Class: OpenSSL::SSL::SSLServer

Inherits:

Object

• Object
• OpenSSL::SSL::SSLServer

Defined in:

lib/polyphony/extensions/openssl.rb

Overview

OpenSSL socket helper methods (to make it compatible with Socket API) and overrides

Instance Attribute Summary

• #ctx ⇒ Object readonly

  Returns the value of attribute ctx.

Instance Method Summary

• #accept ⇒ OpenSSL::SSL::SSLSocket

  Accepts a new connection and performs SSL handshake.

• #accept_loop(ignore_errors: true) {|OpenSSL::SSL::SSLSocket| ... } ⇒ OpenSSL::SSL::SSLServer

  Accepts incoming connections in an infinite loop.

Instance Attribute Details

#ctx ⇒ Object (readonly)

Returns the value of attribute ctx.

# File 'lib/polyphony/extensions/openssl.rb', line 174

def ctx
  @ctx
end

Instance Method Details

#accept ⇒ OpenSSL::SSL::SSLSocket

Accepts a new connection and performs SSL handshake.

Returns:

• (OpenSSL::SSL::SSLSocket) —

  accepted SSL connection

# File 'lib/polyphony/extensions/openssl.rb', line 182

def accept
  # when @ctx.servername_cb is set, we use a worker thread to run the
  # ssl.accept call. We need to do this because:
  # - We cannot switch fibers inside of the servername_cb proc (see
  #   https://github.com/ruby/openssl/issues/415)
  # - We don't want to stop the world while we're busy provisioning an ACME
  #   certificate
  if @use_accept_worker.nil?
    if (@use_accept_worker = use_accept_worker_thread?)
      start_accept_worker_thread
    end
  end

  # STDOUT.puts 'SSLServer#accept'
  sock, = @svr.accept
  # STDOUT.puts "- raw sock: #{sock.inspect}"
  begin
    ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
    # STDOUT.puts "- ssl sock: #{ssl.inspect}"
    ssl.sync_close = true
    if @use_accept_worker
      # STDOUT.puts "- send to accept worker"
      @accept_worker_fiber << [ssl, Fiber.current]
      # STDOUT.puts "- wait for accept worker"
      r = receive
      # STDOUT.puts "- got reply from accept worker: #{r.inspect}"
      r.invoke if r.is_a?(Exception)
    else
      ssl.accept
    end
    ssl
  rescue Exception => e
    # STDOUT.puts "- accept exception: #{e.inspect}"
    if ssl
      ssl.close
    else
      sock.close
    end
    raise e
  end
end

#accept_loop(ignore_errors: true) {|OpenSSL::SSL::SSLSocket| ... } ⇒ OpenSSL::SSL::SSLServer

Accepts incoming connections in an infinite loop.

Parameters:

• ignore_errors (boolean) (defaults to: true) —

  whether to ignore IO and SSL errors

Yields:

• (OpenSSL::SSL::SSLSocket) —

  accepted socket

Returns:

• (OpenSSL::SSL::SSLServer) —

  self

# File 'lib/polyphony/extensions/openssl.rb', line 266

def accept_loop(ignore_errors: true)
  loop do
    yield accept
  rescue OpenSSL::SSL::SSLError, SystemCallError => e
    raise e unless ignore_errors
  end
end