prosody
16fd8061964e
net/server_select.lua
Software / code / prosody
Comparison
net/server_select.lua @ 4349:16fd8061964e
net.server_select: Merge straight-SSL and starttls code paths, also fixes onconnect being called before handshake completion for straight-SSL
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 20 Aug 2011 15:06:14 -0400 |
| parent | 4348:5b240c6b5334 |
| child | 4353:f600591c87fa |
comparison
equal
deleted
inserted
replaced
| 4348:5b240c6b5334 | 4349:16fd8061964e |
|---|---|
| 523 if not err then | 523 if not err then |
| 524 out_put( "server.lua: ssl handshake done" ) | 524 out_put( "server.lua: ssl handshake done" ) |
| 525 handler.readbuffer = _readbuffer -- when handshake is done, replace the handshake function with regular functions | 525 handler.readbuffer = _readbuffer -- when handshake is done, replace the handshake function with regular functions |
| 526 handler.sendbuffer = _sendbuffer | 526 handler.sendbuffer = _sendbuffer |
| 527 _ = status and status( handler, "ssl-handshake-complete" ) | 527 _ = status and status( handler, "ssl-handshake-complete" ) |
| 528 if self.autostart_ssl and listeners.onconnect then | |
| 529 listeners.onconnect(self); | |
| 530 end | |
| 528 _readlistlen = addsocket(_readlist, client, _readlistlen) | 531 _readlistlen = addsocket(_readlist, client, _readlistlen) |
| 529 return true | 532 return true |
| 530 else | 533 else |
| 531 if err == "wantwrite" then | 534 if err == "wantwrite" then |
| 532 _sendlistlen = addsocket(_sendlist, client, _sendlistlen) | 535 _sendlistlen = addsocket(_sendlist, client, _sendlistlen) |
| 547 return false -- handshake failed | 550 return false -- handshake failed |
| 548 end | 551 end |
| 549 ) | 552 ) |
| 550 end | 553 end |
| 551 if luasec then | 554 if luasec then |
| 552 if sslctx then -- ssl? | 555 handler.starttls = function( self, _sslctx) |
| 553 handler:set_sslctx(sslctx); | 556 if _sslctx then |
| 554 out_put("server.lua: ", "starting ssl handshake") | 557 handler:set_sslctx(_sslctx); |
| 555 local err | 558 end |
| 559 if bufferqueuelen > 0 then | |
| 560 out_put "server.lua: we need to do tls, but delaying until send buffer empty" | |
| 561 needtls = true | |
| 562 return | |
| 563 end | |
| 564 out_put( "server.lua: attempting to start tls on " .. tostring( socket ) ) | |
| 565 local oldsocket, err = socket | |
| 556 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket | 566 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket |
| 557 if err then | 567 if not socket then |
| 558 out_put( "server.lua: ssl error: ", tostring(err) ) | 568 out_put( "server.lua: error while starting tls on client: ", tostring(err or "unknown error") ) |
| 559 --mem_free( ) | 569 return nil, err -- fatal error |
| 560 return nil, nil, err -- fatal error | 570 end |
| 561 end | 571 |
| 562 socket:settimeout( 0 ) | 572 socket:settimeout( 0 ) |
| 573 | |
| 574 -- add the new socket to our system | |
| 575 send = socket.send | |
| 576 receive = socket.receive | |
| 577 shutdown = id | |
| 578 _socketlist[ socket ] = handler | |
| 579 _readlistlen = addsocket(_readlist, socket, _readlistlen) | |
| 580 | |
| 581 -- remove traces of the old socket | |
| 582 _readlistlen = removesocket( _readlist, oldsocket, _readlistlen ) | |
| 583 _sendlistlen = removesocket( _sendlist, oldsocket, _sendlistlen ) | |
| 584 _socketlist[ oldsocket ] = nil | |
| 585 | |
| 586 handler.starttls = nil | |
| 587 needtls = nil | |
| 588 | |
| 589 -- Secure now (if handshake fails connection will close) | |
| 590 ssl = true | |
| 591 | |
| 563 handler.readbuffer = handshake | 592 handler.readbuffer = handshake |
| 564 handler.sendbuffer = handshake | 593 handler.sendbuffer = handshake |
| 565 handshake( socket ) -- do handshake | 594 handshake( socket ) -- do handshake |
| 566 if not socket then | 595 end |
| 567 return nil, nil, "ssl handshake failed"; | 596 handler.readbuffer = _readbuffer |
| 568 end | 597 handler.sendbuffer = _sendbuffer |
| 569 else | 598 |
| 570 local sslctx; | 599 if sslctx then |
| 571 handler.starttls = function( self, _sslctx) | 600 out_put "server.lua: auto-starting ssl negotiation..." |
| 572 if _sslctx then | 601 handler.autostart_ssl = true; |
| 573 sslctx = _sslctx; | 602 handler:starttls(sslctx); |
| 574 handler:set_sslctx(sslctx); | 603 end |
| 575 end | 604 |
| 576 if bufferqueuelen > 0 then | |
| 577 out_put "server.lua: we need to do tls, but delaying until send buffer empty" | |
| 578 needtls = true | |
| 579 return | |
| 580 end | |
| 581 out_put( "server.lua: attempting to start tls on " .. tostring( socket ) ) | |
| 582 local oldsocket, err = socket | |
| 583 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket | |
| 584 --out_put( "server.lua: sslwrapped socket is " .. tostring( socket ) ) | |
| 585 if err then | |
| 586 out_put( "server.lua: error while starting tls on client: ", tostring(err) ) | |
| 587 return nil, err -- fatal error | |
| 588 end | |
| 589 | |
| 590 socket:settimeout( 0 ) | |
| 591 | |
| 592 -- add the new socket to our system | |
| 593 | |
| 594 send = socket.send | |
| 595 receive = socket.receive | |
| 596 shutdown = id | |
| 597 | |
| 598 _socketlist[ socket ] = handler | |
| 599 _readlistlen = addsocket(_readlist, socket, _readlistlen) | |
| 600 | |
| 601 -- remove traces of the old socket | |
| 602 | |
| 603 _readlistlen = removesocket( _readlist, oldsocket, _readlistlen ) | |
| 604 _sendlistlen = removesocket( _sendlist, oldsocket, _sendlistlen ) | |
| 605 _socketlist[ oldsocket ] = nil | |
| 606 | |
| 607 handler.starttls = nil | |
| 608 needtls = nil | |
| 609 | |
| 610 -- Secure now | |
| 611 ssl = true | |
| 612 | |
| 613 handler.readbuffer = handshake | |
| 614 handler.sendbuffer = handshake | |
| 615 handshake( socket ) -- do handshake | |
| 616 end | |
| 617 handler.readbuffer = _readbuffer | |
| 618 handler.sendbuffer = _sendbuffer | |
| 619 end | |
| 620 else | 605 else |
| 621 handler.readbuffer = _readbuffer | 606 handler.readbuffer = _readbuffer |
| 622 handler.sendbuffer = _sendbuffer | 607 handler.sendbuffer = _sendbuffer |
| 623 end | 608 end |
| 624 send = socket.send | 609 send = socket.send |
| 855 --// EXPERIMENTAL //-- | 840 --// EXPERIMENTAL //-- |
| 856 | 841 |
| 857 local wrapclient = function( socket, ip, serverport, listeners, pattern, sslctx ) | 842 local wrapclient = function( socket, ip, serverport, listeners, pattern, sslctx ) |
| 858 local handler = wrapconnection( nil, listeners, socket, ip, serverport, "clientport", pattern, sslctx ) | 843 local handler = wrapconnection( nil, listeners, socket, ip, serverport, "clientport", pattern, sslctx ) |
| 859 _socketlist[ socket ] = handler | 844 _socketlist[ socket ] = handler |
| 860 _sendlistlen = addsocket(_sendlist, socket, _sendlistlen) | 845 if not sslctx then |
| 861 if listeners.onconnect then | 846 _sendlistlen = addsocket(_sendlist, socket, _sendlistlen) |
| 862 -- When socket is writeable, call onconnect | 847 if listeners.onconnect then |
| 863 local _sendbuffer = handler.sendbuffer; | 848 -- When socket is writeable, call onconnect |
| 864 handler.sendbuffer = function () | 849 local _sendbuffer = handler.sendbuffer; |
| 865 handler.sendbuffer = _sendbuffer; | 850 handler.sendbuffer = function () |
| 866 listeners.onconnect(handler); | 851 handler.sendbuffer = _sendbuffer; |
| 867 -- If there was data with the incoming packet, handle it now. | 852 listeners.onconnect(handler); |
| 868 if #handler:bufferqueue() > 0 then | 853 -- If there was data with the incoming packet, handle it now. |
| 869 return _sendbuffer(); | 854 if #handler:bufferqueue() > 0 then |
| 855 return _sendbuffer(); | |
| 856 end | |
| 857 _sendlistlen = removesocket( _sendlist, socket, _sendlistlen ) | |
| 870 end | 858 end |
| 871 end | 859 end |
| 872 end | 860 end |
| 873 return handler, socket | 861 return handler, socket |
| 874 end | 862 end |
