local cfg = {
MAX_CONNECTIONS = 100000, -- max per server connections (use "ulimit -n" on *nix)
- MAX_HANDSHAKE_ATTEMPS = 10, -- attemps to finish ssl handshake
- HANDSHAKE_TIMEOUT = 1, -- timout in seconds per handshake attemp
+ MAX_HANDSHAKE_ATTEMPS = 1000, -- attemps to finish ssl handshake
+ HANDSHAKE_TIMEOUT = 30, -- timout in seconds per handshake attemp
MAX_READ_LENGTH = 1024 * 1024 * 1024 * 1024, -- max bytes allowed to read from sockets
MAX_SEND_LENGTH = 1024 * 1024 * 1024 * 1024, -- max bytes size of write buffer (for writing on sockets)
ACCEPT_DELAY = 10, -- seconds to wait until the next attemp of a full server to accept
READ_TIMEOUT = 60 * 30, -- timeout in seconds for read data from socket
WRITE_TIMEOUT = 30, -- timeout in seconds for write data on socket
- CONNECT_TIMEOUT = 10, -- timeout in seconds for connection attemps
+ CONNECT_TIMEOUT = 20, -- timeout in seconds for connection attemps
CLEAR_DELAY = 5, -- seconds to wait for clearing interface list (and calling ondisconnect listeners)
DEBUG = true, -- show debug messages
}
local coroutine = use "coroutine"
local setmetatable = use "setmetatable"
-local ssl = use "ssl" or require "ssl"
+local ssl = use "ssl"
local socket = use "socket" or require "socket"
local log = require ("util.logger").init("socket")
self:_close()
debug( "new connection failed. id:", self.id, "error:", self.fatalerror )
else
- if plainssl then -- start ssl session
+ if plainssl and ssl then -- start ssl session
self:starttls()
else -- normal connection
self:_start_session( self.listener.onconnect )
self:_lock( false, false, false )
--vdebug( "start listening on client socket with id:", self.id )
self.eventread = addevent( base, self.conn, EV_READ, self.readcallback, cfg.READ_TIMEOUT ) -- register callback
- self:onconnect()
+ self:onincoming()
self.eventsession = nil
return -1
end
local _, err
local attempt = 0
local maxattempt = cfg.MAX_HANDSHAKE_ATTEMPS
- while attempt < 1000 do -- no endless loop
+ while attempt < maxattempt do -- no endless loop
attempt = attempt + 1
debug( "ssl handshake of client with id:"..tostring(self).."attemp:"..attempt )
if attempt > maxattempt then
_ = self.eventsession and self.eventsession:close( )
_ = self.eventwritetimeout and self.eventwritetimeout:close( )
_ = self.eventreadtimeout and self.eventreadtimeout:close( )
- _ = self.ondisconnect and self:ondisconnect( self.fatalerror ) -- call ondisconnect listener (wont be the case if handshake failed on connect)
+ _ = self.ondisconnect and self:ondisconnect( self.fatalerror ~= "client to close" and self.fatalerror) -- call ondisconnect listener (wont be the case if handshake failed on connect)
_ = self.conn and self.conn:close( ) -- close connection, must also be called outside of any socket registered events!
_ = self._server and self._server:counter(-1);
self.eventread, self.eventwrite = nil, nil
self.nointerface, self.noreading, self.nowriting = nointerface, noreading, nowriting
return nointerface, noreading, nowriting
end
+
+ function interface_mt:lock_read(switch)
+ return self:_lock(self.nointerface, switch, self.nowriting);
+ end
function interface_mt:counter(c)
if c then
_sslctx = sslctx; -- parameters
_usingssl = false; -- client is using ssl;
}
+ if not ssl then interface.starttls = false; end
interface.id = tostring(interface):match("%x+$");
interface.writecallback = function( event ) -- called on write events
--vdebug( "new client write event, id/ip/port:", interface, ip, port )
interface._connections = interface._connections + 1 -- increase connection count
local clientinterface = handleclient( client, ip, port, interface, pattern, listener, nil, sslctx )
--vdebug( "client id:", clientinterface, "startssl:", startssl )
- if sslctx then
+ if ssl and sslctx then
clientinterface:starttls(sslctx)
else
clientinterface:_start_session( clientinterface.onconnect )
end
debug( "accepted incoming client connection from:", ip, port )
+
client, err = server:accept() -- try to accept again
end
return EV_READ
debug "fatal error: luasec not found"
return nil, "luasec not found"
end
- sslctx, err = ssl.newcontext( sslcfg )
+ sslctx, err = sslcfg
if err then
debug( "error while creating new ssl context for server socket:", err )
return nil, err
debug "need luasec, but not available"
return nil, "luasec not found"
end
- sslctx, err = ssl.newcontext( sslcfg )
+ sslctx, err = sslcfg
if err then
debug( "cannot create new ssl context:", err )
return nil, err
projects / prosody.git / blobdiff