aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2018-09-13 20:37:43 +0200
committerKim Alvefur <zash@zash.se>2018-09-13 20:37:43 +0200
commit27321d582db0f9e0163547ed8e020167773297a3 (patch)
tree647579be91c769126b898fa608636f17fd0af333
parent39ff6a385ef0731afa5a4c23fab7f70bf468d1b9 (diff)
downloadprosody-27321d582db0f9e0163547ed8e020167773297a3.tar.gz
prosody-27321d582db0f9e0163547ed8e020167773297a3.zip
net.server_epoll: Refactor Direct TLS assumptions outwards
The assumption that connections are "Direct TLS" when a TLS context is supplided should be broken. The goal is to make it easy to add a new API that can be given a TLS context at creation even if it should do STARTTLS. With this commit, only the exposed server_select-compatible API assumes Direct TLS when a TLS context is included.
-rw-r--r--net/server_epoll.lua25
1 files changed, 17 insertions, 8 deletions
diff --git a/net/server_epoll.lua b/net/server_epoll.lua
index 0de590ce..055f7344 100644
--- a/net/server_epoll.lua
+++ b/net/server_epoll.lua
@@ -454,7 +454,6 @@ function interface:tlshandskake()
self.onreadable = nil;
self._tls = true;
self:on("status", "ssl-handshake-complete");
- self.init = nil; -- Restore default method
self:init();
elseif err == "wantread" then
log("debug", "TLS handshake on %s to wait until readable", self);
@@ -489,9 +488,6 @@ local function wrapsocket(client, server, pattern, listeners, tls_ctx) -- luasoc
if client.getsockname then
conn.sockname, conn.sockport = client:getsockname();
end
- if tls_ctx then
- conn.init = interface.starttls;
- end
return conn;
end
@@ -504,9 +500,13 @@ function interface:onacceptable()
self:pausefor(cfg.accept_retry_interval);
return;
end
- local client = wrapsocket(conn, self, nil, self.listeners, self.tls_ctx);
+ local client = wrapsocket(conn, self, nil, self.listeners);
log("debug", "New connection %s", tostring(client));
- client:init();
+ if self.tls_direct then
+ client:starttls(self.tls_ctx);
+ else
+ client:init();
+ end
end
-- Initialization
@@ -559,6 +559,7 @@ local function addserver(addr, port, listeners, pattern, tls_ctx)
_pattern = pattern;
onreadable = interface.onacceptable;
tls_ctx = tls_ctx;
+ tls_direct = tls_ctx and true or false;
sockname = addr;
sockport = port;
}, interface_mt);
@@ -572,7 +573,11 @@ local function wrapclient(conn, addr, port, listeners, pattern, tls_ctx)
if not client.peername then
client.peername, client.peerport = addr, port;
end
- client:init();
+ if tls_ctx then
+ client:starttls(tls_ctx);
+ else
+ client:init();
+ end
return client;
end
@@ -583,7 +588,11 @@ local function addclient(addr, port, listeners, pattern, tls_ctx)
conn:settimeout(0);
conn:connect(addr, port);
local client = wrapsocket(conn, nil, pattern, listeners, tls_ctx)
- client:init();
+ if tls_ctx then
+ client:starttls(tls_ctx);
+ else
+ client:init();
+ end
return client, conn;
end