[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Asynchronous Network Security Manager
|
From: |
Lars Ingebrigtsen |
|
Subject: |
Asynchronous Network Security Manager |
|
Date: |
Mon, 15 Feb 2016 16:25:14 +1100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux) |
We've made the changes Eli suggested, so now we have the very final
problem associated with the async stuff: The network security manager.
We have not had asynchronous TLS connections until now, so we haven't
really had this problem before.
`open-network-stream', if given :type 'tls, would call
`network-stream-open-tls'. It used to start like this:
(defun network-stream-open-tls (name buffer host service parameters)
[...]
(stream
(funcall (if (gnutls-available-p)
'open-gnutls-stream
'open-tls-stream)
[...]
;; Check certificate validity etc.
(when (and (gnutls-available-p) stream)
(setq stream (nsm-verify-connection stream host service)))
With async TLS, the negotiation takes place later, of course, and
calling `nsm-verify-connection' here makes no sense.
network-stream-open-tls could put a sentinel on the process, but the
common application use case is
(progn
(setq proc (open-network-stream ...))
(set-process-sentinel proc ...))
so that obviously doesn't work.
I see two solutions:
1) We require callers to call `nsm-verify-connection' themselves in
their own sentinels. (Yuck.)
2) We call `nsm-verify-connection' after the asynchronous TLS
negotiation has finished, and before notifying the user sentinel that
the socket has connected.
Hm... I've never called complex Lisp code from the C layer before. Is
that an A-OK thing to do?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- Asynchronous Network Security Manager,
Lars Ingebrigtsen <=