Class: Socketry::SSL::Server

Inherits:

TCP::Server

• Object
• TCP::Server
• Socketry::SSL::Server

Defined in:

lib/socketry/ssl/server.rb

Overview

SSL Server

Constant Summary

Constants included from Timeout

Timeout::DEFAULT_TIMEOUTS, Timeout::DEFAULT_TIMER

Instance Attribute Summary

Attributes inherited from TCP::Server

#read_timeout, #resolver, #socket_class, #write_timeout

Instance Method Summary

• #accept(timeout: nil, **args) ⇒ Socketry::SSL::Socket

  Accept a connection to the server.

• #initialize(hostname_or_port, port = nil, ssl_socket_class: OpenSSL::SSL::SSLSocket, ssl_params: nil, **args) ⇒ Socketry::SSL::Server constructor

  Create a new SSL server.

Methods inherited from TCP::Server

#close, open

Methods included from Timeout

#clear_timeout, #lifetime, #set_timeout, #start_timer, #time_remaining

Constructor Details

#initialize(hostname_or_port, port = nil, ssl_socket_class: OpenSSL::SSL::SSLSocket, ssl_params: nil, **args) ⇒ Socketry::SSL::Server

Create a new SSL server

Raises:

• (TypeError)

# File 'lib/socketry/ssl/server.rb', line 11

def initialize(
  hostname_or_port,
  port = nil,
  ssl_socket_class: OpenSSL::SSL::SSLSocket,
  ssl_params: nil,
  **args
)
  raise TypeError, "expected Hash, got #{ssl_params.class}" if ssl_params && !ssl_params.is_a?(Hash)

  @ssl_socket_class = ssl_socket_class
  @ssl_context = OpenSSL::SSL::SSLContext.new
  @ssl_context.set_params(ssl_params) if ssl_params
  @ssl_context.freeze

  super(hostname_or_port, port, **args)
end

Instance Method Details

#accept(timeout: nil, **args) ⇒ Socketry::SSL::Socket

Accept a connection to the server

Note that this method also performs an SSL handshake and will therefore block other sockets which are ready to be accepted.

Multithreaded servers should invoke this method after spawning a thread to ensure a slow/malicious connection can’t cause a denial-of-service attack against the server.

Parameters:

• timeout (Numeric, NilClass) (defaults to: nil) —

  seconds to wait before aborting the accept

Returns:

• (Socketry::SSL::Socket)

# File 'lib/socketry/ssl/server.rb', line 39

def accept(timeout: nil, **args)
  ruby_socket = super(timeout: timeout, **args).to_io
  ssl_socket  = @ssl_socket_class.new(ruby_socket, @ssl_context)

  begin
    ssl_socket.accept_nonblock
  rescue IO::WaitReadable
    retry if IO.select([ruby_socket], nil, nil, timeout)
    raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
  rescue IO::WaitWritable
    retry if IO.select(nil, [ruby_socket], nil, timeout)
    raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
  end

  Socketry::SSL::Socket.new(
    read_timeout:  @read_timeout,
    write_timeout: @write_timeout,
    resolver:      @resolver,
    socket_class:  @socket_class
  ).from_socket(ruby_socket)
end