… | |
… | |
14 | |
14 | |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
15 | AnyEvent::Handle - non-blocking I/O on file handles via AnyEvent |
16 | |
16 | |
17 | =cut |
17 | =cut |
18 | |
18 | |
19 | our $VERSION = 4.3; |
19 | our $VERSION = 4.83; |
20 | |
20 | |
21 | =head1 SYNOPSIS |
21 | =head1 SYNOPSIS |
22 | |
22 | |
23 | use AnyEvent; |
23 | use AnyEvent; |
24 | use AnyEvent::Handle; |
24 | use AnyEvent::Handle; |
25 | |
25 | |
26 | my $cv = AnyEvent->condvar; |
26 | my $cv = AnyEvent->condvar; |
27 | |
27 | |
28 | my $handle = |
28 | my $hdl; $hdl = new AnyEvent::Handle |
29 | AnyEvent::Handle->new ( |
|
|
30 | fh => \*STDIN, |
29 | fh => \*STDIN, |
31 | on_eof => sub { |
30 | on_error => sub { |
32 | $cv->broadcast; |
31 | my ($hdl, $fatal, $msg) = @_; |
33 | }, |
32 | warn "got error $msg\n"; |
|
|
33 | $hdl->destroy; |
|
|
34 | $cv->send; |
34 | ); |
35 | ); |
35 | |
36 | |
36 | # send some request line |
37 | # send some request line |
37 | $handle->push_write ("getinfo\015\012"); |
38 | $hdl->push_write ("getinfo\015\012"); |
38 | |
39 | |
39 | # read the response line |
40 | # read the response line |
40 | $handle->push_read (line => sub { |
41 | $hdl->push_read (line => sub { |
41 | my ($handle, $line) = @_; |
42 | my ($hdl, $line) = @_; |
42 | warn "read line <$line>\n"; |
43 | warn "got line <$line>\n"; |
43 | $cv->send; |
44 | $cv->send; |
44 | }); |
45 | }); |
45 | |
46 | |
46 | $cv->recv; |
47 | $cv->recv; |
47 | |
48 | |
… | |
… | |
63 | |
64 | |
64 | =head1 METHODS |
65 | =head1 METHODS |
65 | |
66 | |
66 | =over 4 |
67 | =over 4 |
67 | |
68 | |
68 | =item B<new (%args)> |
69 | =item $handle = B<new> AnyEvent::TLS fh => $filehandle, key => value... |
69 | |
70 | |
70 | The constructor supports these arguments (all as key => value pairs). |
71 | The constructor supports these arguments (all as C<< key => value >> pairs). |
71 | |
72 | |
72 | =over 4 |
73 | =over 4 |
73 | |
74 | |
74 | =item fh => $filehandle [MANDATORY] |
75 | =item fh => $filehandle [MANDATORY] |
75 | |
76 | |
… | |
… | |
81 | |
82 | |
82 | =item on_eof => $cb->($handle) |
83 | =item on_eof => $cb->($handle) |
83 | |
84 | |
84 | Set the callback to be called when an end-of-file condition is detected, |
85 | Set the callback to be called when an end-of-file condition is detected, |
85 | i.e. in the case of a socket, when the other side has closed the |
86 | i.e. in the case of a socket, when the other side has closed the |
86 | connection cleanly. |
87 | connection cleanly, and there are no outstanding read requests in the |
|
|
88 | queue (if there are read requests, then an EOF counts as an unexpected |
|
|
89 | connection close and will be flagged as an error). |
87 | |
90 | |
88 | For sockets, this just means that the other side has stopped sending data, |
91 | For sockets, this just means that the other side has stopped sending data, |
89 | you can still try to write data, and, in fact, one can return from the eof |
92 | you can still try to write data, and, in fact, one can return from the EOF |
90 | callback and continue writing data, as only the read part has been shut |
93 | callback and continue writing data, as only the read part has been shut |
91 | down. |
94 | down. |
92 | |
95 | |
93 | While not mandatory, it is I<highly> recommended to set an eof callback, |
|
|
94 | otherwise you might end up with a closed socket while you are still |
|
|
95 | waiting for data. |
|
|
96 | |
|
|
97 | If an EOF condition has been detected but no C<on_eof> callback has been |
96 | If an EOF condition has been detected but no C<on_eof> callback has been |
98 | set, then a fatal error will be raised with C<$!> set to <0>. |
97 | set, then a fatal error will be raised with C<$!> set to <0>. |
99 | |
98 | |
100 | =item on_error => $cb->($handle, $fatal) |
99 | =item on_error => $cb->($handle, $fatal, $message) |
101 | |
100 | |
102 | This is the error callback, which is called when, well, some error |
101 | This is the error callback, which is called when, well, some error |
103 | occured, such as not being able to resolve the hostname, failure to |
102 | occured, such as not being able to resolve the hostname, failure to |
104 | connect or a read error. |
103 | connect or a read error. |
105 | |
104 | |
106 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
105 | Some errors are fatal (which is indicated by C<$fatal> being true). On |
107 | fatal errors the handle object will be shut down and will not be usable |
106 | fatal errors the handle object will be destroyed (by a call to C<< -> |
108 | (but you are free to look at the current C<< ->rbuf >>). Examples of fatal |
107 | destroy >>) after invoking the error callback (which means you are free to |
109 | errors are an EOF condition with active (but unsatisifable) read watchers |
108 | examine the handle object). Examples of fatal errors are an EOF condition |
110 | (C<EPIPE>) or I/O errors. |
109 | with active (but unsatisifable) read watchers (C<EPIPE>) or I/O errors. |
|
|
110 | |
|
|
111 | AnyEvent::Handle tries to find an appropriate error code for you to check |
|
|
112 | against, but in some cases (TLS errors), this does not work well. It is |
|
|
113 | recommended to always output the C<$message> argument in human-readable |
|
|
114 | error messages (it's usually the same as C<"$!">). |
111 | |
115 | |
112 | Non-fatal errors can be retried by simply returning, but it is recommended |
116 | Non-fatal errors can be retried by simply returning, but it is recommended |
113 | to simply ignore this parameter and instead abondon the handle object |
117 | to simply ignore this parameter and instead abondon the handle object |
114 | when this callback is invoked. Examples of non-fatal errors are timeouts |
118 | when this callback is invoked. Examples of non-fatal errors are timeouts |
115 | C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). |
119 | C<ETIMEDOUT>) or badly-formatted data (C<EBADMSG>). |
116 | |
120 | |
117 | On callback entrance, the value of C<$!> contains the operating system |
121 | On callback entrance, the value of C<$!> contains the operating system |
118 | error (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT> or C<EBADMSG>). |
122 | error code (or C<ENOSPC>, C<EPIPE>, C<ETIMEDOUT>, C<EBADMSG> or |
|
|
123 | C<EPROTO>). |
119 | |
124 | |
120 | While not mandatory, it is I<highly> recommended to set this callback, as |
125 | While not mandatory, it is I<highly> recommended to set this callback, as |
121 | you will not be notified of errors otherwise. The default simply calls |
126 | you will not be notified of errors otherwise. The default simply calls |
122 | C<croak>. |
127 | C<croak>. |
123 | |
128 | |
… | |
… | |
127 | and no read request is in the queue (unlike read queue callbacks, this |
132 | and no read request is in the queue (unlike read queue callbacks, this |
128 | callback will only be called when at least one octet of data is in the |
133 | callback will only be called when at least one octet of data is in the |
129 | read buffer). |
134 | read buffer). |
130 | |
135 | |
131 | To access (and remove data from) the read buffer, use the C<< ->rbuf >> |
136 | To access (and remove data from) the read buffer, use the C<< ->rbuf >> |
132 | method or access the C<$handle->{rbuf}> member directly. |
137 | method or access the C<< $handle->{rbuf} >> member directly. Note that you |
|
|
138 | must not enlarge or modify the read buffer, you can only remove data at |
|
|
139 | the beginning from it. |
133 | |
140 | |
134 | When an EOF condition is detected then AnyEvent::Handle will first try to |
141 | When an EOF condition is detected then AnyEvent::Handle will first try to |
135 | feed all the remaining data to the queued callbacks and C<on_read> before |
142 | feed all the remaining data to the queued callbacks and C<on_read> before |
136 | calling the C<on_eof> callback. If no progress can be made, then a fatal |
143 | calling the C<on_eof> callback. If no progress can be made, then a fatal |
137 | error will be raised (with C<$!> set to C<EPIPE>). |
144 | error will be raised (with C<$!> set to C<EPIPE>). |
|
|
145 | |
|
|
146 | Note that, unlike requests in the read queue, an C<on_read> callback |
|
|
147 | doesn't mean you I<require> some data: if there is an EOF and there |
|
|
148 | are outstanding read requests then an error will be flagged. With an |
|
|
149 | C<on_read> callback, the C<on_eof> callback will be invoked. |
138 | |
150 | |
139 | =item on_drain => $cb->($handle) |
151 | =item on_drain => $cb->($handle) |
140 | |
152 | |
141 | This sets the callback that is called when the write buffer becomes empty |
153 | This sets the callback that is called when the write buffer becomes empty |
142 | (or when the callback is set and the buffer is empty already). |
154 | (or when the callback is set and the buffer is empty already). |
… | |
… | |
235 | |
247 | |
236 | This will not work for partial TLS data that could not be encoded |
248 | This will not work for partial TLS data that could not be encoded |
237 | yet. This data will be lost. Calling the C<stoptls> method in time might |
249 | yet. This data will be lost. Calling the C<stoptls> method in time might |
238 | help. |
250 | help. |
239 | |
251 | |
|
|
252 | =item peername => $string |
|
|
253 | |
|
|
254 | A string used to identify the remote site - usually the DNS hostname |
|
|
255 | (I<not> IDN!) used to create the connection, rarely the IP address. |
|
|
256 | |
|
|
257 | Apart from being useful in error messages, this string is also used in TLS |
|
|
258 | peername verification (see C<verify_peername> in L<AnyEvent::TLS>). This |
|
|
259 | verification will be skipped when C<peername> is not specified or |
|
|
260 | C<undef>. |
|
|
261 | |
240 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
262 | =item tls => "accept" | "connect" | Net::SSLeay::SSL object |
241 | |
263 | |
242 | When this parameter is given, it enables TLS (SSL) mode, that means |
264 | When this parameter is given, it enables TLS (SSL) mode, that means |
243 | AnyEvent will start a TLS handshake as soon as the conenction has been |
265 | AnyEvent will start a TLS handshake as soon as the conenction has been |
244 | established and will transparently encrypt/decrypt data afterwards. |
266 | established and will transparently encrypt/decrypt data afterwards. |
|
|
267 | |
|
|
268 | All TLS protocol errors will be signalled as C<EPROTO>, with an |
|
|
269 | appropriate error message. |
245 | |
270 | |
246 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
271 | TLS mode requires Net::SSLeay to be installed (it will be loaded |
247 | automatically when you try to create a TLS handle): this module doesn't |
272 | automatically when you try to create a TLS handle): this module doesn't |
248 | have a dependency on that module, so if your module requires it, you have |
273 | have a dependency on that module, so if your module requires it, you have |
249 | to add the dependency yourself. |
274 | to add the dependency yourself. |
… | |
… | |
253 | mode. |
278 | mode. |
254 | |
279 | |
255 | You can also provide your own TLS connection object, but you have |
280 | You can also provide your own TLS connection object, but you have |
256 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
281 | to make sure that you call either C<Net::SSLeay::set_connect_state> |
257 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
282 | or C<Net::SSLeay::set_accept_state> on it before you pass it to |
258 | AnyEvent::Handle. |
283 | AnyEvent::Handle. Also, this module will take ownership of this connection |
|
|
284 | object. |
|
|
285 | |
|
|
286 | At some future point, AnyEvent::Handle might switch to another TLS |
|
|
287 | implementation, then the option to use your own session object will go |
|
|
288 | away. |
|
|
289 | |
|
|
290 | B<IMPORTANT:> since Net::SSLeay "objects" are really only integers, |
|
|
291 | passing in the wrong integer will lead to certain crash. This most often |
|
|
292 | happens when one uses a stylish C<< tls => 1 >> and is surprised about the |
|
|
293 | segmentation fault. |
259 | |
294 | |
260 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
295 | See the C<< ->starttls >> method for when need to start TLS negotiation later. |
261 | |
296 | |
262 | =item tls_ctx => $ssl_ctx |
297 | =item tls_ctx => $anyevent_tls |
263 | |
298 | |
264 | Use the given C<Net::SSLeay::CTX> object to create the new TLS connection |
299 | Use the given C<AnyEvent::TLS> object to create the new TLS connection |
265 | (unless a connection object was specified directly). If this parameter is |
300 | (unless a connection object was specified directly). If this parameter is |
266 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
301 | missing, then AnyEvent::Handle will use C<AnyEvent::Handle::TLS_CTX>. |
|
|
302 | |
|
|
303 | Instead of an object, you can also specify a hash reference with C<< key |
|
|
304 | => value >> pairs. Those will be passed to L<AnyEvent::TLS> to create a |
|
|
305 | new TLS context object. |
|
|
306 | |
|
|
307 | =item on_starttls => $cb->($handle, $success[, $error_message]) |
|
|
308 | |
|
|
309 | This callback will be invoked when the TLS/SSL handshake has finished. If |
|
|
310 | C<$success> is true, then the TLS handshake succeeded, otherwise it failed |
|
|
311 | (C<on_stoptls> will not be called in this case). |
|
|
312 | |
|
|
313 | The session in C<< $handle->{tls} >> can still be examined in this |
|
|
314 | callback, even when the handshake was not successful. |
|
|
315 | |
|
|
316 | TLS handshake failures will not cause C<on_error> to be invoked when this |
|
|
317 | callback is in effect, instead, the error message will be passed to C<on_starttls>. |
|
|
318 | |
|
|
319 | Without this callback, handshake failures lead to C<on_error> being |
|
|
320 | called, as normal. |
|
|
321 | |
|
|
322 | Note that you cannot call C<starttls> right again in this callback. If you |
|
|
323 | need to do that, start an zero-second timer instead whose callback can |
|
|
324 | then call C<< ->starttls >> again. |
|
|
325 | |
|
|
326 | =item on_stoptls => $cb->($handle) |
|
|
327 | |
|
|
328 | When a SSLv3/TLS shutdown/close notify/EOF is detected and this callback is |
|
|
329 | set, then it will be invoked after freeing the TLS session. If it is not, |
|
|
330 | then a TLS shutdown condition will be treated like a normal EOF condition |
|
|
331 | on the handle. |
|
|
332 | |
|
|
333 | The session in C<< $handle->{tls} >> can still be examined in this |
|
|
334 | callback. |
|
|
335 | |
|
|
336 | This callback will only be called on TLS shutdowns, not when the |
|
|
337 | underlying handle signals EOF. |
267 | |
338 | |
268 | =item json => JSON or JSON::XS object |
339 | =item json => JSON or JSON::XS object |
269 | |
340 | |
270 | This is the json coder object used by the C<json> read and write types. |
341 | This is the json coder object used by the C<json> read and write types. |
271 | |
342 | |
… | |
… | |
280 | |
351 | |
281 | =cut |
352 | =cut |
282 | |
353 | |
283 | sub new { |
354 | sub new { |
284 | my $class = shift; |
355 | my $class = shift; |
285 | |
|
|
286 | my $self = bless { @_ }, $class; |
356 | my $self = bless { @_ }, $class; |
287 | |
357 | |
288 | $self->{fh} or Carp::croak "mandatory argument fh is missing"; |
358 | $self->{fh} or Carp::croak "mandatory argument fh is missing"; |
289 | |
359 | |
290 | AnyEvent::Util::fh_nonblocking $self->{fh}, 1; |
360 | AnyEvent::Util::fh_nonblocking $self->{fh}, 1; |
|
|
361 | |
|
|
362 | $self->{_activity} = AnyEvent->now; |
|
|
363 | $self->_timeout; |
|
|
364 | |
|
|
365 | $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay}; |
291 | |
366 | |
292 | $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}) |
367 | $self->starttls (delete $self->{tls}, delete $self->{tls_ctx}) |
293 | if $self->{tls}; |
368 | if $self->{tls}; |
294 | |
369 | |
295 | $self->{_activity} = AnyEvent->now; |
|
|
296 | $self->_timeout; |
|
|
297 | |
|
|
298 | $self->on_drain (delete $self->{on_drain}) if exists $self->{on_drain}; |
370 | $self->on_drain (delete $self->{on_drain}) if $self->{on_drain}; |
299 | $self->no_delay (delete $self->{no_delay}) if exists $self->{no_delay}; |
|
|
300 | |
371 | |
301 | $self->start_read |
372 | $self->start_read |
302 | if $self->{on_read}; |
373 | if $self->{on_read}; |
303 | |
374 | |
304 | $self |
375 | $self->{fh} && $self |
305 | } |
376 | } |
306 | |
377 | |
307 | sub _shutdown { |
378 | #sub _shutdown { |
308 | my ($self) = @_; |
379 | # my ($self) = @_; |
309 | |
380 | # |
310 | delete $self->{_tw}; |
381 | # delete @$self{qw(_tw _rw _ww fh wbuf on_read _queue)}; |
311 | delete $self->{_rw}; |
382 | # $self->{_eof} = 1; # tell starttls et. al to stop trying |
312 | delete $self->{_ww}; |
383 | # |
313 | delete $self->{fh}; |
|
|
314 | |
|
|
315 | &_freetls; |
384 | # &_freetls; |
316 | |
385 | #} |
317 | delete $self->{on_read}; |
|
|
318 | delete $self->{_queue}; |
|
|
319 | } |
|
|
320 | |
386 | |
321 | sub _error { |
387 | sub _error { |
322 | my ($self, $errno, $fatal) = @_; |
388 | my ($self, $errno, $fatal, $message) = @_; |
323 | |
|
|
324 | $self->_shutdown |
|
|
325 | if $fatal; |
|
|
326 | |
389 | |
327 | $! = $errno; |
390 | $! = $errno; |
|
|
391 | $message ||= "$!"; |
328 | |
392 | |
329 | if ($self->{on_error}) { |
393 | if ($self->{on_error}) { |
330 | $self->{on_error}($self, $fatal); |
394 | $self->{on_error}($self, $fatal, $message); |
331 | } else { |
395 | $self->destroy if $fatal; |
|
|
396 | } elsif ($self->{fh}) { |
|
|
397 | $self->destroy; |
332 | Carp::croak "AnyEvent::Handle uncaught error: $!"; |
398 | Carp::croak "AnyEvent::Handle uncaught error: $message"; |
333 | } |
399 | } |
334 | } |
400 | } |
335 | |
401 | |
336 | =item $fh = $handle->fh |
402 | =item $fh = $handle->fh |
337 | |
403 | |
… | |
… | |
374 | } |
440 | } |
375 | |
441 | |
376 | =item $handle->autocork ($boolean) |
442 | =item $handle->autocork ($boolean) |
377 | |
443 | |
378 | Enables or disables the current autocork behaviour (see C<autocork> |
444 | Enables or disables the current autocork behaviour (see C<autocork> |
379 | constructor argument). |
445 | constructor argument). Changes will only take effect on the next write. |
380 | |
446 | |
381 | =cut |
447 | =cut |
|
|
448 | |
|
|
449 | sub autocork { |
|
|
450 | $_[0]{autocork} = $_[1]; |
|
|
451 | } |
382 | |
452 | |
383 | =item $handle->no_delay ($boolean) |
453 | =item $handle->no_delay ($boolean) |
384 | |
454 | |
385 | Enables or disables the C<no_delay> setting (see constructor argument of |
455 | Enables or disables the C<no_delay> setting (see constructor argument of |
386 | the same name for details). |
456 | the same name for details). |
… | |
… | |
394 | local $SIG{__DIE__}; |
464 | local $SIG{__DIE__}; |
395 | setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1]; |
465 | setsockopt $_[0]{fh}, &Socket::IPPROTO_TCP, &Socket::TCP_NODELAY, int $_[1]; |
396 | }; |
466 | }; |
397 | } |
467 | } |
398 | |
468 | |
|
|
469 | =item $handle->on_starttls ($cb) |
|
|
470 | |
|
|
471 | Replace the current C<on_starttls> callback (see the C<on_starttls> constructor argument). |
|
|
472 | |
|
|
473 | =cut |
|
|
474 | |
|
|
475 | sub on_starttls { |
|
|
476 | $_[0]{on_starttls} = $_[1]; |
|
|
477 | } |
|
|
478 | |
|
|
479 | =item $handle->on_stoptls ($cb) |
|
|
480 | |
|
|
481 | Replace the current C<on_stoptls> callback (see the C<on_stoptls> constructor argument). |
|
|
482 | |
|
|
483 | =cut |
|
|
484 | |
|
|
485 | sub on_starttls { |
|
|
486 | $_[0]{on_stoptls} = $_[1]; |
|
|
487 | } |
|
|
488 | |
399 | ############################################################################# |
489 | ############################################################################# |
400 | |
490 | |
401 | =item $handle->timeout ($seconds) |
491 | =item $handle->timeout ($seconds) |
402 | |
492 | |
403 | Configures (or disables) the inactivity timeout. |
493 | Configures (or disables) the inactivity timeout. |
… | |
… | |
427 | $self->{_activity} = $NOW; |
517 | $self->{_activity} = $NOW; |
428 | |
518 | |
429 | if ($self->{on_timeout}) { |
519 | if ($self->{on_timeout}) { |
430 | $self->{on_timeout}($self); |
520 | $self->{on_timeout}($self); |
431 | } else { |
521 | } else { |
432 | $self->_error (&Errno::ETIMEDOUT); |
522 | $self->_error (Errno::ETIMEDOUT); |
433 | } |
523 | } |
434 | |
524 | |
435 | # callback could have changed timeout value, optimise |
525 | # callback could have changed timeout value, optimise |
436 | return unless $self->{timeout}; |
526 | return unless $self->{timeout}; |
437 | |
527 | |
… | |
… | |
500 | Scalar::Util::weaken $self; |
590 | Scalar::Util::weaken $self; |
501 | |
591 | |
502 | my $cb = sub { |
592 | my $cb = sub { |
503 | my $len = syswrite $self->{fh}, $self->{wbuf}; |
593 | my $len = syswrite $self->{fh}, $self->{wbuf}; |
504 | |
594 | |
505 | if ($len >= 0) { |
595 | if (defined $len) { |
506 | substr $self->{wbuf}, 0, $len, ""; |
596 | substr $self->{wbuf}, 0, $len, ""; |
507 | |
597 | |
508 | $self->{_activity} = AnyEvent->now; |
598 | $self->{_activity} = AnyEvent->now; |
509 | |
599 | |
510 | $self->{on_drain}($self) |
600 | $self->{on_drain}($self) |
… | |
… | |
645 | |
735 | |
646 | pack "w/a*", Storable::nfreeze ($ref) |
736 | pack "w/a*", Storable::nfreeze ($ref) |
647 | }; |
737 | }; |
648 | |
738 | |
649 | =back |
739 | =back |
|
|
740 | |
|
|
741 | =item $handle->push_shutdown |
|
|
742 | |
|
|
743 | Sometimes you know you want to close the socket after writing your data |
|
|
744 | before it was actually written. One way to do that is to replace your |
|
|
745 | C<on_drain> handler by a callback that shuts down the socket (and set |
|
|
746 | C<low_water_mark> to C<0>). This method is a shorthand for just that, and |
|
|
747 | replaces the C<on_drain> callback with: |
|
|
748 | |
|
|
749 | sub { shutdown $_[0]{fh}, 1 } # for push_shutdown |
|
|
750 | |
|
|
751 | This simply shuts down the write side and signals an EOF condition to the |
|
|
752 | the peer. |
|
|
753 | |
|
|
754 | You can rely on the normal read queue and C<on_eof> handling |
|
|
755 | afterwards. This is the cleanest way to close a connection. |
|
|
756 | |
|
|
757 | =cut |
|
|
758 | |
|
|
759 | sub push_shutdown { |
|
|
760 | my ($self) = @_; |
|
|
761 | |
|
|
762 | delete $self->{low_water_mark}; |
|
|
763 | $self->on_drain (sub { shutdown $_[0]{fh}, 1 }); |
|
|
764 | } |
650 | |
765 | |
651 | =item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) |
766 | =item AnyEvent::Handle::register_write_type type => $coderef->($handle, @args) |
652 | |
767 | |
653 | This function (not method) lets you add your own types to C<push_write>. |
768 | This function (not method) lets you add your own types to C<push_write>. |
654 | Whenever the given C<type> is used, C<push_write> will invoke the code |
769 | Whenever the given C<type> is used, C<push_write> will invoke the code |
… | |
… | |
754 | |
869 | |
755 | if ( |
870 | if ( |
756 | defined $self->{rbuf_max} |
871 | defined $self->{rbuf_max} |
757 | && $self->{rbuf_max} < length $self->{rbuf} |
872 | && $self->{rbuf_max} < length $self->{rbuf} |
758 | ) { |
873 | ) { |
759 | $self->_error (&Errno::ENOSPC, 1), return; |
874 | $self->_error (Errno::ENOSPC, 1), return; |
760 | } |
875 | } |
761 | |
876 | |
762 | while () { |
877 | while () { |
|
|
878 | # we need to use a separate tls read buffer, as we must not receive data while |
|
|
879 | # we are draining the buffer, and this can only happen with TLS. |
|
|
880 | $self->{rbuf} .= delete $self->{_tls_rbuf} if exists $self->{_tls_rbuf}; |
|
|
881 | |
763 | my $len = length $self->{rbuf}; |
882 | my $len = length $self->{rbuf}; |
764 | |
883 | |
765 | if (my $cb = shift @{ $self->{_queue} }) { |
884 | if (my $cb = shift @{ $self->{_queue} }) { |
766 | unless ($cb->($self)) { |
885 | unless ($cb->($self)) { |
767 | if ($self->{_eof}) { |
886 | if ($self->{_eof}) { |
768 | # no progress can be made (not enough data and no data forthcoming) |
887 | # no progress can be made (not enough data and no data forthcoming) |
769 | $self->_error (&Errno::EPIPE, 1), return; |
888 | $self->_error (Errno::EPIPE, 1), return; |
770 | } |
889 | } |
771 | |
890 | |
772 | unshift @{ $self->{_queue} }, $cb; |
891 | unshift @{ $self->{_queue} }, $cb; |
773 | last; |
892 | last; |
774 | } |
893 | } |
… | |
… | |
782 | && !@{ $self->{_queue} } # and the queue is still empty |
901 | && !@{ $self->{_queue} } # and the queue is still empty |
783 | && $self->{on_read} # but we still have on_read |
902 | && $self->{on_read} # but we still have on_read |
784 | ) { |
903 | ) { |
785 | # no further data will arrive |
904 | # no further data will arrive |
786 | # so no progress can be made |
905 | # so no progress can be made |
787 | $self->_error (&Errno::EPIPE, 1), return |
906 | $self->_error (Errno::EPIPE, 1), return |
788 | if $self->{_eof}; |
907 | if $self->{_eof}; |
789 | |
908 | |
790 | last; # more data might arrive |
909 | last; # more data might arrive |
791 | } |
910 | } |
792 | } else { |
911 | } else { |
… | |
… | |
798 | |
917 | |
799 | if ($self->{_eof}) { |
918 | if ($self->{_eof}) { |
800 | if ($self->{on_eof}) { |
919 | if ($self->{on_eof}) { |
801 | $self->{on_eof}($self) |
920 | $self->{on_eof}($self) |
802 | } else { |
921 | } else { |
803 | $self->_error (0, 1); |
922 | $self->_error (0, 1, "Unexpected end-of-file"); |
804 | } |
923 | } |
805 | } |
924 | } |
806 | |
925 | |
807 | # may need to restart read watcher |
926 | # may need to restart read watcher |
808 | unless ($self->{_rw}) { |
927 | unless ($self->{_rw}) { |
… | |
… | |
828 | |
947 | |
829 | =item $handle->rbuf |
948 | =item $handle->rbuf |
830 | |
949 | |
831 | Returns the read buffer (as a modifiable lvalue). |
950 | Returns the read buffer (as a modifiable lvalue). |
832 | |
951 | |
833 | You can access the read buffer directly as the C<< ->{rbuf} >> member, if |
952 | You can access the read buffer directly as the C<< ->{rbuf} >> |
834 | you want. |
953 | member, if you want. However, the only operation allowed on the |
|
|
954 | read buffer (apart from looking at it) is removing data from its |
|
|
955 | beginning. Otherwise modifying or appending to it is not allowed and will |
|
|
956 | lead to hard-to-track-down bugs. |
835 | |
957 | |
836 | NOTE: The read buffer should only be used or modified if the C<on_read>, |
958 | NOTE: The read buffer should only be used or modified if the C<on_read>, |
837 | C<push_read> or C<unshift_read> methods are used. The other read methods |
959 | C<push_read> or C<unshift_read> methods are used. The other read methods |
838 | automatically manage the read buffer. |
960 | automatically manage the read buffer. |
839 | |
961 | |
… | |
… | |
1039 | return 1; |
1161 | return 1; |
1040 | } |
1162 | } |
1041 | |
1163 | |
1042 | # reject |
1164 | # reject |
1043 | if ($reject && $$rbuf =~ $reject) { |
1165 | if ($reject && $$rbuf =~ $reject) { |
1044 | $self->_error (&Errno::EBADMSG); |
1166 | $self->_error (Errno::EBADMSG); |
1045 | } |
1167 | } |
1046 | |
1168 | |
1047 | # skip |
1169 | # skip |
1048 | if ($skip && $$rbuf =~ $skip) { |
1170 | if ($skip && $$rbuf =~ $skip) { |
1049 | $data .= substr $$rbuf, 0, $+[0], ""; |
1171 | $data .= substr $$rbuf, 0, $+[0], ""; |
… | |
… | |
1065 | my ($self, $cb) = @_; |
1187 | my ($self, $cb) = @_; |
1066 | |
1188 | |
1067 | sub { |
1189 | sub { |
1068 | unless ($_[0]{rbuf} =~ s/^(0|[1-9][0-9]*)://) { |
1190 | unless ($_[0]{rbuf} =~ s/^(0|[1-9][0-9]*)://) { |
1069 | if ($_[0]{rbuf} =~ /[^0-9]/) { |
1191 | if ($_[0]{rbuf} =~ /[^0-9]/) { |
1070 | $self->_error (&Errno::EBADMSG); |
1192 | $self->_error (Errno::EBADMSG); |
1071 | } |
1193 | } |
1072 | return; |
1194 | return; |
1073 | } |
1195 | } |
1074 | |
1196 | |
1075 | my $len = $1; |
1197 | my $len = $1; |
… | |
… | |
1078 | my $string = $_[1]; |
1200 | my $string = $_[1]; |
1079 | $_[0]->unshift_read (chunk => 1, sub { |
1201 | $_[0]->unshift_read (chunk => 1, sub { |
1080 | if ($_[1] eq ",") { |
1202 | if ($_[1] eq ",") { |
1081 | $cb->($_[0], $string); |
1203 | $cb->($_[0], $string); |
1082 | } else { |
1204 | } else { |
1083 | $self->_error (&Errno::EBADMSG); |
1205 | $self->_error (Errno::EBADMSG); |
1084 | } |
1206 | } |
1085 | }); |
1207 | }); |
1086 | }); |
1208 | }); |
1087 | |
1209 | |
1088 | 1 |
1210 | 1 |
… | |
… | |
1135 | } |
1257 | } |
1136 | }; |
1258 | }; |
1137 | |
1259 | |
1138 | =item json => $cb->($handle, $hash_or_arrayref) |
1260 | =item json => $cb->($handle, $hash_or_arrayref) |
1139 | |
1261 | |
1140 | Reads a JSON object or array, decodes it and passes it to the callback. |
1262 | Reads a JSON object or array, decodes it and passes it to the |
|
|
1263 | callback. When a parse error occurs, an C<EBADMSG> error will be raised. |
1141 | |
1264 | |
1142 | If a C<json> object was passed to the constructor, then that will be used |
1265 | If a C<json> object was passed to the constructor, then that will be used |
1143 | for the final decode, otherwise it will create a JSON coder expecting UTF-8. |
1266 | for the final decode, otherwise it will create a JSON coder expecting UTF-8. |
1144 | |
1267 | |
1145 | This read type uses the incremental parser available with JSON version |
1268 | This read type uses the incremental parser available with JSON version |
… | |
… | |
1154 | =cut |
1277 | =cut |
1155 | |
1278 | |
1156 | register_read_type json => sub { |
1279 | register_read_type json => sub { |
1157 | my ($self, $cb) = @_; |
1280 | my ($self, $cb) = @_; |
1158 | |
1281 | |
1159 | require JSON; |
1282 | my $json = $self->{json} ||= |
|
|
1283 | eval { require JSON::XS; JSON::XS->new->utf8 } |
|
|
1284 | || do { require JSON; JSON->new->utf8 }; |
1160 | |
1285 | |
1161 | my $data; |
1286 | my $data; |
1162 | my $rbuf = \$self->{rbuf}; |
1287 | my $rbuf = \$self->{rbuf}; |
1163 | |
1288 | |
1164 | my $json = $self->{json} ||= JSON->new->utf8; |
|
|
1165 | |
|
|
1166 | sub { |
1289 | sub { |
1167 | my $ref = $json->incr_parse ($self->{rbuf}); |
1290 | my $ref = eval { $json->incr_parse ($self->{rbuf}) }; |
1168 | |
1291 | |
1169 | if ($ref) { |
1292 | if ($ref) { |
1170 | $self->{rbuf} = $json->incr_text; |
1293 | $self->{rbuf} = $json->incr_text; |
1171 | $json->incr_text = ""; |
1294 | $json->incr_text = ""; |
1172 | $cb->($self, $ref); |
1295 | $cb->($self, $ref); |
1173 | |
1296 | |
1174 | 1 |
1297 | 1 |
|
|
1298 | } elsif ($@) { |
|
|
1299 | # error case |
|
|
1300 | $json->incr_skip; |
|
|
1301 | |
|
|
1302 | $self->{rbuf} = $json->incr_text; |
|
|
1303 | $json->incr_text = ""; |
|
|
1304 | |
|
|
1305 | $self->_error (Errno::EBADMSG); |
|
|
1306 | |
|
|
1307 | () |
1175 | } else { |
1308 | } else { |
1176 | $self->{rbuf} = ""; |
1309 | $self->{rbuf} = ""; |
|
|
1310 | |
1177 | () |
1311 | () |
1178 | } |
1312 | } |
1179 | } |
1313 | } |
1180 | }; |
1314 | }; |
1181 | |
1315 | |
… | |
… | |
1213 | # read remaining chunk |
1347 | # read remaining chunk |
1214 | $_[0]->unshift_read (chunk => $len, sub { |
1348 | $_[0]->unshift_read (chunk => $len, sub { |
1215 | if (my $ref = eval { Storable::thaw ($_[1]) }) { |
1349 | if (my $ref = eval { Storable::thaw ($_[1]) }) { |
1216 | $cb->($_[0], $ref); |
1350 | $cb->($_[0], $ref); |
1217 | } else { |
1351 | } else { |
1218 | $self->_error (&Errno::EBADMSG); |
1352 | $self->_error (Errno::EBADMSG); |
1219 | } |
1353 | } |
1220 | }); |
1354 | }); |
1221 | } |
1355 | } |
1222 | |
1356 | |
1223 | 1 |
1357 | 1 |
… | |
… | |
1302 | } |
1436 | } |
1303 | }); |
1437 | }); |
1304 | } |
1438 | } |
1305 | } |
1439 | } |
1306 | |
1440 | |
|
|
1441 | our $ERROR_SYSCALL; |
|
|
1442 | our $ERROR_WANT_READ; |
|
|
1443 | |
|
|
1444 | sub _tls_error { |
|
|
1445 | my ($self, $err) = @_; |
|
|
1446 | |
|
|
1447 | return $self->_error ($!, 1) |
|
|
1448 | if $err == Net::SSLeay::ERROR_SYSCALL (); |
|
|
1449 | |
|
|
1450 | my $err =Net::SSLeay::ERR_error_string (Net::SSLeay::ERR_get_error ()); |
|
|
1451 | |
|
|
1452 | # reduce error string to look less scary |
|
|
1453 | $err =~ s/^error:[0-9a-fA-F]{8}:[^:]+:([^:]+):/\L$1: /; |
|
|
1454 | |
|
|
1455 | if ($self->{_on_starttls}) { |
|
|
1456 | (delete $self->{_on_starttls})->($self, undef, $err); |
|
|
1457 | &_freetls; |
|
|
1458 | } else { |
|
|
1459 | &_freetls; |
|
|
1460 | $self->_error (Errno::EPROTO, 1, $err); |
|
|
1461 | } |
|
|
1462 | } |
|
|
1463 | |
1307 | # poll the write BIO and send the data if applicable |
1464 | # poll the write BIO and send the data if applicable |
|
|
1465 | # also decode read data if possible |
|
|
1466 | # this is basiclaly our TLS state machine |
|
|
1467 | # more efficient implementations are possible with openssl, |
|
|
1468 | # but not with the buggy and incomplete Net::SSLeay. |
1308 | sub _dotls { |
1469 | sub _dotls { |
1309 | my ($self) = @_; |
1470 | my ($self) = @_; |
1310 | |
1471 | |
1311 | my $tmp; |
1472 | my $tmp; |
1312 | |
1473 | |
1313 | if (length $self->{_tls_wbuf}) { |
1474 | if (length $self->{_tls_wbuf}) { |
1314 | while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1475 | while (($tmp = Net::SSLeay::write ($self->{tls}, $self->{_tls_wbuf})) > 0) { |
1315 | substr $self->{_tls_wbuf}, 0, $tmp, ""; |
1476 | substr $self->{_tls_wbuf}, 0, $tmp, ""; |
1316 | } |
1477 | } |
|
|
1478 | |
|
|
1479 | $tmp = Net::SSLeay::get_error ($self->{tls}, $tmp); |
|
|
1480 | return $self->_tls_error ($tmp) |
|
|
1481 | if $tmp != $ERROR_WANT_READ |
|
|
1482 | && ($tmp != $ERROR_SYSCALL || $!); |
1317 | } |
1483 | } |
1318 | |
1484 | |
1319 | while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { |
1485 | while (defined ($tmp = Net::SSLeay::read ($self->{tls}))) { |
1320 | unless (length $tmp) { |
1486 | unless (length $tmp) { |
1321 | # let's treat SSL-eof as we treat normal EOF |
1487 | $self->{_on_starttls} |
1322 | delete $self->{_rw}; |
1488 | and (delete $self->{_on_starttls})->($self, undef, "EOF during handshake"); # ??? |
1323 | $self->{_eof} = 1; |
|
|
1324 | &_freetls; |
1489 | &_freetls; |
|
|
1490 | |
|
|
1491 | if ($self->{on_stoptls}) { |
|
|
1492 | $self->{on_stoptls}($self); |
|
|
1493 | return; |
|
|
1494 | } else { |
|
|
1495 | # let's treat SSL-eof as we treat normal EOF |
|
|
1496 | delete $self->{_rw}; |
|
|
1497 | $self->{_eof} = 1; |
|
|
1498 | } |
1325 | } |
1499 | } |
1326 | |
1500 | |
1327 | $self->{rbuf} .= $tmp; |
1501 | $self->{_tls_rbuf} .= $tmp; |
1328 | $self->_drain_rbuf unless $self->{_in_drain}; |
1502 | $self->_drain_rbuf unless $self->{_in_drain}; |
1329 | $self->{tls} or return; # tls session might have gone away in callback |
1503 | $self->{tls} or return; # tls session might have gone away in callback |
1330 | } |
1504 | } |
1331 | |
1505 | |
1332 | $tmp = Net::SSLeay::get_error ($self->{tls}, -1); |
1506 | $tmp = Net::SSLeay::get_error ($self->{tls}, -1); |
1333 | |
|
|
1334 | if ($tmp != Net::SSLeay::ERROR_WANT_READ ()) { |
|
|
1335 | if ($tmp == Net::SSLeay::ERROR_SYSCALL ()) { |
|
|
1336 | return $self->_error ($!, 1); |
1507 | return $self->_tls_error ($tmp) |
1337 | } elsif ($tmp == Net::SSLeay::ERROR_SSL ()) { |
1508 | if $tmp != $ERROR_WANT_READ |
1338 | return $self->_error (&Errno::EIO, 1); |
1509 | && ($tmp != $ERROR_SYSCALL || $!); |
1339 | } |
|
|
1340 | |
|
|
1341 | # all other errors are fine for our purposes |
|
|
1342 | } |
|
|
1343 | |
1510 | |
1344 | while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
1511 | while (length ($tmp = Net::SSLeay::BIO_read ($self->{_wbio}))) { |
1345 | $self->{wbuf} .= $tmp; |
1512 | $self->{wbuf} .= $tmp; |
1346 | $self->_drain_wbuf; |
1513 | $self->_drain_wbuf; |
1347 | } |
1514 | } |
|
|
1515 | |
|
|
1516 | $self->{_on_starttls} |
|
|
1517 | and Net::SSLeay::state ($self->{tls}) == Net::SSLeay::ST_OK () |
|
|
1518 | and (delete $self->{_on_starttls})->($self, 1, "TLS/SSL connection established"); |
1348 | } |
1519 | } |
1349 | |
1520 | |
1350 | =item $handle->starttls ($tls[, $tls_ctx]) |
1521 | =item $handle->starttls ($tls[, $tls_ctx]) |
1351 | |
1522 | |
1352 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
1523 | Instead of starting TLS negotiation immediately when the AnyEvent::Handle |
… | |
… | |
1354 | C<starttls>. |
1525 | C<starttls>. |
1355 | |
1526 | |
1356 | The first argument is the same as the C<tls> constructor argument (either |
1527 | The first argument is the same as the C<tls> constructor argument (either |
1357 | C<"connect">, C<"accept"> or an existing Net::SSLeay object). |
1528 | C<"connect">, C<"accept"> or an existing Net::SSLeay object). |
1358 | |
1529 | |
1359 | The second argument is the optional C<Net::SSLeay::CTX> object that is |
1530 | The second argument is the optional C<AnyEvent::TLS> object that is used |
1360 | used when AnyEvent::Handle has to create its own TLS connection object. |
1531 | when AnyEvent::Handle has to create its own TLS connection object, or |
|
|
1532 | a hash reference with C<< key => value >> pairs that will be used to |
|
|
1533 | construct a new context. |
1361 | |
1534 | |
1362 | The TLS connection object will end up in C<< $handle->{tls} >> after this |
1535 | The TLS connection object will end up in C<< $handle->{tls} >>, the TLS |
1363 | call and can be used or changed to your liking. Note that the handshake |
1536 | context in C<< $handle->{tls_ctx} >> after this call and can be used or |
1364 | might have already started when this function returns. |
1537 | changed to your liking. Note that the handshake might have already started |
|
|
1538 | when this function returns. |
1365 | |
1539 | |
1366 | If it an error to start a TLS handshake more than once per |
1540 | If it an error to start a TLS handshake more than once per |
1367 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
1541 | AnyEvent::Handle object (this is due to bugs in OpenSSL). |
1368 | |
1542 | |
1369 | =cut |
1543 | =cut |
1370 | |
1544 | |
|
|
1545 | our %TLS_CACHE; #TODO not yet documented, should we? |
|
|
1546 | |
1371 | sub starttls { |
1547 | sub starttls { |
1372 | my ($self, $ssl, $ctx) = @_; |
1548 | my ($self, $ssl, $ctx) = @_; |
1373 | |
1549 | |
1374 | require Net::SSLeay; |
1550 | require Net::SSLeay; |
1375 | |
1551 | |
1376 | Carp::croak "it is an error to call starttls more than once on an Anyevent::Handle object" |
1552 | Carp::croak "it is an error to call starttls more than once on an AnyEvent::Handle object" |
1377 | if $self->{tls}; |
1553 | if $self->{tls}; |
|
|
1554 | |
|
|
1555 | $ERROR_SYSCALL = Net::SSLeay::ERROR_SYSCALL (); |
|
|
1556 | $ERROR_WANT_READ = Net::SSLeay::ERROR_WANT_READ (); |
|
|
1557 | |
|
|
1558 | $ctx ||= $self->{tls_ctx}; |
|
|
1559 | |
|
|
1560 | if ("HASH" eq ref $ctx) { |
|
|
1561 | require AnyEvent::TLS; |
|
|
1562 | |
|
|
1563 | local $Carp::CarpLevel = 1; # skip ourselves when creating a new context |
|
|
1564 | |
|
|
1565 | if ($ctx->{cache}) { |
|
|
1566 | my $key = $ctx+0; |
|
|
1567 | $ctx = $TLS_CACHE{$key} ||= new AnyEvent::TLS %$ctx; |
|
|
1568 | } else { |
|
|
1569 | $ctx = new AnyEvent::TLS %$ctx; |
|
|
1570 | } |
|
|
1571 | } |
1378 | |
1572 | |
1379 | if ($ssl eq "accept") { |
1573 | $self->{tls_ctx} = $ctx || TLS_CTX (); |
1380 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
1574 | $self->{tls} = $ssl = $self->{tls_ctx}->_get_session ($ssl, $self, $self->{peername}); |
1381 | Net::SSLeay::set_accept_state ($ssl); |
|
|
1382 | } elsif ($ssl eq "connect") { |
|
|
1383 | $ssl = Net::SSLeay::new ($ctx || TLS_CTX ()); |
|
|
1384 | Net::SSLeay::set_connect_state ($ssl); |
|
|
1385 | } |
|
|
1386 | |
|
|
1387 | $self->{tls} = $ssl; |
|
|
1388 | |
1575 | |
1389 | # basically, this is deep magic (because SSL_read should have the same issues) |
1576 | # basically, this is deep magic (because SSL_read should have the same issues) |
1390 | # but the openssl maintainers basically said: "trust us, it just works". |
1577 | # but the openssl maintainers basically said: "trust us, it just works". |
1391 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1578 | # (unfortunately, we have to hardcode constants because the abysmally misdesigned |
1392 | # and mismaintained ssleay-module doesn't even offer them). |
1579 | # and mismaintained ssleay-module doesn't even offer them). |
… | |
… | |
1396 | # |
1583 | # |
1397 | # note that we do not try to keep the length constant between writes as we are required to do. |
1584 | # note that we do not try to keep the length constant between writes as we are required to do. |
1398 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
1585 | # we assume that most (but not all) of this insanity only applies to non-blocking cases, |
1399 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
1586 | # and we drive openssl fully in blocking mode here. Or maybe we don't - openssl seems to |
1400 | # have identity issues in that area. |
1587 | # have identity issues in that area. |
1401 | Net::SSLeay::CTX_set_mode ($self->{tls}, |
1588 | # Net::SSLeay::CTX_set_mode ($ssl, |
1402 | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1589 | # (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ENABLE_PARTIAL_WRITE () } || 1) |
1403 | | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
1590 | # | (eval { local $SIG{__DIE__}; Net::SSLeay::MODE_ACCEPT_MOVING_WRITE_BUFFER () } || 2)); |
|
|
1591 | Net::SSLeay::CTX_set_mode ($ssl, 1|2); |
1404 | |
1592 | |
1405 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1593 | $self->{_rbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1406 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1594 | $self->{_wbio} = Net::SSLeay::BIO_new (Net::SSLeay::BIO_s_mem ()); |
1407 | |
1595 | |
1408 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
1596 | Net::SSLeay::set_bio ($ssl, $self->{_rbio}, $self->{_wbio}); |
|
|
1597 | |
|
|
1598 | $self->{_on_starttls} = sub { $_[0]{on_starttls}(@_) } |
|
|
1599 | if $self->{on_starttls}; |
1409 | |
1600 | |
1410 | &_dotls; # need to trigger the initial handshake |
1601 | &_dotls; # need to trigger the initial handshake |
1411 | $self->start_read; # make sure we actually do read |
1602 | $self->start_read; # make sure we actually do read |
1412 | } |
1603 | } |
1413 | |
1604 | |
… | |
… | |
1426 | if ($self->{tls}) { |
1617 | if ($self->{tls}) { |
1427 | Net::SSLeay::shutdown ($self->{tls}); |
1618 | Net::SSLeay::shutdown ($self->{tls}); |
1428 | |
1619 | |
1429 | &_dotls; |
1620 | &_dotls; |
1430 | |
1621 | |
1431 | # we don't give a shit. no, we do, but we can't. no... |
1622 | # # we don't give a shit. no, we do, but we can't. no...#d# |
1432 | # we, we... have to use openssl :/ |
1623 | # # we, we... have to use openssl :/#d# |
1433 | &_freetls; |
1624 | # &_freetls;#d# |
1434 | } |
1625 | } |
1435 | } |
1626 | } |
1436 | |
1627 | |
1437 | sub _freetls { |
1628 | sub _freetls { |
1438 | my ($self) = @_; |
1629 | my ($self) = @_; |
1439 | |
1630 | |
1440 | return unless $self->{tls}; |
1631 | return unless $self->{tls}; |
1441 | |
1632 | |
1442 | Net::SSLeay::free (delete $self->{tls}); |
1633 | $self->{tls_ctx}->_put_session (delete $self->{tls}); |
1443 | |
1634 | |
1444 | delete @$self{qw(_rbio _wbio _tls_wbuf)}; |
1635 | delete @$self{qw(_rbio _wbio _tls_wbuf _on_starttls)}; |
1445 | } |
1636 | } |
1446 | |
1637 | |
1447 | sub DESTROY { |
1638 | sub DESTROY { |
1448 | my $self = shift; |
1639 | my ($self) = @_; |
1449 | |
1640 | |
1450 | &_freetls; |
1641 | &_freetls; |
1451 | |
1642 | |
1452 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1643 | my $linger = exists $self->{linger} ? $self->{linger} : 3600; |
1453 | |
1644 | |
… | |
… | |
1472 | } |
1663 | } |
1473 | } |
1664 | } |
1474 | |
1665 | |
1475 | =item $handle->destroy |
1666 | =item $handle->destroy |
1476 | |
1667 | |
1477 | Shut's down the handle object as much as possible - this call ensures that |
1668 | Shuts down the handle object as much as possible - this call ensures that |
1478 | no further callbacks will be invoked and resources will be freed as much |
1669 | no further callbacks will be invoked and as many resources as possible |
1479 | as possible. You must not call any methods on the object afterwards. |
1670 | will be freed. You must not call any methods on the object afterwards. |
|
|
1671 | |
|
|
1672 | Normally, you can just "forget" any references to an AnyEvent::Handle |
|
|
1673 | object and it will simply shut down. This works in fatal error and EOF |
|
|
1674 | callbacks, as well as code outside. It does I<NOT> work in a read or write |
|
|
1675 | callback, so when you want to destroy the AnyEvent::Handle object from |
|
|
1676 | within such an callback. You I<MUST> call C<< ->destroy >> explicitly in |
|
|
1677 | that case. |
|
|
1678 | |
|
|
1679 | Destroying the handle object in this way has the advantage that callbacks |
|
|
1680 | will be removed as well, so if those are the only reference holders (as |
|
|
1681 | is common), then one doesn't need to do anything special to break any |
|
|
1682 | reference cycles. |
1480 | |
1683 | |
1481 | The handle might still linger in the background and write out remaining |
1684 | The handle might still linger in the background and write out remaining |
1482 | data, as specified by the C<linger> option, however. |
1685 | data, as specified by the C<linger> option, however. |
1483 | |
1686 | |
1484 | =cut |
1687 | =cut |
… | |
… | |
1490 | %$self = (); |
1693 | %$self = (); |
1491 | } |
1694 | } |
1492 | |
1695 | |
1493 | =item AnyEvent::Handle::TLS_CTX |
1696 | =item AnyEvent::Handle::TLS_CTX |
1494 | |
1697 | |
1495 | This function creates and returns the Net::SSLeay::CTX object used by |
1698 | This function creates and returns the AnyEvent::TLS object used by default |
1496 | default for TLS mode. |
1699 | for TLS mode. |
1497 | |
1700 | |
1498 | The context is created like this: |
1701 | The context is created by calling L<AnyEvent::TLS> without any arguments. |
1499 | |
|
|
1500 | Net::SSLeay::load_error_strings; |
|
|
1501 | Net::SSLeay::SSLeay_add_ssl_algorithms; |
|
|
1502 | Net::SSLeay::randomize; |
|
|
1503 | |
|
|
1504 | my $CTX = Net::SSLeay::CTX_new; |
|
|
1505 | |
|
|
1506 | Net::SSLeay::CTX_set_options $CTX, Net::SSLeay::OP_ALL |
|
|
1507 | |
1702 | |
1508 | =cut |
1703 | =cut |
1509 | |
1704 | |
1510 | our $TLS_CTX; |
1705 | our $TLS_CTX; |
1511 | |
1706 | |
1512 | sub TLS_CTX() { |
1707 | sub TLS_CTX() { |
1513 | $TLS_CTX || do { |
1708 | $TLS_CTX ||= do { |
1514 | require Net::SSLeay; |
1709 | require AnyEvent::TLS; |
1515 | |
1710 | |
1516 | Net::SSLeay::load_error_strings (); |
1711 | new AnyEvent::TLS |
1517 | Net::SSLeay::SSLeay_add_ssl_algorithms (); |
|
|
1518 | Net::SSLeay::randomize (); |
|
|
1519 | |
|
|
1520 | $TLS_CTX = Net::SSLeay::CTX_new (); |
|
|
1521 | |
|
|
1522 | Net::SSLeay::CTX_set_options ($TLS_CTX, Net::SSLeay::OP_ALL ()); |
|
|
1523 | |
|
|
1524 | $TLS_CTX |
|
|
1525 | } |
1712 | } |
1526 | } |
1713 | } |
1527 | |
1714 | |
1528 | =back |
1715 | =back |
1529 | |
1716 | |
1530 | |
1717 | |
1531 | =head1 NONFREQUENTLY ASKED QUESTIONS |
1718 | =head1 NONFREQUENTLY ASKED QUESTIONS |
1532 | |
1719 | |
1533 | =over 4 |
1720 | =over 4 |
|
|
1721 | |
|
|
1722 | =item I C<undef> the AnyEvent::Handle reference inside my callback and |
|
|
1723 | still get further invocations! |
|
|
1724 | |
|
|
1725 | That's because AnyEvent::Handle keeps a reference to itself when handling |
|
|
1726 | read or write callbacks. |
|
|
1727 | |
|
|
1728 | It is only safe to "forget" the reference inside EOF or error callbacks, |
|
|
1729 | from within all other callbacks, you need to explicitly call the C<< |
|
|
1730 | ->destroy >> method. |
|
|
1731 | |
|
|
1732 | =item I get different callback invocations in TLS mode/Why can't I pause |
|
|
1733 | reading? |
|
|
1734 | |
|
|
1735 | Unlike, say, TCP, TLS connections do not consist of two independent |
|
|
1736 | communication channels, one for each direction. Or put differently. The |
|
|
1737 | read and write directions are not independent of each other: you cannot |
|
|
1738 | write data unless you are also prepared to read, and vice versa. |
|
|
1739 | |
|
|
1740 | This can mean than, in TLS mode, you might get C<on_error> or C<on_eof> |
|
|
1741 | callback invocations when you are not expecting any read data - the reason |
|
|
1742 | is that AnyEvent::Handle always reads in TLS mode. |
|
|
1743 | |
|
|
1744 | During the connection, you have to make sure that you always have a |
|
|
1745 | non-empty read-queue, or an C<on_read> watcher. At the end of the |
|
|
1746 | connection (or when you no longer want to use it) you can call the |
|
|
1747 | C<destroy> method. |
1534 | |
1748 | |
1535 | =item How do I read data until the other side closes the connection? |
1749 | =item How do I read data until the other side closes the connection? |
1536 | |
1750 | |
1537 | If you just want to read your data into a perl scalar, the easiest way |
1751 | If you just want to read your data into a perl scalar, the easiest way |
1538 | to achieve this is by setting an C<on_read> callback that does nothing, |
1752 | to achieve this is by setting an C<on_read> callback that does nothing, |
… | |
… | |
1541 | |
1755 | |
1542 | $handle->on_read (sub { }); |
1756 | $handle->on_read (sub { }); |
1543 | $handle->on_eof (undef); |
1757 | $handle->on_eof (undef); |
1544 | $handle->on_error (sub { |
1758 | $handle->on_error (sub { |
1545 | my $data = delete $_[0]{rbuf}; |
1759 | my $data = delete $_[0]{rbuf}; |
1546 | undef $handle; |
|
|
1547 | }); |
1760 | }); |
1548 | |
1761 | |
1549 | The reason to use C<on_error> is that TCP connections, due to latencies |
1762 | The reason to use C<on_error> is that TCP connections, due to latencies |
1550 | and packets loss, might get closed quite violently with an error, when in |
1763 | and packets loss, might get closed quite violently with an error, when in |
1551 | fact, all data has been received. |
1764 | fact, all data has been received. |
1552 | |
1765 | |
1553 | It is usually better to use acknowledgements when transfering data, |
1766 | It is usually better to use acknowledgements when transferring data, |
1554 | to make sure the other side hasn't just died and you got the data |
1767 | to make sure the other side hasn't just died and you got the data |
1555 | intact. This is also one reason why so many internet protocols have an |
1768 | intact. This is also one reason why so many internet protocols have an |
1556 | explicit QUIT command. |
1769 | explicit QUIT command. |
1557 | |
|
|
1558 | |
1770 | |
1559 | =item I don't want to destroy the handle too early - how do I wait until |
1771 | =item I don't want to destroy the handle too early - how do I wait until |
1560 | all data has been written? |
1772 | all data has been written? |
1561 | |
1773 | |
1562 | After writing your last bits of data, set the C<on_drain> callback |
1774 | After writing your last bits of data, set the C<on_drain> callback |
… | |
… | |
1568 | $handle->on_drain (sub { |
1780 | $handle->on_drain (sub { |
1569 | warn "all data submitted to the kernel\n"; |
1781 | warn "all data submitted to the kernel\n"; |
1570 | undef $handle; |
1782 | undef $handle; |
1571 | }); |
1783 | }); |
1572 | |
1784 | |
1573 | =item I get different callback invocations in TLS mode/Why can't I pause |
1785 | If you just want to queue some data and then signal EOF to the other side, |
1574 | reading? |
1786 | consider using C<< ->push_shutdown >> instead. |
1575 | |
1787 | |
1576 | Unlike, say, TCP, TLS conenctions do not consist of two independent |
1788 | =item I want to contact a TLS/SSL server, I don't care about security. |
1577 | communication channels, one for each direction. Or put differently. the |
|
|
1578 | read and write directions are not independent of each other: you cannot |
|
|
1579 | write data unless you are also prepared to read, and vice versa. |
|
|
1580 | |
1789 | |
1581 | This can mean than, in TLS mode, you might get C<on_error> or C<on_eof> |
1790 | If your TLS server is a pure TLS server (e.g. HTTPS) that only speaks TLS, |
1582 | callback invocations when you are not expecting any read data - the reason |
1791 | simply connect to it and then create the AnyEvent::Handle with the C<tls> |
1583 | is that AnyEvent::Handle always reads in TLS mode. |
1792 | parameter: |
1584 | |
1793 | |
1585 | During the connection, you have to make sure that you always have a |
1794 | tcp_connect $host, $port, sub { |
1586 | non-empty read-queue, or an C<on_read> watcher. At the end of the |
1795 | my ($fh) = @_; |
1587 | connection (or when you no longer want to use it) you can call the |
1796 | |
1588 | C<destroy> method. |
1797 | my $handle = new AnyEvent::Handle |
|
|
1798 | fh => $fh, |
|
|
1799 | tls => "connect", |
|
|
1800 | on_error => sub { ... }; |
|
|
1801 | |
|
|
1802 | $handle->push_write (...); |
|
|
1803 | }; |
|
|
1804 | |
|
|
1805 | =item I want to contact a TLS/SSL server, I do care about security. |
|
|
1806 | |
|
|
1807 | Then you should additionally enable certificate verification, including |
|
|
1808 | peername verification, if the protocol you use supports it (see |
|
|
1809 | L<AnyEvent::TLS>, C<verify_peername>). |
|
|
1810 | |
|
|
1811 | E.g. for HTTPS: |
|
|
1812 | |
|
|
1813 | tcp_connect $host, $port, sub { |
|
|
1814 | my ($fh) = @_; |
|
|
1815 | |
|
|
1816 | my $handle = new AnyEvent::Handle |
|
|
1817 | fh => $fh, |
|
|
1818 | peername => $host, |
|
|
1819 | tls => "connect", |
|
|
1820 | tls_ctx => { verify => 1, verify_peername => "https" }, |
|
|
1821 | ... |
|
|
1822 | |
|
|
1823 | Note that you must specify the hostname you connected to (or whatever |
|
|
1824 | "peername" the protocol needs) as the C<peername> argument, otherwise no |
|
|
1825 | peername verification will be done. |
|
|
1826 | |
|
|
1827 | The above will use the system-dependent default set of trusted CA |
|
|
1828 | certificates. If you want to check against a specific CA, add the |
|
|
1829 | C<ca_file> (or C<ca_cert>) arguments to C<tls_ctx>: |
|
|
1830 | |
|
|
1831 | tls_ctx => { |
|
|
1832 | verify => 1, |
|
|
1833 | verify_peername => "https", |
|
|
1834 | ca_file => "my-ca-cert.pem", |
|
|
1835 | }, |
|
|
1836 | |
|
|
1837 | =item I want to create a TLS/SSL server, how do I do that? |
|
|
1838 | |
|
|
1839 | Well, you first need to get a server certificate and key. You have |
|
|
1840 | three options: a) ask a CA (buy one, use cacert.org etc.) b) create a |
|
|
1841 | self-signed certificate (cheap. check the search engine of your choice, |
|
|
1842 | there are many tutorials on the net) or c) make your own CA (tinyca2 is a |
|
|
1843 | nice program for that purpose). |
|
|
1844 | |
|
|
1845 | Then create a file with your private key (in PEM format, see |
|
|
1846 | L<AnyEvent::TLS>), followed by the certificate (also in PEM format). The |
|
|
1847 | file should then look like this: |
|
|
1848 | |
|
|
1849 | -----BEGIN RSA PRIVATE KEY----- |
|
|
1850 | ...header data |
|
|
1851 | ... lots of base64'y-stuff |
|
|
1852 | -----END RSA PRIVATE KEY----- |
|
|
1853 | |
|
|
1854 | -----BEGIN CERTIFICATE----- |
|
|
1855 | ... lots of base64'y-stuff |
|
|
1856 | -----END CERTIFICATE----- |
|
|
1857 | |
|
|
1858 | The important bits are the "PRIVATE KEY" and "CERTIFICATE" parts. Then |
|
|
1859 | specify this file as C<cert_file>: |
|
|
1860 | |
|
|
1861 | tcp_server undef, $port, sub { |
|
|
1862 | my ($fh) = @_; |
|
|
1863 | |
|
|
1864 | my $handle = new AnyEvent::Handle |
|
|
1865 | fh => $fh, |
|
|
1866 | tls => "accept", |
|
|
1867 | tls_ctx => { cert_file => "my-server-keycert.pem" }, |
|
|
1868 | ... |
|
|
1869 | |
|
|
1870 | When you have intermediate CA certificates that your clients might not |
|
|
1871 | know about, just append them to the C<cert_file>. |
1589 | |
1872 | |
1590 | =back |
1873 | =back |
1591 | |
1874 | |
1592 | |
1875 | |
1593 | =head1 SUBCLASSING AnyEvent::Handle |
1876 | =head1 SUBCLASSING AnyEvent::Handle |