1 /* 2 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. The name of the author may not be used to endorse or promote products 13 * derived from this software without specific prior written permission. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 // Get rid of OSX 10.7 and greater deprecation warnings. 28 #if defined(__APPLE__) && defined(__clang__) 29 #pragma clang diagnostic ignored "-Wdeprecated-declarations" 30 #endif 31 32 #include "event2/event-config.h" 33 #include "evconfig-private.h" 34 35 #include <sys/types.h> 36 37 #ifdef EVENT__HAVE_SYS_TIME_H 38 #include <sys/time.h> 39 #endif 40 41 #include <errno.h> 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #ifdef EVENT__HAVE_STDARG_H 46 #include <stdarg.h> 47 #endif 48 #ifdef EVENT__HAVE_UNISTD_H 49 #include <unistd.h> 50 #endif 51 52 #ifdef _WIN32 53 #include <winsock2.h> 54 #endif 55 56 #include "event2/bufferevent.h" 57 #include "event2/bufferevent_struct.h" 58 #include "event2/bufferevent_ssl.h" 59 #include "event2/buffer.h" 60 #include "event2/event.h" 61 62 #include "mm-internal.h" 63 #include "bufferevent-internal.h" 64 #include "log-internal.h" 65 66 #include <openssl/bio.h> 67 #include <openssl/ssl.h> 68 #include <openssl/err.h> 69 70 /* 71 * Define an OpenSSL bio that targets a bufferevent. 72 */ 73 74 /* -------------------- 75 A BIO is an OpenSSL abstraction that handles reading and writing data. The 76 library will happily speak SSL over anything that implements a BIO 77 interface. 78 79 Here we define a BIO implementation that directs its output to a 80 bufferevent. We'll want to use this only when none of OpenSSL's built-in 81 IO mechanisms work for us. 82 -------------------- */ 83 84 /* every BIO type needs its own integer type value. */ 85 #define BIO_TYPE_LIBEVENT 57 86 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on 87 * this. */ 88 89 #if 0 90 static void 91 print_err(int val) 92 { 93 int err; 94 printf("Error was %d\n", val); 95 96 while ((err = ERR_get_error())) { 97 const char *msg = (const char*)ERR_reason_error_string(err); 98 const char *lib = (const char*)ERR_lib_error_string(err); 99 const char *func = (const char*)ERR_func_error_string(err); 100 101 printf("%s in %s %s\n", msg, lib, func); 102 } 103 } 104 #else 105 #define print_err(v) ((void)0) 106 #endif 107 108 /* Called to initialize a new BIO */ 109 static int 110 bio_bufferevent_new(BIO *b) 111 { 112 b->init = 0; 113 b->num = -1; 114 b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ 115 b->flags = 0; 116 return 1; 117 } 118 119 /* Called to uninitialize the BIO. */ 120 static int 121 bio_bufferevent_free(BIO *b) 122 { 123 if (!b) 124 return 0; 125 if (b->shutdown) { 126 if (b->init && b->ptr) 127 bufferevent_free(b->ptr); 128 b->init = 0; 129 b->flags = 0; 130 b->ptr = NULL; 131 } 132 return 1; 133 } 134 135 /* Called to extract data from the BIO. */ 136 static int 137 bio_bufferevent_read(BIO *b, char *out, int outlen) 138 { 139 int r = 0; 140 struct evbuffer *input; 141 142 BIO_clear_retry_flags(b); 143 144 if (!out) 145 return 0; 146 if (!b->ptr) 147 return -1; 148 149 input = bufferevent_get_input(b->ptr); 150 if (evbuffer_get_length(input) == 0) { 151 /* If there's no data to read, say so. */ 152 BIO_set_retry_read(b); 153 return -1; 154 } else { 155 r = evbuffer_remove(input, out, outlen); 156 } 157 158 return r; 159 } 160 161 /* Called to write data info the BIO */ 162 static int 163 bio_bufferevent_write(BIO *b, const char *in, int inlen) 164 { 165 struct bufferevent *bufev = b->ptr; 166 struct evbuffer *output; 167 size_t outlen; 168 169 BIO_clear_retry_flags(b); 170 171 if (!b->ptr) 172 return -1; 173 174 output = bufferevent_get_output(bufev); 175 outlen = evbuffer_get_length(output); 176 177 /* Copy only as much data onto the output buffer as can fit under the 178 * high-water mark. */ 179 if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { 180 if (bufev->wm_write.high <= outlen) { 181 /* If no data can fit, we'll need to retry later. */ 182 BIO_set_retry_write(b); 183 return -1; 184 } 185 inlen = bufev->wm_write.high - outlen; 186 } 187 188 EVUTIL_ASSERT(inlen > 0); 189 evbuffer_add(output, in, inlen); 190 return inlen; 191 } 192 193 /* Called to handle various requests */ 194 static long 195 bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) 196 { 197 struct bufferevent *bufev = b->ptr; 198 long ret = 1; 199 200 switch (cmd) { 201 case BIO_CTRL_GET_CLOSE: 202 ret = b->shutdown; 203 break; 204 case BIO_CTRL_SET_CLOSE: 205 b->shutdown = (int)num; 206 break; 207 case BIO_CTRL_PENDING: 208 ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; 209 break; 210 case BIO_CTRL_WPENDING: 211 ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; 212 break; 213 /* XXXX These two are given a special-case treatment because 214 * of cargo-cultism. I should come up with a better reason. */ 215 case BIO_CTRL_DUP: 216 case BIO_CTRL_FLUSH: 217 ret = 1; 218 break; 219 default: 220 ret = 0; 221 break; 222 } 223 return ret; 224 } 225 226 /* Called to write a string to the BIO */ 227 static int 228 bio_bufferevent_puts(BIO *b, const char *s) 229 { 230 return bio_bufferevent_write(b, s, strlen(s)); 231 } 232 233 /* Method table for the bufferevent BIO */ 234 static BIO_METHOD methods_bufferevent = { 235 BIO_TYPE_LIBEVENT, "bufferevent", 236 bio_bufferevent_write, 237 bio_bufferevent_read, 238 bio_bufferevent_puts, 239 NULL /* bio_bufferevent_gets */, 240 bio_bufferevent_ctrl, 241 bio_bufferevent_new, 242 bio_bufferevent_free, 243 NULL /* callback_ctrl */, 244 }; 245 246 /* Return the method table for the bufferevents BIO */ 247 static BIO_METHOD * 248 BIO_s_bufferevent(void) 249 { 250 return &methods_bufferevent; 251 } 252 253 /* Create a new BIO to wrap communication around a bufferevent. If close_flag 254 * is true, the bufferevent will be freed when the BIO is closed. */ 255 static BIO * 256 BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) 257 { 258 BIO *result; 259 if (!bufferevent) 260 return NULL; 261 if (!(result = BIO_new(BIO_s_bufferevent()))) 262 return NULL; 263 result->init = 1; 264 result->ptr = bufferevent; 265 result->shutdown = close_flag ? 1 : 0; 266 return result; 267 } 268 269 /* -------------------- 270 Now, here's the OpenSSL-based implementation of bufferevent. 271 272 The implementation comes in two flavors: one that connects its SSL object 273 to an underlying bufferevent using a BIO_bufferevent, and one that has the 274 SSL object connect to a socket directly. The latter should generally be 275 faster, except on Windows, where your best bet is using a 276 bufferevent_async. 277 278 (OpenSSL supports many other BIO types, too. But we can't use any unless 279 we have a good way to get notified when they become readable/writable.) 280 -------------------- */ 281 282 struct bio_data_counts { 283 unsigned long n_written; 284 unsigned long n_read; 285 }; 286 287 struct bufferevent_openssl { 288 /* Shared fields with common bufferevent implementation code. 289 If we were set up with an underlying bufferevent, we use the 290 events here as timers only. If we have an SSL, then we use 291 the events as socket events. 292 */ 293 struct bufferevent_private bev; 294 /* An underlying bufferevent that we're directing our output to. 295 If it's NULL, then we're connected to an fd, not an evbuffer. */ 296 struct bufferevent *underlying; 297 /* The SSL object doing our encryption. */ 298 SSL *ssl; 299 300 /* A callback that's invoked when data arrives on our outbuf so we 301 know to write data to the SSL. */ 302 struct evbuffer_cb_entry *outbuf_cb; 303 304 /* A count of how much data the bios have read/written total. Used 305 for rate-limiting. */ 306 struct bio_data_counts counts; 307 308 /* If this value is greater than 0, then the last SSL_write blocked, 309 * and we need to try it again with this many bytes. */ 310 ev_ssize_t last_write; 311 312 #define NUM_ERRORS 3 313 ev_uint32_t errors[NUM_ERRORS]; 314 315 /* When we next get available space, we should say "read" instead of 316 "write". This can happen if there's a renegotiation during a read 317 operation. */ 318 unsigned read_blocked_on_write : 1; 319 /* When we next get data, we should say "write" instead of "read". */ 320 unsigned write_blocked_on_read : 1; 321 /* Treat TCP close before SSL close on SSL >= v3 as clean EOF. */ 322 unsigned allow_dirty_shutdown : 1; 323 /* XXXX */ 324 unsigned fd_is_set : 1; 325 /* XXX */ 326 unsigned n_errors : 2; 327 328 /* Are we currently connecting, accepting, or doing IO? */ 329 unsigned state : 2; 330 }; 331 332 static int be_openssl_enable(struct bufferevent *, short); 333 static int be_openssl_disable(struct bufferevent *, short); 334 static void be_openssl_unlink(struct bufferevent *); 335 static void be_openssl_destruct(struct bufferevent *); 336 static int be_openssl_adj_timeouts(struct bufferevent *); 337 static int be_openssl_flush(struct bufferevent *bufev, 338 short iotype, enum bufferevent_flush_mode mode); 339 static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); 340 341 const struct bufferevent_ops bufferevent_ops_openssl = { 342 "ssl", 343 evutil_offsetof(struct bufferevent_openssl, bev.bev), 344 be_openssl_enable, 345 be_openssl_disable, 346 be_openssl_unlink, 347 be_openssl_destruct, 348 be_openssl_adj_timeouts, 349 be_openssl_flush, 350 be_openssl_ctrl, 351 }; 352 353 /* Given a bufferevent, return a pointer to the bufferevent_openssl that 354 * contains it, if any. */ 355 static inline struct bufferevent_openssl * 356 upcast(struct bufferevent *bev) 357 { 358 struct bufferevent_openssl *bev_o; 359 if (bev->be_ops != &bufferevent_ops_openssl) 360 return NULL; 361 bev_o = (void*)( ((char*)bev) - 362 evutil_offsetof(struct bufferevent_openssl, bev.bev)); 363 EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl); 364 return bev_o; 365 } 366 367 static inline void 368 put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) 369 { 370 if (bev_ssl->n_errors == NUM_ERRORS) 371 return; 372 /* The error type according to openssl is "unsigned long", but 373 openssl never uses more than 32 bits of it. It _can't_ use more 374 than 32 bits of it, since it needs to report errors on systems 375 where long is only 32 bits. 376 */ 377 bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; 378 } 379 380 /* Have the base communications channel (either the underlying bufferevent or 381 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag 382 * into account. */ 383 static int 384 start_reading(struct bufferevent_openssl *bev_ssl) 385 { 386 if (bev_ssl->underlying) { 387 bufferevent_unsuspend_read_(bev_ssl->underlying, 388 BEV_SUSPEND_FILT_READ); 389 return 0; 390 } else { 391 struct bufferevent *bev = &bev_ssl->bev.bev; 392 int r; 393 r = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 394 if (r == 0 && bev_ssl->read_blocked_on_write) 395 r = bufferevent_add_event_(&bev->ev_write, 396 &bev->timeout_write); 397 return r; 398 } 399 } 400 401 /* Have the base communications channel (either the underlying bufferevent or 402 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag 403 * into account. */ 404 static int 405 start_writing(struct bufferevent_openssl *bev_ssl) 406 { 407 int r = 0; 408 if (bev_ssl->underlying) { 409 ; 410 } else { 411 struct bufferevent *bev = &bev_ssl->bev.bev; 412 r = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 413 if (!r && bev_ssl->write_blocked_on_read) 414 r = bufferevent_add_event_(&bev->ev_read, 415 &bev->timeout_read); 416 } 417 return r; 418 } 419 420 static void 421 stop_reading(struct bufferevent_openssl *bev_ssl) 422 { 423 if (bev_ssl->write_blocked_on_read) 424 return; 425 if (bev_ssl->underlying) { 426 bufferevent_suspend_read_(bev_ssl->underlying, 427 BEV_SUSPEND_FILT_READ); 428 } else { 429 struct bufferevent *bev = &bev_ssl->bev.bev; 430 event_del(&bev->ev_read); 431 } 432 } 433 434 static void 435 stop_writing(struct bufferevent_openssl *bev_ssl) 436 { 437 if (bev_ssl->read_blocked_on_write) 438 return; 439 if (bev_ssl->underlying) { 440 ; 441 } else { 442 struct bufferevent *bev = &bev_ssl->bev.bev; 443 event_del(&bev->ev_write); 444 } 445 } 446 447 static int 448 set_rbow(struct bufferevent_openssl *bev_ssl) 449 { 450 if (!bev_ssl->underlying) 451 stop_reading(bev_ssl); 452 bev_ssl->read_blocked_on_write = 1; 453 return start_writing(bev_ssl); 454 } 455 456 static int 457 set_wbor(struct bufferevent_openssl *bev_ssl) 458 { 459 if (!bev_ssl->underlying) 460 stop_writing(bev_ssl); 461 bev_ssl->write_blocked_on_read = 1; 462 return start_reading(bev_ssl); 463 } 464 465 static int 466 clear_rbow(struct bufferevent_openssl *bev_ssl) 467 { 468 struct bufferevent *bev = &bev_ssl->bev.bev; 469 int r = 0; 470 bev_ssl->read_blocked_on_write = 0; 471 if (!(bev->enabled & EV_WRITE)) 472 stop_writing(bev_ssl); 473 if (bev->enabled & EV_READ) 474 r = start_reading(bev_ssl); 475 return r; 476 } 477 478 479 static int 480 clear_wbor(struct bufferevent_openssl *bev_ssl) 481 { 482 struct bufferevent *bev = &bev_ssl->bev.bev; 483 int r = 0; 484 bev_ssl->write_blocked_on_read = 0; 485 if (!(bev->enabled & EV_READ)) 486 stop_reading(bev_ssl); 487 if (bev->enabled & EV_WRITE) 488 r = start_writing(bev_ssl); 489 return r; 490 } 491 492 static void 493 conn_closed(struct bufferevent_openssl *bev_ssl, int when, int errcode, int ret) 494 { 495 int event = BEV_EVENT_ERROR; 496 int dirty_shutdown = 0; 497 unsigned long err; 498 499 switch (errcode) { 500 case SSL_ERROR_ZERO_RETURN: 501 /* Possibly a clean shutdown. */ 502 if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) 503 event = BEV_EVENT_EOF; 504 else 505 dirty_shutdown = 1; 506 break; 507 case SSL_ERROR_SYSCALL: 508 /* IO error; possibly a dirty shutdown. */ 509 if (ret == 0 && ERR_peek_error() == 0) 510 dirty_shutdown = 1; 511 break; 512 case SSL_ERROR_SSL: 513 /* Protocol error. */ 514 break; 515 case SSL_ERROR_WANT_X509_LOOKUP: 516 /* XXXX handle this. */ 517 break; 518 case SSL_ERROR_NONE: 519 case SSL_ERROR_WANT_READ: 520 case SSL_ERROR_WANT_WRITE: 521 case SSL_ERROR_WANT_CONNECT: 522 case SSL_ERROR_WANT_ACCEPT: 523 default: 524 /* should be impossible; treat as normal error. */ 525 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); 526 break; 527 } 528 529 while ((err = ERR_get_error())) { 530 put_error(bev_ssl, err); 531 } 532 533 if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) 534 event = BEV_EVENT_EOF; 535 536 stop_reading(bev_ssl); 537 stop_writing(bev_ssl); 538 539 /* when is BEV_EVENT_{READING|WRITING} */ 540 event = when | event; 541 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 542 } 543 544 static void 545 init_bio_counts(struct bufferevent_openssl *bev_ssl) 546 { 547 bev_ssl->counts.n_written = 548 BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 549 bev_ssl->counts.n_read = 550 BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 551 } 552 553 static inline void 554 decrement_buckets(struct bufferevent_openssl *bev_ssl) 555 { 556 unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 557 unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 558 /* These next two subtractions can wrap around. That's okay. */ 559 unsigned long w = num_w - bev_ssl->counts.n_written; 560 unsigned long r = num_r - bev_ssl->counts.n_read; 561 if (w) 562 bufferevent_decrement_write_buckets_(&bev_ssl->bev, w); 563 if (r) 564 bufferevent_decrement_read_buckets_(&bev_ssl->bev, r); 565 bev_ssl->counts.n_written = num_w; 566 bev_ssl->counts.n_read = num_r; 567 } 568 569 #define OP_MADE_PROGRESS 1 570 #define OP_BLOCKED 2 571 #define OP_ERR 4 572 573 /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if 574 we're now blocked); and OP_ERR (if an error occurred). */ 575 static int 576 do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { 577 /* Requires lock */ 578 struct bufferevent *bev = &bev_ssl->bev.bev; 579 struct evbuffer *input = bev->input; 580 int r, n, i, n_used = 0, atmost; 581 struct evbuffer_iovec space[2]; 582 int result = 0; 583 584 if (bev_ssl->bev.read_suspended) 585 return 0; 586 587 atmost = bufferevent_get_read_max_(&bev_ssl->bev); 588 if (n_to_read > atmost) 589 n_to_read = atmost; 590 591 n = evbuffer_reserve_space(input, n_to_read, space, 2); 592 if (n < 0) 593 return OP_ERR; 594 595 for (i=0; i<n; ++i) { 596 if (bev_ssl->bev.read_suspended) 597 break; 598 r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); 599 if (r>0) { 600 result |= OP_MADE_PROGRESS; 601 if (bev_ssl->read_blocked_on_write) 602 if (clear_rbow(bev_ssl) < 0) 603 return OP_ERR | result; 604 ++n_used; 605 space[i].iov_len = r; 606 decrement_buckets(bev_ssl); 607 } else { 608 int err = SSL_get_error(bev_ssl->ssl, r); 609 print_err(err); 610 switch (err) { 611 case SSL_ERROR_WANT_READ: 612 /* Can't read until underlying has more data. */ 613 if (bev_ssl->read_blocked_on_write) 614 if (clear_rbow(bev_ssl) < 0) 615 return OP_ERR | result; 616 break; 617 case SSL_ERROR_WANT_WRITE: 618 /* This read operation requires a write, and the 619 * underlying is full */ 620 if (!bev_ssl->read_blocked_on_write) 621 if (set_rbow(bev_ssl) < 0) 622 return OP_ERR | result; 623 break; 624 default: 625 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 626 break; 627 } 628 result |= OP_BLOCKED; 629 break; /* out of the loop */ 630 } 631 } 632 633 if (n_used) { 634 evbuffer_commit_space(input, space, n_used); 635 if (bev_ssl->underlying) 636 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 637 } 638 639 return result; 640 } 641 642 /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if 643 we're now blocked); and OP_ERR (if an error occurred). */ 644 static int 645 do_write(struct bufferevent_openssl *bev_ssl, int atmost) 646 { 647 int i, r, n, n_written = 0; 648 struct bufferevent *bev = &bev_ssl->bev.bev; 649 struct evbuffer *output = bev->output; 650 struct evbuffer_iovec space[8]; 651 int result = 0; 652 653 if (bev_ssl->last_write > 0) 654 atmost = bev_ssl->last_write; 655 else 656 atmost = bufferevent_get_write_max_(&bev_ssl->bev); 657 658 n = evbuffer_peek(output, atmost, NULL, space, 8); 659 if (n < 0) 660 return OP_ERR | result; 661 662 if (n > 8) 663 n = 8; 664 for (i=0; i < n; ++i) { 665 if (bev_ssl->bev.write_suspended) 666 break; 667 668 /* SSL_write will (reasonably) return 0 if we tell it to 669 send 0 data. Skip this case so we don't interpret the 670 result as an error */ 671 if (space[i].iov_len == 0) 672 continue; 673 674 r = SSL_write(bev_ssl->ssl, space[i].iov_base, 675 space[i].iov_len); 676 if (r > 0) { 677 result |= OP_MADE_PROGRESS; 678 if (bev_ssl->write_blocked_on_read) 679 if (clear_wbor(bev_ssl) < 0) 680 return OP_ERR | result; 681 n_written += r; 682 bev_ssl->last_write = -1; 683 decrement_buckets(bev_ssl); 684 } else { 685 int err = SSL_get_error(bev_ssl->ssl, r); 686 print_err(err); 687 switch (err) { 688 case SSL_ERROR_WANT_WRITE: 689 /* Can't read until underlying has more data. */ 690 if (bev_ssl->write_blocked_on_read) 691 if (clear_wbor(bev_ssl) < 0) 692 return OP_ERR | result; 693 bev_ssl->last_write = space[i].iov_len; 694 break; 695 case SSL_ERROR_WANT_READ: 696 /* This read operation requires a write, and the 697 * underlying is full */ 698 if (!bev_ssl->write_blocked_on_read) 699 if (set_wbor(bev_ssl) < 0) 700 return OP_ERR | result; 701 bev_ssl->last_write = space[i].iov_len; 702 break; 703 default: 704 conn_closed(bev_ssl, BEV_EVENT_WRITING, err, r); 705 bev_ssl->last_write = -1; 706 break; 707 } 708 result |= OP_BLOCKED; 709 break; 710 } 711 } 712 if (n_written) { 713 evbuffer_drain(output, n_written); 714 if (bev_ssl->underlying) 715 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 716 717 bufferevent_trigger_nolock_(bev, EV_WRITE, 0); 718 } 719 return result; 720 } 721 722 #define WRITE_FRAME 15000 723 724 #define READ_DEFAULT 4096 725 726 /* Try to figure out how many bytes to read; return 0 if we shouldn't be 727 * reading. */ 728 static int 729 bytes_to_read(struct bufferevent_openssl *bev) 730 { 731 struct evbuffer *input = bev->bev.bev.input; 732 struct event_watermark *wm = &bev->bev.bev.wm_read; 733 int result = READ_DEFAULT; 734 ev_ssize_t limit; 735 /* XXX 99% of this is generic code that nearly all bufferevents will 736 * want. */ 737 738 if (bev->write_blocked_on_read) { 739 return 0; 740 } 741 742 if (! (bev->bev.bev.enabled & EV_READ)) { 743 return 0; 744 } 745 746 if (bev->bev.read_suspended) { 747 return 0; 748 } 749 750 if (wm->high) { 751 if (evbuffer_get_length(input) >= wm->high) { 752 return 0; 753 } 754 755 result = wm->high - evbuffer_get_length(input); 756 } else { 757 result = READ_DEFAULT; 758 } 759 760 /* Respect the rate limit */ 761 limit = bufferevent_get_read_max_(&bev->bev); 762 if (result > limit) { 763 result = limit; 764 } 765 766 return result; 767 } 768 769 770 /* Things look readable. If write is blocked on read, write till it isn't. 771 * Read from the underlying buffer until we block or we hit our high-water 772 * mark. 773 */ 774 static void 775 consider_reading(struct bufferevent_openssl *bev_ssl) 776 { 777 int r; 778 int n_to_read; 779 int all_result_flags = 0; 780 781 while (bev_ssl->write_blocked_on_read) { 782 r = do_write(bev_ssl, WRITE_FRAME); 783 if (r & (OP_BLOCKED|OP_ERR)) 784 break; 785 } 786 if (bev_ssl->write_blocked_on_read) 787 return; 788 789 n_to_read = bytes_to_read(bev_ssl); 790 791 while (n_to_read) { 792 r = do_read(bev_ssl, n_to_read); 793 all_result_flags |= r; 794 795 if (r & (OP_BLOCKED|OP_ERR)) 796 break; 797 798 if (bev_ssl->bev.read_suspended) 799 break; 800 801 /* Read all pending data. This won't hit the network 802 * again, and will (most importantly) put us in a state 803 * where we don't need to read anything else until the 804 * socket is readable again. It'll potentially make us 805 * overrun our read high-watermark (somewhat 806 * regrettable). The damage to the rate-limit has 807 * already been done, since OpenSSL went and read a 808 * whole SSL record anyway. */ 809 n_to_read = SSL_pending(bev_ssl->ssl); 810 811 /* XXX This if statement is actually a bad bug, added to avoid 812 * XXX a worse bug. 813 * 814 * The bad bug: It can potentially cause resource unfairness 815 * by reading too much data from the underlying bufferevent; 816 * it can potentially cause read looping if the underlying 817 * bufferevent is a bufferevent_pair and deferred callbacks 818 * aren't used. 819 * 820 * The worse bug: If we didn't do this, then we would 821 * potentially not read any more from bev_ssl->underlying 822 * until more data arrived there, which could lead to us 823 * waiting forever. 824 */ 825 if (!n_to_read && bev_ssl->underlying) 826 n_to_read = bytes_to_read(bev_ssl); 827 } 828 829 if (all_result_flags & OP_MADE_PROGRESS) { 830 struct bufferevent *bev = &bev_ssl->bev.bev; 831 832 bufferevent_trigger_nolock_(bev, EV_READ, 0); 833 } 834 835 if (!bev_ssl->underlying) { 836 /* Should be redundant, but let's avoid busy-looping */ 837 if (bev_ssl->bev.read_suspended || 838 !(bev_ssl->bev.bev.enabled & EV_READ)) { 839 event_del(&bev_ssl->bev.bev.ev_read); 840 } 841 } 842 } 843 844 static void 845 consider_writing(struct bufferevent_openssl *bev_ssl) 846 { 847 int r; 848 struct evbuffer *output = bev_ssl->bev.bev.output; 849 struct evbuffer *target = NULL; 850 struct event_watermark *wm = NULL; 851 852 while (bev_ssl->read_blocked_on_write) { 853 r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ 854 if (r & OP_MADE_PROGRESS) { 855 struct bufferevent *bev = &bev_ssl->bev.bev; 856 857 bufferevent_trigger_nolock_(bev, EV_READ, 0); 858 } 859 if (r & (OP_ERR|OP_BLOCKED)) 860 break; 861 } 862 if (bev_ssl->read_blocked_on_write) 863 return; 864 if (bev_ssl->underlying) { 865 target = bev_ssl->underlying->output; 866 wm = &bev_ssl->underlying->wm_write; 867 } 868 while ((bev_ssl->bev.bev.enabled & EV_WRITE) && 869 (! bev_ssl->bev.write_suspended) && 870 evbuffer_get_length(output) && 871 (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { 872 int n_to_write; 873 if (wm && wm->high) 874 n_to_write = wm->high - evbuffer_get_length(target); 875 else 876 n_to_write = WRITE_FRAME; 877 r = do_write(bev_ssl, n_to_write); 878 if (r & (OP_BLOCKED|OP_ERR)) 879 break; 880 } 881 882 if (!bev_ssl->underlying) { 883 if (evbuffer_get_length(output) == 0) { 884 event_del(&bev_ssl->bev.bev.ev_write); 885 } else if (bev_ssl->bev.write_suspended || 886 !(bev_ssl->bev.bev.enabled & EV_WRITE)) { 887 /* Should be redundant, but let's avoid busy-looping */ 888 event_del(&bev_ssl->bev.bev.ev_write); 889 } 890 } 891 } 892 893 static void 894 be_openssl_readcb(struct bufferevent *bev_base, void *ctx) 895 { 896 struct bufferevent_openssl *bev_ssl = ctx; 897 consider_reading(bev_ssl); 898 } 899 900 static void 901 be_openssl_writecb(struct bufferevent *bev_base, void *ctx) 902 { 903 struct bufferevent_openssl *bev_ssl = ctx; 904 consider_writing(bev_ssl); 905 } 906 907 static void 908 be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) 909 { 910 struct bufferevent_openssl *bev_ssl = ctx; 911 int event = 0; 912 913 if (what & BEV_EVENT_EOF) { 914 if (bev_ssl->allow_dirty_shutdown) 915 event = BEV_EVENT_EOF; 916 else 917 event = BEV_EVENT_ERROR; 918 } else if (what & BEV_EVENT_TIMEOUT) { 919 /* We sure didn't set this. Propagate it to the user. */ 920 event = what; 921 } else if (what & BEV_EVENT_ERROR) { 922 /* An error occurred on the connection. Propagate it to the user. */ 923 event = what; 924 } else if (what & BEV_EVENT_CONNECTED) { 925 /* Ignore it. We're saying SSL_connect() already, which will 926 eat it. */ 927 } 928 if (event) 929 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 930 } 931 932 static void 933 be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) 934 { 935 struct bufferevent_openssl *bev_ssl = ptr; 936 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 937 if (what == EV_TIMEOUT) { 938 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 939 BEV_EVENT_TIMEOUT|BEV_EVENT_READING, 0); 940 } else { 941 consider_reading(bev_ssl); 942 } 943 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 944 } 945 946 static void 947 be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) 948 { 949 struct bufferevent_openssl *bev_ssl = ptr; 950 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 951 if (what == EV_TIMEOUT) { 952 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 953 BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING, 0); 954 } else { 955 consider_writing(bev_ssl); 956 } 957 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 958 } 959 960 static int 961 set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 962 { 963 if (bev_ssl->underlying) { 964 bufferevent_setcb(bev_ssl->underlying, 965 be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, 966 bev_ssl); 967 return 0; 968 } else { 969 struct bufferevent *bev = &bev_ssl->bev.bev; 970 int rpending=0, wpending=0, r1=0, r2=0; 971 if (fd < 0 && bev_ssl->fd_is_set) 972 fd = event_get_fd(&bev->ev_read); 973 if (bev_ssl->fd_is_set) { 974 rpending = event_pending(&bev->ev_read, EV_READ, NULL); 975 wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); 976 event_del(&bev->ev_read); 977 event_del(&bev->ev_write); 978 } 979 event_assign(&bev->ev_read, bev->ev_base, fd, 980 EV_READ|EV_PERSIST|EV_FINALIZE, 981 be_openssl_readeventcb, bev_ssl); 982 event_assign(&bev->ev_write, bev->ev_base, fd, 983 EV_WRITE|EV_PERSIST|EV_FINALIZE, 984 be_openssl_writeeventcb, bev_ssl); 985 if (rpending) 986 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 987 if (wpending) 988 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 989 if (fd >= 0) { 990 bev_ssl->fd_is_set = 1; 991 } 992 return (r1<0 || r2<0) ? -1 : 0; 993 } 994 } 995 996 static int 997 do_handshake(struct bufferevent_openssl *bev_ssl) 998 { 999 int r; 1000 1001 switch (bev_ssl->state) { 1002 default: 1003 case BUFFEREVENT_SSL_OPEN: 1004 EVUTIL_ASSERT(0); 1005 return -1; 1006 case BUFFEREVENT_SSL_CONNECTING: 1007 case BUFFEREVENT_SSL_ACCEPTING: 1008 r = SSL_do_handshake(bev_ssl->ssl); 1009 break; 1010 } 1011 decrement_buckets(bev_ssl); 1012 1013 if (r==1) { 1014 /* We're done! */ 1015 bev_ssl->state = BUFFEREVENT_SSL_OPEN; 1016 set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */ 1017 /* Call do_read and do_write as needed */ 1018 bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); 1019 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 1020 BEV_EVENT_CONNECTED, 0); 1021 return 1; 1022 } else { 1023 int err = SSL_get_error(bev_ssl->ssl, r); 1024 print_err(err); 1025 switch (err) { 1026 case SSL_ERROR_WANT_WRITE: 1027 if (!bev_ssl->underlying) { 1028 stop_reading(bev_ssl); 1029 return start_writing(bev_ssl); 1030 } 1031 return 0; 1032 case SSL_ERROR_WANT_READ: 1033 if (!bev_ssl->underlying) { 1034 stop_writing(bev_ssl); 1035 return start_reading(bev_ssl); 1036 } 1037 return 0; 1038 default: 1039 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 1040 return -1; 1041 } 1042 } 1043 } 1044 1045 static void 1046 be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) 1047 { 1048 struct bufferevent_openssl *bev_ssl = ctx; 1049 do_handshake(bev_ssl);/* XXX handle failure */ 1050 } 1051 1052 static void 1053 be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) 1054 { 1055 struct bufferevent_openssl *bev_ssl = ptr; 1056 1057 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 1058 if (what & EV_TIMEOUT) { 1059 bufferevent_run_eventcb_(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT, 0); 1060 } else 1061 do_handshake(bev_ssl);/* XXX handle failure */ 1062 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 1063 } 1064 1065 static int 1066 set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 1067 { 1068 if (bev_ssl->underlying) { 1069 bufferevent_setcb(bev_ssl->underlying, 1070 be_openssl_handshakecb, be_openssl_handshakecb, 1071 be_openssl_eventcb, 1072 bev_ssl); 1073 return do_handshake(bev_ssl); 1074 } else { 1075 struct bufferevent *bev = &bev_ssl->bev.bev; 1076 int r1=0, r2=0; 1077 if (fd < 0 && bev_ssl->fd_is_set) 1078 fd = event_get_fd(&bev->ev_read); 1079 if (bev_ssl->fd_is_set) { 1080 event_del(&bev->ev_read); 1081 event_del(&bev->ev_write); 1082 } 1083 event_assign(&bev->ev_read, bev->ev_base, fd, 1084 EV_READ|EV_PERSIST|EV_FINALIZE, 1085 be_openssl_handshakeeventcb, bev_ssl); 1086 event_assign(&bev->ev_write, bev->ev_base, fd, 1087 EV_WRITE|EV_PERSIST|EV_FINALIZE, 1088 be_openssl_handshakeeventcb, bev_ssl); 1089 if (fd >= 0) { 1090 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1091 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1092 bev_ssl->fd_is_set = 1; 1093 } 1094 return (r1<0 || r2<0) ? -1 : 0; 1095 } 1096 } 1097 1098 int 1099 bufferevent_ssl_renegotiate(struct bufferevent *bev) 1100 { 1101 struct bufferevent_openssl *bev_ssl = upcast(bev); 1102 if (!bev_ssl) 1103 return -1; 1104 if (SSL_renegotiate(bev_ssl->ssl) < 0) 1105 return -1; 1106 bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; 1107 if (set_handshake_callbacks(bev_ssl, -1) < 0) 1108 return -1; 1109 if (!bev_ssl->underlying) 1110 return do_handshake(bev_ssl); 1111 return 0; 1112 } 1113 1114 static void 1115 be_openssl_outbuf_cb(struct evbuffer *buf, 1116 const struct evbuffer_cb_info *cbinfo, void *arg) 1117 { 1118 struct bufferevent_openssl *bev_ssl = arg; 1119 int r = 0; 1120 /* XXX need to hold a reference here. */ 1121 1122 if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { 1123 if (cbinfo->orig_size == 0) 1124 r = bufferevent_add_event_(&bev_ssl->bev.bev.ev_write, 1125 &bev_ssl->bev.bev.timeout_write); 1126 consider_writing(bev_ssl); 1127 } 1128 /* XXX Handle r < 0 */ 1129 (void)r; 1130 } 1131 1132 1133 static int 1134 be_openssl_enable(struct bufferevent *bev, short events) 1135 { 1136 struct bufferevent_openssl *bev_ssl = upcast(bev); 1137 int r1 = 0, r2 = 0; 1138 1139 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1140 return 0; 1141 1142 if (events & EV_READ) 1143 r1 = start_reading(bev_ssl); 1144 if (events & EV_WRITE) 1145 r2 = start_writing(bev_ssl); 1146 1147 if (bev_ssl->underlying) { 1148 if (events & EV_READ) 1149 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 1150 if (events & EV_WRITE) 1151 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 1152 1153 if (events & EV_READ) 1154 consider_reading(bev_ssl); 1155 if (events & EV_WRITE) 1156 consider_writing(bev_ssl); 1157 } 1158 return (r1 < 0 || r2 < 0) ? -1 : 0; 1159 } 1160 1161 static int 1162 be_openssl_disable(struct bufferevent *bev, short events) 1163 { 1164 struct bufferevent_openssl *bev_ssl = upcast(bev); 1165 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1166 return 0; 1167 1168 if (events & EV_READ) 1169 stop_reading(bev_ssl); 1170 if (events & EV_WRITE) 1171 stop_writing(bev_ssl); 1172 1173 if (bev_ssl->underlying) { 1174 if (events & EV_READ) 1175 BEV_DEL_GENERIC_READ_TIMEOUT(bev); 1176 if (events & EV_WRITE) 1177 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); 1178 } 1179 return 0; 1180 } 1181 1182 static void 1183 be_openssl_unlink(struct bufferevent *bev) 1184 { 1185 struct bufferevent_openssl *bev_ssl = upcast(bev); 1186 1187 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1188 if (bev_ssl->underlying) { 1189 if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { 1190 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " 1191 "bufferevent with too few references"); 1192 } else { 1193 bufferevent_free(bev_ssl->underlying); 1194 /* We still have a reference to it, via our 1195 * BIO. So we don't drop this. */ 1196 // bev_ssl->underlying = NULL; 1197 } 1198 } 1199 } else { 1200 if (bev_ssl->underlying) { 1201 if (bev_ssl->underlying->errorcb == be_openssl_eventcb) 1202 bufferevent_setcb(bev_ssl->underlying, 1203 NULL,NULL,NULL,NULL); 1204 bufferevent_unsuspend_read_(bev_ssl->underlying, 1205 BEV_SUSPEND_FILT_READ); 1206 } 1207 } 1208 } 1209 1210 static void 1211 be_openssl_destruct(struct bufferevent *bev) 1212 { 1213 struct bufferevent_openssl *bev_ssl = upcast(bev); 1214 1215 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1216 if (! bev_ssl->underlying) { 1217 evutil_socket_t fd = -1; 1218 BIO *bio = SSL_get_wbio(bev_ssl->ssl); 1219 if (bio) 1220 fd = BIO_get_fd(bio, NULL); 1221 if (fd >= 0) 1222 evutil_closesocket(fd); 1223 } 1224 SSL_free(bev_ssl->ssl); 1225 } 1226 } 1227 1228 static int 1229 be_openssl_adj_timeouts(struct bufferevent *bev) 1230 { 1231 struct bufferevent_openssl *bev_ssl = upcast(bev); 1232 1233 if (bev_ssl->underlying) { 1234 return bufferevent_generic_adj_timeouts_(bev); 1235 } else { 1236 int r1=0, r2=0; 1237 if (event_pending(&bev->ev_read, EV_READ, NULL)) { 1238 if (evutil_timerisset(&bev->timeout_read)) { 1239 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1240 } else { 1241 event_remove_timer(&bev->ev_read); 1242 } 1243 } 1244 if (event_pending(&bev->ev_write, EV_WRITE, NULL)) { 1245 if (evutil_timerisset(&bev->timeout_write)) { 1246 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1247 } else { 1248 event_remove_timer(&bev->ev_write); 1249 } 1250 } 1251 1252 return (r1<0 || r2<0) ? -1 : 0; 1253 } 1254 } 1255 1256 static int 1257 be_openssl_flush(struct bufferevent *bufev, 1258 short iotype, enum bufferevent_flush_mode mode) 1259 { 1260 /* XXXX Implement this. */ 1261 return 0; 1262 } 1263 1264 static int 1265 be_openssl_ctrl(struct bufferevent *bev, 1266 enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) 1267 { 1268 struct bufferevent_openssl *bev_ssl = upcast(bev); 1269 switch (op) { 1270 case BEV_CTRL_SET_FD: 1271 if (bev_ssl->underlying) 1272 return -1; 1273 { 1274 BIO *bio; 1275 bio = BIO_new_socket(data->fd, 0); 1276 SSL_set_bio(bev_ssl->ssl, bio, bio); 1277 bev_ssl->fd_is_set = 1; 1278 } 1279 if (data->fd == -1) 1280 bev_ssl->fd_is_set = 0; 1281 if (bev_ssl->state == BUFFEREVENT_SSL_OPEN) 1282 return set_open_callbacks(bev_ssl, data->fd); 1283 else { 1284 return set_handshake_callbacks(bev_ssl, data->fd); 1285 } 1286 case BEV_CTRL_GET_FD: 1287 if (bev_ssl->underlying) 1288 return -1; 1289 if (!bev_ssl->fd_is_set) 1290 return -1; 1291 data->fd = event_get_fd(&bev->ev_read); 1292 return 0; 1293 case BEV_CTRL_GET_UNDERLYING: 1294 if (!bev_ssl->underlying) 1295 return -1; 1296 data->ptr = bev_ssl->underlying; 1297 return 0; 1298 case BEV_CTRL_CANCEL_ALL: 1299 default: 1300 return -1; 1301 } 1302 } 1303 1304 SSL * 1305 bufferevent_openssl_get_ssl(struct bufferevent *bufev) 1306 { 1307 struct bufferevent_openssl *bev_ssl = upcast(bufev); 1308 if (!bev_ssl) 1309 return NULL; 1310 return bev_ssl->ssl; 1311 } 1312 1313 static struct bufferevent * 1314 bufferevent_openssl_new_impl(struct event_base *base, 1315 struct bufferevent *underlying, 1316 evutil_socket_t fd, 1317 SSL *ssl, 1318 enum bufferevent_ssl_state state, 1319 int options) 1320 { 1321 struct bufferevent_openssl *bev_ssl = NULL; 1322 struct bufferevent_private *bev_p = NULL; 1323 int tmp_options = options & ~BEV_OPT_THREADSAFE; 1324 1325 if (underlying != NULL && fd >= 0) 1326 return NULL; /* Only one can be set. */ 1327 1328 if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) 1329 goto err; 1330 1331 bev_p = &bev_ssl->bev; 1332 1333 if (bufferevent_init_common_(bev_p, base, 1334 &bufferevent_ops_openssl, tmp_options) < 0) 1335 goto err; 1336 1337 /* Don't explode if we decide to realloc a chunk we're writing from in 1338 * the output buffer. */ 1339 SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 1340 1341 bev_ssl->underlying = underlying; 1342 bev_ssl->ssl = ssl; 1343 1344 bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, 1345 be_openssl_outbuf_cb, bev_ssl); 1346 1347 if (options & BEV_OPT_THREADSAFE) 1348 bufferevent_enable_locking_(&bev_ssl->bev.bev, NULL); 1349 1350 if (underlying) { 1351 bufferevent_init_generic_timeout_cbs_(&bev_ssl->bev.bev); 1352 bufferevent_incref_(underlying); 1353 } 1354 1355 bev_ssl->state = state; 1356 bev_ssl->last_write = -1; 1357 1358 init_bio_counts(bev_ssl); 1359 1360 switch (state) { 1361 case BUFFEREVENT_SSL_ACCEPTING: 1362 SSL_set_accept_state(bev_ssl->ssl); 1363 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1364 goto err; 1365 break; 1366 case BUFFEREVENT_SSL_CONNECTING: 1367 SSL_set_connect_state(bev_ssl->ssl); 1368 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1369 goto err; 1370 break; 1371 case BUFFEREVENT_SSL_OPEN: 1372 if (set_open_callbacks(bev_ssl, fd) < 0) 1373 goto err; 1374 break; 1375 default: 1376 goto err; 1377 } 1378 1379 if (underlying) { 1380 bufferevent_setwatermark(underlying, EV_READ, 0, 0); 1381 bufferevent_enable(underlying, EV_READ|EV_WRITE); 1382 if (state == BUFFEREVENT_SSL_OPEN) 1383 bufferevent_suspend_read_(underlying, 1384 BEV_SUSPEND_FILT_READ); 1385 } else { 1386 bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE; 1387 if (bev_ssl->fd_is_set) { 1388 if (state != BUFFEREVENT_SSL_OPEN) 1389 if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0) 1390 goto err; 1391 if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0) 1392 goto err; 1393 } 1394 } 1395 1396 return &bev_ssl->bev.bev; 1397 err: 1398 if (bev_ssl) 1399 bufferevent_free(&bev_ssl->bev.bev); 1400 return NULL; 1401 } 1402 1403 struct bufferevent * 1404 bufferevent_openssl_filter_new(struct event_base *base, 1405 struct bufferevent *underlying, 1406 SSL *ssl, 1407 enum bufferevent_ssl_state state, 1408 int options) 1409 { 1410 /* We don't tell the BIO to close the bufferevent; we do it ourselves 1411 * on be_openssl_destruct */ 1412 int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */ 1413 BIO *bio; 1414 if (!underlying) 1415 return NULL; 1416 if (!(bio = BIO_new_bufferevent(underlying, close_flag))) 1417 return NULL; 1418 1419 SSL_set_bio(ssl, bio, bio); 1420 1421 return bufferevent_openssl_new_impl( 1422 base, underlying, -1, ssl, state, options); 1423 } 1424 1425 struct bufferevent * 1426 bufferevent_openssl_socket_new(struct event_base *base, 1427 evutil_socket_t fd, 1428 SSL *ssl, 1429 enum bufferevent_ssl_state state, 1430 int options) 1431 { 1432 /* Does the SSL already have an fd? */ 1433 BIO *bio = SSL_get_wbio(ssl); 1434 long have_fd = -1; 1435 1436 if (bio) 1437 have_fd = BIO_get_fd(bio, NULL); 1438 1439 if (have_fd >= 0) { 1440 /* The SSL is already configured with an fd. */ 1441 if (fd < 0) { 1442 /* We should learn the fd from the SSL. */ 1443 fd = (evutil_socket_t) have_fd; 1444 } else if (have_fd == (long)fd) { 1445 /* We already know the fd from the SSL; do nothing */ 1446 } else { 1447 /* We specified an fd different from that of the SSL. 1448 This is probably an error on our part. Fail. */ 1449 return NULL; 1450 } 1451 (void) BIO_set_close(bio, 0); 1452 } else { 1453 /* The SSL isn't configured with a BIO with an fd. */ 1454 if (fd >= 0) { 1455 /* ... and we have an fd we want to use. */ 1456 bio = BIO_new_socket(fd, 0); 1457 SSL_set_bio(ssl, bio, bio); 1458 } else { 1459 /* Leave the fd unset. */ 1460 } 1461 } 1462 1463 return bufferevent_openssl_new_impl( 1464 base, NULL, fd, ssl, state, options); 1465 } 1466 1467 int 1468 bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev) 1469 { 1470 int allow_dirty_shutdown = -1; 1471 struct bufferevent_openssl *bev_ssl; 1472 BEV_LOCK(bev); 1473 bev_ssl = upcast(bev); 1474 if (bev_ssl) 1475 allow_dirty_shutdown = bev_ssl->allow_dirty_shutdown; 1476 BEV_UNLOCK(bev); 1477 return allow_dirty_shutdown; 1478 } 1479 1480 void 1481 bufferevent_openssl_set_allow_dirty_shutdown(struct bufferevent *bev, 1482 int allow_dirty_shutdown) 1483 { 1484 struct bufferevent_openssl *bev_ssl; 1485 BEV_LOCK(bev); 1486 bev_ssl = upcast(bev); 1487 if (bev_ssl) 1488 bev_ssl->allow_dirty_shutdown = !!allow_dirty_shutdown; 1489 BEV_UNLOCK(bev); 1490 } 1491 1492 unsigned long 1493 bufferevent_get_openssl_error(struct bufferevent *bev) 1494 { 1495 unsigned long err = 0; 1496 struct bufferevent_openssl *bev_ssl; 1497 BEV_LOCK(bev); 1498 bev_ssl = upcast(bev); 1499 if (bev_ssl && bev_ssl->n_errors) { 1500 err = bev_ssl->errors[--bev_ssl->n_errors]; 1501 } 1502 BEV_UNLOCK(bev); 1503 return err; 1504 } 1505