xref: /freebsd/contrib/bearssl/tools/sslio.c (revision 0e8011faf58b743cc652e3b2ad0f7671227610df)
1 /*
2  * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining
5  * a copy of this software and associated documentation files (the
6  * "Software"), to deal in the Software without restriction, including
7  * without limitation the rights to use, copy, modify, merge, publish,
8  * distribute, sublicense, and/or sell copies of the Software, and to
9  * permit persons to whom the Software is furnished to do so, subject to
10  * the following conditions:
11  *
12  * The above copyright notice and this permission notice shall be
13  * included in all copies or substantial portions of the Software.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22  * SOFTWARE.
23  */
24 
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <stdint.h>
29 #include <errno.h>
30 
31 #ifdef _WIN32
32 #include <winsock2.h>
33 #include <ws2tcpip.h>
34 #else
35 #include <sys/types.h>
36 #include <sys/socket.h>
37 #include <netdb.h>
38 #include <netinet/in.h>
39 #include <arpa/inet.h>
40 #include <unistd.h>
41 #include <fcntl.h>
42 #include <poll.h>
43 
44 #define SOCKET           int
45 #define INVALID_SOCKET   (-1)
46 #endif
47 
48 #include "brssl.h"
49 
50 static void
51 dump_blob(const char *name, const void *data, size_t len)
52 {
53 	const unsigned char *buf;
54 	size_t u;
55 
56 	buf = data;
57 	fprintf(stderr, "%s (len = %lu)", name, (unsigned long)len);
58 	for (u = 0; u < len; u ++) {
59 		if ((u & 15) == 0) {
60 			fprintf(stderr, "\n%08lX  ", (unsigned long)u);
61 		} else if ((u & 7) == 0) {
62 			fprintf(stderr, " ");
63 		}
64 		fprintf(stderr, " %02x", buf[u]);
65 	}
66 	fprintf(stderr, "\n");
67 }
68 
69 /*
70  * Inspect the provided data in case it is a "command" to trigger a
71  * special behaviour. If the command is recognised, then it is executed
72  * and this function returns 1. Otherwise, this function returns 0.
73  */
74 static int
75 run_command(br_ssl_engine_context *cc, unsigned char *buf, size_t len)
76 {
77 	/*
78 	 * A single static slot for saving session parameters.
79 	 */
80 	static br_ssl_session_parameters slot;
81 	static int slot_used = 0;
82 
83 	size_t u;
84 
85 	if (len < 2 || len > 3) {
86 		return 0;
87 	}
88 	if (len == 3 && (buf[1] != '\r' || buf[2] != '\n')) {
89 		return 0;
90 	}
91 	if (len == 2 && buf[1] != '\n') {
92 		return 0;
93 	}
94 	switch (buf[0]) {
95 	case 'Q':
96 		fprintf(stderr, "closing...\n");
97 		br_ssl_engine_close(cc);
98 		return 1;
99 	case 'R':
100 		if (br_ssl_engine_renegotiate(cc)) {
101 			fprintf(stderr, "renegotiating...\n");
102 		} else {
103 			fprintf(stderr, "not renegotiating.\n");
104 		}
105 		return 1;
106 	case 'F':
107 		/*
108 		 * Session forget is nominally client-only. But the
109 		 * session parameters are in the engine structure, which
110 		 * is the first field of the client context, so the cast
111 		 * still works properly. On the server, this forgetting
112 		 * has no effect.
113 		 */
114 		fprintf(stderr, "forgetting session...\n");
115 		br_ssl_client_forget_session((br_ssl_client_context *)cc);
116 		return 1;
117 	case 'S':
118 		fprintf(stderr, "saving session parameters...\n");
119 		br_ssl_engine_get_session_parameters(cc, &slot);
120 		fprintf(stderr, "  id = ");
121 		for (u = 0; u < slot.session_id_len; u ++) {
122 			fprintf(stderr, "%02X", slot.session_id[u]);
123 		}
124 		fprintf(stderr, "\n");
125 		slot_used = 1;
126 		return 1;
127 	case 'P':
128 		if (slot_used) {
129 			fprintf(stderr, "restoring session parameters...\n");
130 			fprintf(stderr, "  id = ");
131 			for (u = 0; u < slot.session_id_len; u ++) {
132 				fprintf(stderr, "%02X", slot.session_id[u]);
133 			}
134 			fprintf(stderr, "\n");
135 			br_ssl_engine_set_session_parameters(cc, &slot);
136 			return 1;
137 		}
138 		return 0;
139 	default:
140 		return 0;
141 	}
142 }
143 
144 #ifdef _WIN32
145 
146 typedef struct {
147 	unsigned char buf[1024];
148 	size_t ptr, len;
149 } in_buffer;
150 
151 static int
152 in_return_bytes(in_buffer *bb, unsigned char *buf, size_t len)
153 {
154 	if (bb->ptr < bb->len) {
155 		size_t clen;
156 
157 		if (buf == NULL) {
158 			return 1;
159 		}
160 		clen = bb->len - bb->ptr;
161 		if (clen > len) {
162 			clen = len;
163 		}
164 		memcpy(buf, bb->buf + bb->ptr, clen);
165 		bb->ptr += clen;
166 		if (bb->ptr == bb->len) {
167 			bb->ptr = bb->len = 0;
168 		}
169 		return (int)clen;
170 	}
171 	return 0;
172 }
173 
174 /*
175  * A buffered version of in_read(), using a buffer to return only
176  * full lines when feasible.
177  */
178 static int
179 in_read_buffered(HANDLE h_in, in_buffer *bb, unsigned char *buf, size_t len)
180 {
181 	int n;
182 
183 	if (len == 0) {
184 		return 0;
185 	}
186 	n = in_return_bytes(bb, buf, len);
187 	if (n != 0) {
188 		return n;
189 	}
190 	for (;;) {
191 		INPUT_RECORD inrec;
192 		DWORD v;
193 
194 		if (!PeekConsoleInput(h_in, &inrec, 1, &v)) {
195 			fprintf(stderr, "ERROR: PeekConsoleInput()"
196 				" failed with 0x%08lX\n",
197 				(unsigned long)GetLastError());
198 			return -1;
199 		}
200 		if (v == 0) {
201 			return 0;
202 		}
203 		if (!ReadConsoleInput(h_in, &inrec, 1, &v)) {
204 			fprintf(stderr, "ERROR: ReadConsoleInput()"
205 				" failed with 0x%08lX\n",
206 				(unsigned long)GetLastError());
207 			return -1;
208 		}
209 		if (v == 0) {
210 			return 0;
211 		}
212 		if (inrec.EventType == KEY_EVENT
213 			&& inrec.Event.KeyEvent.bKeyDown)
214 		{
215 			int c;
216 
217 			c = inrec.Event.KeyEvent.uChar.AsciiChar;
218 			if (c == '\n' || c == '\r' || c == '\t'
219 				|| (c >= 32 && c != 127))
220 			{
221 				if (c == '\r') {
222 					c = '\n';
223 				}
224 				bb->buf[bb->ptr ++] = (unsigned char)c;
225 				printf("%c", c);
226 				fflush(stdout);
227 				bb->len = bb->ptr;
228 				if (bb->len == sizeof bb->buf || c == '\n') {
229 					bb->ptr = 0;
230 					return in_return_bytes(bb, buf, len);
231 				}
232 			}
233 		}
234 	}
235 }
236 
237 static int
238 in_avail_buffered(HANDLE h_in, in_buffer *bb)
239 {
240 	return in_read_buffered(h_in, bb, NULL, 1);
241 }
242 
243 #endif
244 
245 /* see brssl.h */
246 int
247 run_ssl_engine(br_ssl_engine_context *cc, unsigned long fd, unsigned flags)
248 {
249 	int hsdetails;
250 	int retcode;
251 	int verbose;
252 	int trace;
253 #ifdef _WIN32
254 	WSAEVENT fd_event;
255 	int can_send, can_recv;
256 	HANDLE h_in, h_out;
257 	in_buffer bb;
258 #endif
259 
260 	hsdetails = 0;
261 	retcode = 0;
262 	verbose = (flags & RUN_ENGINE_VERBOSE) != 0;
263 	trace = (flags & RUN_ENGINE_TRACE) != 0;
264 
265 	/*
266 	 * Print algorithm details.
267 	 */
268 	if (verbose) {
269 		const char *rngname;
270 
271 		fprintf(stderr, "Algorithms:\n");
272 		br_prng_seeder_system(&rngname);
273 		fprintf(stderr, "   RNG:           %s\n", rngname);
274 		if (cc->iaes_cbcenc != 0) {
275 			fprintf(stderr, "   AES/CBC (enc): %s\n",
276 				get_algo_name(cc->iaes_cbcenc, 0));
277 		}
278 		if (cc->iaes_cbcdec != 0) {
279 			fprintf(stderr, "   AES/CBC (dec): %s\n",
280 				get_algo_name(cc->iaes_cbcdec, 0));
281 		}
282 		if (cc->iaes_ctr != 0) {
283 			fprintf(stderr, "   AES/CTR:       %s\n",
284 				get_algo_name(cc->iaes_ctr, 0));
285 		}
286 		if (cc->iaes_ctrcbc != 0) {
287 			fprintf(stderr, "   AES/CCM:       %s\n",
288 				get_algo_name(cc->iaes_ctrcbc, 0));
289 		}
290 		if (cc->ides_cbcenc != 0) {
291 			fprintf(stderr, "   DES/CBC (enc): %s\n",
292 				get_algo_name(cc->ides_cbcenc, 0));
293 		}
294 		if (cc->ides_cbcdec != 0) {
295 			fprintf(stderr, "   DES/CBC (dec): %s\n",
296 				get_algo_name(cc->ides_cbcdec, 0));
297 		}
298 		if (cc->ighash != 0) {
299 			fprintf(stderr, "   GHASH (GCM):   %s\n",
300 				get_algo_name(cc->ighash, 0));
301 		}
302 		if (cc->ichacha != 0) {
303 			fprintf(stderr, "   ChaCha20:      %s\n",
304 				get_algo_name(cc->ichacha, 0));
305 		}
306 		if (cc->ipoly != 0) {
307 			fprintf(stderr, "   Poly1305:      %s\n",
308 				get_algo_name(cc->ipoly, 0));
309 		}
310 		if (cc->iec != 0) {
311 			fprintf(stderr, "   EC:            %s\n",
312 				get_algo_name(cc->iec, 0));
313 		}
314 		if (cc->iecdsa != 0) {
315 			fprintf(stderr, "   ECDSA:         %s\n",
316 				get_algo_name(cc->iecdsa, 0));
317 		}
318 		if (cc->irsavrfy != 0) {
319 			fprintf(stderr, "   RSA (vrfy):    %s\n",
320 				get_algo_name(cc->irsavrfy, 0));
321 		}
322 	}
323 
324 #ifdef _WIN32
325 	fd_event = WSA_INVALID_EVENT;
326 	can_send = 0;
327 	can_recv = 0;
328 	bb.ptr = bb.len = 0;
329 #endif
330 
331 	/*
332 	 * On Unix systems, we need to follow three descriptors:
333 	 * standard input (0), standard output (1), and the socket
334 	 * itself (for both read and write). This is done with a poll()
335 	 * call.
336 	 *
337 	 * On Windows systems, we use WSAEventSelect() to associate
338 	 * an event handle with the network activity, and we use
339 	 * WaitForMultipleObjectsEx() on that handle and the standard
340 	 * input handle, when appropriate. Standard output is assumed
341 	 * to be always writeable, and standard input to be the console;
342 	 * this does not work well (or at all) with redirections (to
343 	 * pipes or files) but it should be enough for a debug tool
344 	 * (TODO: make something that handles redirections as well).
345 	 */
346 
347 #ifdef _WIN32
348 	fd_event = WSACreateEvent();
349 	if (fd_event == WSA_INVALID_EVENT) {
350 		fprintf(stderr, "ERROR: WSACreateEvent() failed with %d\n",
351 			WSAGetLastError());
352 		retcode = -2;
353 		goto engine_exit;
354 	}
355 	WSAEventSelect(fd, fd_event, FD_READ | FD_WRITE | FD_CLOSE);
356 	h_in = GetStdHandle(STD_INPUT_HANDLE);
357 	h_out = GetStdHandle(STD_OUTPUT_HANDLE);
358 	SetConsoleMode(h_in, ENABLE_ECHO_INPUT
359 		| ENABLE_LINE_INPUT
360 		| ENABLE_PROCESSED_INPUT
361 		| ENABLE_PROCESSED_OUTPUT
362 		| ENABLE_WRAP_AT_EOL_OUTPUT);
363 #else
364 	/*
365 	 * Make sure that stdin and stdout are non-blocking.
366 	 */
367 	fcntl(0, F_SETFL, O_NONBLOCK);
368 	fcntl(1, F_SETFL, O_NONBLOCK);
369 #endif
370 
371 	/*
372 	 * Perform the loop.
373 	 */
374 	for (;;) {
375 		unsigned st;
376 		int sendrec, recvrec, sendapp, recvapp;
377 #ifdef _WIN32
378 		HANDLE pfd[2];
379 		DWORD wt;
380 #else
381 		struct pollfd pfd[3];
382 		int n;
383 #endif
384 		size_t u, k_fd, k_in, k_out;
385 		int sendrec_ok, recvrec_ok, sendapp_ok, recvapp_ok;
386 
387 		/*
388 		 * Get current engine state.
389 		 */
390 		st = br_ssl_engine_current_state(cc);
391 		if (st == BR_SSL_CLOSED) {
392 			int err;
393 
394 			err = br_ssl_engine_last_error(cc);
395 			if (err == BR_ERR_OK) {
396 				if (verbose) {
397 					fprintf(stderr,
398 						"SSL closed normally\n");
399 				}
400 				retcode = 0;
401 				goto engine_exit;
402 			} else {
403 				fprintf(stderr, "ERROR: SSL error %d", err);
404 				retcode = err;
405 				if (err >= BR_ERR_SEND_FATAL_ALERT) {
406 					err -= BR_ERR_SEND_FATAL_ALERT;
407 					fprintf(stderr,
408 						" (sent alert %d)\n", err);
409 				} else if (err >= BR_ERR_RECV_FATAL_ALERT) {
410 					err -= BR_ERR_RECV_FATAL_ALERT;
411 					fprintf(stderr,
412 						" (received alert %d)\n", err);
413 				} else {
414 					const char *ename;
415 
416 					ename = find_error_name(err, NULL);
417 					if (ename == NULL) {
418 						ename = "unknown";
419 					}
420 					fprintf(stderr, " (%s)\n", ename);
421 				}
422 				goto engine_exit;
423 			}
424 		}
425 
426 		/*
427 		 * Compute descriptors that must be polled, depending
428 		 * on engine state.
429 		 */
430 		sendrec = ((st & BR_SSL_SENDREC) != 0);
431 		recvrec = ((st & BR_SSL_RECVREC) != 0);
432 		sendapp = ((st & BR_SSL_SENDAPP) != 0);
433 		recvapp = ((st & BR_SSL_RECVAPP) != 0);
434 		if (verbose && sendapp && !hsdetails) {
435 			char csn[80];
436 			const char *pname;
437 
438 			fprintf(stderr, "Handshake completed\n");
439 			fprintf(stderr, "   version:               ");
440 			switch (cc->session.version) {
441 			case BR_SSL30:
442 				fprintf(stderr, "SSL 3.0");
443 				break;
444 			case BR_TLS10:
445 				fprintf(stderr, "TLS 1.0");
446 				break;
447 			case BR_TLS11:
448 				fprintf(stderr, "TLS 1.1");
449 				break;
450 			case BR_TLS12:
451 				fprintf(stderr, "TLS 1.2");
452 				break;
453 			default:
454 				fprintf(stderr, "unknown (0x%04X)",
455 					(unsigned)cc->session.version);
456 				break;
457 			}
458 			fprintf(stderr, "\n");
459 			get_suite_name_ext(
460 				cc->session.cipher_suite, csn, sizeof csn);
461 			fprintf(stderr, "   cipher suite:          %s\n", csn);
462 			if (uses_ecdhe(cc->session.cipher_suite)) {
463 				get_curve_name_ext(
464 					br_ssl_engine_get_ecdhe_curve(cc),
465 					csn, sizeof csn);
466 				fprintf(stderr,
467 					"   ECDHE curve:           %s\n", csn);
468 			}
469 			fprintf(stderr, "   secure renegotiation:  %s\n",
470 				cc->reneg == 1 ? "no" : "yes");
471 			pname = br_ssl_engine_get_selected_protocol(cc);
472 			if (pname != NULL) {
473 				fprintf(stderr,
474 					"   protocol name (ALPN):  %s\n",
475 					pname);
476 			}
477 			hsdetails = 1;
478 		}
479 
480 		k_fd = (size_t)-1;
481 		k_in = (size_t)-1;
482 		k_out = (size_t)-1;
483 
484 		u = 0;
485 #ifdef _WIN32
486 		/*
487 		 * If we recorded that we can send or receive data, and we
488 		 * want to do exactly that, then we don't wait; we just do
489 		 * it.
490 		 */
491 		recvapp_ok = 0;
492 		sendrec_ok = 0;
493 		recvrec_ok = 0;
494 		sendapp_ok = 0;
495 
496 		if (sendrec && can_send) {
497 			sendrec_ok = 1;
498 		} else if (recvrec && can_recv) {
499 			recvrec_ok = 1;
500 		} else if (recvapp) {
501 			recvapp_ok = 1;
502 		} else if (sendapp && in_avail_buffered(h_in, &bb)) {
503 			sendapp_ok = 1;
504 		} else {
505 			/*
506 			 * If we cannot do I/O right away, then we must
507 			 * wait for some event, and try again.
508 			 */
509 			pfd[u] = (HANDLE)fd_event;
510 			k_fd = u;
511 			u ++;
512 			if (sendapp) {
513 				pfd[u] = h_in;
514 				k_in = u;
515 				u ++;
516 			}
517 			wt = WaitForMultipleObjectsEx(u, pfd,
518 				FALSE, INFINITE, FALSE);
519 			if (wt == WAIT_FAILED) {
520 				fprintf(stderr, "ERROR:"
521 					" WaitForMultipleObjectsEx()"
522 					" failed with 0x%08lX",
523 					(unsigned long)GetLastError());
524 				retcode = -2;
525 				goto engine_exit;
526 			}
527 			if (wt == k_fd) {
528 				WSANETWORKEVENTS e;
529 
530 				if (WSAEnumNetworkEvents(fd, fd_event, &e)) {
531 					fprintf(stderr, "ERROR:"
532 						" WSAEnumNetworkEvents()"
533 						" failed with %d\n",
534 						WSAGetLastError());
535 					retcode = -2;
536 					goto engine_exit;
537 				}
538 				if (e.lNetworkEvents & (FD_WRITE | FD_CLOSE)) {
539 					can_send = 1;
540 				}
541 				if (e.lNetworkEvents & (FD_READ | FD_CLOSE)) {
542 					can_recv = 1;
543 				}
544 			}
545 			continue;
546 		}
547 #else
548 		if (sendrec || recvrec) {
549 			pfd[u].fd = fd;
550 			pfd[u].revents = 0;
551 			pfd[u].events = 0;
552 			if (sendrec) {
553 				pfd[u].events |= POLLOUT;
554 			}
555 			if (recvrec) {
556 				pfd[u].events |= POLLIN;
557 			}
558 			k_fd = u;
559 			u ++;
560 		}
561 		if (sendapp) {
562 			pfd[u].fd = 0;
563 			pfd[u].revents = 0;
564 			pfd[u].events = POLLIN;
565 			k_in = u;
566 			u ++;
567 		}
568 		if (recvapp) {
569 			pfd[u].fd = 1;
570 			pfd[u].revents = 0;
571 			pfd[u].events = POLLOUT;
572 			k_out = u;
573 			u ++;
574 		}
575 		n = poll(pfd, u, -1);
576 		if (n < 0) {
577 			if (errno == EINTR) {
578 				continue;
579 			}
580 			perror("ERROR: poll()");
581 			retcode = -2;
582 			goto engine_exit;
583 		}
584 		if (n == 0) {
585 			continue;
586 		}
587 
588 		/*
589 		 * We transform closures/errors into read+write accesses
590 		 * so as to force the read() or write() call that will
591 		 * detect the situation.
592 		 */
593 		while (u -- > 0) {
594 			if (pfd[u].revents & (POLLERR | POLLHUP)) {
595 				pfd[u].revents |= POLLIN | POLLOUT;
596 			}
597 		}
598 
599 		recvapp_ok = recvapp && (pfd[k_out].revents & POLLOUT) != 0;
600 		sendrec_ok = sendrec && (pfd[k_fd].revents & POLLOUT) != 0;
601 		recvrec_ok = recvrec && (pfd[k_fd].revents & POLLIN) != 0;
602 		sendapp_ok = sendapp && (pfd[k_in].revents & POLLIN) != 0;
603 #endif
604 
605 		/*
606 		 * We give preference to outgoing data, on stdout and on
607 		 * the socket.
608 		 */
609 		if (recvapp_ok) {
610 			unsigned char *buf;
611 			size_t len;
612 #ifdef _WIN32
613 			DWORD wlen;
614 #else
615 			ssize_t wlen;
616 #endif
617 
618 			buf = br_ssl_engine_recvapp_buf(cc, &len);
619 #ifdef _WIN32
620 			if (!WriteFile(h_out, buf, len, &wlen, NULL)) {
621 				if (verbose) {
622 					fprintf(stderr, "stdout closed...\n");
623 				}
624 				retcode = -2;
625 				goto engine_exit;
626 			}
627 #else
628 			wlen = write(1, buf, len);
629 			if (wlen <= 0) {
630 				if (verbose) {
631 					fprintf(stderr, "stdout closed...\n");
632 				}
633 				retcode = -2;
634 				goto engine_exit;
635 			}
636 #endif
637 			br_ssl_engine_recvapp_ack(cc, wlen);
638 			continue;
639 		}
640 		if (sendrec_ok) {
641 			unsigned char *buf;
642 			size_t len;
643 			int wlen;
644 
645 			buf = br_ssl_engine_sendrec_buf(cc, &len);
646 			wlen = send(fd, buf, len, 0);
647 			if (wlen <= 0) {
648 #ifdef _WIN32
649 				int err;
650 
651 				err = WSAGetLastError();
652 				if (err == EWOULDBLOCK
653 					|| err == WSAEWOULDBLOCK)
654 				{
655 					can_send = 0;
656 					continue;
657 				}
658 #else
659 				if (errno == EINTR || errno == EWOULDBLOCK) {
660 					continue;
661 				}
662 #endif
663 				if (verbose) {
664 					fprintf(stderr, "socket closed...\n");
665 				}
666 				retcode = -1;
667 				goto engine_exit;
668 			}
669 			if (trace) {
670 				dump_blob("Outgoing bytes", buf, wlen);
671 			}
672 			br_ssl_engine_sendrec_ack(cc, wlen);
673 			continue;
674 		}
675 		if (recvrec_ok) {
676 			unsigned char *buf;
677 			size_t len;
678 			int rlen;
679 
680 			buf = br_ssl_engine_recvrec_buf(cc, &len);
681 			rlen = recv(fd, buf, len, 0);
682 			if (rlen == 0) {
683 				if (verbose) {
684 					fprintf(stderr, "socket closed...\n");
685 				}
686 				retcode = -1;
687 				goto engine_exit;
688 			}
689 			if (rlen < 0) {
690 #ifdef _WIN32
691 				int err;
692 
693 				err = WSAGetLastError();
694 				if (err == EWOULDBLOCK
695 					|| err == WSAEWOULDBLOCK)
696 				{
697 					can_recv = 0;
698 					continue;
699 				}
700 #else
701 				if (errno == EINTR || errno == EWOULDBLOCK) {
702 					continue;
703 				}
704 #endif
705 				if (verbose) {
706 					fprintf(stderr, "socket broke...\n");
707 				}
708 				retcode = -1;
709 				goto engine_exit;
710 			}
711 			if (trace) {
712 				dump_blob("Incoming bytes", buf, rlen);
713 			}
714 			br_ssl_engine_recvrec_ack(cc, rlen);
715 			continue;
716 		}
717 		if (sendapp_ok) {
718 			unsigned char *buf;
719 			size_t len;
720 #ifdef _WIN32
721 			int rlen;
722 #else
723 			ssize_t rlen;
724 #endif
725 
726 			buf = br_ssl_engine_sendapp_buf(cc, &len);
727 #ifdef _WIN32
728 			rlen = in_read_buffered(h_in, &bb, buf, len);
729 #else
730 			rlen = read(0, buf, len);
731 #endif
732 			if (rlen <= 0) {
733 				if (verbose) {
734 					fprintf(stderr, "stdin closed...\n");
735 				}
736 				br_ssl_engine_close(cc);
737 			} else if (!run_command(cc, buf, rlen)) {
738 				br_ssl_engine_sendapp_ack(cc, rlen);
739 			}
740 			br_ssl_engine_flush(cc, 0);
741 			continue;
742 		}
743 
744 		/* We should never reach that point. */
745 		fprintf(stderr, "ERROR: poll() misbehaves\n");
746 		retcode = -2;
747 		goto engine_exit;
748 	}
749 
750 	/*
751 	 * Release allocated structures.
752 	 */
753 engine_exit:
754 #ifdef _WIN32
755 	if (fd_event != WSA_INVALID_EVENT) {
756 		WSACloseEvent(fd_event);
757 	}
758 #endif
759 	return retcode;
760 }
761