1 /* 2 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. The name of the author may not be used to endorse or promote products 13 * derived from this software without specific prior written permission. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 // Get rid of OSX 10.7 and greater deprecation warnings. 28 #if defined(__APPLE__) && defined(__clang__) 29 #pragma clang diagnostic ignored "-Wdeprecated-declarations" 30 #endif 31 32 #include "event2/event-config.h" 33 #include "evconfig-private.h" 34 35 #include <sys/types.h> 36 37 #ifdef EVENT__HAVE_SYS_TIME_H 38 #include <sys/time.h> 39 #endif 40 41 #include <errno.h> 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #ifdef EVENT__HAVE_STDARG_H 46 #include <stdarg.h> 47 #endif 48 #ifdef EVENT__HAVE_UNISTD_H 49 #include <unistd.h> 50 #endif 51 52 #ifdef _WIN32 53 #include <winsock2.h> 54 #endif 55 56 #include "event2/bufferevent.h" 57 #include "event2/bufferevent_struct.h" 58 #include "event2/bufferevent_ssl.h" 59 #include "event2/buffer.h" 60 #include "event2/event.h" 61 62 #include "mm-internal.h" 63 #include "bufferevent-internal.h" 64 #include "log-internal.h" 65 66 #include <openssl/ssl.h> 67 #include <openssl/err.h> 68 #include "openssl-compat.h" 69 70 /* 71 * Define an OpenSSL bio that targets a bufferevent. 72 */ 73 74 /* -------------------- 75 A BIO is an OpenSSL abstraction that handles reading and writing data. The 76 library will happily speak SSL over anything that implements a BIO 77 interface. 78 79 Here we define a BIO implementation that directs its output to a 80 bufferevent. We'll want to use this only when none of OpenSSL's built-in 81 IO mechanisms work for us. 82 -------------------- */ 83 84 /* every BIO type needs its own integer type value. */ 85 #define BIO_TYPE_LIBEVENT 57 86 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on 87 * this. */ 88 89 #if 0 90 static void 91 print_err(int val) 92 { 93 int err; 94 printf("Error was %d\n", val); 95 96 while ((err = ERR_get_error())) { 97 const char *msg = (const char*)ERR_reason_error_string(err); 98 const char *lib = (const char*)ERR_lib_error_string(err); 99 const char *func = (const char*)ERR_func_error_string(err); 100 101 printf("%s in %s %s\n", msg, lib, func); 102 } 103 } 104 #else 105 #define print_err(v) ((void)0) 106 #endif 107 108 /* Called to initialize a new BIO */ 109 static int 110 bio_bufferevent_new(BIO *b) 111 { 112 BIO_set_init(b, 0); 113 BIO_set_data(b, NULL); /* We'll be putting the bufferevent in this field.*/ 114 return 1; 115 } 116 117 /* Called to uninitialize the BIO. */ 118 static int 119 bio_bufferevent_free(BIO *b) 120 { 121 if (!b) 122 return 0; 123 if (BIO_get_shutdown(b)) { 124 if (BIO_get_init(b) && BIO_get_data(b)) 125 bufferevent_free(BIO_get_data(b)); 126 BIO_free(b); 127 } 128 return 1; 129 } 130 131 /* Called to extract data from the BIO. */ 132 static int 133 bio_bufferevent_read(BIO *b, char *out, int outlen) 134 { 135 int r = 0; 136 struct evbuffer *input; 137 138 BIO_clear_retry_flags(b); 139 140 if (!out) 141 return 0; 142 if (!BIO_get_data(b)) 143 return -1; 144 145 input = bufferevent_get_input(BIO_get_data(b)); 146 if (evbuffer_get_length(input) == 0) { 147 /* If there's no data to read, say so. */ 148 BIO_set_retry_read(b); 149 return -1; 150 } else { 151 r = evbuffer_remove(input, out, outlen); 152 } 153 154 return r; 155 } 156 157 /* Called to write data into the BIO */ 158 static int 159 bio_bufferevent_write(BIO *b, const char *in, int inlen) 160 { 161 struct bufferevent *bufev = BIO_get_data(b); 162 struct evbuffer *output; 163 size_t outlen; 164 165 BIO_clear_retry_flags(b); 166 167 if (!BIO_get_data(b)) 168 return -1; 169 170 output = bufferevent_get_output(bufev); 171 outlen = evbuffer_get_length(output); 172 173 /* Copy only as much data onto the output buffer as can fit under the 174 * high-water mark. */ 175 if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { 176 if (bufev->wm_write.high <= outlen) { 177 /* If no data can fit, we'll need to retry later. */ 178 BIO_set_retry_write(b); 179 return -1; 180 } 181 inlen = bufev->wm_write.high - outlen; 182 } 183 184 EVUTIL_ASSERT(inlen > 0); 185 evbuffer_add(output, in, inlen); 186 return inlen; 187 } 188 189 /* Called to handle various requests */ 190 static long 191 bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) 192 { 193 struct bufferevent *bufev = BIO_get_data(b); 194 long ret = 1; 195 196 switch (cmd) { 197 case BIO_CTRL_GET_CLOSE: 198 ret = BIO_get_shutdown(b); 199 break; 200 case BIO_CTRL_SET_CLOSE: 201 BIO_set_shutdown(b, (int)num); 202 break; 203 case BIO_CTRL_PENDING: 204 ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; 205 break; 206 case BIO_CTRL_WPENDING: 207 ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; 208 break; 209 /* XXXX These two are given a special-case treatment because 210 * of cargo-cultism. I should come up with a better reason. */ 211 case BIO_CTRL_DUP: 212 case BIO_CTRL_FLUSH: 213 ret = 1; 214 break; 215 default: 216 ret = 0; 217 break; 218 } 219 return ret; 220 } 221 222 /* Called to write a string to the BIO */ 223 static int 224 bio_bufferevent_puts(BIO *b, const char *s) 225 { 226 return bio_bufferevent_write(b, s, strlen(s)); 227 } 228 229 /* Method table for the bufferevent BIO */ 230 static BIO_METHOD *methods_bufferevent; 231 232 /* Return the method table for the bufferevents BIO */ 233 static BIO_METHOD * 234 BIO_s_bufferevent(void) 235 { 236 if (methods_bufferevent == NULL) { 237 methods_bufferevent = BIO_meth_new(BIO_TYPE_LIBEVENT, "bufferevent"); 238 if (methods_bufferevent == NULL) 239 return NULL; 240 BIO_meth_set_write(methods_bufferevent, bio_bufferevent_write); 241 BIO_meth_set_read(methods_bufferevent, bio_bufferevent_read); 242 BIO_meth_set_puts(methods_bufferevent, bio_bufferevent_puts); 243 BIO_meth_set_ctrl(methods_bufferevent, bio_bufferevent_ctrl); 244 BIO_meth_set_create(methods_bufferevent, bio_bufferevent_new); 245 BIO_meth_set_destroy(methods_bufferevent, bio_bufferevent_free); 246 } 247 return methods_bufferevent; 248 } 249 250 /* Create a new BIO to wrap communication around a bufferevent. If close_flag 251 * is true, the bufferevent will be freed when the BIO is closed. */ 252 static BIO * 253 BIO_new_bufferevent(struct bufferevent *bufferevent) 254 { 255 BIO *result; 256 if (!bufferevent) 257 return NULL; 258 if (!(result = BIO_new(BIO_s_bufferevent()))) 259 return NULL; 260 BIO_set_init(result, 1); 261 BIO_set_data(result, bufferevent); 262 /* We don't tell the BIO to close the bufferevent; we do it ourselves on 263 * be_openssl_destruct() */ 264 BIO_set_shutdown(result, 0); 265 return result; 266 } 267 268 /* -------------------- 269 Now, here's the OpenSSL-based implementation of bufferevent. 270 271 The implementation comes in two flavors: one that connects its SSL object 272 to an underlying bufferevent using a BIO_bufferevent, and one that has the 273 SSL object connect to a socket directly. The latter should generally be 274 faster, except on Windows, where your best bet is using a 275 bufferevent_async. 276 277 (OpenSSL supports many other BIO types, too. But we can't use any unless 278 we have a good way to get notified when they become readable/writable.) 279 -------------------- */ 280 281 struct bio_data_counts { 282 unsigned long n_written; 283 unsigned long n_read; 284 }; 285 286 struct bufferevent_openssl { 287 /* Shared fields with common bufferevent implementation code. 288 If we were set up with an underlying bufferevent, we use the 289 events here as timers only. If we have an SSL, then we use 290 the events as socket events. 291 */ 292 struct bufferevent_private bev; 293 /* An underlying bufferevent that we're directing our output to. 294 If it's NULL, then we're connected to an fd, not an evbuffer. */ 295 struct bufferevent *underlying; 296 /* The SSL object doing our encryption. */ 297 SSL *ssl; 298 299 /* A callback that's invoked when data arrives on our outbuf so we 300 know to write data to the SSL. */ 301 struct evbuffer_cb_entry *outbuf_cb; 302 303 /* A count of how much data the bios have read/written total. Used 304 for rate-limiting. */ 305 struct bio_data_counts counts; 306 307 /* If this value is greater than 0, then the last SSL_write blocked, 308 * and we need to try it again with this many bytes. */ 309 ev_ssize_t last_write; 310 311 #define NUM_ERRORS 3 312 ev_uint32_t errors[NUM_ERRORS]; 313 314 /* When we next get available space, we should say "read" instead of 315 "write". This can happen if there's a renegotiation during a read 316 operation. */ 317 unsigned read_blocked_on_write : 1; 318 /* When we next get data, we should say "write" instead of "read". */ 319 unsigned write_blocked_on_read : 1; 320 /* Treat TCP close before SSL close on SSL >= v3 as clean EOF. */ 321 unsigned allow_dirty_shutdown : 1; 322 /* XXX */ 323 unsigned n_errors : 2; 324 325 /* Are we currently connecting, accepting, or doing IO? */ 326 unsigned state : 2; 327 /* If we reset fd, we sould reset state too */ 328 unsigned old_state : 2; 329 }; 330 331 static int be_openssl_enable(struct bufferevent *, short); 332 static int be_openssl_disable(struct bufferevent *, short); 333 static void be_openssl_unlink(struct bufferevent *); 334 static void be_openssl_destruct(struct bufferevent *); 335 static int be_openssl_adj_timeouts(struct bufferevent *); 336 static int be_openssl_flush(struct bufferevent *bufev, 337 short iotype, enum bufferevent_flush_mode mode); 338 static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); 339 340 const struct bufferevent_ops bufferevent_ops_openssl = { 341 "ssl", 342 evutil_offsetof(struct bufferevent_openssl, bev.bev), 343 be_openssl_enable, 344 be_openssl_disable, 345 be_openssl_unlink, 346 be_openssl_destruct, 347 be_openssl_adj_timeouts, 348 be_openssl_flush, 349 be_openssl_ctrl, 350 }; 351 352 /* Given a bufferevent, return a pointer to the bufferevent_openssl that 353 * contains it, if any. */ 354 static inline struct bufferevent_openssl * 355 upcast(struct bufferevent *bev) 356 { 357 struct bufferevent_openssl *bev_o; 358 if (!BEV_IS_OPENSSL(bev)) 359 return NULL; 360 bev_o = (void*)( ((char*)bev) - 361 evutil_offsetof(struct bufferevent_openssl, bev.bev)); 362 EVUTIL_ASSERT(BEV_IS_OPENSSL(&bev_o->bev.bev)); 363 return bev_o; 364 } 365 366 static inline void 367 put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) 368 { 369 if (bev_ssl->n_errors == NUM_ERRORS) 370 return; 371 /* The error type according to openssl is "unsigned long", but 372 openssl never uses more than 32 bits of it. It _can't_ use more 373 than 32 bits of it, since it needs to report errors on systems 374 where long is only 32 bits. 375 */ 376 bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; 377 } 378 379 /* Have the base communications channel (either the underlying bufferevent or 380 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag 381 * into account. */ 382 static int 383 start_reading(struct bufferevent_openssl *bev_ssl) 384 { 385 if (bev_ssl->underlying) { 386 bufferevent_unsuspend_read_(bev_ssl->underlying, 387 BEV_SUSPEND_FILT_READ); 388 return 0; 389 } else { 390 struct bufferevent *bev = &bev_ssl->bev.bev; 391 int r; 392 r = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 393 if (r == 0 && bev_ssl->read_blocked_on_write) 394 r = bufferevent_add_event_(&bev->ev_write, 395 &bev->timeout_write); 396 return r; 397 } 398 } 399 400 /* Have the base communications channel (either the underlying bufferevent or 401 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag 402 * into account. */ 403 static int 404 start_writing(struct bufferevent_openssl *bev_ssl) 405 { 406 int r = 0; 407 if (bev_ssl->underlying) { 408 if (bev_ssl->write_blocked_on_read) { 409 bufferevent_unsuspend_read_(bev_ssl->underlying, 410 BEV_SUSPEND_FILT_READ); 411 } 412 } else { 413 struct bufferevent *bev = &bev_ssl->bev.bev; 414 r = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 415 if (!r && bev_ssl->write_blocked_on_read) 416 r = bufferevent_add_event_(&bev->ev_read, 417 &bev->timeout_read); 418 } 419 return r; 420 } 421 422 static void 423 stop_reading(struct bufferevent_openssl *bev_ssl) 424 { 425 if (bev_ssl->write_blocked_on_read) 426 return; 427 if (bev_ssl->underlying) { 428 bufferevent_suspend_read_(bev_ssl->underlying, 429 BEV_SUSPEND_FILT_READ); 430 } else { 431 struct bufferevent *bev = &bev_ssl->bev.bev; 432 event_del(&bev->ev_read); 433 } 434 } 435 436 static void 437 stop_writing(struct bufferevent_openssl *bev_ssl) 438 { 439 if (bev_ssl->read_blocked_on_write) 440 return; 441 if (bev_ssl->underlying) { 442 bufferevent_unsuspend_read_(bev_ssl->underlying, 443 BEV_SUSPEND_FILT_READ); 444 } else { 445 struct bufferevent *bev = &bev_ssl->bev.bev; 446 event_del(&bev->ev_write); 447 } 448 } 449 450 static int 451 set_rbow(struct bufferevent_openssl *bev_ssl) 452 { 453 if (!bev_ssl->underlying) 454 stop_reading(bev_ssl); 455 bev_ssl->read_blocked_on_write = 1; 456 return start_writing(bev_ssl); 457 } 458 459 static int 460 set_wbor(struct bufferevent_openssl *bev_ssl) 461 { 462 if (!bev_ssl->underlying) 463 stop_writing(bev_ssl); 464 bev_ssl->write_blocked_on_read = 1; 465 return start_reading(bev_ssl); 466 } 467 468 static int 469 clear_rbow(struct bufferevent_openssl *bev_ssl) 470 { 471 struct bufferevent *bev = &bev_ssl->bev.bev; 472 int r = 0; 473 bev_ssl->read_blocked_on_write = 0; 474 if (!(bev->enabled & EV_WRITE)) 475 stop_writing(bev_ssl); 476 if (bev->enabled & EV_READ) 477 r = start_reading(bev_ssl); 478 return r; 479 } 480 481 482 static int 483 clear_wbor(struct bufferevent_openssl *bev_ssl) 484 { 485 struct bufferevent *bev = &bev_ssl->bev.bev; 486 int r = 0; 487 bev_ssl->write_blocked_on_read = 0; 488 if (!(bev->enabled & EV_READ)) 489 stop_reading(bev_ssl); 490 if (bev->enabled & EV_WRITE) 491 r = start_writing(bev_ssl); 492 return r; 493 } 494 495 static void 496 conn_closed(struct bufferevent_openssl *bev_ssl, int when, int errcode, int ret) 497 { 498 int event = BEV_EVENT_ERROR; 499 int dirty_shutdown = 0; 500 unsigned long err; 501 502 switch (errcode) { 503 case SSL_ERROR_ZERO_RETURN: 504 /* Possibly a clean shutdown. */ 505 if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) 506 event = BEV_EVENT_EOF; 507 else 508 dirty_shutdown = 1; 509 break; 510 case SSL_ERROR_SYSCALL: 511 /* IO error; possibly a dirty shutdown. */ 512 if ((ret == 0 || ret == -1) && ERR_peek_error() == 0) 513 dirty_shutdown = 1; 514 put_error(bev_ssl, errcode); 515 break; 516 case SSL_ERROR_SSL: 517 /* Protocol error. */ 518 put_error(bev_ssl, errcode); 519 break; 520 case SSL_ERROR_WANT_X509_LOOKUP: 521 /* XXXX handle this. */ 522 put_error(bev_ssl, errcode); 523 break; 524 case SSL_ERROR_NONE: 525 case SSL_ERROR_WANT_READ: 526 case SSL_ERROR_WANT_WRITE: 527 case SSL_ERROR_WANT_CONNECT: 528 case SSL_ERROR_WANT_ACCEPT: 529 default: 530 /* should be impossible; treat as normal error. */ 531 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); 532 break; 533 } 534 535 while ((err = ERR_get_error())) { 536 put_error(bev_ssl, err); 537 } 538 539 if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) 540 event = BEV_EVENT_EOF; 541 542 stop_reading(bev_ssl); 543 stop_writing(bev_ssl); 544 545 /* when is BEV_EVENT_{READING|WRITING} */ 546 event = when | event; 547 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 548 } 549 550 static void 551 init_bio_counts(struct bufferevent_openssl *bev_ssl) 552 { 553 BIO *rbio, *wbio; 554 555 wbio = SSL_get_wbio(bev_ssl->ssl); 556 bev_ssl->counts.n_written = wbio ? BIO_number_written(wbio) : 0; 557 rbio = SSL_get_rbio(bev_ssl->ssl); 558 bev_ssl->counts.n_read = rbio ? BIO_number_read(rbio) : 0; 559 } 560 561 static inline void 562 decrement_buckets(struct bufferevent_openssl *bev_ssl) 563 { 564 unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 565 unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 566 /* These next two subtractions can wrap around. That's okay. */ 567 unsigned long w = num_w - bev_ssl->counts.n_written; 568 unsigned long r = num_r - bev_ssl->counts.n_read; 569 if (w) 570 bufferevent_decrement_write_buckets_(&bev_ssl->bev, w); 571 if (r) 572 bufferevent_decrement_read_buckets_(&bev_ssl->bev, r); 573 bev_ssl->counts.n_written = num_w; 574 bev_ssl->counts.n_read = num_r; 575 } 576 577 #define OP_MADE_PROGRESS 1 578 #define OP_BLOCKED 2 579 #define OP_ERR 4 580 581 /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if 582 we're now blocked); and OP_ERR (if an error occurred). */ 583 static int 584 do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { 585 /* Requires lock */ 586 struct bufferevent *bev = &bev_ssl->bev.bev; 587 struct evbuffer *input = bev->input; 588 int r, n, i, n_used = 0, atmost; 589 struct evbuffer_iovec space[2]; 590 int result = 0; 591 592 if (bev_ssl->bev.read_suspended) 593 return 0; 594 595 atmost = bufferevent_get_read_max_(&bev_ssl->bev); 596 if (n_to_read > atmost) 597 n_to_read = atmost; 598 599 n = evbuffer_reserve_space(input, n_to_read, space, 2); 600 if (n < 0) 601 return OP_ERR; 602 603 for (i=0; i<n; ++i) { 604 if (bev_ssl->bev.read_suspended) 605 break; 606 ERR_clear_error(); 607 r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); 608 if (r>0) { 609 result |= OP_MADE_PROGRESS; 610 if (bev_ssl->read_blocked_on_write) 611 if (clear_rbow(bev_ssl) < 0) 612 return OP_ERR | result; 613 ++n_used; 614 space[i].iov_len = r; 615 decrement_buckets(bev_ssl); 616 } else { 617 int err = SSL_get_error(bev_ssl->ssl, r); 618 print_err(err); 619 switch (err) { 620 case SSL_ERROR_WANT_READ: 621 /* Can't read until underlying has more data. */ 622 if (bev_ssl->read_blocked_on_write) 623 if (clear_rbow(bev_ssl) < 0) 624 return OP_ERR | result; 625 break; 626 case SSL_ERROR_WANT_WRITE: 627 /* This read operation requires a write, and the 628 * underlying is full */ 629 if (!bev_ssl->read_blocked_on_write) 630 if (set_rbow(bev_ssl) < 0) 631 return OP_ERR | result; 632 break; 633 default: 634 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 635 break; 636 } 637 result |= OP_BLOCKED; 638 break; /* out of the loop */ 639 } 640 } 641 642 if (n_used) { 643 evbuffer_commit_space(input, space, n_used); 644 if (bev_ssl->underlying) 645 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 646 } 647 648 return result; 649 } 650 651 /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if 652 we're now blocked); and OP_ERR (if an error occurred). */ 653 static int 654 do_write(struct bufferevent_openssl *bev_ssl, int atmost) 655 { 656 int i, r, n, n_written = 0; 657 struct bufferevent *bev = &bev_ssl->bev.bev; 658 struct evbuffer *output = bev->output; 659 struct evbuffer_iovec space[8]; 660 int result = 0; 661 662 if (bev_ssl->last_write > 0) 663 atmost = bev_ssl->last_write; 664 else 665 atmost = bufferevent_get_write_max_(&bev_ssl->bev); 666 667 n = evbuffer_peek(output, atmost, NULL, space, 8); 668 if (n < 0) 669 return OP_ERR | result; 670 671 if (n > 8) 672 n = 8; 673 for (i=0; i < n; ++i) { 674 if (bev_ssl->bev.write_suspended) 675 break; 676 677 /* SSL_write will (reasonably) return 0 if we tell it to 678 send 0 data. Skip this case so we don't interpret the 679 result as an error */ 680 if (space[i].iov_len == 0) 681 continue; 682 683 ERR_clear_error(); 684 r = SSL_write(bev_ssl->ssl, space[i].iov_base, 685 space[i].iov_len); 686 if (r > 0) { 687 result |= OP_MADE_PROGRESS; 688 if (bev_ssl->write_blocked_on_read) 689 if (clear_wbor(bev_ssl) < 0) 690 return OP_ERR | result; 691 n_written += r; 692 bev_ssl->last_write = -1; 693 decrement_buckets(bev_ssl); 694 } else { 695 int err = SSL_get_error(bev_ssl->ssl, r); 696 print_err(err); 697 switch (err) { 698 case SSL_ERROR_WANT_WRITE: 699 /* Can't read until underlying has more data. */ 700 if (bev_ssl->write_blocked_on_read) 701 if (clear_wbor(bev_ssl) < 0) 702 return OP_ERR | result; 703 bev_ssl->last_write = space[i].iov_len; 704 break; 705 case SSL_ERROR_WANT_READ: 706 /* This read operation requires a write, and the 707 * underlying is full */ 708 if (!bev_ssl->write_blocked_on_read) 709 if (set_wbor(bev_ssl) < 0) 710 return OP_ERR | result; 711 bev_ssl->last_write = space[i].iov_len; 712 break; 713 default: 714 conn_closed(bev_ssl, BEV_EVENT_WRITING, err, r); 715 bev_ssl->last_write = -1; 716 break; 717 } 718 result |= OP_BLOCKED; 719 break; 720 } 721 } 722 if (n_written) { 723 evbuffer_drain(output, n_written); 724 if (bev_ssl->underlying) 725 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 726 727 bufferevent_trigger_nolock_(bev, EV_WRITE, BEV_OPT_DEFER_CALLBACKS); 728 } 729 return result; 730 } 731 732 #define WRITE_FRAME 15000 733 734 #define READ_DEFAULT 4096 735 736 /* Try to figure out how many bytes to read; return 0 if we shouldn't be 737 * reading. */ 738 static int 739 bytes_to_read(struct bufferevent_openssl *bev) 740 { 741 struct evbuffer *input = bev->bev.bev.input; 742 struct event_watermark *wm = &bev->bev.bev.wm_read; 743 int result = READ_DEFAULT; 744 ev_ssize_t limit; 745 /* XXX 99% of this is generic code that nearly all bufferevents will 746 * want. */ 747 748 if (bev->write_blocked_on_read) { 749 return 0; 750 } 751 752 if (! (bev->bev.bev.enabled & EV_READ)) { 753 return 0; 754 } 755 756 if (bev->bev.read_suspended) { 757 return 0; 758 } 759 760 if (wm->high) { 761 if (evbuffer_get_length(input) >= wm->high) { 762 return 0; 763 } 764 765 result = wm->high - evbuffer_get_length(input); 766 } else { 767 result = READ_DEFAULT; 768 } 769 770 /* Respect the rate limit */ 771 limit = bufferevent_get_read_max_(&bev->bev); 772 if (result > limit) { 773 result = limit; 774 } 775 776 return result; 777 } 778 779 780 /* Things look readable. If write is blocked on read, write till it isn't. 781 * Read from the underlying buffer until we block or we hit our high-water 782 * mark. 783 */ 784 static void 785 consider_reading(struct bufferevent_openssl *bev_ssl) 786 { 787 int r; 788 int n_to_read; 789 int all_result_flags = 0; 790 791 while (bev_ssl->write_blocked_on_read) { 792 r = do_write(bev_ssl, WRITE_FRAME); 793 if (r & (OP_BLOCKED|OP_ERR)) 794 break; 795 } 796 if (bev_ssl->write_blocked_on_read) 797 return; 798 799 n_to_read = bytes_to_read(bev_ssl); 800 801 while (n_to_read) { 802 r = do_read(bev_ssl, n_to_read); 803 all_result_flags |= r; 804 805 if (r & (OP_BLOCKED|OP_ERR)) 806 break; 807 808 if (bev_ssl->bev.read_suspended) 809 break; 810 811 /* Read all pending data. This won't hit the network 812 * again, and will (most importantly) put us in a state 813 * where we don't need to read anything else until the 814 * socket is readable again. It'll potentially make us 815 * overrun our read high-watermark (somewhat 816 * regrettable). The damage to the rate-limit has 817 * already been done, since OpenSSL went and read a 818 * whole SSL record anyway. */ 819 n_to_read = SSL_pending(bev_ssl->ssl); 820 821 /* XXX This if statement is actually a bad bug, added to avoid 822 * XXX a worse bug. 823 * 824 * The bad bug: It can potentially cause resource unfairness 825 * by reading too much data from the underlying bufferevent; 826 * it can potentially cause read looping if the underlying 827 * bufferevent is a bufferevent_pair and deferred callbacks 828 * aren't used. 829 * 830 * The worse bug: If we didn't do this, then we would 831 * potentially not read any more from bev_ssl->underlying 832 * until more data arrived there, which could lead to us 833 * waiting forever. 834 */ 835 if (!n_to_read && bev_ssl->underlying) 836 n_to_read = bytes_to_read(bev_ssl); 837 } 838 839 if (all_result_flags & OP_MADE_PROGRESS) { 840 struct bufferevent *bev = &bev_ssl->bev.bev; 841 842 bufferevent_trigger_nolock_(bev, EV_READ, 0); 843 } 844 845 if (!bev_ssl->underlying) { 846 /* Should be redundant, but let's avoid busy-looping */ 847 if (bev_ssl->bev.read_suspended || 848 !(bev_ssl->bev.bev.enabled & EV_READ)) { 849 event_del(&bev_ssl->bev.bev.ev_read); 850 } 851 } 852 } 853 854 static void 855 consider_writing(struct bufferevent_openssl *bev_ssl) 856 { 857 int r; 858 struct evbuffer *output = bev_ssl->bev.bev.output; 859 struct evbuffer *target = NULL; 860 struct event_watermark *wm = NULL; 861 862 while (bev_ssl->read_blocked_on_write) { 863 r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ 864 if (r & OP_MADE_PROGRESS) { 865 struct bufferevent *bev = &bev_ssl->bev.bev; 866 867 bufferevent_trigger_nolock_(bev, EV_READ, 0); 868 } 869 if (r & (OP_ERR|OP_BLOCKED)) 870 break; 871 } 872 if (bev_ssl->read_blocked_on_write) 873 return; 874 if (bev_ssl->underlying) { 875 target = bev_ssl->underlying->output; 876 wm = &bev_ssl->underlying->wm_write; 877 } 878 while ((bev_ssl->bev.bev.enabled & EV_WRITE) && 879 (! bev_ssl->bev.write_suspended) && 880 evbuffer_get_length(output) && 881 (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { 882 int n_to_write; 883 if (wm && wm->high) 884 n_to_write = wm->high - evbuffer_get_length(target); 885 else 886 n_to_write = WRITE_FRAME; 887 r = do_write(bev_ssl, n_to_write); 888 if (r & (OP_BLOCKED|OP_ERR)) 889 break; 890 } 891 892 if (!bev_ssl->underlying) { 893 if (evbuffer_get_length(output) == 0) { 894 event_del(&bev_ssl->bev.bev.ev_write); 895 } else if (bev_ssl->bev.write_suspended || 896 !(bev_ssl->bev.bev.enabled & EV_WRITE)) { 897 /* Should be redundant, but let's avoid busy-looping */ 898 event_del(&bev_ssl->bev.bev.ev_write); 899 } 900 } 901 } 902 903 static void 904 be_openssl_readcb(struct bufferevent *bev_base, void *ctx) 905 { 906 struct bufferevent_openssl *bev_ssl = ctx; 907 consider_reading(bev_ssl); 908 } 909 910 static void 911 be_openssl_writecb(struct bufferevent *bev_base, void *ctx) 912 { 913 struct bufferevent_openssl *bev_ssl = ctx; 914 consider_writing(bev_ssl); 915 } 916 917 static void 918 be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) 919 { 920 struct bufferevent_openssl *bev_ssl = ctx; 921 int event = 0; 922 923 if (what & BEV_EVENT_EOF) { 924 if (bev_ssl->allow_dirty_shutdown) 925 event = BEV_EVENT_EOF; 926 else 927 event = BEV_EVENT_ERROR; 928 } else if (what & BEV_EVENT_TIMEOUT) { 929 /* We sure didn't set this. Propagate it to the user. */ 930 event = what; 931 } else if (what & BEV_EVENT_ERROR) { 932 /* An error occurred on the connection. Propagate it to the user. */ 933 event = what; 934 } else if (what & BEV_EVENT_CONNECTED) { 935 /* Ignore it. We're saying SSL_connect() already, which will 936 eat it. */ 937 } 938 if (event) 939 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 940 } 941 942 static void 943 be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) 944 { 945 struct bufferevent_openssl *bev_ssl = ptr; 946 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 947 if (what == EV_TIMEOUT) { 948 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 949 BEV_EVENT_TIMEOUT|BEV_EVENT_READING, 0); 950 } else { 951 consider_reading(bev_ssl); 952 } 953 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 954 } 955 956 static void 957 be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) 958 { 959 struct bufferevent_openssl *bev_ssl = ptr; 960 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 961 if (what == EV_TIMEOUT) { 962 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 963 BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING, 0); 964 } else { 965 consider_writing(bev_ssl); 966 } 967 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 968 } 969 970 static evutil_socket_t 971 be_openssl_auto_fd(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 972 { 973 if (!bev_ssl->underlying) { 974 struct bufferevent *bev = &bev_ssl->bev.bev; 975 if (event_initialized(&bev->ev_read) && fd < 0) { 976 fd = event_get_fd(&bev->ev_read); 977 } 978 } 979 return fd; 980 } 981 982 static int 983 set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 984 { 985 if (bev_ssl->underlying) { 986 bufferevent_setcb(bev_ssl->underlying, 987 be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, 988 bev_ssl); 989 return 0; 990 } else { 991 struct bufferevent *bev = &bev_ssl->bev.bev; 992 int rpending=0, wpending=0, r1=0, r2=0; 993 994 if (event_initialized(&bev->ev_read)) { 995 rpending = event_pending(&bev->ev_read, EV_READ, NULL); 996 wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); 997 998 event_del(&bev->ev_read); 999 event_del(&bev->ev_write); 1000 } 1001 1002 event_assign(&bev->ev_read, bev->ev_base, fd, 1003 EV_READ|EV_PERSIST|EV_FINALIZE, 1004 be_openssl_readeventcb, bev_ssl); 1005 event_assign(&bev->ev_write, bev->ev_base, fd, 1006 EV_WRITE|EV_PERSIST|EV_FINALIZE, 1007 be_openssl_writeeventcb, bev_ssl); 1008 1009 if (rpending) 1010 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1011 if (wpending) 1012 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1013 1014 return (r1<0 || r2<0) ? -1 : 0; 1015 } 1016 } 1017 1018 static int 1019 do_handshake(struct bufferevent_openssl *bev_ssl) 1020 { 1021 int r; 1022 1023 switch (bev_ssl->state) { 1024 default: 1025 case BUFFEREVENT_SSL_OPEN: 1026 EVUTIL_ASSERT(0); 1027 return -1; 1028 case BUFFEREVENT_SSL_CONNECTING: 1029 case BUFFEREVENT_SSL_ACCEPTING: 1030 ERR_clear_error(); 1031 r = SSL_do_handshake(bev_ssl->ssl); 1032 break; 1033 } 1034 decrement_buckets(bev_ssl); 1035 1036 if (r==1) { 1037 evutil_socket_t fd = event_get_fd(&bev_ssl->bev.bev.ev_read); 1038 /* We're done! */ 1039 bev_ssl->state = BUFFEREVENT_SSL_OPEN; 1040 set_open_callbacks(bev_ssl, fd); /* XXXX handle failure */ 1041 /* Call do_read and do_write as needed */ 1042 bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); 1043 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 1044 BEV_EVENT_CONNECTED, 0); 1045 return 1; 1046 } else { 1047 int err = SSL_get_error(bev_ssl->ssl, r); 1048 print_err(err); 1049 switch (err) { 1050 case SSL_ERROR_WANT_WRITE: 1051 stop_reading(bev_ssl); 1052 return start_writing(bev_ssl); 1053 case SSL_ERROR_WANT_READ: 1054 stop_writing(bev_ssl); 1055 return start_reading(bev_ssl); 1056 default: 1057 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 1058 return -1; 1059 } 1060 } 1061 } 1062 1063 static void 1064 be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) 1065 { 1066 struct bufferevent_openssl *bev_ssl = ctx; 1067 do_handshake(bev_ssl);/* XXX handle failure */ 1068 } 1069 1070 static void 1071 be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) 1072 { 1073 struct bufferevent_openssl *bev_ssl = ptr; 1074 1075 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 1076 if (what & EV_TIMEOUT) { 1077 bufferevent_run_eventcb_(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT, 0); 1078 } else 1079 do_handshake(bev_ssl);/* XXX handle failure */ 1080 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 1081 } 1082 1083 static int 1084 set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 1085 { 1086 if (bev_ssl->underlying) { 1087 bufferevent_setcb(bev_ssl->underlying, 1088 be_openssl_handshakecb, be_openssl_handshakecb, 1089 be_openssl_eventcb, 1090 bev_ssl); 1091 1092 if (fd < 0) 1093 return 0; 1094 1095 if (bufferevent_setfd(bev_ssl->underlying, fd)) 1096 return 1; 1097 1098 return do_handshake(bev_ssl); 1099 } else { 1100 struct bufferevent *bev = &bev_ssl->bev.bev; 1101 1102 if (event_initialized(&bev->ev_read)) { 1103 event_del(&bev->ev_read); 1104 event_del(&bev->ev_write); 1105 } 1106 1107 event_assign(&bev->ev_read, bev->ev_base, fd, 1108 EV_READ|EV_PERSIST|EV_FINALIZE, 1109 be_openssl_handshakeeventcb, bev_ssl); 1110 event_assign(&bev->ev_write, bev->ev_base, fd, 1111 EV_WRITE|EV_PERSIST|EV_FINALIZE, 1112 be_openssl_handshakeeventcb, bev_ssl); 1113 if (fd >= 0) 1114 bufferevent_enable(bev, bev->enabled); 1115 return 0; 1116 } 1117 } 1118 1119 int 1120 bufferevent_ssl_renegotiate(struct bufferevent *bev) 1121 { 1122 struct bufferevent_openssl *bev_ssl = upcast(bev); 1123 if (!bev_ssl) 1124 return -1; 1125 if (SSL_renegotiate(bev_ssl->ssl) < 0) 1126 return -1; 1127 bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; 1128 if (set_handshake_callbacks(bev_ssl, be_openssl_auto_fd(bev_ssl, -1)) < 0) 1129 return -1; 1130 if (!bev_ssl->underlying) 1131 return do_handshake(bev_ssl); 1132 return 0; 1133 } 1134 1135 static void 1136 be_openssl_outbuf_cb(struct evbuffer *buf, 1137 const struct evbuffer_cb_info *cbinfo, void *arg) 1138 { 1139 struct bufferevent_openssl *bev_ssl = arg; 1140 int r = 0; 1141 /* XXX need to hold a reference here. */ 1142 1143 if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { 1144 if (cbinfo->orig_size == 0) 1145 r = bufferevent_add_event_(&bev_ssl->bev.bev.ev_write, 1146 &bev_ssl->bev.bev.timeout_write); 1147 1148 if (bev_ssl->underlying) 1149 consider_writing(bev_ssl); 1150 } 1151 /* XXX Handle r < 0 */ 1152 (void)r; 1153 } 1154 1155 1156 static int 1157 be_openssl_enable(struct bufferevent *bev, short events) 1158 { 1159 struct bufferevent_openssl *bev_ssl = upcast(bev); 1160 int r1 = 0, r2 = 0; 1161 1162 if (events & EV_READ) 1163 r1 = start_reading(bev_ssl); 1164 if (events & EV_WRITE) 1165 r2 = start_writing(bev_ssl); 1166 1167 if (bev_ssl->underlying) { 1168 if (events & EV_READ) 1169 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 1170 if (events & EV_WRITE) 1171 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 1172 1173 if (events & EV_READ) 1174 consider_reading(bev_ssl); 1175 if (events & EV_WRITE) 1176 consider_writing(bev_ssl); 1177 } 1178 return (r1 < 0 || r2 < 0) ? -1 : 0; 1179 } 1180 1181 static int 1182 be_openssl_disable(struct bufferevent *bev, short events) 1183 { 1184 struct bufferevent_openssl *bev_ssl = upcast(bev); 1185 1186 if (events & EV_READ) 1187 stop_reading(bev_ssl); 1188 if (events & EV_WRITE) 1189 stop_writing(bev_ssl); 1190 1191 if (bev_ssl->underlying) { 1192 if (events & EV_READ) 1193 BEV_DEL_GENERIC_READ_TIMEOUT(bev); 1194 if (events & EV_WRITE) 1195 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); 1196 } 1197 return 0; 1198 } 1199 1200 static void 1201 be_openssl_unlink(struct bufferevent *bev) 1202 { 1203 struct bufferevent_openssl *bev_ssl = upcast(bev); 1204 1205 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1206 if (bev_ssl->underlying) { 1207 if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { 1208 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " 1209 "bufferevent with too few references"); 1210 } else { 1211 bufferevent_free(bev_ssl->underlying); 1212 /* We still have a reference to it, via our 1213 * BIO. So we don't drop this. */ 1214 // bev_ssl->underlying = NULL; 1215 } 1216 } 1217 } else { 1218 if (bev_ssl->underlying) { 1219 if (bev_ssl->underlying->errorcb == be_openssl_eventcb) 1220 bufferevent_setcb(bev_ssl->underlying, 1221 NULL,NULL,NULL,NULL); 1222 bufferevent_unsuspend_read_(bev_ssl->underlying, 1223 BEV_SUSPEND_FILT_READ); 1224 } 1225 } 1226 } 1227 1228 static void 1229 be_openssl_destruct(struct bufferevent *bev) 1230 { 1231 struct bufferevent_openssl *bev_ssl = upcast(bev); 1232 1233 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1234 if (! bev_ssl->underlying) { 1235 evutil_socket_t fd = EVUTIL_INVALID_SOCKET; 1236 BIO *bio = SSL_get_wbio(bev_ssl->ssl); 1237 if (bio) 1238 fd = BIO_get_fd(bio, NULL); 1239 if (fd >= 0) 1240 evutil_closesocket(fd); 1241 } 1242 SSL_free(bev_ssl->ssl); 1243 } 1244 } 1245 1246 static int 1247 be_openssl_adj_timeouts(struct bufferevent *bev) 1248 { 1249 struct bufferevent_openssl *bev_ssl = upcast(bev); 1250 1251 if (bev_ssl->underlying) { 1252 return bufferevent_generic_adj_timeouts_(bev); 1253 } else { 1254 return bufferevent_generic_adj_existing_timeouts_(bev); 1255 } 1256 } 1257 1258 static int 1259 be_openssl_flush(struct bufferevent *bufev, 1260 short iotype, enum bufferevent_flush_mode mode) 1261 { 1262 /* XXXX Implement this. */ 1263 return 0; 1264 } 1265 1266 static int 1267 be_openssl_set_fd(struct bufferevent_openssl *bev_ssl, 1268 enum bufferevent_ssl_state state, evutil_socket_t fd) 1269 { 1270 bev_ssl->state = state; 1271 1272 switch (state) { 1273 case BUFFEREVENT_SSL_ACCEPTING: 1274 if (!SSL_clear(bev_ssl->ssl)) 1275 return -1; 1276 SSL_set_accept_state(bev_ssl->ssl); 1277 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1278 return -1; 1279 break; 1280 case BUFFEREVENT_SSL_CONNECTING: 1281 if (!SSL_clear(bev_ssl->ssl)) 1282 return -1; 1283 SSL_set_connect_state(bev_ssl->ssl); 1284 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1285 return -1; 1286 break; 1287 case BUFFEREVENT_SSL_OPEN: 1288 if (set_open_callbacks(bev_ssl, fd) < 0) 1289 return -1; 1290 break; 1291 default: 1292 return -1; 1293 } 1294 1295 return 0; 1296 } 1297 1298 static int 1299 be_openssl_ctrl(struct bufferevent *bev, 1300 enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) 1301 { 1302 struct bufferevent_openssl *bev_ssl = upcast(bev); 1303 switch (op) { 1304 case BEV_CTRL_SET_FD: 1305 if (!bev_ssl->underlying) { 1306 BIO *bio; 1307 bio = BIO_new_socket((int)data->fd, 0); 1308 SSL_set_bio(bev_ssl->ssl, bio, bio); 1309 } else { 1310 BIO *bio; 1311 if (!(bio = BIO_new_bufferevent(bev_ssl->underlying))) 1312 return -1; 1313 SSL_set_bio(bev_ssl->ssl, bio, bio); 1314 } 1315 1316 return be_openssl_set_fd(bev_ssl, bev_ssl->old_state, data->fd); 1317 case BEV_CTRL_GET_FD: 1318 if (bev_ssl->underlying) { 1319 data->fd = event_get_fd(&bev_ssl->underlying->ev_read); 1320 } else { 1321 data->fd = event_get_fd(&bev->ev_read); 1322 } 1323 return 0; 1324 case BEV_CTRL_GET_UNDERLYING: 1325 data->ptr = bev_ssl->underlying; 1326 return 0; 1327 case BEV_CTRL_CANCEL_ALL: 1328 default: 1329 return -1; 1330 } 1331 } 1332 1333 SSL * 1334 bufferevent_openssl_get_ssl(struct bufferevent *bufev) 1335 { 1336 struct bufferevent_openssl *bev_ssl = upcast(bufev); 1337 if (!bev_ssl) 1338 return NULL; 1339 return bev_ssl->ssl; 1340 } 1341 1342 static struct bufferevent * 1343 bufferevent_openssl_new_impl(struct event_base *base, 1344 struct bufferevent *underlying, 1345 evutil_socket_t fd, 1346 SSL *ssl, 1347 enum bufferevent_ssl_state state, 1348 int options) 1349 { 1350 struct bufferevent_openssl *bev_ssl = NULL; 1351 struct bufferevent_private *bev_p = NULL; 1352 int tmp_options = options & ~BEV_OPT_THREADSAFE; 1353 1354 /* Only one can be set. */ 1355 if (underlying != NULL && fd >= 0) 1356 goto err; 1357 1358 if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) 1359 goto err; 1360 1361 bev_p = &bev_ssl->bev; 1362 1363 if (bufferevent_init_common_(bev_p, base, 1364 &bufferevent_ops_openssl, tmp_options) < 0) 1365 goto err; 1366 1367 /* Don't explode if we decide to realloc a chunk we're writing from in 1368 * the output buffer. */ 1369 SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 1370 1371 bev_ssl->underlying = underlying; 1372 bev_ssl->ssl = ssl; 1373 1374 bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, 1375 be_openssl_outbuf_cb, bev_ssl); 1376 1377 if (options & BEV_OPT_THREADSAFE) 1378 bufferevent_enable_locking_(&bev_ssl->bev.bev, NULL); 1379 1380 if (underlying) { 1381 bufferevent_init_generic_timeout_cbs_(&bev_ssl->bev.bev); 1382 bufferevent_incref_(underlying); 1383 } 1384 1385 bev_ssl->old_state = state; 1386 bev_ssl->last_write = -1; 1387 1388 init_bio_counts(bev_ssl); 1389 1390 fd = be_openssl_auto_fd(bev_ssl, fd); 1391 if (be_openssl_set_fd(bev_ssl, state, fd)) 1392 goto err; 1393 1394 if (underlying) { 1395 bufferevent_setwatermark(underlying, EV_READ, 0, 0); 1396 bufferevent_enable(underlying, EV_READ|EV_WRITE); 1397 if (state == BUFFEREVENT_SSL_OPEN) 1398 bufferevent_suspend_read_(underlying, 1399 BEV_SUSPEND_FILT_READ); 1400 } 1401 1402 return &bev_ssl->bev.bev; 1403 err: 1404 if (options & BEV_OPT_CLOSE_ON_FREE) 1405 SSL_free(ssl); 1406 if (bev_ssl) { 1407 bev_ssl->ssl = NULL; 1408 bufferevent_free(&bev_ssl->bev.bev); 1409 } 1410 return NULL; 1411 } 1412 1413 struct bufferevent * 1414 bufferevent_openssl_filter_new(struct event_base *base, 1415 struct bufferevent *underlying, 1416 SSL *ssl, 1417 enum bufferevent_ssl_state state, 1418 int options) 1419 { 1420 BIO *bio; 1421 struct bufferevent *bev; 1422 1423 if (!underlying) 1424 goto err; 1425 if (!(bio = BIO_new_bufferevent(underlying))) 1426 goto err; 1427 1428 SSL_set_bio(ssl, bio, bio); 1429 1430 bev = bufferevent_openssl_new_impl( 1431 base, underlying, -1, ssl, state, options); 1432 return bev; 1433 1434 err: 1435 if (options & BEV_OPT_CLOSE_ON_FREE) 1436 SSL_free(ssl); 1437 return NULL; 1438 } 1439 1440 struct bufferevent * 1441 bufferevent_openssl_socket_new(struct event_base *base, 1442 evutil_socket_t fd, 1443 SSL *ssl, 1444 enum bufferevent_ssl_state state, 1445 int options) 1446 { 1447 /* Does the SSL already have an fd? */ 1448 BIO *bio = SSL_get_wbio(ssl); 1449 long have_fd = -1; 1450 1451 if (bio) 1452 have_fd = BIO_get_fd(bio, NULL); 1453 1454 if (have_fd >= 0) { 1455 /* The SSL is already configured with an fd. */ 1456 if (fd < 0) { 1457 /* We should learn the fd from the SSL. */ 1458 fd = (evutil_socket_t) have_fd; 1459 } else if (have_fd == (long)fd) { 1460 /* We already know the fd from the SSL; do nothing */ 1461 } else { 1462 /* We specified an fd different from that of the SSL. 1463 This is probably an error on our part. Fail. */ 1464 goto err; 1465 } 1466 BIO_set_close(bio, 0); 1467 } else { 1468 /* The SSL isn't configured with a BIO with an fd. */ 1469 if (fd >= 0) { 1470 /* ... and we have an fd we want to use. */ 1471 bio = BIO_new_socket((int)fd, 0); 1472 SSL_set_bio(ssl, bio, bio); 1473 } else { 1474 /* Leave the fd unset. */ 1475 } 1476 } 1477 1478 return bufferevent_openssl_new_impl( 1479 base, NULL, fd, ssl, state, options); 1480 1481 err: 1482 if (options & BEV_OPT_CLOSE_ON_FREE) 1483 SSL_free(ssl); 1484 return NULL; 1485 } 1486 1487 int 1488 bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev) 1489 { 1490 int allow_dirty_shutdown = -1; 1491 struct bufferevent_openssl *bev_ssl; 1492 BEV_LOCK(bev); 1493 bev_ssl = upcast(bev); 1494 if (bev_ssl) 1495 allow_dirty_shutdown = bev_ssl->allow_dirty_shutdown; 1496 BEV_UNLOCK(bev); 1497 return allow_dirty_shutdown; 1498 } 1499 1500 void 1501 bufferevent_openssl_set_allow_dirty_shutdown(struct bufferevent *bev, 1502 int allow_dirty_shutdown) 1503 { 1504 struct bufferevent_openssl *bev_ssl; 1505 BEV_LOCK(bev); 1506 bev_ssl = upcast(bev); 1507 if (bev_ssl) 1508 bev_ssl->allow_dirty_shutdown = !!allow_dirty_shutdown; 1509 BEV_UNLOCK(bev); 1510 } 1511 1512 unsigned long 1513 bufferevent_get_openssl_error(struct bufferevent *bev) 1514 { 1515 unsigned long err = 0; 1516 struct bufferevent_openssl *bev_ssl; 1517 BEV_LOCK(bev); 1518 bev_ssl = upcast(bev); 1519 if (bev_ssl && bev_ssl->n_errors) { 1520 err = bev_ssl->errors[--bev_ssl->n_errors]; 1521 } 1522 BEV_UNLOCK(bev); 1523 return err; 1524 } 1525