eventmachine-eventmachine 0.12.3
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +169 -0
- data/docs/COPYING +60 -0
- data/docs/ChangeLog +183 -0
- data/docs/DEFERRABLES +138 -0
- data/docs/EPOLL +141 -0
- data/docs/GNU +281 -0
- data/docs/INSTALL +15 -0
- data/docs/KEYBOARD +38 -0
- data/docs/LEGAL +25 -0
- data/docs/LIGHTWEIGHT_CONCURRENCY +72 -0
- data/docs/PURE_RUBY +77 -0
- data/docs/README +74 -0
- data/docs/RELEASE_NOTES +96 -0
- data/docs/SMTP +9 -0
- data/docs/SPAWNED_PROCESSES +93 -0
- data/docs/TODO +10 -0
- data/ext/binder.cpp +126 -0
- data/ext/binder.h +48 -0
- data/ext/cmain.cpp +530 -0
- data/ext/cplusplus.cpp +172 -0
- data/ext/ed.cpp +1473 -0
- data/ext/ed.h +361 -0
- data/ext/em.cpp +1895 -0
- data/ext/em.h +170 -0
- data/ext/emwin.cpp +300 -0
- data/ext/emwin.h +94 -0
- data/ext/epoll.cpp +26 -0
- data/ext/epoll.h +25 -0
- data/ext/eventmachine.h +90 -0
- data/ext/eventmachine_cpp.h +94 -0
- data/ext/extconf.rb +150 -0
- data/ext/files.cpp +94 -0
- data/ext/files.h +65 -0
- data/ext/kb.cpp +368 -0
- data/ext/page.cpp +107 -0
- data/ext/page.h +51 -0
- data/ext/pipe.cpp +327 -0
- data/ext/project.h +119 -0
- data/ext/rubymain.cpp +683 -0
- data/ext/sigs.cpp +89 -0
- data/ext/sigs.h +32 -0
- data/ext/ssl.cpp +408 -0
- data/ext/ssl.h +86 -0
- data/java/src/com/rubyeventmachine/Application.java +196 -0
- data/java/src/com/rubyeventmachine/Connection.java +74 -0
- data/java/src/com/rubyeventmachine/ConnectionFactory.java +37 -0
- data/java/src/com/rubyeventmachine/DefaultConnectionFactory.java +46 -0
- data/java/src/com/rubyeventmachine/EmReactor.java +408 -0
- data/java/src/com/rubyeventmachine/EmReactorException.java +40 -0
- data/java/src/com/rubyeventmachine/EventableChannel.java +57 -0
- data/java/src/com/rubyeventmachine/EventableDatagramChannel.java +171 -0
- data/java/src/com/rubyeventmachine/EventableSocketChannel.java +244 -0
- data/java/src/com/rubyeventmachine/PeriodicTimer.java +38 -0
- data/java/src/com/rubyeventmachine/Timer.java +54 -0
- data/java/src/com/rubyeventmachine/tests/ApplicationTest.java +108 -0
- data/java/src/com/rubyeventmachine/tests/ConnectTest.java +124 -0
- data/java/src/com/rubyeventmachine/tests/EMTest.java +80 -0
- data/java/src/com/rubyeventmachine/tests/TestDatagrams.java +53 -0
- data/java/src/com/rubyeventmachine/tests/TestServers.java +74 -0
- data/java/src/com/rubyeventmachine/tests/TestTimers.java +89 -0
- data/lib/em/deferrable.rb +208 -0
- data/lib/em/eventable.rb +39 -0
- data/lib/em/future.rb +62 -0
- data/lib/em/messages.rb +66 -0
- data/lib/em/processes.rb +68 -0
- data/lib/em/spawnable.rb +88 -0
- data/lib/em/streamer.rb +112 -0
- data/lib/eventmachine.rb +1763 -0
- data/lib/eventmachine_version.rb +31 -0
- data/lib/evma.rb +32 -0
- data/lib/evma/callback.rb +32 -0
- data/lib/evma/container.rb +75 -0
- data/lib/evma/factory.rb +77 -0
- data/lib/evma/protocol.rb +87 -0
- data/lib/evma/reactor.rb +48 -0
- data/lib/jeventmachine.rb +137 -0
- data/lib/pr_eventmachine.rb +1011 -0
- data/lib/protocols/buftok.rb +127 -0
- data/lib/protocols/header_and_content.rb +129 -0
- data/lib/protocols/httpcli2.rb +794 -0
- data/lib/protocols/httpclient.rb +270 -0
- data/lib/protocols/line_and_text.rb +122 -0
- data/lib/protocols/linetext2.rb +163 -0
- data/lib/protocols/postgres.rb +261 -0
- data/lib/protocols/saslauth.rb +179 -0
- data/lib/protocols/smtpclient.rb +308 -0
- data/lib/protocols/smtpserver.rb +556 -0
- data/lib/protocols/stomp.rb +130 -0
- data/lib/protocols/tcptest.rb +57 -0
- data/tasks/cpp.rake +77 -0
- data/tasks/project.rake +78 -0
- data/tasks/tests.rake +192 -0
- data/tests/test_attach.rb +66 -0
- data/tests/test_basic.rb +231 -0
- data/tests/test_defer.rb +47 -0
- data/tests/test_epoll.rb +161 -0
- data/tests/test_errors.rb +82 -0
- data/tests/test_eventables.rb +78 -0
- data/tests/test_exc.rb +58 -0
- data/tests/test_futures.rb +214 -0
- data/tests/test_hc.rb +218 -0
- data/tests/test_httpclient.rb +215 -0
- data/tests/test_httpclient2.rb +133 -0
- data/tests/test_kb.rb +61 -0
- data/tests/test_ltp.rb +192 -0
- data/tests/test_ltp2.rb +320 -0
- data/tests/test_next_tick.rb +102 -0
- data/tests/test_processes.rb +56 -0
- data/tests/test_pure.rb +129 -0
- data/tests/test_running.rb +47 -0
- data/tests/test_sasl.rb +74 -0
- data/tests/test_send_file.rb +245 -0
- data/tests/test_servers.rb +80 -0
- data/tests/test_smtpclient.rb +81 -0
- data/tests/test_smtpserver.rb +93 -0
- data/tests/test_spawn.rb +329 -0
- data/tests/test_ssl_args.rb +68 -0
- data/tests/test_timers.rb +146 -0
- data/tests/test_ud.rb +43 -0
- data/tests/testem.rb +31 -0
- metadata +197 -0
data/ext/sigs.cpp
ADDED
@@ -0,0 +1,89 @@
|
|
1
|
+
/*****************************************************************************
|
2
|
+
|
3
|
+
$Id$
|
4
|
+
|
5
|
+
File: sigs.cpp
|
6
|
+
Date: 06Apr06
|
7
|
+
|
8
|
+
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
+
Gmail: blackhedd
|
10
|
+
|
11
|
+
This program is free software; you can redistribute it and/or modify
|
12
|
+
it under the terms of either: 1) the GNU General Public License
|
13
|
+
as published by the Free Software Foundation; either version 2 of the
|
14
|
+
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
+
|
16
|
+
See the file COPYING for complete licensing information.
|
17
|
+
|
18
|
+
*****************************************************************************/
|
19
|
+
|
20
|
+
#include "project.h"
|
21
|
+
|
22
|
+
|
23
|
+
bool gTerminateSignalReceived;
|
24
|
+
|
25
|
+
|
26
|
+
/**************
|
27
|
+
SigtermHandler
|
28
|
+
**************/
|
29
|
+
|
30
|
+
void SigtermHandler (int sig)
|
31
|
+
{
|
32
|
+
// This is a signal-handler, don't do anything frisky. Interrupts are disabled.
|
33
|
+
// Set the terminate flag WITHOUT trying to lock a mutex- otherwise we can easily
|
34
|
+
// self-deadlock, especially if the event machine is looping quickly.
|
35
|
+
gTerminateSignalReceived = true;
|
36
|
+
}
|
37
|
+
|
38
|
+
|
39
|
+
/*********************
|
40
|
+
InstallSignalHandlers
|
41
|
+
*********************/
|
42
|
+
|
43
|
+
void InstallSignalHandlers()
|
44
|
+
{
|
45
|
+
#ifdef OS_UNIX
|
46
|
+
static bool bInstalled = false;
|
47
|
+
if (!bInstalled) {
|
48
|
+
bInstalled = true;
|
49
|
+
signal (SIGINT, SigtermHandler);
|
50
|
+
signal (SIGTERM, SigtermHandler);
|
51
|
+
signal (SIGPIPE, SIG_IGN);
|
52
|
+
}
|
53
|
+
#endif
|
54
|
+
}
|
55
|
+
|
56
|
+
|
57
|
+
|
58
|
+
/*******************
|
59
|
+
WintelSignalHandler
|
60
|
+
*******************/
|
61
|
+
|
62
|
+
#ifdef OS_WIN32
|
63
|
+
BOOL WINAPI WintelSignalHandler (DWORD control)
|
64
|
+
{
|
65
|
+
if (control == CTRL_C_EVENT)
|
66
|
+
gTerminateSignalReceived = true;
|
67
|
+
return TRUE;
|
68
|
+
}
|
69
|
+
#endif
|
70
|
+
|
71
|
+
/************
|
72
|
+
HookControlC
|
73
|
+
************/
|
74
|
+
|
75
|
+
#ifdef OS_WIN32
|
76
|
+
void HookControlC (bool hook)
|
77
|
+
{
|
78
|
+
if (hook) {
|
79
|
+
// INSTALL hook
|
80
|
+
SetConsoleCtrlHandler (WintelSignalHandler, TRUE);
|
81
|
+
}
|
82
|
+
else {
|
83
|
+
// UNINSTALL hook
|
84
|
+
SetConsoleCtrlHandler (WintelSignalHandler, FALSE);
|
85
|
+
}
|
86
|
+
}
|
87
|
+
#endif
|
88
|
+
|
89
|
+
|
data/ext/sigs.h
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
/*****************************************************************************
|
2
|
+
|
3
|
+
$Id$
|
4
|
+
|
5
|
+
File: sigs.h
|
6
|
+
Date: 06Apr06
|
7
|
+
|
8
|
+
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
+
Gmail: blackhedd
|
10
|
+
|
11
|
+
This program is free software; you can redistribute it and/or modify
|
12
|
+
it under the terms of either: 1) the GNU General Public License
|
13
|
+
as published by the Free Software Foundation; either version 2 of the
|
14
|
+
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
+
|
16
|
+
See the file COPYING for complete licensing information.
|
17
|
+
|
18
|
+
*****************************************************************************/
|
19
|
+
|
20
|
+
|
21
|
+
#ifndef __Signals__H_
|
22
|
+
#define __Signals__H_
|
23
|
+
|
24
|
+
void InstallSignalHandlers();
|
25
|
+
extern bool gTerminateSignalReceived;
|
26
|
+
|
27
|
+
#ifdef OS_WIN32
|
28
|
+
void HookControlC (bool);
|
29
|
+
#endif
|
30
|
+
|
31
|
+
#endif // __Signals__H_
|
32
|
+
|
data/ext/ssl.cpp
ADDED
@@ -0,0 +1,408 @@
|
|
1
|
+
/*****************************************************************************
|
2
|
+
|
3
|
+
$Id$
|
4
|
+
|
5
|
+
File: ssl.cpp
|
6
|
+
Date: 30Apr06
|
7
|
+
|
8
|
+
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
+
Gmail: blackhedd
|
10
|
+
|
11
|
+
This program is free software; you can redistribute it and/or modify
|
12
|
+
it under the terms of either: 1) the GNU General Public License
|
13
|
+
as published by the Free Software Foundation; either version 2 of the
|
14
|
+
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
+
|
16
|
+
See the file COPYING for complete licensing information.
|
17
|
+
|
18
|
+
*****************************************************************************/
|
19
|
+
|
20
|
+
|
21
|
+
#ifdef WITH_SSL
|
22
|
+
|
23
|
+
#include "project.h"
|
24
|
+
|
25
|
+
|
26
|
+
bool SslContext_t::bLibraryInitialized = false;
|
27
|
+
|
28
|
+
|
29
|
+
|
30
|
+
static void InitializeDefaultCredentials();
|
31
|
+
static EVP_PKEY *DefaultPrivateKey = NULL;
|
32
|
+
static X509 *DefaultCertificate = NULL;
|
33
|
+
|
34
|
+
static char PrivateMaterials[] = {
|
35
|
+
"-----BEGIN RSA PRIVATE KEY-----\n"
|
36
|
+
"MIICXAIBAAKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxwVDWV\n"
|
37
|
+
"Igdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t39hJ/\n"
|
38
|
+
"AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQIDAQAB\n"
|
39
|
+
"AoGALA89gIFcr6BIBo8N5fL3aNHpZXjAICtGav+kTUpuxSiaym9cAeTHuAVv8Xgk\n"
|
40
|
+
"H2Wbq11uz+6JMLpkQJH/WZ7EV59DPOicXrp0Imr73F3EXBfR7t2EQDYHPMthOA1D\n"
|
41
|
+
"I9EtCzvV608Ze90hiJ7E3guGrGppZfJ+eUWCPgy8CZH1vRECQQDv67rwV/oU1aDo\n"
|
42
|
+
"6/+d5nqjeW6mWkGqTnUU96jXap8EIw6B+0cUKskwx6mHJv+tEMM2748ZY7b0yBlg\n"
|
43
|
+
"w4KDghbFAkEAz2h8PjSJG55LwqmXih1RONSgdN9hjB12LwXL1CaDh7/lkEhq0PlK\n"
|
44
|
+
"PCAUwQSdM17Sl0Xxm2CZiekTSlwmHrtqXQJAF3+8QJwtV2sRJp8u2zVe37IeH1cJ\n"
|
45
|
+
"xXeHyjTzqZ2803fnjN2iuZvzNr7noOA1/Kp+pFvUZUU5/0G2Ep8zolPUjQJAFA7k\n"
|
46
|
+
"xRdLkzIx3XeNQjwnmLlncyYPRv+qaE3FMpUu7zftuZBnVCJnvXzUxP3vPgKTlzGa\n"
|
47
|
+
"dg5XivDRfsV+okY5uQJBAMV4FesUuLQVEKb6lMs7rzZwpeGQhFDRfywJzfom2TLn\n"
|
48
|
+
"2RdJQQ3dcgnhdVDgt5o1qkmsqQh8uJrJ9SdyLIaZQIc=\n"
|
49
|
+
"-----END RSA PRIVATE KEY-----\n"
|
50
|
+
"-----BEGIN CERTIFICATE-----\n"
|
51
|
+
"MIID6TCCA1KgAwIBAgIJANm4W/Tzs+s+MA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD\n"
|
52
|
+
"VQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYw\n"
|
53
|
+
"FAYDVQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsG\n"
|
54
|
+
"A1UEAxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2lu\n"
|
55
|
+
"ZWVyaW5nQHN0ZWFtaGVhdC5uZXQwHhcNMDYwNTA1MTcwNjAzWhcNMjQwMjIwMTcw\n"
|
56
|
+
"NjAzWjCBqjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQH\n"
|
57
|
+
"EwhOZXcgWW9yazEWMBQGA1UEChMNU3RlYW1oZWF0Lm5ldDEUMBIGA1UECxMLRW5n\n"
|
58
|
+
"aW5lZXJpbmcxHTAbBgNVBAMTFG9wZW5jYS5zdGVhbWhlYXQubmV0MSgwJgYJKoZI\n"
|
59
|
+
"hvcNAQkBFhllbmdpbmVlcmluZ0BzdGVhbWhlYXQubmV0MIGfMA0GCSqGSIb3DQEB\n"
|
60
|
+
"AQUAA4GNADCBiQKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxw\n"
|
61
|
+
"VDWVIgdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t3\n"
|
62
|
+
"9hJ/AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQID\n"
|
63
|
+
"AQABo4IBEzCCAQ8wHQYDVR0OBBYEFPJvPd1Fcmd8o/Tm88r+NjYPICCkMIHfBgNV\n"
|
64
|
+
"HSMEgdcwgdSAFPJvPd1Fcmd8o/Tm88r+NjYPICCkoYGwpIGtMIGqMQswCQYDVQQG\n"
|
65
|
+
"EwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYwFAYD\n"
|
66
|
+
"VQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsGA1UE\n"
|
67
|
+
"AxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2luZWVy\n"
|
68
|
+
"aW5nQHN0ZWFtaGVhdC5uZXSCCQDZuFv087PrPjAMBgNVHRMEBTADAQH/MA0GCSqG\n"
|
69
|
+
"SIb3DQEBBQUAA4GBAC1CXey/4UoLgJiwcEMDxOvW74plks23090iziFIlGgcIhk0\n"
|
70
|
+
"Df6hTAs7H3MWww62ddvR8l07AWfSzSP5L6mDsbvq7EmQsmPODwb6C+i2aF3EDL8j\n"
|
71
|
+
"uw73m4YIGI0Zw2XdBpiOGkx2H56Kya6mJJe/5XORZedh1wpI7zki01tHYbcy\n"
|
72
|
+
"-----END CERTIFICATE-----\n"};
|
73
|
+
|
74
|
+
/* These private materials were made with:
|
75
|
+
* openssl req -new -x509 -keyout cakey.pem -out cacert.pem -nodes -days 6500
|
76
|
+
* TODO: We need a full-blown capability to work with user-supplied
|
77
|
+
* keypairs and properly-signed certificates.
|
78
|
+
*/
|
79
|
+
|
80
|
+
|
81
|
+
/*****************
|
82
|
+
builtin_passwd_cb
|
83
|
+
*****************/
|
84
|
+
|
85
|
+
extern "C" int builtin_passwd_cb (char *buf, int bufsize, int rwflag, void *userdata)
|
86
|
+
{
|
87
|
+
strcpy (buf, "kittycat");
|
88
|
+
return 8;
|
89
|
+
}
|
90
|
+
|
91
|
+
/****************************
|
92
|
+
InitializeDefaultCredentials
|
93
|
+
****************************/
|
94
|
+
|
95
|
+
static void InitializeDefaultCredentials()
|
96
|
+
{
|
97
|
+
BIO *bio = BIO_new_mem_buf (PrivateMaterials, -1);
|
98
|
+
assert (bio);
|
99
|
+
|
100
|
+
if (DefaultPrivateKey) {
|
101
|
+
// we may come here in a restart.
|
102
|
+
EVP_PKEY_free (DefaultPrivateKey);
|
103
|
+
DefaultPrivateKey = NULL;
|
104
|
+
}
|
105
|
+
PEM_read_bio_PrivateKey (bio, &DefaultPrivateKey, builtin_passwd_cb, 0);
|
106
|
+
|
107
|
+
if (DefaultCertificate) {
|
108
|
+
// we may come here in a restart.
|
109
|
+
X509_free (DefaultCertificate);
|
110
|
+
DefaultCertificate = NULL;
|
111
|
+
}
|
112
|
+
PEM_read_bio_X509 (bio, &DefaultCertificate, NULL, 0);
|
113
|
+
|
114
|
+
BIO_free (bio);
|
115
|
+
}
|
116
|
+
|
117
|
+
|
118
|
+
|
119
|
+
/**************************
|
120
|
+
SslContext_t::SslContext_t
|
121
|
+
**************************/
|
122
|
+
|
123
|
+
SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile):
|
124
|
+
pCtx (NULL),
|
125
|
+
PrivateKey (NULL),
|
126
|
+
Certificate (NULL)
|
127
|
+
{
|
128
|
+
/* TODO: the usage of the specified private-key and cert-chain filenames only applies to
|
129
|
+
* client-side connections at this point. Server connections currently use the default materials.
|
130
|
+
* That needs to be fixed asap.
|
131
|
+
* Also, in this implementation, server-side connections use statically defined X-509 defaults.
|
132
|
+
* One thing I'm really not clear on is whether or not you have to explicitly free X509 and EVP_PKEY
|
133
|
+
* objects when we call our destructor, or whether just calling SSL_CTX_free is enough.
|
134
|
+
*/
|
135
|
+
|
136
|
+
if (!bLibraryInitialized) {
|
137
|
+
bLibraryInitialized = true;
|
138
|
+
SSL_library_init();
|
139
|
+
OpenSSL_add_ssl_algorithms();
|
140
|
+
OpenSSL_add_all_algorithms();
|
141
|
+
SSL_load_error_strings();
|
142
|
+
ERR_load_crypto_strings();
|
143
|
+
|
144
|
+
InitializeDefaultCredentials();
|
145
|
+
}
|
146
|
+
|
147
|
+
bIsServer = is_server;
|
148
|
+
pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());
|
149
|
+
if (!pCtx)
|
150
|
+
throw std::runtime_error ("no SSL context");
|
151
|
+
|
152
|
+
SSL_CTX_set_options (pCtx, SSL_OP_ALL);
|
153
|
+
//SSL_CTX_set_options (pCtx, (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3));
|
154
|
+
|
155
|
+
if (is_server) {
|
156
|
+
// The SSL_CTX calls here do NOT allocate memory.
|
157
|
+
int e;
|
158
|
+
if (privkeyfile.length() > 0)
|
159
|
+
e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
|
160
|
+
else
|
161
|
+
e = SSL_CTX_use_PrivateKey (pCtx, DefaultPrivateKey);
|
162
|
+
assert (e > 0);
|
163
|
+
if (certchainfile.length() > 0)
|
164
|
+
e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
|
165
|
+
else
|
166
|
+
e = SSL_CTX_use_certificate (pCtx, DefaultCertificate);
|
167
|
+
assert (e > 0);
|
168
|
+
}
|
169
|
+
|
170
|
+
SSL_CTX_set_cipher_list (pCtx, "ALL:!ADH:!LOW:!EXP:!DES-CBC3-SHA:@STRENGTH");
|
171
|
+
|
172
|
+
if (is_server) {
|
173
|
+
SSL_CTX_sess_set_cache_size (pCtx, 128);
|
174
|
+
SSL_CTX_set_session_id_context (pCtx, (unsigned char*)"eventmachine", 12);
|
175
|
+
}
|
176
|
+
else {
|
177
|
+
int e;
|
178
|
+
if (privkeyfile.length() > 0) {
|
179
|
+
e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
|
180
|
+
assert (e > 0);
|
181
|
+
}
|
182
|
+
if (certchainfile.length() > 0) {
|
183
|
+
e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
|
184
|
+
assert (e > 0);
|
185
|
+
}
|
186
|
+
}
|
187
|
+
}
|
188
|
+
|
189
|
+
|
190
|
+
|
191
|
+
/***************************
|
192
|
+
SslContext_t::~SslContext_t
|
193
|
+
***************************/
|
194
|
+
|
195
|
+
SslContext_t::~SslContext_t()
|
196
|
+
{
|
197
|
+
if (pCtx)
|
198
|
+
SSL_CTX_free (pCtx);
|
199
|
+
if (PrivateKey)
|
200
|
+
EVP_PKEY_free (PrivateKey);
|
201
|
+
if (Certificate)
|
202
|
+
X509_free (Certificate);
|
203
|
+
}
|
204
|
+
|
205
|
+
|
206
|
+
|
207
|
+
/******************
|
208
|
+
SslBox_t::SslBox_t
|
209
|
+
******************/
|
210
|
+
|
211
|
+
SslBox_t::SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile):
|
212
|
+
bIsServer (is_server),
|
213
|
+
pSSL (NULL),
|
214
|
+
pbioRead (NULL),
|
215
|
+
pbioWrite (NULL)
|
216
|
+
{
|
217
|
+
/* TODO someday: make it possible to re-use SSL contexts so we don't have to create
|
218
|
+
* a new one every time we come here.
|
219
|
+
*/
|
220
|
+
|
221
|
+
Context = new SslContext_t (bIsServer, privkeyfile, certchainfile);
|
222
|
+
assert (Context);
|
223
|
+
|
224
|
+
pbioRead = BIO_new (BIO_s_mem());
|
225
|
+
assert (pbioRead);
|
226
|
+
|
227
|
+
pbioWrite = BIO_new (BIO_s_mem());
|
228
|
+
assert (pbioWrite);
|
229
|
+
|
230
|
+
pSSL = SSL_new (Context->pCtx);
|
231
|
+
assert (pSSL);
|
232
|
+
SSL_set_bio (pSSL, pbioRead, pbioWrite);
|
233
|
+
|
234
|
+
if (!bIsServer)
|
235
|
+
SSL_connect (pSSL);
|
236
|
+
}
|
237
|
+
|
238
|
+
|
239
|
+
|
240
|
+
/*******************
|
241
|
+
SslBox_t::~SslBox_t
|
242
|
+
*******************/
|
243
|
+
|
244
|
+
SslBox_t::~SslBox_t()
|
245
|
+
{
|
246
|
+
// Freeing pSSL will also free the associated BIOs, so DON'T free them separately.
|
247
|
+
if (pSSL) {
|
248
|
+
if (SSL_get_shutdown (pSSL) & SSL_RECEIVED_SHUTDOWN)
|
249
|
+
SSL_shutdown (pSSL);
|
250
|
+
else
|
251
|
+
SSL_clear (pSSL);
|
252
|
+
SSL_free (pSSL);
|
253
|
+
}
|
254
|
+
|
255
|
+
delete Context;
|
256
|
+
}
|
257
|
+
|
258
|
+
|
259
|
+
|
260
|
+
/***********************
|
261
|
+
SslBox_t::PutCiphertext
|
262
|
+
***********************/
|
263
|
+
|
264
|
+
bool SslBox_t::PutCiphertext (const char *buf, int bufsize)
|
265
|
+
{
|
266
|
+
assert (buf && (bufsize > 0));
|
267
|
+
|
268
|
+
assert (pbioRead);
|
269
|
+
int n = BIO_write (pbioRead, buf, bufsize);
|
270
|
+
|
271
|
+
return (n == bufsize) ? true : false;
|
272
|
+
}
|
273
|
+
|
274
|
+
|
275
|
+
/**********************
|
276
|
+
SslBox_t::GetPlaintext
|
277
|
+
**********************/
|
278
|
+
|
279
|
+
int SslBox_t::GetPlaintext (char *buf, int bufsize)
|
280
|
+
{
|
281
|
+
if (!SSL_is_init_finished (pSSL)) {
|
282
|
+
int e = bIsServer ? SSL_accept (pSSL) : SSL_connect (pSSL);
|
283
|
+
if (e < 0) {
|
284
|
+
int er = SSL_get_error (pSSL, e);
|
285
|
+
if (er != SSL_ERROR_WANT_READ) {
|
286
|
+
// Return -1 for a nonfatal error, -2 for an error that should force the connection down.
|
287
|
+
return (er == SSL_ERROR_SSL) ? (-2) : (-1);
|
288
|
+
}
|
289
|
+
else
|
290
|
+
return 0;
|
291
|
+
}
|
292
|
+
// If handshake finished, FALL THROUGH and return the available plaintext.
|
293
|
+
}
|
294
|
+
|
295
|
+
if (!SSL_is_init_finished (pSSL)) {
|
296
|
+
// We can get here if a browser abandons a handshake.
|
297
|
+
// The user can see a warning dialog and abort the connection.
|
298
|
+
cerr << "<SSL_incomp>";
|
299
|
+
return 0;
|
300
|
+
}
|
301
|
+
|
302
|
+
//cerr << "CIPH: " << SSL_get_cipher (pSSL) << endl;
|
303
|
+
|
304
|
+
int n = SSL_read (pSSL, buf, bufsize);
|
305
|
+
if (n >= 0) {
|
306
|
+
return n;
|
307
|
+
}
|
308
|
+
else {
|
309
|
+
if (SSL_get_error (pSSL, n) == SSL_ERROR_WANT_READ) {
|
310
|
+
return 0;
|
311
|
+
}
|
312
|
+
else {
|
313
|
+
return -1;
|
314
|
+
}
|
315
|
+
}
|
316
|
+
|
317
|
+
return 0;
|
318
|
+
}
|
319
|
+
|
320
|
+
|
321
|
+
|
322
|
+
/**************************
|
323
|
+
SslBox_t::CanGetCiphertext
|
324
|
+
**************************/
|
325
|
+
|
326
|
+
bool SslBox_t::CanGetCiphertext()
|
327
|
+
{
|
328
|
+
assert (pbioWrite);
|
329
|
+
return BIO_pending (pbioWrite) ? true : false;
|
330
|
+
}
|
331
|
+
|
332
|
+
|
333
|
+
|
334
|
+
/***********************
|
335
|
+
SslBox_t::GetCiphertext
|
336
|
+
***********************/
|
337
|
+
|
338
|
+
int SslBox_t::GetCiphertext (char *buf, int bufsize)
|
339
|
+
{
|
340
|
+
assert (pbioWrite);
|
341
|
+
assert (buf && (bufsize > 0));
|
342
|
+
|
343
|
+
return BIO_read (pbioWrite, buf, bufsize);
|
344
|
+
}
|
345
|
+
|
346
|
+
|
347
|
+
|
348
|
+
/**********************
|
349
|
+
SslBox_t::PutPlaintext
|
350
|
+
**********************/
|
351
|
+
|
352
|
+
int SslBox_t::PutPlaintext (const char *buf, int bufsize)
|
353
|
+
{
|
354
|
+
// The caller will interpret the return value as the number of bytes written.
|
355
|
+
// WARNING WARNING WARNING, are there any situations in which a 0 or -1 return
|
356
|
+
// from SSL_write means we should immediately retry? The socket-machine loop
|
357
|
+
// will probably wait for a time-out cycle (perhaps a second) before re-trying.
|
358
|
+
// THIS WOULD CAUSE A PERCEPTIBLE DELAY!
|
359
|
+
|
360
|
+
/* We internally queue any outbound plaintext that can't be dispatched
|
361
|
+
* because we're in the middle of a handshake or something.
|
362
|
+
* When we get called, try to send any queued data first, and then
|
363
|
+
* send the caller's data (or queue it). We may get called with no outbound
|
364
|
+
* data, which means we try to send the outbound queue and that's all.
|
365
|
+
*
|
366
|
+
* Return >0 if we wrote any data, 0 if we didn't, and <0 for a fatal error.
|
367
|
+
* Note that if we return 0, the connection is still considered live
|
368
|
+
* and we are signalling that we have accepted the outbound data (if any).
|
369
|
+
*/
|
370
|
+
|
371
|
+
OutboundQ.Push (buf, bufsize);
|
372
|
+
|
373
|
+
if (!SSL_is_init_finished (pSSL))
|
374
|
+
return 0;
|
375
|
+
|
376
|
+
bool fatal = false;
|
377
|
+
bool did_work = false;
|
378
|
+
|
379
|
+
while (OutboundQ.HasPages()) {
|
380
|
+
const char *page;
|
381
|
+
int length;
|
382
|
+
OutboundQ.Front (&page, &length);
|
383
|
+
assert (page && (length > 0));
|
384
|
+
int n = SSL_write (pSSL, page, length);
|
385
|
+
if (n > 0) {
|
386
|
+
did_work = true;
|
387
|
+
OutboundQ.PopFront();
|
388
|
+
}
|
389
|
+
else {
|
390
|
+
int er = SSL_get_error (pSSL, n);
|
391
|
+
if ((er != SSL_ERROR_WANT_READ) && (er != SSL_ERROR_WANT_WRITE))
|
392
|
+
fatal = true;
|
393
|
+
break;
|
394
|
+
}
|
395
|
+
}
|
396
|
+
|
397
|
+
|
398
|
+
if (did_work)
|
399
|
+
return 1;
|
400
|
+
else if (fatal)
|
401
|
+
return -1;
|
402
|
+
else
|
403
|
+
return 0;
|
404
|
+
}
|
405
|
+
|
406
|
+
|
407
|
+
#endif // WITH_SSL
|
408
|
+
|