Class: LibTLS::Server

Inherits:

Object

• Object
• LibTLS::Server

Defined in:

lib/libtls/server.rb

Overview

end

Instance Attribute Summary

• #ctx ⇒ Object readonly

  The FFI wrapper around the struct tls object.

Instance Method Summary

• #accept(client_socket) {|client| ... } ⇒ Object

  Negotiate a TLS handshake on an existing socket.

• #finish ⇒ Object

  Release any memory held on to by the C library.

• #initialize(configure:) {|self| ... } ⇒ Server constructor

  Instantiate and configure a TLS server.

Constructor Details

#initialize(configure:) {|self| ... } ⇒ Server

Instantiate and configure a TLS server

Once constructed, a LibTLS::Server instance must be freed with the #finish method. If you pass a block to the constructor it will handle this for you.

Parameters:

• configure (Hash) —

  a mapping from setting name to value. The setting name is any of Config::VALID_SET_CONFIGS; the value is either a scalar value passed through to the C function, or an array of values. For example:

  { ca_file: 'ca.pem', key_mem: [key_ptr, 48] }
  

Yield Parameters:

• self (Server) —

  an initialized and configured instance of self

Raises:

• (LibTLS::UnknownCError) —

  if tls_init or tls_server fail

• (LibTLS::CError) —

  if tls_configure fails

# File 'lib/libtls/server.rb', line 53

def initialize(configure:, &block)
  if LibTLS::Raw.tls_init < 0
    raise LibTLS::UnknownCError, "tls_init"
  end

  @config = Config.new(configure)

  if (@ctx = LibTLS::Raw.tls_server) == nil
    raise LibTLS::UnknownCError, "tls_server"
  end

  if LibTLS::Raw::tls_configure(ctx, @config.as_raw) < 0
    raise LibTLS::CError, "tls_configure: #{LibTLS::Raw.tls_error(ctx)}"
  end

  if block
    begin
      block.call(self)
    ensure
      self.finish
    end
  end
end

Instance Attribute Details

#ctx ⇒ Object (readonly)

The FFI wrapper around the struct tls object

This is only useful for calling any of the Raw methods.

# File 'lib/libtls/server.rb', line 37

def ctx
  @ctx
end

Instance Method Details

#accept(client_socket) {|client| ... } ⇒ Object

Negotiate a TLS handshake on an existing socket

The client socket is assumed to already have an active connection; for example, IO.select or Socket#accept has been called.

The block is run on a connection opened for the client. Once the block finishes, the connection is closed automatically.

Parameters:

• client_socket (Socket) —

  a connected socket

Yield Parameters:

• client (OpenedClient) —

  the connected client

Returns:

• the result of the block

Raises:

• (LibTLS::CError) —

  if tls_accept_socket fails

# File 'lib/libtls/server.rb', line 90

def accept(client_socket, &block)
  cctx_ptr = FFI::MemoryPointer.new(:pointer)

  if tls_accept(cctx_ptr, client_socket) == -1
    raise LibTLS::CError, "tls_accept_socket: #{LibTLS::Raw.tls_error(ctx)}"
  end

  cctx = cctx_ptr.read_pointer

  opened_client = OpenedClient.new(cctx)
  block.call(opened_client)
ensure
  opened_client && opened_client.close
end

#finish ⇒ Object

Release any memory held on to by the C library

This method must be called either implicitly by passing a block to #initialize, or explicitly by you.

# File 'lib/libtls/server.rb', line 110

def finish
  @config.free
  LibTLS::Raw.tls_free(ctx)
end