435 1507
1436 while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { 1508 while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) {
1437 $self->{wbuf} .= $tmp; 1509 $self->{wbuf} .= $tmp;
1438 $self->_drain_wbuf; 1510 $self->_drain_wbuf;
1439 } 1511 }
1512
1513 $self->{_on_starttls}
1514 and Net::SSLeay::state ($self->{tls}) == Net::SSLeay::ST_OK ()
1515 and (delete $self->{_on_starttls})->($self, 1, "TLS/SSL connection established");
1440} 1516}
1441 1517
1442=item $handle->starttls ($tls[, $tls_ctx]) 1518=item $handle->starttls ($tls[, $tls_ctx])
1443 1519
1444Instead of starting TLS negotiation immediately when the AnyEvent::Handle 1520Instead of starting TLS negotiation immediately when the AnyEvent::Handle
1461If it an error to start a TLS handshake more than once per 1537If it an error to start a TLS handshake more than once per
1462AnyEvent::Handle object (this is due to bugs in OpenSSL). 1538AnyEvent::Handle object (this is due to bugs in OpenSSL).
1463 1539
1464=cut 1540=cut
1465 1541
1542our %TLS_CACHE; #TODO not yet documented, should we?
1543
1466sub starttls { 1544sub starttls {
1467 my ($self, $ssl, $ctx) = @_; 1545 my ($self, $ssl, $ctx) = @_;
1468 1546
1469 require Net::SSLeay; 1547 require Net::SSLeay;
1470 1548
1471 Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" 1549 Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object"
1472 if $self->{tls}; 1550 if $self->{tls};
1473 1551
1474 $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL (); 1552 $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL ();
1475 $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ (); 1553 $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ ();
1476 $ERROR_ZERO_RETURN = Net::SSLeay::ERROR_ZERO_RETURN ();
1477 1554
1478 $ctx ||= $self->{tls_ctx}; 1555 $ctx ||= $self->{tls_ctx};
1479 1556
1480 if ("HASH" eq ref $ctx) { 1557 if ("HASH" eq ref $ctx) {
1481 require AnyEvent::TLS; 1558 require AnyEvent::TLS;
1482 1559
1483 local $Carp::CarpLevel = 1; # skip ourselves when creating a new context 1560 local $Carp::CarpLevel = 1; # skip ourselves when creating a new context
1561
1562 if ($ctx->{cache}) {
1563 my $key = $ctx+0;
1564 $ctx = $TLS_CACHE{$key} ||= new AnyEvent::TLS %$ctx;
1565 } else {
1484 $ctx = new AnyEvent::TLS %$ctx; 1566 $ctx = new AnyEvent::TLS %$ctx;
1567 }
1485 } 1568 }
1486 1569
1487 $self->{tls_ctx} = $ctx || TLS_CTX (); 1570 $self->{tls_ctx} = $ctx || TLS_CTX ();
1488 $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); 1571 $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername});
1489 1572
1507 $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); 1590 $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ());
1508 $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); 1591 $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ());
1509 1592
1510 Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); 1593 Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio});
1511 1594
1595 $self->{_on_starttls} = sub { $_[0]{on_starttls}(@_) }
1596 if $self->{on_starttls};
1597
1512 &_dotls; # need to trigger the initial handshake 1598 &_dotls; # need to trigger the initial handshake
1513 $self->start_read; # make sure we actually do read 1599 $self->start_read; # make sure we actually do read
1514} 1600}
1515 1601
1516=item $handle->stoptls 1602=item $handle->stoptls
1528 if ($self->{tls}) { 1614 if ($self->{tls}) {
1529 Net::SSLeay::shutdown ($self->{tls}); 1615 Net::SSLeay::shutdown ($self->{tls});
1530 1616
1531 &_dotls; 1617 &_dotls;
1532 1618
1533 # we don't give a shit. no, we do, but we can't. no... 1619# # we don't give a shit. no, we do, but we can't. no...#d#
1534 # we, we... have to use openssl :/ 1620# # we, we... have to use openssl :/#d#
1535 &_freetls; 1621# &_freetls;#d#
1536 } 1622 }
1537} 1623}
1538 1624
1539sub _freetls { 1625sub _freetls {
1540 my ($self) = @_; 1626 my ($self) = @_;
1541 1627
1542 return unless $self->{tls}; 1628 return unless $self->{tls};
1543 1629
1544 $self->{tls_ctx}->_put_session (delete $self->{tls}); 1630 $self->{tls_ctx}->_put_session (delete $self->{tls});
1545 1631
1546 delete @$self{qw(_rbio _wbio _tls_wbuf)}; 1632 delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)};
1547} 1633}
1548 1634
1549sub DESTROY { 1635sub DESTROY {
1550 my ($self) = @_; 1636 my ($self) = @_;
1551 1637
1575} 1661}
1576 1662
1577=item $handle->destroy 1663=item $handle->destroy
1578 1664
1579Shuts down the handle object as much as possible - this call ensures that 1665Shuts down the handle object as much as possible - this call ensures that
1580no further callbacks will be invoked and resources will be freed as much 1666no further callbacks will be invoked and as many resources as possible
1581as possible. You must not call any methods on the object afterwards. 1667will be freed. You must not call any methods on the object afterwards.
1582 1668
1583Normally, you can just "forget" any references to an AnyEvent::Handle 1669Normally, you can just "forget" any references to an AnyEvent::Handle
1584object and it will simply shut down. This works in fatal error and EOF 1670object and it will simply shut down. This works in fatal error and EOF
1585callbacks, as well as code outside. It does I<NOT> work in a read or write 1671callbacks, as well as code outside. It does I<NOT> work in a read or write
1586callback, so when you want to destroy the AnyEvent::Handle object from 1672callback, so when you want to destroy the AnyEvent::Handle object from
1687 $handle->on_drain (sub { 1773 $handle->on_drain (sub {
1688 warn "all data submitted to the kernel\n"; 1774 warn "all data submitted to the kernel\n";
1689 undef $handle; 1775 undef $handle;
1690 }); 1776 });
1691 1777
1778If you just want to queue some data and then signal EOF to the other side,
1779consider using C<< ->push_shutdown >> instead.
1780
1781=item I want to contact a TLS/SSL server, I don't care about security.
1782
1783If your TLS server is a pure TLS server (e.g. HTTPS) that only speaks TLS,
1784simply connect to it and then create the AnyEvent::Handle with the C<tls>
1785parameter:
1786
1787 tcp_connect $host, $port, sub {
1788 my ($fh) = @_;
1789
1790 my $handle = new AnyEvent::Handle
1791 fh => $fh,
1792 tls => "connect",
1793 on_error => sub { ... };
1794
1795 $handle->push_write (...);
1796 };
1797
1798=item I want to contact a TLS/SSL server, I do care about security.
1799
1800Then you should additionally enable certificate verification, including
1801peername verification, if the protocol you use supports it (see
1802L<AnyEvent::TLS>, C<verify_peername>).
1803
1804E.g. for HTTPS:
1805
1806 tcp_connect $host, $port, sub {
1807 my ($fh) = @_;
1808
1809 my $handle = new AnyEvent::Handle
1810 fh => $fh,
1811 peername => $host,
1812 tls => "connect",
1813 tls_ctx => { verify => 1, verify_peername => "https" },
1814 ...
1815
1816Note that you must specify the hostname you connected to (or whatever
1817"peername" the protocol needs) as the C<peername> argument, otherwise no
1818peername verification will be done.
1819
1820The above will use the system-dependent default set of trusted CA
1821certificates. If you want to check against a specific CA, add the
1822C<ca_file> (or C<ca_cert>) arguments to C<tls_ctx>:
1823
1824 tls_ctx => {
1825 verify => 1,
1826 verify_peername => "https",
1827 ca_file => "my-ca-cert.pem",
1828 },
1829
1830=item I want to create a TLS/SSL server, how do I do that?
1831
1832Well, you first need to get a server certificate and key. You have
1833three options: a) ask a CA (buy one, use cacert.org etc.) b) create a
1834self-signed certificate (cheap. check the search engine of your choice,
1835there are many tutorials on the net) or c) make your own CA (tinyca2 is a
1836nice program for that purpose).
1837
1838Then create a file with your private key (in PEM format, see
1839L<AnyEvent::TLS>), followed by the certificate (also in PEM format). The
1840file should then look like this:
1841
1842 -----BEGIN RSA PRIVATE KEY-----
1843 ...header data
1844 ... lots of base64'y-stuff
1845 -----END RSA PRIVATE KEY-----
1846
1847 -----BEGIN CERTIFICATE-----
1848 ... lots of base64'y-stuff
1849 -----END CERTIFICATE-----
1850
1851The important bits are the "PRIVATE KEY" and "CERTIFICATE" parts. Then
1852specify this file as C<cert_file>:
1853
1854 tcp_server undef, $port, sub {
1855 my ($fh) = @_;
1856
1857 my $handle = new AnyEvent::Handle
1858 fh => $fh,
1859 tls => "accept",
1860 tls_ctx => { cert_file => "my-server-keycert.pem" },
1861 ...
1862
1863When you have intermediate CA certificates that your clients might not
1864know about, just append them to the C<cert_file>.
1865
1692=back 1866=back
1693 1867
1694 1868
1695=head1 SUBCLASSING AnyEvent::Handle 1869=head1 SUBCLASSING AnyEvent::Handle
1696 1870

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines