Class: Puma::MiniSSL::Engine

Inherits:
Object
  • Object
show all
Defined in:
ext/puma_http11/mini_ssl.c

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.clientObject 



510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
 
# File 'ext/puma_http11/mini_ssl.c', line 510

VALUE engine_init_client(VALUE klass) {
  VALUE obj;
  ms_conn* conn = engine_alloc(klass, &obj);
#ifdef HAVE_DTLS_METHOD
  conn->ctx = SSL_CTX_new(DTLS_method());
#else
  conn->ctx = SSL_CTX_new(DTLSv1_method());
#endif
  conn->ssl = SSL_new(conn->ctx);
  SSL_set_app_data(conn->ssl, NULL);
  SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL);

  SSL_set_bio(conn->ssl, conn->read, conn->write);

  SSL_set_connect_state(conn->ssl);
  return obj;
}

.server(sslctx) ⇒ Object 



492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
 
# File 'ext/puma_http11/mini_ssl.c', line 492

VALUE engine_init_server(VALUE self, VALUE sslctx) {
  ms_conn* conn;
  VALUE obj;
  SSL_CTX* ctx;
  SSL* ssl;

  conn = engine_alloc(self, &obj);

  TypedData_Get_Struct(sslctx, SSL_CTX, &sslctx_type, ctx);

  ssl = SSL_new(ctx);
  conn->ssl = ssl;
  SSL_set_app_data(ssl, NULL);
  SSL_set_bio(ssl, conn->read, conn->write);
  SSL_set_accept_state(ssl);
  return obj;
}

Instance Method Details

#extractObject 



629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
 
# File 'ext/puma_http11/mini_ssl.c', line 629

VALUE engine_extract(VALUE self) {
  ms_conn* conn;
  int bytes;
  size_t pending;
  // https://www.openssl.org/docs/manmaster/man3/BIO_f_buffer.html
  // crypto/bio/bf_buff.c DEFAULT_BUFFER_SIZE
  char buf[4096];

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  pending = BIO_pending(conn->write);
  if(pending > 0) {
    bytes = BIO_read(conn->write, buf, sizeof(buf));
    if(bytes > 0) {
      return rb_str_new(buf, bytes);
    } else if(!BIO_should_retry(conn->write)) {
      raise_error(conn->ssl, bytes);
    }
  }

  return Qnil;
}

#init?Boolean

Returns:

  • (Boolean) 


668
669
670
671
672
673
674
 
# File 'ext/puma_http11/mini_ssl.c', line 668

VALUE engine_init(VALUE self) {
  ms_conn* conn;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  return SSL_in_init(conn->ssl) ? Qtrue : Qfalse;
}

#inject(str) ⇒ Object 



528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
 
# File 'ext/puma_http11/mini_ssl.c', line 528

VALUE engine_inject(VALUE self, VALUE str) {
  ms_conn* conn;
  long used;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  StringValue(str);

  used = BIO_write(conn->read, RSTRING_PTR(str), (int)RSTRING_LEN(str));

  if(used == 0 || used == -1) {
    return Qfalse;
  }

  return INT2FIX(used);
}

#peercertString?

Returns ‘nil` when `MiniSSL::Context#verify_mode` is set to `VERIFY_NONE`.

Returns:

  • (String, nil)

    DER encoded cert



676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
 
# File 'ext/puma_http11/mini_ssl.c', line 676

VALUE engine_peercert(VALUE self) {
  ms_conn* conn;
  X509* cert;
  int bytes;
  unsigned char* buf = NULL;
  ms_cert_buf* cert_buf = NULL;
  VALUE rb_cert_buf;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

#ifdef HAVE_SSL_GET1_PEER_CERTIFICATE
  cert = SSL_get1_peer_certificate(conn->ssl);
#else
  cert = SSL_get_peer_certificate(conn->ssl);
#endif
  if(!cert) {
    /*
     * See if there was a failed certificate associated with this client.
     */
    cert_buf = (ms_cert_buf*)SSL_get_app_data(conn->ssl);
    if(!cert_buf) {
      return Qnil;
    }
    buf = cert_buf->buf;
    bytes = cert_buf->bytes;

  } else {
    bytes = i2d_X509(cert, &buf);
    X509_free(cert);

    if(bytes < 0) {
      return Qnil;
    }
  }

  rb_cert_buf = rb_str_new((const char*)(buf), bytes);
  if(!cert_buf) {
    OPENSSL_free(buf);
  }

  return rb_cert_buf;
}

#readObject 



579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
 
# File 'ext/puma_http11/mini_ssl.c', line 579

VALUE engine_read(VALUE self) {
  ms_conn* conn;
  char buf[512];
  int bytes, error;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  ERR_clear_error();

  bytes = SSL_read(conn->ssl, (void*)buf, sizeof(buf));

  if(bytes > 0) {
    return rb_str_new(buf, bytes);
  }

  if(SSL_want_read(conn->ssl)) return Qnil;

  error = SSL_get_error(conn->ssl, bytes);

  if(error == SSL_ERROR_ZERO_RETURN) {
    rb_eof_error();
  } else {
    raise_error(conn->ssl, bytes);
  }

  return Qnil;
}

#shutdownObject 



652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
 
# File 'ext/puma_http11/mini_ssl.c', line 652

VALUE engine_shutdown(VALUE self) {
  ms_conn* conn;
  int ok;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  ERR_clear_error();

  ok = SSL_shutdown(conn->ssl);
  if (ok == 0) {
    return Qfalse;
  }

  return Qtrue;
}

#ssl_vers_stObject

See Also:

Version:

  • 5.0.0



722
723
724
725
726
727
 
# File 'ext/puma_http11/mini_ssl.c', line 722

static VALUE
engine_ssl_vers_st(VALUE self) {
  ms_conn* conn;
  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);
  return rb_ary_new3(2, rb_str_new2(SSL_get_version(conn->ssl)), rb_str_new2(SSL_state_string(conn->ssl)));
}

#write(str) ⇒ Object 



607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
 
# File 'ext/puma_http11/mini_ssl.c', line 607

VALUE engine_write(VALUE self, VALUE str) {
  ms_conn* conn;
  int bytes;

  TypedData_Get_Struct(self, ms_conn, &engine_data_type, conn);

  StringValue(str);

  ERR_clear_error();

  bytes = SSL_write(conn->ssl, (void*)RSTRING_PTR(str), (int)RSTRING_LEN(str));
  if(bytes > 0) {
    return INT2FIX(bytes);
  }

  if(SSL_want_write(conn->ssl)) return Qnil;

  raise_error(conn->ssl, bytes);

  return Qnil;
}