Class: Puma::MiniSSL::Socket
| Relationships & Source Files | |
| Inherits: | Object |
| Defined in: | lib/puma/minissl.rb |
Class Method Summary
- .new(socket, engine) ⇒ Socket constructor
Instance Attribute Summary
- #closed? ⇒ Boolean readonly
- #peeraddr readonly
-
#peercert ⇒ OpenSSL::X509::Certificate?
readonly
OpenSSL is loaded in
ContextBuilderwhen Context#verify_mode is not VERIFY_NONE. -
#ssl_version_state
readonly
Returns a two element array, first is protocol version (SSL_get_version), second is ‘handshake’ state (SSL_state_string).
- #to_io readonly
-
#bad_tlsv1_3? ⇒ Boolean
readonly
private
Used to check the handshake status, in particular when a TCP connection is made with
TLSv1.3as an available protocol.
Instance Method Summary
-
#<<(data)
Alias for #write.
- #close
- #engine_read_all
- #flush
- #read_nonblock(size, *_)
- #readpartial(size)
-
#syswrite(data)
Alias for #write.
- #write(data) (also: #syswrite, #<<)
-
#write_nonblock(data, *_)
The problem with implementing it properly is that it means we’d have to have the ability to rewind an engine because after we write+extract, the socket write_nonblock call might raise an exception and later code would pass the same data in, but the engine would think it had already written the data in.
Constructor Details
.new(socket, engine) ⇒ Socket
# File 'lib/puma/minissl.rb', line 23
def initialize(socket, engine) @socket = socket @engine = engine @peercert = nil @reuse = nil end
Instance Attribute Details
#bad_tlsv1_3? ⇒ Boolean (readonly, private)
Used to check the handshake status, in particular when a TCP connection is made with TLSv1.3 as an available protocol
# File 'lib/puma/minissl.rb', line 55
def bad_tlsv1_3? HAS_TLS1_3 && ssl_version_state == ['TLSv1.3', 'SSLERR'] end
#closed? ⇒ Boolean (readonly)
[ GitHub ]
# File 'lib/puma/minissl.rb', line 35
def closed? @socket.closed? end
#peeraddr (readonly)
[ GitHub ]# File 'lib/puma/minissl.rb', line 183
def peeraddr @socket.peeraddr end
#peercert ⇒ OpenSSL::X509::Certificate? (readonly)
OpenSSL is loaded in ContextBuilder when Context#verify_mode is not VERIFY_NONE. When VERIFY_NONE, Engine#peercert is nil, regardless of whether the client sends a cert.
#ssl_version_state (readonly)
Returns a two element array, first is protocol version (SSL_get_version), second is ‘handshake’ state (SSL_state_string)
Used for dropping tcp connections to ssl. See OpenSSL ssl/ssl_stat.c SSL_state_string for info
# File 'lib/puma/minissl.rb', line 48
def ssl_version_state IS_JRUBY ? [nil, nil] : @engine.ssl_vers_st end
#to_io (readonly)
[ GitHub ]# File 'lib/puma/minissl.rb', line 31
def to_io @socket end
Instance Method Details
#<<(data)
Alias for #write.
# File 'lib/puma/minissl.rb', line 144
alias_method :<<, :write
#close
[ GitHub ]# File 'lib/puma/minissl.rb', line 167
def close begin unless @engine.shutdown while alert_data = @engine.extract @socket.write alert_data end end rescue IOError, SystemCallError Puma::Util.purge_interrupt_queue # nothing ensure @socket.close end end
#engine_read_all
[ GitHub ]# File 'lib/puma/minissl.rb', line 77
def engine_read_all output = @engine.read while output and additional_output = @engine.read output << additional_output end output end
#flush
[ GitHub ]# File 'lib/puma/minissl.rb', line 163
def flush @socket.flush end
#read_nonblock(size, *_)
[ GitHub ]# File 'lib/puma/minissl.rb', line 85
def read_nonblock(size, *_) # *_ is to deal with keyword args that were added # at some point (and being used in the wild) while true output = engine_read_all return output if output data = @socket.read_nonblock(size, exception: false) if data == :wait_readable || data == :wait_writable # It would make more sense to let @socket.read_nonblock raise # EAGAIN if necessary but it seems like it'll misbehave on Windows. # I don't have a Windows machine to debug this so I can't explain # exactly whats happening in that OS. Please let me know if you # find out! # # In the meantime, we can emulate the correct behavior by # capturing :wait_readable & :wait_writable and raising EAGAIN # ourselves. raise IO::EAGAINWaitReadable elsif data.nil? raise SSLError.exception "HTTP connection?" if bad_tlsv1_3? return nil end @engine.inject(data) output = engine_read_all return output if output while neg_data = @engine.extract @socket.write neg_data end end end
#readpartial(size)
[ GitHub ]# File 'lib/puma/minissl.rb', line 60
def readpartial(size) while true output = @engine.read return output if output data = @socket.readpartial(size) @engine.inject(data) output = @engine.read return output if output while neg_data = @engine.extract @socket.write neg_data end end end
#syswrite(data)
Alias for #write.
# File 'lib/puma/minissl.rb', line 143
alias_method :syswrite, :write
#write(data) Also known as: #syswrite, #<<
[ GitHub ]# File 'lib/puma/minissl.rb', line 120
def write(data) return 0 if data.empty? data_size = data.bytesize need = data_size while true wrote = @engine.write data enc_wr = +'' while (enc = @engine.extract) enc_wr << enc end @socket.write enc_wr unless enc_wr.empty? need -= wrote return data_size if need == 0 data = data.byteslice(wrote..-1) end end
#write_nonblock(data, *_)
The problem with implementing it properly is that it means we’d have to have the ability to rewind an engine because after we write+extract, the socket write_nonblock call might raise an exception and later code would pass the same data in, but the engine would think it had already written the data in.
So for the time being (and since write blocking is quite rare), go ahead and actually block in write_nonblock.
# File 'lib/puma/minissl.rb', line 159
def write_nonblock(data, *_) write data end