non-blocking SSL update

Brad Fitzpatrick brad at danga.com
Thu Sep 14 18:51:36 UTC 2006


Several people have been polling me, both on-list and off-, about the
state of non-blocking SSL in Perlbal.

The previous update was:  Perlbal just uses IO::Socket::SSL which was a
few line hack, but which blocked during connect.  It was more for dev than
production.  I then said I planned to extract DJabberd's
Danga::Socket-based SSL which was fully non-blocking.

The new update is I wrote a POP3 server which does SSL/StartTLS, etc, and
I did extract djabberd's SSL into a Danga::Socket::SSL subclass, which can
turn SSL on at any point, or act as a normal socket.

So now it's pretty easy to make Perlbal::Socket subclass
Danga::Socket::SSL instead of Danga::Socket, then we get good SSL.

The debate now is dependencies:

   -- make Perlbal require Danga::Socket::SSL?  that's one more,
      plus Danga::Socket::SSL requires Net::SSLeay, etc.

   -- optional dependency?  but then I guess we have to change
      the class inheritance (@ISA) at runtime.  but hell, it's Perl,
      why not?  Any interactions w/ fields.pm?  Maybe.

I haven't looked into these issues yet.

Danga::Socket::SSL might need some cleanup yet, too.

Any takers?

- Brad



More information about the perlbal mailing list