NAME

Mojo::IOLoop::TLS - Non-blocking TLS handshake

SYNOPSIS

use Mojo::IOLoop::TLS;

# Negotiate TLS
my $tls = Mojo::IOLoop::TLS->new($old_handle);
$tls->on(upgrade => sub {
  my ($tls, $new_handle) = @_;
  ...
});
$tls->on(error => sub {
  my ($tls, $err) = @_;
  ...
});
$tls->negotiate(server => 1, tls_version => 'TLSv1_2');

# Start reactor if necessary
$tls->reactor->start unless $tls->reactor->is_running;

DESCRIPTION

Mojo::IOLoop::TLS negotiates TLS for Mojo::IOLoop.

EVENTS

Mojo::IOLoop::TLS inherits all events from Mojo::EventEmitter and can emit the following new ones.

upgrade

$tls->on(upgrade => sub {
  my ($tls, $handle) = @_;
  ...
});

Emitted once TLS has been negotiated.

error

$tls->on(error => sub {
  my ($tls, $err) = @_;
  ...
});

Emitted if an error occurs during negotiation, fatal if unhandled.

ATTRIBUTES

Mojo::IOLoop::TLS implements the following attributes.

reactor

my $reactor = $tls->reactor;
$tls        = $tls->reactor(Mojo::Reactor::Poll->new);

Low-level event reactor, defaults to the reactor attribute value of the global Mojo::IOLoop singleton.

METHODS

Mojo::IOLoop::TLS inherits all methods from Mojo::EventEmitter and implements the following new ones.

can_tls

my $bool = Mojo::IOLoop::TLS->can_tls;

True if IO::Socket::SSL 1.94+ is installed and TLS support enabled.

negotiate

$tls->negotiate(server => 1, tls_version => 'TLSv1_2');
$tls->negotiate({server => 1, tls_version => 'TLSv1_2'});

Negotiate TLS.

These options are currently available:

server
server => 1

Negotiate TLS from the server-side, defaults to the client-side.

tls_ca
tls_ca => '/etc/tls/ca.crt'

Path to TLS certificate authority file. Also activates hostname verification on the client-side.

tls_cert
tls_cert => '/etc/tls/server.crt'
tls_cert => {'mojolicious.org' => '/etc/tls/mojo.crt'}

Path to the TLS cert file, defaults to a built-in test certificate on the server-side.

tls_ciphers
tls_ciphers => 'AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH'

TLS cipher specification string. For more information about the format see https://www.openssl.org/docs/manmaster/apps/ciphers.html#CIPHER-STRINGS.

tls_key
tls_key => '/etc/tls/server.key'
tls_key => {'mojolicious.org' => '/etc/tls/mojo.key'}

Path to the TLS key file, defaults to a built-in test key on the server-side.

tls_verify
tls_verify => 0x00

TLS verification mode, defaults to 0x03 on the server-side and 0x01 on the client-side if a certificate authority file has been provided, or 0x00.

tls_version
tls_version => 'TLSv1_2'

TLS protocol version.

new

my $tls = Mojo::IOLoop::TLS->new($handle);

Construct a new Mojo::IOLoop::Stream object.

SEE ALSO

Mojolicious, Mojolicious::Guides, https://mojolicious.org.