local cfg = {
MAX_CONNECTIONS = 100000, -- max per server connections (use "ulimit -n" on *nix)
- MAX_HANDSHAKE_ATTEMPS = 1000, -- attempts to finish ssl handshake
- HANDSHAKE_TIMEOUT = 60, -- timout in seconds per handshake attempt
+ MAX_HANDSHAKE_ATTEMPTS= 1000, -- attempts to finish ssl handshake
+ HANDSHAKE_TIMEOUT = 60, -- timeout in seconds per handshake attempt
MAX_READ_LENGTH = 1024 * 1024 * 1024 * 1024, -- max bytes allowed to read from sockets
MAX_SEND_LENGTH = 1024 * 1024 * 1024 * 1024, -- max bytes size of write buffer (for writing on sockets)
ACCEPT_DELAY = 10, -- seconds to wait until the next attempt of a full server to accept
function interface_mt:_start_connection(plainssl) -- should be called from addclient
local callback = function( event )
- if EV_TIMEOUT == event then -- timout during connection
+ if EV_TIMEOUT == event then -- timeout during connection
self.fatalerror = "connection timeout"
self:ontimeout() -- call timeout listener
self:_close()
debug( "new connection failed. id:", self.id, "error:", self.fatalerror )
else
if plainssl and ssl then -- start ssl session
- self:starttls()
+ self:starttls(nil, true)
else -- normal connection
- self:_start_session( self.listener.onconnect )
+ self:_start_session(true)
end
debug( "new connection established. id:", self.id )
end
self.eventconnect = addevent( base, self.conn, EV_WRITE, callback, cfg.CONNECT_TIMEOUT )
return true
end
- function interface_mt:_start_session(onconnect) -- new session, for example after startssl
+ function interface_mt:_start_session(call_onconnect) -- new session, for example after startssl
if self.type == "client" then
local callback = function( )
self:_lock( false, false, false )
--vdebug( "start listening on client socket with id:", self.id )
self.eventread = addevent( base, self.conn, EV_READ, self.readcallback, cfg.READ_TIMEOUT ); -- register callback
- self:onconnect()
+ if call_onconnect then
+ self:onconnect()
+ end
self.eventsession = nil
return -1
end
end
return true
end
- function interface_mt:_start_ssl(arg) -- old socket will be destroyed, therefore we have to close read/write events first
+ function interface_mt:_start_ssl(call_onconnect) -- old socket will be destroyed, therefore we have to close read/write events first
--vdebug( "starting ssl session with client id:", self.id )
local _
_ = self.eventread and self.eventread:close( ) -- close events; this must be called outside of the event callbacks!
if err then
self.fatalerror = err
self.conn = nil -- cannot be used anymore
- if "onconnect" == arg then
+ if call_onconnect then
self.ondisconnect = nil -- dont call this when client isnt really connected
end
self:_close()
function( event )
local _, err
local attempt = 0
- local maxattempt = cfg.MAX_HANDSHAKE_ATTEMPS
+ local maxattempt = cfg.MAX_HANDSHAKE_ATTEMPTS
while attempt < maxattempt do -- no endless loop
attempt = attempt + 1
- debug( "ssl handshake of client with id:"..tostring(self).."attemp:"..attempt )
+ debug( "ssl handshake of client with id:"..tostring(self)..", attempt:"..attempt )
if attempt > maxattempt then
- self.fatalerror = "max handshake attemps exceeded"
+ self.fatalerror = "max handshake attempts exceeded"
elseif EV_TIMEOUT == event then
self.fatalerror = "timeout during handshake"
else
self.send = self.conn.send -- caching table lookups with new client object
self.receive = self.conn.receive
local onsomething
- if "onconnect" == arg then -- trigger listener
- onsomething = self.onconnect
- else
- onsomething = self.onsslconnection
+ if not call_onconnect then -- trigger listener
+ self:onstatus("ssl-handshake-complete");
end
- self:_start_session( onsomething )
+ self:_start_session( call_onconnect )
debug( "ssl handshake done" )
- self:onstatus("ssl-handshake-complete");
self.eventhandshake = nil
return -1
end
end
end
if self.fatalerror then
- if "onconnect" == arg then
+ if call_onconnect then
self.ondisconnect = nil -- dont call this when client isnt really connected
end
self:_close()
end
end
+ function interface_mt:socket()
+ return self.conn
+ end
+
function interface_mt:server()
return self._server or self;
end
-- No-op, we always use the underlying connection's send
end
- function interface_mt:starttls(sslctx)
+ function interface_mt:starttls(sslctx, call_onconnect)
debug( "try to start ssl at client id:", self.id )
local err
self._sslctx = sslctx;
self._usingssl = true
self.startsslcallback = function( ) -- we have to start the handshake outside of a read/write event
self.startsslcallback = nil
- self:_start_ssl();
+ self:_start_ssl(call_onconnect);
self.eventstarthandshake = nil
return -1
end
function interface_mt:ondrain()
end
function interface_mt:onstatus()
- debug("server.lua: Dummy onstatus()")
end
end
return -1;
end
interface.eventwritetimeout = addevent( base, nil, EV_TIMEOUT, callback, cfg.WRITE_TIMEOUT ) -- reg a new timeout event
- debug( "wantread during write attemp, reg it in readcallback but dont know what really happens next..." )
+ debug( "wantread during write attempt, reg it in readcallback but dont know what really happens next..." )
-- hopefully this works with luasec; its simply not possible to use 2 different write events on a socket in luaevent
return -1
end
interface:_close()
end, cfg.READ_TIMEOUT
)
- debug( "wantwrite during read attemp, reg it in writecallback but dont know what really happens next..." )
+ debug( "wantwrite during read attempt, reg it in writecallback but dont know what really happens next..." )
-- to be honest i dont know what happens next, if it is allowed to first read, the write etc...
else -- connection was closed or fatal error
interface.fatalerror = err
if interface._connections >= cfg.MAX_CONNECTIONS then
client:close( ) -- refuse connection
debug( "maximal connections reached, refuse client connection; accept delay:", delay )
- return EV_TIMEOUT, delay -- delay for next accept attemp
+ return EV_TIMEOUT, delay -- delay for next accept attempt
end
local client_ip, client_port = client:getpeername( )
interface._connections = interface._connections + 1 -- increase connection count
local clientinterface = handleclient( client, client_ip, client_port, interface, pattern, listener, nil, sslctx )
--vdebug( "client id:", clientinterface, "startssl:", startssl )
if ssl and sslctx then
- clientinterface:starttls(sslctx)
+ clientinterface:starttls(sslctx, true)
else
- clientinterface:_start_session( clientinterface.onconnect )
+ clientinterface:_start_session( true )
end
debug( "accepted incoming client connection from:", client_ip or "<unknown IP>", client_port or "<unknown port>", "to", port or "<unknown port>");
function wrapclient( client, ip, port, listeners, pattern, sslctx, startssl )
local interface = handleclient( client, ip, port, nil, pattern, listeners, sslctx )
interface:_start_session()
- return interface
+ return interface, client
--function handleclient( client, ip, port, server, pattern, listener, _, sslctx ) -- creates an client interface
end
end
local function link(sender, receiver, buffersize)
- sender:set_mode(buffersize);
local sender_locked;
function receiver:ondrain()
projects / prosody.git / blobdiff