… | |
… | |
10 | use Fcntl (); |
10 | use Fcntl (); |
11 | use Errno qw/EAGAIN EINTR/; |
11 | use Errno qw/EAGAIN EINTR/; |
12 | |
12 | |
13 | =head1 NAME |
13 | =head1 NAME |
14 | |
14 | |
15 | AnyEvent::Handle - non-blocking I/O on filehandles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
16 | |
16 | |
17 | This module is experimental. |
17 | This module is experimental. |
18 | |
18 | |
19 | =cut |
19 | =cut |
20 | |
20 | |
… | |
… | |
145 | |
145 | |
146 | When this parameter is given, it enables TLS (SSL) mode, that means it |
146 | When this parameter is given, it enables TLS (SSL) mode, that means it |
147 | will start making tls handshake and will transparently encrypt/decrypt |
147 | will start making tls handshake and will transparently encrypt/decrypt |
148 | data. |
148 | data. |
149 | |
149 | |
|
|
150 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
|
|
151 | automatically when you try to create a TLS handle). |
|
|
152 | |
150 | For the TLS server side, use C<accept>, and for the TLS client side of a |
153 | For the TLS server side, use C<accept>, and for the TLS client side of a |
151 | connection, use C<connect> mode. |
154 | connection, use C<connect> mode. |
152 | |
155 | |
153 | You can also provide your own TLS connection object, but you have |
156 | You can also provide your own TLS connection object, but you have |
154 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
157 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
155 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
158 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
156 | AnyEvent::Handle. |
159 | AnyEvent::Handle. |
157 | |
160 | |
|
|
161 | See the C<starttls> method if you need to start TLs negotiation later. |
|
|
162 | |
158 | =item tls_ctx => $ssl_ctx |
163 | =item tls_ctx => $ssl_ctx |
159 | |
164 | |
160 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
165 | Use the given Net::SSLeay::CTX object to create the new TLS connection |
161 | (unless a connection object was specified directly). If this parameter is |
166 | (unless a connection object was specified directly). If this parameter is |
162 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
167 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
… | |
… | |
212 | } |
217 | } |
213 | } |
218 | } |
214 | |
219 | |
215 | =item $fh = $handle->fh |
220 | =item $fh = $handle->fh |
216 | |
221 | |
217 | This method returns the filehandle of the L<AnyEvent::Handle> object. |
222 | This method returns the file handle of the L<AnyEvent::Handle> object. |
218 | |
223 | |
219 | =cut |
224 | =cut |
220 | |
225 | |
221 | sub fh { $_[0]->{fh} } |
226 | sub fh { $_[0]->{fh} } |
222 | |
227 | |
… | |
… | |
602 | |
607 | |
603 | =item $handle->start_read |
608 | =item $handle->start_read |
604 | |
609 | |
605 | In rare cases you actually do not want to read anything from the |
610 | In rare cases you actually do not want to read anything from the |
606 | socket. In this case you can call C<stop_read>. Neither C<on_read> no |
611 | socket. In this case you can call C<stop_read>. Neither C<on_read> no |
607 | any queued callbacks will be executed then. To start readign again, call |
612 | any queued callbacks will be executed then. To start reading again, call |
608 | C<start_read>. |
613 | C<start_read>. |
609 | |
614 | |
610 | =cut |
615 | =cut |
611 | |
616 | |
612 | sub stop_read { |
617 | sub stop_read { |
… | |
… | |
644 | |
649 | |
645 | sub _dotls { |
650 | sub _dotls { |
646 | my ($self) = @_; |
651 | my ($self) = @_; |
647 | |
652 | |
648 | if (length $self->{tls_wbuf}) { |
653 | if (length $self->{tls_wbuf}) { |
649 | my $len = Net::SSLeay::write ($self->{tls}, $self->{tls_wbuf}); |
654 | while ((my $len = Net::SSLeay::write ($self->{tls}, $self->{tls_wbuf})) > 0) { |
650 | substr $self->{tls_wbuf}, 0, $len, "" if $len > 0; |
655 | substr $self->{tls_wbuf}, 0, $len, ""; |
|
|
656 | } |
651 | } |
657 | } |
652 | |
658 | |
653 | if (defined (my $buf = Net::SSLeay::BIO_read ($self->{tls_wbio}))) { |
659 | if (defined (my $buf = Net::SSLeay::BIO_read ($self->{tls_wbio}))) { |
654 | $self->{wbuf} .= $buf; |
660 | $self->{wbuf} .= $buf; |
655 | $self->_drain_wbuf; |
661 | $self->_drain_wbuf; |
656 | } |
662 | } |
657 | |
663 | |
658 | if (defined (my $buf = Net::SSLeay::read ($self->{tls}))) { |
664 | while (defined (my $buf = Net::SSLeay::read ($self->{tls}))) { |
659 | $self->{rbuf} .= $buf; |
665 | $self->{rbuf} .= $buf; |
660 | $self->_drain_rbuf; |
666 | $self->_drain_rbuf; |
661 | } elsif ( |
667 | } |
|
|
668 | |
662 | (my $err = Net::SSLeay::get_error ($self->{tls}, -1)) |
669 | my $err = Net::SSLeay::get_error ($self->{tls}, -1); |
|
|
670 | |
663 | != Net::SSLeay::ERROR_WANT_READ () |
671 | if ($err!= Net::SSLeay::ERROR_WANT_READ ()) { |
664 | ) { |
|
|
665 | if ($err == Net::SSLeay::ERROR_SYSCALL ()) { |
672 | if ($err == Net::SSLeay::ERROR_SYSCALL ()) { |
666 | $self->error; |
673 | $self->error; |
667 | } elsif ($err == Net::SSLeay::ERROR_SSL ()) { |
674 | } elsif ($err == Net::SSLeay::ERROR_SSL ()) { |
668 | $! = &Errno::EIO; |
675 | $! = &Errno::EIO; |
669 | $self->error; |
676 | $self->error; |
… | |
… | |
671 | |
678 | |
672 | # all others are fine for our purposes |
679 | # all others are fine for our purposes |
673 | } |
680 | } |
674 | } |
681 | } |
675 | |
682 | |
|
|
683 | =item $handle->starttls ($tls[, $tls_ctx]) |
|
|
684 | |
|
|
685 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
|
|
686 | object is created, you can also do that at a later time by calling |
|
|
687 | C<starttls>. |
|
|
688 | |
|
|
689 | The first argument is the same as the C<tls> constructor argument (either |
|
|
690 | C<"connect">, C<"accept"> or an existing Net::SSLeay object). |
|
|
691 | |
|
|
692 | The second argument is the optional C<Net::SSLeay::CTX> object that is |
|
|
693 | used when AnyEvent::Handle has to create its own TLS connection object. |
|
|
694 | |
|
|
695 | =cut |
|
|
696 | |
676 | # TODO: maybe document... |
697 | # TODO: maybe document... |
677 | sub starttls { |
698 | sub starttls { |
678 | my ($self, $ssl, $ctx) = @_; |
699 | my ($self, $ssl, $ctx) = @_; |
|
|
700 | |
|
|
701 | $self->stoptls; |
679 | |
702 | |
680 | if ($ssl eq "accept") { |
703 | if ($ssl eq "accept") { |
681 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
704 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
682 | Net::SSLeay::set_accept_state ($ssl); |
705 | Net::SSLeay::set_accept_state ($ssl); |
683 | } elsif ($ssl eq "connect") { |
706 | } elsif ($ssl eq "connect") { |
… | |
… | |
708 | Net::SSLeay::BIO_write ($_[0]{tls_rbio}, ${$_[1]}); |
731 | Net::SSLeay::BIO_write ($_[0]{tls_rbio}, ${$_[1]}); |
709 | &_dotls; |
732 | &_dotls; |
710 | }; |
733 | }; |
711 | } |
734 | } |
712 | |
735 | |
|
|
736 | =item $handle->stoptls |
|
|
737 | |
|
|
738 | Destroys the SSL connection, if any. Partial read or write data will be |
|
|
739 | lost. |
|
|
740 | |
|
|
741 | =cut |
|
|
742 | |
|
|
743 | sub stoptls { |
|
|
744 | my ($self) = @_; |
|
|
745 | |
|
|
746 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
|
|
747 | delete $self->{tls_rbio}; |
|
|
748 | delete $self->{tls_wbio}; |
|
|
749 | delete $self->{tls_wbuf}; |
|
|
750 | delete $self->{filter_r}; |
|
|
751 | delete $self->{filter_w}; |
|
|
752 | } |
|
|
753 | |
713 | sub DESTROY { |
754 | sub DESTROY { |
714 | my $self = shift; |
755 | my $self = shift; |
715 | |
756 | |
716 | Net::SSLeay::free (delete $self->{tls}) if $self->{tls}; |
757 | $self->stoptls; |
717 | } |
758 | } |
718 | |
759 | |
719 | =item AnyEvent::Handle::TLS_CTX |
760 | =item AnyEvent::Handle::TLS_CTX |
720 | |
761 | |
721 | This function creates and returns the Net::SSLeay::CTX object used by |
762 | This function creates and returns the Net::SSLeay::CTX object used by |