# HG changeset patch # User Kim Alvefur # Date 1536863863 -7200 # Node ID 33d500c25d76e7fcd0d325fe11b762bb86da1b63 # Parent 21c2f3331c59b8673cc5be031f8f68130971e942 net.server_epoll: Refactor Direct TLS assumptions outwards The assumption that connections are "Direct TLS" when a TLS context is supplided should be broken. The goal is to make it easy to add a new API that can be given a TLS context at creation even if it should do STARTTLS. With this commit, only the exposed server_select-compatible API assumes Direct TLS when a TLS context is included. diff -r 21c2f3331c59 -r 33d500c25d76 net/server_epoll.lua --- a/net/server_epoll.lua Thu Sep 13 16:45:18 2018 +0100 +++ b/net/server_epoll.lua Thu Sep 13 20:37:43 2018 +0200 @@ -454,7 +454,6 @@ self.onreadable = nil; self._tls = true; self:on("status", "ssl-handshake-complete"); - self.init = nil; -- Restore default method self:init(); elseif err == "wantread" then log("debug", "TLS handshake on %s to wait until readable", self); @@ -489,9 +488,6 @@ if client.getsockname then conn.sockname, conn.sockport = client:getsockname(); end - if tls_ctx then - conn.init = interface.starttls; - end return conn; end @@ -504,9 +500,13 @@ self:pausefor(cfg.accept_retry_interval); return; end - local client = wrapsocket(conn, self, nil, self.listeners, self.tls_ctx); + local client = wrapsocket(conn, self, nil, self.listeners); log("debug", "New connection %s", tostring(client)); - client:init(); + if self.tls_direct then + client:starttls(self.tls_ctx); + else + client:init(); + end end -- Initialization @@ -559,6 +559,7 @@ _pattern = pattern; onreadable = interface.onacceptable; tls_ctx = tls_ctx; + tls_direct = tls_ctx and true or false; sockname = addr; sockport = port; }, interface_mt); @@ -572,7 +573,11 @@ if not client.peername then client.peername, client.peerport = addr, port; end - client:init(); + if tls_ctx then + client:starttls(tls_ctx); + else + client:init(); + end return client; end @@ -583,7 +588,11 @@ conn:settimeout(0); conn:connect(addr, port); local client = wrapsocket(conn, nil, pattern, listeners, tls_ctx) - client:init(); + if tls_ctx then + client:starttls(tls_ctx); + else + client:init(); + end return client, conn; end