From: "Iñaki Baz Castillo" <ibc@aliax.net>
To: kgio@librelist.org
Subject: Using Kgio::Socket.pair and OpenSSL::SSL::Context for a new TLS stack in EventMachine
Date: Fri, 9 Dec 2011 15:58:47 +0100 [thread overview]
Message-ID: <CALiegfk6jjOenrMQYu-UJWKr_Xqq19aphG5qKXDHVyP7VG08PQ@mail.gmail.com> (raw)
In-Reply-To: <CALiegfk6jjOenrMQYu-UJWKr_Xqq19aphG5qKXDHVyP7VG08PQ@mail.gmail.com>
Hi, Ruby EventMachine has some drawbacks when using its SSL
stack(coded in C++), basically it consumes ***lot*** of memory as
showedin: https://github.com/eventmachine/eventmachine/issues/266
I've been suggested by the author of EM to create a TLS stack
usingRuby OpenSSL on top of a EM::Connection instance (which would be
apure TCP client/server connection rather than a TLS connection).
When acting as TCP server, an EM::Connection is created by EM for
eachincoming connection, and runs some callbacks:
- EM::Connection#initialize(), when the TCP connection begins.-
EM::Connection#post_init(), when the TCP connection has been
completed.- EM::Connection#receive_data(data), when data is received
from the client.- EM::Connection#unbind(cause=nil), when the TCP
connection isterminated locally or remotely.
So what I'm trying to achieve is using Kgio::Socket.pair() as a
bridgebetween the raw TLS data received from the client (after the
TCPconnection is done) and a OpenSSL::SSL::SSLSocket, something like:
--------------------------class MyTlsServer < EM::Connection
@@ssl_context = ::OpenSSL::SSL::SSLContext.new
def post_init @sock1, @sock2 =
::Kgio::Socket.pair(::Kgio::Socket::AF_UNIX,::Kgio::Socket::SOCK_STREAM,
0) @ssl = ::OpenSSL::SSL::SSLSocket.new @sock2, @@ssl_context
@ssl.sync_close = true end
def receive_data data # Write the received TLS raw data into @sock1, so
# @ssl socket can read it from @sock2. @sock1.write data
# I should call @ssl.accept somewhere (just once per connection)
# in order to perform the TLS handshake, but I don't know how, #
it blocks forever.
# No idea how to continue here. end
end--------------------------
Any suggestion about how could I continue it? it's being a hard
taskand I don't get it working in any way.
Really thanks a lot for any help.
--
Iñaki Baz Castillo
<ibc@aliax.net>
next parent reply other threads:[~2011-12-09 14:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-09 14:58 Iñaki Baz Castillo [this message]
2011-12-09 15:01 ` Using Kgio::Socket.pair and OpenSSL::SSL::Context for a new TLS stack in EventMachine Iñaki Baz Castillo
2011-12-09 21:01 ` Eric Wong
2011-12-10 18:38 ` Iñaki Baz Castillo
2011-12-21 22:10 ` Iñaki Baz Castillo
2011-12-22 1:28 ` Eric Wong
2011-12-22 15:57 ` Iñaki Baz Castillo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://yhbt.net/kgio/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALiegfk6jjOenrMQYu-UJWKr_Xqq19aphG5qKXDHVyP7VG08PQ@mail.gmail.com \
--to=ibc@aliax.net \
--cc=kgio@librelist.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhbt.net/kgio.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).