prosody
d6afb6d919df
net/server_select.lua
Software / code / prosody
Comparison
net/server_select.lua @ 2582:d6afb6d919df
net.server_select: Only allow starttls if luasec is available (thanks Nolan)
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 10 Feb 2010 19:17:45 +0000 |
| parent | 2581:1b9f424e695e |
| child | 2597:40a174e8cdf6 |
comparison
equal
deleted
inserted
replaced
| 2581:1b9f424e695e | 2582:d6afb6d919df |
|---|---|
| 530 _ = handler and handler:close( true ) -- forced disconnect | 530 _ = handler and handler:close( true ) -- forced disconnect |
| 531 return false -- handshake failed | 531 return false -- handshake failed |
| 532 end | 532 end |
| 533 ) | 533 ) |
| 534 end | 534 end |
| 535 if sslctx then -- ssl? | 535 if luasec then |
| 536 handler:set_sslctx(sslctx); | 536 if sslctx then -- ssl? |
| 537 out_put("server.lua: ", "starting ssl handshake") | 537 handler:set_sslctx(sslctx); |
| 538 local err | 538 out_put("server.lua: ", "starting ssl handshake") |
| 539 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket | 539 local err |
| 540 if err then | |
| 541 out_put( "server.lua: ssl error: ", tostring(err) ) | |
| 542 --mem_free( ) | |
| 543 return nil, nil, err -- fatal error | |
| 544 end | |
| 545 socket:settimeout( 0 ) | |
| 546 handler.readbuffer = handshake | |
| 547 handler.sendbuffer = handshake | |
| 548 handshake( socket ) -- do handshake | |
| 549 if not socket then | |
| 550 return nil, nil, "ssl handshake failed"; | |
| 551 end | |
| 552 else | |
| 553 local sslctx; | |
| 554 handler.starttls = function( self, _sslctx, now ) | |
| 555 if _sslctx then | |
| 556 sslctx = _sslctx; | |
| 557 handler:set_sslctx(sslctx); | |
| 558 end | |
| 559 if not now then | |
| 560 out_put "server.lua: we need to do tls, but delaying until later" | |
| 561 needtls = true | |
| 562 return | |
| 563 end | |
| 564 out_put( "server.lua: attempting to start tls on " .. tostring( socket ) ) | |
| 565 local oldsocket, err = socket | |
| 566 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket | 540 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket |
| 567 --out_put( "server.lua: sslwrapped socket is " .. tostring( socket ) ) | |
| 568 if err then | 541 if err then |
| 569 out_put( "server.lua: error while starting tls on client: ", tostring(err) ) | 542 out_put( "server.lua: ssl error: ", tostring(err) ) |
| 570 return nil, err -- fatal error | 543 --mem_free( ) |
| 571 end | 544 return nil, nil, err -- fatal error |
| 572 | 545 end |
| 573 socket:settimeout( 0 ) | 546 socket:settimeout( 0 ) |
| 574 | |
| 575 -- add the new socket to our system | |
| 576 | |
| 577 send = socket.send | |
| 578 receive = socket.receive | |
| 579 shutdown = id | |
| 580 | |
| 581 _socketlist[ socket ] = handler | |
| 582 _readlistlen = addsocket(_readlist, socket, _readlistlen) | |
| 583 | |
| 584 -- remove traces of the old socket | |
| 585 | |
| 586 _readlistlen = removesocket( _readlist, oldsocket, _readlistlen ) | |
| 587 _sendlistlen = removesocket( _sendlist, oldsocket, _sendlistlen ) | |
| 588 _socketlist[ oldsocket ] = nil | |
| 589 | |
| 590 handler.starttls = nil | |
| 591 needtls = nil | |
| 592 | |
| 593 -- Secure now | |
| 594 ssl = true | |
| 595 | |
| 596 handler.readbuffer = handshake | 547 handler.readbuffer = handshake |
| 597 handler.sendbuffer = handshake | 548 handler.sendbuffer = handshake |
| 598 handshake( socket ) -- do handshake | 549 handshake( socket ) -- do handshake |
| 599 end | 550 if not socket then |
| 600 handler.readbuffer = _readbuffer | 551 return nil, nil, "ssl handshake failed"; |
| 601 handler.sendbuffer = _sendbuffer | 552 end |
| 553 else | |
| 554 local sslctx; | |
| 555 handler.starttls = function( self, _sslctx, now ) | |
| 556 if _sslctx then | |
| 557 sslctx = _sslctx; | |
| 558 handler:set_sslctx(sslctx); | |
| 559 end | |
| 560 if not now then | |
| 561 out_put "server.lua: we need to do tls, but delaying until later" | |
| 562 needtls = true | |
| 563 return | |
| 564 end | |
| 565 out_put( "server.lua: attempting to start tls on " .. tostring( socket ) ) | |
| 566 local oldsocket, err = socket | |
| 567 socket, err = ssl_wrap( socket, sslctx ) -- wrap socket | |
| 568 --out_put( "server.lua: sslwrapped socket is " .. tostring( socket ) ) | |
| 569 if err then | |
| 570 out_put( "server.lua: error while starting tls on client: ", tostring(err) ) | |
| 571 return nil, err -- fatal error | |
| 572 end | |
| 573 | |
| 574 socket:settimeout( 0 ) | |
| 575 | |
| 576 -- add the new socket to our system | |
| 577 | |
| 578 send = socket.send | |
| 579 receive = socket.receive | |
| 580 shutdown = id | |
| 581 | |
| 582 _socketlist[ socket ] = handler | |
| 583 _readlistlen = addsocket(_readlist, socket, _readlistlen) | |
| 584 | |
| 585 -- remove traces of the old socket | |
| 586 | |
| 587 _readlistlen = removesocket( _readlist, oldsocket, _readlistlen ) | |
| 588 _sendlistlen = removesocket( _sendlist, oldsocket, _sendlistlen ) | |
| 589 _socketlist[ oldsocket ] = nil | |
| 590 | |
| 591 handler.starttls = nil | |
| 592 needtls = nil | |
| 593 | |
| 594 -- Secure now | |
| 595 ssl = true | |
| 596 | |
| 597 handler.readbuffer = handshake | |
| 598 handler.sendbuffer = handshake | |
| 599 handshake( socket ) -- do handshake | |
| 600 end | |
| 601 handler.readbuffer = _readbuffer | |
| 602 handler.sendbuffer = _sendbuffer | |
| 603 end | |
| 602 end | 604 end |
| 603 | 605 |
| 604 send = socket.send | 606 send = socket.send |
| 605 receive = socket.receive | 607 receive = socket.receive |
| 606 shutdown = ( ssl and id ) or socket.shutdown | 608 shutdown = ( ssl and id ) or socket.shutdown |
