libevent/dist/bufferevent_openssl.c

*e985b929SDavid van Moolenbroek/*	$NetBSD: bufferevent_openssl.c,v 1.1.1.1 2013/04/11 16:43:25 christos Exp $	*/
*e985b929SDavid van Moolenbroek/*
*e985b929SDavid van Moolenbroek * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson
*e985b929SDavid van Moolenbroek *
*e985b929SDavid van Moolenbroek * Redistribution and use in source and binary forms, with or without
*e985b929SDavid van Moolenbroek * modification, are permitted provided that the following conditions
*e985b929SDavid van Moolenbroek * are met:
*e985b929SDavid van Moolenbroek * 1. Redistributions of source code must retain the above copyright
*e985b929SDavid van Moolenbroek *    notice, this list of conditions and the following disclaimer.
*e985b929SDavid van Moolenbroek * 2. Redistributions in binary form must reproduce the above copyright
*e985b929SDavid van Moolenbroek *    notice, this list of conditions and the following disclaimer in the
*e985b929SDavid van Moolenbroek *    documentation and/or other materials provided with the distribution.
*e985b929SDavid van Moolenbroek * 3. The name of the author may not be used to endorse or promote products
*e985b929SDavid van Moolenbroek *    derived from this software without specific prior written permission.
*e985b929SDavid van Moolenbroek *
*e985b929SDavid van Moolenbroek * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
*e985b929SDavid van Moolenbroek * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
*e985b929SDavid van Moolenbroek * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
*e985b929SDavid van Moolenbroek * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
*e985b929SDavid van Moolenbroek * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
*e985b929SDavid van Moolenbroek * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
*e985b929SDavid van Moolenbroek * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
*e985b929SDavid van Moolenbroek * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
*e985b929SDavid van Moolenbroek * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
*e985b929SDavid van Moolenbroek * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*e985b929SDavid van Moolenbroek */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include <sys/types.h>
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include "event2/event-config.h"
*e985b929SDavid van Moolenbroek#include <sys/cdefs.h>
*e985b929SDavid van Moolenbroek__RCSID("$NetBSD: bufferevent_openssl.c,v 1.1.1.1 2013/04/11 16:43:25 christos Exp $");
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#ifdef _EVENT_HAVE_SYS_TIME_H
*e985b929SDavid van Moolenbroek#include <sys/time.h>
*e985b929SDavid van Moolenbroek#endif
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include <errno.h>
*e985b929SDavid van Moolenbroek#include <stdio.h>
*e985b929SDavid van Moolenbroek#include <stdlib.h>
*e985b929SDavid van Moolenbroek#include <string.h>
*e985b929SDavid van Moolenbroek#ifdef _EVENT_HAVE_STDARG_H
*e985b929SDavid van Moolenbroek#include <stdarg.h>
*e985b929SDavid van Moolenbroek#endif
*e985b929SDavid van Moolenbroek#ifdef _EVENT_HAVE_UNISTD_H
*e985b929SDavid van Moolenbroek#include <unistd.h>
*e985b929SDavid van Moolenbroek#endif
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#ifdef WIN32
*e985b929SDavid van Moolenbroek#include <winsock2.h>
*e985b929SDavid van Moolenbroek#endif
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include "event2/bufferevent.h"
*e985b929SDavid van Moolenbroek#include "event2/bufferevent_struct.h"
*e985b929SDavid van Moolenbroek#include "event2/bufferevent_ssl.h"
*e985b929SDavid van Moolenbroek#include "event2/buffer.h"
*e985b929SDavid van Moolenbroek#include "event2/event.h"
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include "mm-internal.h"
*e985b929SDavid van Moolenbroek#include "bufferevent-internal.h"
*e985b929SDavid van Moolenbroek#include "log-internal.h"
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#include <openssl/bio.h>
*e985b929SDavid van Moolenbroek#include <openssl/ssl.h>
*e985b929SDavid van Moolenbroek#include <openssl/err.h>
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/*
*e985b929SDavid van Moolenbroek * Define an OpenSSL bio that targets a bufferevent.
*e985b929SDavid van Moolenbroek */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* --------------------
*e985b929SDavid van Moolenbroek   A BIO is an OpenSSL abstraction that handles reading and writing data.  The
*e985b929SDavid van Moolenbroek   library will happily speak SSL over anything that implements a BIO
*e985b929SDavid van Moolenbroek   interface.
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek   Here we define a BIO implementation that directs its output to a
*e985b929SDavid van Moolenbroek   bufferevent.  We'll want to use this only when none of OpenSSL's built-in
*e985b929SDavid van Moolenbroek   IO mechanisms work for us.
*e985b929SDavid van Moolenbroek   -------------------- */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* every BIO type needs its own integer type value. */
*e985b929SDavid van Moolenbroek#define BIO_TYPE_LIBEVENT 57
*e985b929SDavid van Moolenbroek/* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on
*e985b929SDavid van Moolenbroek * this. */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#if 0
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekprint_err(int val)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int err;
*e985b929SDavid van Moolenbroek	printf("Error was %d\n", val);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	while ((err = ERR_get_error())) {
*e985b929SDavid van Moolenbroek		const char *msg = (const char*)ERR_reason_error_string(err);
*e985b929SDavid van Moolenbroek		const char *lib = (const char*)ERR_lib_error_string(err);
*e985b929SDavid van Moolenbroek		const char *func = (const char*)ERR_func_error_string(err);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		printf("%s in %s %s\n", msg, lib, func);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek#else
*e985b929SDavid van Moolenbroek#define print_err(v) ((void)0)
*e985b929SDavid van Moolenbroek#endif
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to initialize a new BIO */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbio_bufferevent_new(BIO *b)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	b->init = 0;
*e985b929SDavid van Moolenbroek	b->num = -1;
*e985b929SDavid van Moolenbroek	b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/
*e985b929SDavid van Moolenbroek	b->flags = 0;
*e985b929SDavid van Moolenbroek	return 1;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to uninitialize the BIO. */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbio_bufferevent_free(BIO *b)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (!b)
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	if (b->shutdown) {
*e985b929SDavid van Moolenbroek		if (b->init && b->ptr)
*e985b929SDavid van Moolenbroek			bufferevent_free(b->ptr);
*e985b929SDavid van Moolenbroek		b->init = 0;
*e985b929SDavid van Moolenbroek		b->flags = 0;
*e985b929SDavid van Moolenbroek		b->ptr = NULL;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return 1;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to extract data from the BIO. */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbio_bufferevent_read(BIO *b, char *out, int outlen)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int r = 0;
*e985b929SDavid van Moolenbroek	struct evbuffer *input;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	BIO_clear_retry_flags(b);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (!out)
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	if (!b->ptr)
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	input = bufferevent_get_input(b->ptr);
*e985b929SDavid van Moolenbroek	if (evbuffer_get_length(input) == 0) {
*e985b929SDavid van Moolenbroek		/* If there's no data to read, say so. */
*e985b929SDavid van Moolenbroek		BIO_set_retry_read(b);
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		r = evbuffer_remove(input, out, outlen);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to write data info the BIO */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbio_bufferevent_write(BIO *b, const char *in, int inlen)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent *bufev = b->ptr;
*e985b929SDavid van Moolenbroek	struct evbuffer *output;
*e985b929SDavid van Moolenbroek	size_t outlen;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	BIO_clear_retry_flags(b);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (!b->ptr)
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	output = bufferevent_get_output(bufev);
*e985b929SDavid van Moolenbroek	outlen = evbuffer_get_length(output);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* Copy only as much data onto the output buffer as can fit under the
*e985b929SDavid van Moolenbroek	 * high-water mark. */
*e985b929SDavid van Moolenbroek	if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) {
*e985b929SDavid van Moolenbroek		if (bufev->wm_write.high <= outlen) {
*e985b929SDavid van Moolenbroek			/* If no data can fit, we'll need to retry later. */
*e985b929SDavid van Moolenbroek			BIO_set_retry_write(b);
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		inlen = bufev->wm_write.high - outlen;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	EVUTIL_ASSERT(inlen > 0);
*e985b929SDavid van Moolenbroek	evbuffer_add(output, in, inlen);
*e985b929SDavid van Moolenbroek	return inlen;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to handle various requests */
*e985b929SDavid van Moolenbroekstatic long
*e985b929SDavid van Moolenbroekbio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent *bufev = b->ptr;
*e985b929SDavid van Moolenbroek	long ret = 1;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	switch (cmd) {
*e985b929SDavid van Moolenbroek	case BIO_CTRL_GET_CLOSE:
*e985b929SDavid van Moolenbroek		ret = b->shutdown;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case BIO_CTRL_SET_CLOSE:
*e985b929SDavid van Moolenbroek		b->shutdown = (int)num;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case BIO_CTRL_PENDING:
*e985b929SDavid van Moolenbroek		ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case BIO_CTRL_WPENDING:
*e985b929SDavid van Moolenbroek		ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	/* XXXX These two are given a special-case treatment because
*e985b929SDavid van Moolenbroek	 * of cargo-cultism.  I should come up with a better reason. */
*e985b929SDavid van Moolenbroek	case BIO_CTRL_DUP:
*e985b929SDavid van Moolenbroek	case BIO_CTRL_FLUSH:
*e985b929SDavid van Moolenbroek		ret = 1;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	default:
*e985b929SDavid van Moolenbroek		ret = 0;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return ret;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Called to write a string to the BIO */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbio_bufferevent_puts(BIO *b, const char *s)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	return bio_bufferevent_write(b, s, strlen(s));
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Method table for the bufferevent BIO */
*e985b929SDavid van Moolenbroekstatic BIO_METHOD methods_bufferevent = {
*e985b929SDavid van Moolenbroek	BIO_TYPE_LIBEVENT, "bufferevent",
*e985b929SDavid van Moolenbroek	bio_bufferevent_write,
*e985b929SDavid van Moolenbroek	bio_bufferevent_read,
*e985b929SDavid van Moolenbroek	bio_bufferevent_puts,
*e985b929SDavid van Moolenbroek	NULL /* bio_bufferevent_gets */,
*e985b929SDavid van Moolenbroek	bio_bufferevent_ctrl,
*e985b929SDavid van Moolenbroek	bio_bufferevent_new,
*e985b929SDavid van Moolenbroek	bio_bufferevent_free,
*e985b929SDavid van Moolenbroek	NULL /* callback_ctrl */,
*e985b929SDavid van Moolenbroek};
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Return the method table for the bufferevents BIO */
*e985b929SDavid van Moolenbroekstatic BIO_METHOD *
*e985b929SDavid van MoolenbroekBIO_s_bufferevent(void)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	return &methods_bufferevent;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Create a new BIO to wrap communication around a bufferevent.  If close_flag
*e985b929SDavid van Moolenbroek * is true, the bufferevent will be freed when the BIO is closed. */
*e985b929SDavid van Moolenbroekstatic BIO *
*e985b929SDavid van MoolenbroekBIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	BIO *result;
*e985b929SDavid van Moolenbroek	if (!bufferevent)
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek	if (!(result = BIO_new(BIO_s_bufferevent())))
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek	result->init = 1;
*e985b929SDavid van Moolenbroek	result->ptr = bufferevent;
*e985b929SDavid van Moolenbroek	result->shutdown = close_flag ? 1 : 0;
*e985b929SDavid van Moolenbroek	return result;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* --------------------
*e985b929SDavid van Moolenbroek   Now, here's the OpenSSL-based implementation of bufferevent.
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek   The implementation comes in two flavors: one that connects its SSL object
*e985b929SDavid van Moolenbroek   to an underlying bufferevent using a BIO_bufferevent, and one that has the
*e985b929SDavid van Moolenbroek   SSL object connect to a socket directly.  The latter should generally be
*e985b929SDavid van Moolenbroek   faster, except on Windows, where your best bet is using a
*e985b929SDavid van Moolenbroek   bufferevent_async.
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek   (OpenSSL supports many other BIO types, too.  But we can't use any unless
*e985b929SDavid van Moolenbroek   we have a good way to get notified when they become readable/writable.)
*e985b929SDavid van Moolenbroek   -------------------- */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstruct bio_data_counts {
*e985b929SDavid van Moolenbroek	unsigned long n_written;
*e985b929SDavid van Moolenbroek	unsigned long n_read;
*e985b929SDavid van Moolenbroek};
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstruct bufferevent_openssl {
*e985b929SDavid van Moolenbroek	/* Shared fields with common bufferevent implementation code.
*e985b929SDavid van Moolenbroek	   If we were set up with an underlying bufferevent, we use the
*e985b929SDavid van Moolenbroek	   events here as timers only.  If we have an SSL, then we use
*e985b929SDavid van Moolenbroek	   the events as socket events.
*e985b929SDavid van Moolenbroek	 */
*e985b929SDavid van Moolenbroek	struct bufferevent_private bev;
*e985b929SDavid van Moolenbroek	/* An underlying bufferevent that we're directing our output to.
*e985b929SDavid van Moolenbroek	   If it's NULL, then we're connected to an fd, not an evbuffer. */
*e985b929SDavid van Moolenbroek	struct bufferevent *underlying;
*e985b929SDavid van Moolenbroek	/* The SSL object doing our encryption. */
*e985b929SDavid van Moolenbroek	SSL *ssl;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* A callback that's invoked when data arrives on our outbuf so we
*e985b929SDavid van Moolenbroek	   know to write data to the SSL. */
*e985b929SDavid van Moolenbroek	struct evbuffer_cb_entry *outbuf_cb;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* A count of how much data the bios have read/written total.  Used
*e985b929SDavid van Moolenbroek	   for rate-limiting. */
*e985b929SDavid van Moolenbroek	struct bio_data_counts counts;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* If this value is greater than 0, then the last SSL_write blocked,
*e985b929SDavid van Moolenbroek	 * and we need to try it again with this many bytes. */
*e985b929SDavid van Moolenbroek	ev_ssize_t last_write;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#define NUM_ERRORS 3
*e985b929SDavid van Moolenbroek	ev_uint32_t errors[NUM_ERRORS];
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* When we next get available space, we should say "read" instead of
*e985b929SDavid van Moolenbroek	   "write". This can happen if there's a renegotiation during a read
*e985b929SDavid van Moolenbroek	   operation. */
*e985b929SDavid van Moolenbroek	unsigned read_blocked_on_write : 1;
*e985b929SDavid van Moolenbroek	/* When we next get data, we should say "write" instead of "read". */
*e985b929SDavid van Moolenbroek	unsigned write_blocked_on_read : 1;
*e985b929SDavid van Moolenbroek	/* XXX */
*e985b929SDavid van Moolenbroek	unsigned allow_dirty_shutdown : 1;
*e985b929SDavid van Moolenbroek	/* XXXX */
*e985b929SDavid van Moolenbroek	unsigned fd_is_set : 1;
*e985b929SDavid van Moolenbroek	/* XXX */
*e985b929SDavid van Moolenbroek	unsigned n_errors : 2;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* Are we currently connecting, accepting, or doing IO? */
*e985b929SDavid van Moolenbroek	unsigned state : 2;
*e985b929SDavid van Moolenbroek};
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int be_openssl_enable(struct bufferevent *, short);
*e985b929SDavid van Moolenbroekstatic int be_openssl_disable(struct bufferevent *, short);
*e985b929SDavid van Moolenbroekstatic void be_openssl_destruct(struct bufferevent *);
*e985b929SDavid van Moolenbroekstatic int be_openssl_adj_timeouts(struct bufferevent *);
*e985b929SDavid van Moolenbroekstatic int be_openssl_flush(struct bufferevent *bufev,
*e985b929SDavid van Moolenbroek    short iotype, enum bufferevent_flush_mode mode);
*e985b929SDavid van Moolenbroekstatic int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekconst struct bufferevent_ops bufferevent_ops_openssl = {
*e985b929SDavid van Moolenbroek	"ssl",
*e985b929SDavid van Moolenbroek	evutil_offsetof(struct bufferevent_openssl, bev.bev),
*e985b929SDavid van Moolenbroek	be_openssl_enable,
*e985b929SDavid van Moolenbroek	be_openssl_disable,
*e985b929SDavid van Moolenbroek	be_openssl_destruct,
*e985b929SDavid van Moolenbroek	be_openssl_adj_timeouts,
*e985b929SDavid van Moolenbroek	be_openssl_flush,
*e985b929SDavid van Moolenbroek	be_openssl_ctrl,
*e985b929SDavid van Moolenbroek};
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Given a bufferevent, return a pointer to the bufferevent_openssl that
*e985b929SDavid van Moolenbroek * contains it, if any. */
*e985b929SDavid van Moolenbroekstatic inline struct bufferevent_openssl *
*e985b929SDavid van Moolenbroekupcast(struct bufferevent *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_o;
*e985b929SDavid van Moolenbroek	if (bev->be_ops != &bufferevent_ops_openssl)
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek	bev_o = (void*)( ((char*)bev) -
*e985b929SDavid van Moolenbroek			 evutil_offsetof(struct bufferevent_openssl, bev.bev));
*e985b929SDavid van Moolenbroek	EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl);
*e985b929SDavid van Moolenbroek	return bev_o;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic inline void
*e985b929SDavid van Moolenbroekput_error(struct bufferevent_openssl *bev_ssl, unsigned long err)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->n_errors == NUM_ERRORS)
*e985b929SDavid van Moolenbroek		return;
*e985b929SDavid van Moolenbroek	/* The error type according to openssl is "unsigned long", but
*e985b929SDavid van Moolenbroek	   openssl never uses more than 32 bits of it.  It _can't_ use more
*e985b929SDavid van Moolenbroek	   than 32 bits of it, since it needs to report errors on systems
*e985b929SDavid van Moolenbroek	   where long is only 32 bits.
*e985b929SDavid van Moolenbroek	 */
*e985b929SDavid van Moolenbroek	bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Have the base communications channel (either the underlying bufferevent or
*e985b929SDavid van Moolenbroek * ev_read and ev_write) start reading.  Take the read-blocked-on-write flag
*e985b929SDavid van Moolenbroek * into account. */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekstart_reading(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		bufferevent_unsuspend_read(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek		    BEV_SUSPEND_FILT_READ);
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		int r;
*e985b929SDavid van Moolenbroek		r = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
*e985b929SDavid van Moolenbroek		if (r == 0 && bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek			r = _bufferevent_add_event(&bev->ev_write,
*e985b929SDavid van Moolenbroek			    &bev->timeout_write);
*e985b929SDavid van Moolenbroek		return r;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Have the base communications channel (either the underlying bufferevent or
*e985b929SDavid van Moolenbroek * ev_read and ev_write) start writing.  Take the write-blocked-on-read flag
*e985b929SDavid van Moolenbroek * into account. */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekstart_writing(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int r = 0;
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		r = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
*e985b929SDavid van Moolenbroek		if (!r && bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek			r = _bufferevent_add_event(&bev->ev_read,
*e985b929SDavid van Moolenbroek			    &bev->timeout_read);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekstop_reading(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek		return;
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		bufferevent_suspend_read(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek		    BEV_SUSPEND_FILT_READ);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		event_del(&bev->ev_read);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekstop_writing(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek		return;
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		event_del(&bev->ev_write);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekset_rbow(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (!bev_ssl->underlying)
*e985b929SDavid van Moolenbroek		stop_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	bev_ssl->read_blocked_on_write = 1;
*e985b929SDavid van Moolenbroek	return start_writing(bev_ssl);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekset_wbor(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (!bev_ssl->underlying)
*e985b929SDavid van Moolenbroek		stop_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	bev_ssl->write_blocked_on_read = 1;
*e985b929SDavid van Moolenbroek	return start_reading(bev_ssl);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekclear_rbow(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek	int r = 0;
*e985b929SDavid van Moolenbroek	bev_ssl->read_blocked_on_write = 0;
*e985b929SDavid van Moolenbroek	if (!(bev->enabled & EV_WRITE))
*e985b929SDavid van Moolenbroek		stop_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	if (bev->enabled & EV_READ)
*e985b929SDavid van Moolenbroek		r = start_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	return r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekclear_wbor(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek	int r = 0;
*e985b929SDavid van Moolenbroek	bev_ssl->write_blocked_on_read = 0;
*e985b929SDavid van Moolenbroek	if (!(bev->enabled & EV_READ))
*e985b929SDavid van Moolenbroek		stop_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	if (bev->enabled & EV_WRITE)
*e985b929SDavid van Moolenbroek		r = start_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	return r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekconn_closed(struct bufferevent_openssl *bev_ssl, int errcode, int ret)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int event = BEV_EVENT_ERROR;
*e985b929SDavid van Moolenbroek	int dirty_shutdown = 0;
*e985b929SDavid van Moolenbroek	unsigned long err;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	switch (errcode) {
*e985b929SDavid van Moolenbroek	case SSL_ERROR_ZERO_RETURN:
*e985b929SDavid van Moolenbroek		/* Possibly a clean shutdown. */
*e985b929SDavid van Moolenbroek		if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN)
*e985b929SDavid van Moolenbroek			event = BEV_EVENT_EOF;
*e985b929SDavid van Moolenbroek		else
*e985b929SDavid van Moolenbroek			dirty_shutdown = 1;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case SSL_ERROR_SYSCALL:
*e985b929SDavid van Moolenbroek		/* IO error; possibly a dirty shutdown. */
*e985b929SDavid van Moolenbroek		if (ret == 0 && ERR_peek_error() == 0)
*e985b929SDavid van Moolenbroek			dirty_shutdown = 1;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case SSL_ERROR_SSL:
*e985b929SDavid van Moolenbroek		/* Protocol error. */
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case SSL_ERROR_WANT_X509_LOOKUP:
*e985b929SDavid van Moolenbroek		/* XXXX handle this. */
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case SSL_ERROR_NONE:
*e985b929SDavid van Moolenbroek	case SSL_ERROR_WANT_READ:
*e985b929SDavid van Moolenbroek	case SSL_ERROR_WANT_WRITE:
*e985b929SDavid van Moolenbroek	case SSL_ERROR_WANT_CONNECT:
*e985b929SDavid van Moolenbroek	case SSL_ERROR_WANT_ACCEPT:
*e985b929SDavid van Moolenbroek	default:
*e985b929SDavid van Moolenbroek		/* should be impossible; treat as normal error. */
*e985b929SDavid van Moolenbroek		event_warnx("BUG: Unexpected OpenSSL error code %d", errcode);
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	while ((err = ERR_get_error())) {
*e985b929SDavid van Moolenbroek		put_error(bev_ssl, err);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (dirty_shutdown && bev_ssl->allow_dirty_shutdown)
*e985b929SDavid van Moolenbroek		event = BEV_EVENT_EOF;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	stop_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	stop_writing(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	_bufferevent_run_eventcb(&bev_ssl->bev.bev, event);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekinit_bio_counts(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	bev_ssl->counts.n_written =
*e985b929SDavid van Moolenbroek	    BIO_number_written(SSL_get_wbio(bev_ssl->ssl));
*e985b929SDavid van Moolenbroek	bev_ssl->counts.n_read =
*e985b929SDavid van Moolenbroek	    BIO_number_read(SSL_get_rbio(bev_ssl->ssl));
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic inline void
*e985b929SDavid van Moolenbroekdecrement_buckets(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl));
*e985b929SDavid van Moolenbroek	unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl));
*e985b929SDavid van Moolenbroek	/* These next two subtractions can wrap around. That's okay. */
*e985b929SDavid van Moolenbroek	unsigned long w = num_w - bev_ssl->counts.n_written;
*e985b929SDavid van Moolenbroek	unsigned long r = num_r - bev_ssl->counts.n_read;
*e985b929SDavid van Moolenbroek	if (w)
*e985b929SDavid van Moolenbroek		_bufferevent_decrement_write_buckets(&bev_ssl->bev, w);
*e985b929SDavid van Moolenbroek	if (r)
*e985b929SDavid van Moolenbroek		_bufferevent_decrement_read_buckets(&bev_ssl->bev, r);
*e985b929SDavid van Moolenbroek	bev_ssl->counts.n_written = num_w;
*e985b929SDavid van Moolenbroek	bev_ssl->counts.n_read = num_r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#define OP_MADE_PROGRESS 1
*e985b929SDavid van Moolenbroek#define OP_BLOCKED 2
*e985b929SDavid van Moolenbroek#define OP_ERR 4
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if
*e985b929SDavid van Moolenbroek   we're now blocked); and OP_ERR (if an error occurred). */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekdo_read(struct bufferevent_openssl *bev_ssl, int n_to_read) {
*e985b929SDavid van Moolenbroek	/* Requires lock */
*e985b929SDavid van Moolenbroek	struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek	struct evbuffer *input = bev->input;
*e985b929SDavid van Moolenbroek	int r, n, i, n_used = 0, atmost;
*e985b929SDavid van Moolenbroek	struct evbuffer_iovec space[2];
*e985b929SDavid van Moolenbroek	int result = 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->bev.read_suspended)
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	atmost = _bufferevent_get_read_max(&bev_ssl->bev);
*e985b929SDavid van Moolenbroek	if (n_to_read > atmost)
*e985b929SDavid van Moolenbroek		n_to_read = atmost;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	n = evbuffer_reserve_space(input, n_to_read, space, 2);
*e985b929SDavid van Moolenbroek	if (n < 0)
*e985b929SDavid van Moolenbroek		return OP_ERR;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	for (i=0; i<n; ++i) {
*e985b929SDavid van Moolenbroek		if (bev_ssl->bev.read_suspended)
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek		r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len);
*e985b929SDavid van Moolenbroek		if (r>0) {
*e985b929SDavid van Moolenbroek			result |= OP_MADE_PROGRESS;
*e985b929SDavid van Moolenbroek			if (bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek				if (clear_rbow(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek					return OP_ERR | result;
*e985b929SDavid van Moolenbroek			++n_used;
*e985b929SDavid van Moolenbroek			space[i].iov_len = r;
*e985b929SDavid van Moolenbroek			decrement_buckets(bev_ssl);
*e985b929SDavid van Moolenbroek		} else {
*e985b929SDavid van Moolenbroek			int err = SSL_get_error(bev_ssl->ssl, r);
*e985b929SDavid van Moolenbroek			print_err(err);
*e985b929SDavid van Moolenbroek			switch (err) {
*e985b929SDavid van Moolenbroek			case SSL_ERROR_WANT_READ:
*e985b929SDavid van Moolenbroek				/* Can't read until underlying has more data. */
*e985b929SDavid van Moolenbroek				if (bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek					if (clear_rbow(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek						return OP_ERR | result;
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			case SSL_ERROR_WANT_WRITE:
*e985b929SDavid van Moolenbroek				/* This read operation requires a write, and the
*e985b929SDavid van Moolenbroek				 * underlying is full */
*e985b929SDavid van Moolenbroek				if (!bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek					if (set_rbow(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek						return OP_ERR | result;
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			default:
*e985b929SDavid van Moolenbroek				conn_closed(bev_ssl, err, r);
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek			result |= OP_BLOCKED;
*e985b929SDavid van Moolenbroek			break; /* out of the loop */
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (n_used) {
*e985b929SDavid van Moolenbroek		evbuffer_commit_space(input, space, n_used);
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			BEV_RESET_GENERIC_READ_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return result;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if
*e985b929SDavid van Moolenbroek   we're now blocked); and OP_ERR (if an error occurred). */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekdo_write(struct bufferevent_openssl *bev_ssl, int atmost)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int i, r, n, n_written = 0;
*e985b929SDavid van Moolenbroek	struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek	struct evbuffer *output = bev->output;
*e985b929SDavid van Moolenbroek	struct evbuffer_iovec space[8];
*e985b929SDavid van Moolenbroek	int result = 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->last_write > 0)
*e985b929SDavid van Moolenbroek		atmost = bev_ssl->last_write;
*e985b929SDavid van Moolenbroek	else
*e985b929SDavid van Moolenbroek		atmost = _bufferevent_get_write_max(&bev_ssl->bev);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	n = evbuffer_peek(output, atmost, NULL, space, 8);
*e985b929SDavid van Moolenbroek	if (n < 0)
*e985b929SDavid van Moolenbroek		return OP_ERR | result;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (n > 8)
*e985b929SDavid van Moolenbroek		n = 8;
*e985b929SDavid van Moolenbroek	for (i=0; i < n; ++i) {
*e985b929SDavid van Moolenbroek		if (bev_ssl->bev.write_suspended)
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		/* SSL_write will (reasonably) return 0 if we tell it to
*e985b929SDavid van Moolenbroek		   send 0 data.  Skip this case so we don't interpret the
*e985b929SDavid van Moolenbroek		   result as an error */
*e985b929SDavid van Moolenbroek		if (space[i].iov_len == 0)
*e985b929SDavid van Moolenbroek			continue;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		r = SSL_write(bev_ssl->ssl, space[i].iov_base,
*e985b929SDavid van Moolenbroek		    space[i].iov_len);
*e985b929SDavid van Moolenbroek		if (r > 0) {
*e985b929SDavid van Moolenbroek			result |= OP_MADE_PROGRESS;
*e985b929SDavid van Moolenbroek			if (bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek				if (clear_wbor(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek					return OP_ERR | result;
*e985b929SDavid van Moolenbroek			n_written += r;
*e985b929SDavid van Moolenbroek			bev_ssl->last_write = -1;
*e985b929SDavid van Moolenbroek			decrement_buckets(bev_ssl);
*e985b929SDavid van Moolenbroek		} else {
*e985b929SDavid van Moolenbroek			int err = SSL_get_error(bev_ssl->ssl, r);
*e985b929SDavid van Moolenbroek			print_err(err);
*e985b929SDavid van Moolenbroek			switch (err) {
*e985b929SDavid van Moolenbroek			case SSL_ERROR_WANT_WRITE:
*e985b929SDavid van Moolenbroek				/* Can't read until underlying has more data. */
*e985b929SDavid van Moolenbroek				if (bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek					if (clear_wbor(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek						return OP_ERR | result;
*e985b929SDavid van Moolenbroek				bev_ssl->last_write = space[i].iov_len;
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			case SSL_ERROR_WANT_READ:
*e985b929SDavid van Moolenbroek				/* This read operation requires a write, and the
*e985b929SDavid van Moolenbroek				 * underlying is full */
*e985b929SDavid van Moolenbroek				if (!bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek					if (set_wbor(bev_ssl) < 0)
*e985b929SDavid van Moolenbroek						return OP_ERR | result;
*e985b929SDavid van Moolenbroek				bev_ssl->last_write = space[i].iov_len;
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			default:
*e985b929SDavid van Moolenbroek				conn_closed(bev_ssl, err, r);
*e985b929SDavid van Moolenbroek				bev_ssl->last_write = -1;
*e985b929SDavid van Moolenbroek				break;
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek			result |= OP_BLOCKED;
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	if (n_written) {
*e985b929SDavid van Moolenbroek		evbuffer_drain(output, n_written);
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			BEV_RESET_GENERIC_WRITE_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		if (evbuffer_get_length(output) <= bev->wm_write.low)
*e985b929SDavid van Moolenbroek			_bufferevent_run_writecb(bev);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return result;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#define WRITE_FRAME 15000
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek#define READ_DEFAULT 4096
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Try to figure out how many bytes to read; return 0 if we shouldn't be
*e985b929SDavid van Moolenbroek * reading. */
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbytes_to_read(struct bufferevent_openssl *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct evbuffer *input = bev->bev.bev.input;
*e985b929SDavid van Moolenbroek	struct event_watermark *wm = &bev->bev.bev.wm_read;
*e985b929SDavid van Moolenbroek	int result = READ_DEFAULT;
*e985b929SDavid van Moolenbroek	ev_ssize_t limit;
*e985b929SDavid van Moolenbroek	/* XXX 99% of this is generic code that nearly all bufferevents will
*e985b929SDavid van Moolenbroek	 * want. */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev->write_blocked_on_read) {
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (! (bev->bev.bev.enabled & EV_READ)) {
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev->bev.read_suspended) {
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (wm->high) {
*e985b929SDavid van Moolenbroek		if (evbuffer_get_length(input) >= wm->high) {
*e985b929SDavid van Moolenbroek			return 0;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		result = wm->high - evbuffer_get_length(input);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		result = READ_DEFAULT;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* Respect the rate limit */
*e985b929SDavid van Moolenbroek	limit = _bufferevent_get_read_max(&bev->bev);
*e985b929SDavid van Moolenbroek	if (result > limit) {
*e985b929SDavid van Moolenbroek		result = limit;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return result;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek/* Things look readable.  If write is blocked on read, write till it isn't.
*e985b929SDavid van Moolenbroek * Read from the underlying buffer until we block or we hit our high-water
*e985b929SDavid van Moolenbroek * mark.
*e985b929SDavid van Moolenbroek */
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekconsider_reading(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int r;
*e985b929SDavid van Moolenbroek	int n_to_read;
*e985b929SDavid van Moolenbroek	int all_result_flags = 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	while (bev_ssl->write_blocked_on_read) {
*e985b929SDavid van Moolenbroek		r = do_write(bev_ssl, WRITE_FRAME);
*e985b929SDavid van Moolenbroek		if (r & (OP_BLOCKED|OP_ERR))
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	if (bev_ssl->write_blocked_on_read)
*e985b929SDavid van Moolenbroek		return;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	n_to_read = bytes_to_read(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	while (n_to_read) {
*e985b929SDavid van Moolenbroek		r = do_read(bev_ssl, n_to_read);
*e985b929SDavid van Moolenbroek		all_result_flags |= r;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		if (r & (OP_BLOCKED|OP_ERR))
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		if (bev_ssl->bev.read_suspended)
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		/* Read all pending data.  This won't hit the network
*e985b929SDavid van Moolenbroek		 * again, and will (most importantly) put us in a state
*e985b929SDavid van Moolenbroek		 * where we don't need to read anything else until the
*e985b929SDavid van Moolenbroek		 * socket is readable again.  It'll potentially make us
*e985b929SDavid van Moolenbroek		 * overrun our read high-watermark (somewhat
*e985b929SDavid van Moolenbroek		 * regrettable).  The damage to the rate-limit has
*e985b929SDavid van Moolenbroek		 * already been done, since OpenSSL went and read a
*e985b929SDavid van Moolenbroek		 * whole SSL record anyway. */
*e985b929SDavid van Moolenbroek		n_to_read = SSL_pending(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		/* XXX This if statement is actually a bad bug, added to avoid
*e985b929SDavid van Moolenbroek		 * XXX a worse bug.
*e985b929SDavid van Moolenbroek		 *
*e985b929SDavid van Moolenbroek		 * The bad bug: It can potentially cause resource unfairness
*e985b929SDavid van Moolenbroek		 * by reading too much data from the underlying bufferevent;
*e985b929SDavid van Moolenbroek		 * it can potentially cause read looping if the underlying
*e985b929SDavid van Moolenbroek		 * bufferevent is a bufferevent_pair and deferred callbacks
*e985b929SDavid van Moolenbroek		 * aren't used.
*e985b929SDavid van Moolenbroek		 *
*e985b929SDavid van Moolenbroek		 * The worse bug: If we didn't do this, then we would
*e985b929SDavid van Moolenbroek		 * potentially not read any more from bev_ssl->underlying
*e985b929SDavid van Moolenbroek		 * until more data arrived there, which could lead to us
*e985b929SDavid van Moolenbroek		 * waiting forever.
*e985b929SDavid van Moolenbroek		 */
*e985b929SDavid van Moolenbroek		if (!n_to_read && bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			n_to_read = bytes_to_read(bev_ssl);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (all_result_flags & OP_MADE_PROGRESS) {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		struct evbuffer *input = bev->input;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		if (evbuffer_get_length(input) >= bev->wm_read.low) {
*e985b929SDavid van Moolenbroek			_bufferevent_run_readcb(bev);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (!bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		/* Should be redundant, but let's avoid busy-looping */
*e985b929SDavid van Moolenbroek		if (bev_ssl->bev.read_suspended ||
*e985b929SDavid van Moolenbroek		    !(bev_ssl->bev.bev.enabled & EV_READ)) {
*e985b929SDavid van Moolenbroek			event_del(&bev_ssl->bev.bev.ev_read);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekconsider_writing(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int r;
*e985b929SDavid van Moolenbroek	struct evbuffer *output = bev_ssl->bev.bev.output;
*e985b929SDavid van Moolenbroek	struct evbuffer *target = NULL;
*e985b929SDavid van Moolenbroek	struct event_watermark *wm = NULL;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	while (bev_ssl->read_blocked_on_write) {
*e985b929SDavid van Moolenbroek		r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */
*e985b929SDavid van Moolenbroek		if (r & OP_MADE_PROGRESS) {
*e985b929SDavid van Moolenbroek			struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek			struct evbuffer *input = bev->input;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek			if (evbuffer_get_length(input) >= bev->wm_read.low) {
*e985b929SDavid van Moolenbroek				_bufferevent_run_readcb(bev);
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		if (r & (OP_ERR|OP_BLOCKED))
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	if (bev_ssl->read_blocked_on_write)
*e985b929SDavid van Moolenbroek		return;
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		target = bev_ssl->underlying->output;
*e985b929SDavid van Moolenbroek		wm = &bev_ssl->underlying->wm_write;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	while ((bev_ssl->bev.bev.enabled & EV_WRITE) &&
*e985b929SDavid van Moolenbroek	    (! bev_ssl->bev.write_suspended) &&
*e985b929SDavid van Moolenbroek	    evbuffer_get_length(output) &&
*e985b929SDavid van Moolenbroek	    (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) {
*e985b929SDavid van Moolenbroek		int n_to_write;
*e985b929SDavid van Moolenbroek		if (wm && wm->high)
*e985b929SDavid van Moolenbroek			n_to_write = wm->high - evbuffer_get_length(target);
*e985b929SDavid van Moolenbroek		else
*e985b929SDavid van Moolenbroek			n_to_write = WRITE_FRAME;
*e985b929SDavid van Moolenbroek		r = do_write(bev_ssl, n_to_write);
*e985b929SDavid van Moolenbroek		if (r & (OP_BLOCKED|OP_ERR))
*e985b929SDavid van Moolenbroek			break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (!bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		if (evbuffer_get_length(output) == 0) {
*e985b929SDavid van Moolenbroek			event_del(&bev_ssl->bev.bev.ev_write);
*e985b929SDavid van Moolenbroek		} else if (bev_ssl->bev.write_suspended ||
*e985b929SDavid van Moolenbroek		    !(bev_ssl->bev.bev.enabled & EV_WRITE)) {
*e985b929SDavid van Moolenbroek			/* Should be redundant, but let's avoid busy-looping */
*e985b929SDavid van Moolenbroek			event_del(&bev_ssl->bev.bev.ev_write);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_readcb(struct bufferevent *bev_base, void *ctx)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ctx;
*e985b929SDavid van Moolenbroek	consider_reading(bev_ssl);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_writecb(struct bufferevent *bev_base, void *ctx)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ctx;
*e985b929SDavid van Moolenbroek	consider_writing(bev_ssl);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ctx;
*e985b929SDavid van Moolenbroek	int event = 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (what & BEV_EVENT_EOF) {
*e985b929SDavid van Moolenbroek		if (bev_ssl->allow_dirty_shutdown)
*e985b929SDavid van Moolenbroek			event = BEV_EVENT_EOF;
*e985b929SDavid van Moolenbroek		else
*e985b929SDavid van Moolenbroek			event = BEV_EVENT_ERROR;
*e985b929SDavid van Moolenbroek	} else if (what & BEV_EVENT_TIMEOUT) {
*e985b929SDavid van Moolenbroek		/* We sure didn't set this.  Propagate it to the user. */
*e985b929SDavid van Moolenbroek		event = what;
*e985b929SDavid van Moolenbroek	} else if (what & BEV_EVENT_ERROR) {
*e985b929SDavid van Moolenbroek		/* An error occurred on the connection.  Propagate it to the user. */
*e985b929SDavid van Moolenbroek		event = what;
*e985b929SDavid van Moolenbroek	} else if (what & BEV_EVENT_CONNECTED) {
*e985b929SDavid van Moolenbroek		/* Ignore it.  We're saying SSL_connect() already, which will
*e985b929SDavid van Moolenbroek		   eat it. */
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	if (event)
*e985b929SDavid van Moolenbroek		_bufferevent_run_eventcb(&bev_ssl->bev.bev, event);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ptr;
*e985b929SDavid van Moolenbroek	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek	if (what == EV_TIMEOUT) {
*e985b929SDavid van Moolenbroek		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
*e985b929SDavid van Moolenbroek		    BEV_EVENT_TIMEOUT|BEV_EVENT_READING);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		consider_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ptr;
*e985b929SDavid van Moolenbroek	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek	if (what == EV_TIMEOUT) {
*e985b929SDavid van Moolenbroek		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
*e985b929SDavid van Moolenbroek		    BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		consider_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekset_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		bufferevent_setcb(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek		    be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb,
*e985b929SDavid van Moolenbroek		    bev_ssl);
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		int rpending=0, wpending=0, r1=0, r2=0;
*e985b929SDavid van Moolenbroek		if (fd < 0 && bev_ssl->fd_is_set)
*e985b929SDavid van Moolenbroek			fd = event_get_fd(&bev->ev_read);
*e985b929SDavid van Moolenbroek		if (bev_ssl->fd_is_set) {
*e985b929SDavid van Moolenbroek			rpending = event_pending(&bev->ev_read, EV_READ, NULL);
*e985b929SDavid van Moolenbroek			wpending = event_pending(&bev->ev_write, EV_WRITE, NULL);
*e985b929SDavid van Moolenbroek			event_del(&bev->ev_read);
*e985b929SDavid van Moolenbroek			event_del(&bev->ev_write);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		event_assign(&bev->ev_read, bev->ev_base, fd,
*e985b929SDavid van Moolenbroek		    EV_READ|EV_PERSIST, be_openssl_readeventcb, bev_ssl);
*e985b929SDavid van Moolenbroek		event_assign(&bev->ev_write, bev->ev_base, fd,
*e985b929SDavid van Moolenbroek		    EV_WRITE|EV_PERSIST, be_openssl_writeeventcb, bev_ssl);
*e985b929SDavid van Moolenbroek		if (rpending)
*e985b929SDavid van Moolenbroek			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
*e985b929SDavid van Moolenbroek		if (wpending)
*e985b929SDavid van Moolenbroek			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
*e985b929SDavid van Moolenbroek		if (fd >= 0) {
*e985b929SDavid van Moolenbroek			bev_ssl->fd_is_set = 1;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		return (r1<0 || r2<0) ? -1 : 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekdo_handshake(struct bufferevent_openssl *bev_ssl)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	int r;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	switch (bev_ssl->state) {
*e985b929SDavid van Moolenbroek	default:
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_OPEN:
*e985b929SDavid van Moolenbroek		EVUTIL_ASSERT(0);
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_CONNECTING:
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_ACCEPTING:
*e985b929SDavid van Moolenbroek		r = SSL_do_handshake(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	decrement_buckets(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (r==1) {
*e985b929SDavid van Moolenbroek		/* We're done! */
*e985b929SDavid van Moolenbroek		bev_ssl->state = BUFFEREVENT_SSL_OPEN;
*e985b929SDavid van Moolenbroek		set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */
*e985b929SDavid van Moolenbroek		/* Call do_read and do_write as needed */
*e985b929SDavid van Moolenbroek		bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled);
*e985b929SDavid van Moolenbroek		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
*e985b929SDavid van Moolenbroek		    BEV_EVENT_CONNECTED);
*e985b929SDavid van Moolenbroek		return 1;
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		int err = SSL_get_error(bev_ssl->ssl, r);
*e985b929SDavid van Moolenbroek		print_err(err);
*e985b929SDavid van Moolenbroek		switch (err) {
*e985b929SDavid van Moolenbroek		case SSL_ERROR_WANT_WRITE:
*e985b929SDavid van Moolenbroek			if (!bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek				stop_reading(bev_ssl);
*e985b929SDavid van Moolenbroek				return start_writing(bev_ssl);
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek			return 0;
*e985b929SDavid van Moolenbroek		case SSL_ERROR_WANT_READ:
*e985b929SDavid van Moolenbroek			if (!bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek				stop_writing(bev_ssl);
*e985b929SDavid van Moolenbroek				return start_reading(bev_ssl);
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek			return 0;
*e985b929SDavid van Moolenbroek		default:
*e985b929SDavid van Moolenbroek			conn_closed(bev_ssl, err, r);
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_handshakecb(struct bufferevent *bev_base, void *ctx)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ctx;
*e985b929SDavid van Moolenbroek	do_handshake(bev_ssl);/* XXX handle failure */
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = ptr;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek	if (what & EV_TIMEOUT) {
*e985b929SDavid van Moolenbroek		_bufferevent_run_eventcb(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT);
*e985b929SDavid van Moolenbroek	} else
*e985b929SDavid van Moolenbroek		do_handshake(bev_ssl);/* XXX handle failure */
*e985b929SDavid van Moolenbroek	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekset_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		bufferevent_setcb(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek		    be_openssl_handshakecb, be_openssl_handshakecb,
*e985b929SDavid van Moolenbroek		    be_openssl_eventcb,
*e985b929SDavid van Moolenbroek		    bev_ssl);
*e985b929SDavid van Moolenbroek		return do_handshake(bev_ssl);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		struct bufferevent *bev = &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroek		int r1=0, r2=0;
*e985b929SDavid van Moolenbroek		if (fd < 0 && bev_ssl->fd_is_set)
*e985b929SDavid van Moolenbroek			fd = event_get_fd(&bev->ev_read);
*e985b929SDavid van Moolenbroek		if (bev_ssl->fd_is_set) {
*e985b929SDavid van Moolenbroek			event_del(&bev->ev_read);
*e985b929SDavid van Moolenbroek			event_del(&bev->ev_write);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		event_assign(&bev->ev_read, bev->ev_base, fd,
*e985b929SDavid van Moolenbroek		    EV_READ|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl);
*e985b929SDavid van Moolenbroek		event_assign(&bev->ev_write, bev->ev_base, fd,
*e985b929SDavid van Moolenbroek		    EV_WRITE|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl);
*e985b929SDavid van Moolenbroek		if (fd >= 0) {
*e985b929SDavid van Moolenbroek			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
*e985b929SDavid van Moolenbroek			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
*e985b929SDavid van Moolenbroek			bev_ssl->fd_is_set = 1;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		return (r1<0 || r2<0) ? -1 : 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekint
*e985b929SDavid van Moolenbroekbufferevent_ssl_renegotiate(struct bufferevent *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek	if (!bev_ssl)
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	if (SSL_renegotiate(bev_ssl->ssl) < 0)
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	bev_ssl->state = BUFFEREVENT_SSL_CONNECTING;
*e985b929SDavid van Moolenbroek	if (set_handshake_callbacks(bev_ssl, -1) < 0)
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	if (!bev_ssl->underlying)
*e985b929SDavid van Moolenbroek		return do_handshake(bev_ssl);
*e985b929SDavid van Moolenbroek	return 0;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_outbuf_cb(struct evbuffer *buf,
*e985b929SDavid van Moolenbroek    const struct evbuffer_cb_info *cbinfo, void *arg)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = arg;
*e985b929SDavid van Moolenbroek	int r = 0;
*e985b929SDavid van Moolenbroek	/* XXX need to hold a reference here. */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) {
*e985b929SDavid van Moolenbroek		if (cbinfo->orig_size == 0)
*e985b929SDavid van Moolenbroek			r = _bufferevent_add_event(&bev_ssl->bev.bev.ev_write,
*e985b929SDavid van Moolenbroek			    &bev_ssl->bev.bev.timeout_write);
*e985b929SDavid van Moolenbroek		consider_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	/* XXX Handle r < 0 */
*e985b929SDavid van Moolenbroek        (void)r;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbe_openssl_enable(struct bufferevent *bev, short events)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek	int r1 = 0, r2 = 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->state != BUFFEREVENT_SSL_OPEN)
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (events & EV_READ)
*e985b929SDavid van Moolenbroek		r1 = start_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	if (events & EV_WRITE)
*e985b929SDavid van Moolenbroek		r2 = start_writing(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		if (events & EV_READ)
*e985b929SDavid van Moolenbroek			BEV_RESET_GENERIC_READ_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek		if (events & EV_WRITE)
*e985b929SDavid van Moolenbroek			BEV_RESET_GENERIC_WRITE_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek		if (events & EV_READ)
*e985b929SDavid van Moolenbroek			consider_reading(bev_ssl);
*e985b929SDavid van Moolenbroek		if (events & EV_WRITE)
*e985b929SDavid van Moolenbroek			consider_writing(bev_ssl);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return (r1 < 0 || r2 < 0) ? -1 : 0;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbe_openssl_disable(struct bufferevent *bev, short events)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek	if (bev_ssl->state != BUFFEREVENT_SSL_OPEN)
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (events & EV_READ)
*e985b929SDavid van Moolenbroek		stop_reading(bev_ssl);
*e985b929SDavid van Moolenbroek	if (events & EV_WRITE)
*e985b929SDavid van Moolenbroek		stop_writing(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		if (events & EV_READ)
*e985b929SDavid van Moolenbroek			BEV_DEL_GENERIC_READ_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek		if (events & EV_WRITE)
*e985b929SDavid van Moolenbroek			BEV_DEL_GENERIC_WRITE_TIMEOUT(bev);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	return 0;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic void
*e985b929SDavid van Moolenbroekbe_openssl_destruct(struct bufferevent *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek		_bufferevent_del_generic_timeout_cbs(bev);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		event_del(&bev->ev_read);
*e985b929SDavid van Moolenbroek		event_del(&bev->ev_write);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) {
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek			if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) {
*e985b929SDavid van Moolenbroek				event_warnx("BEV_OPT_CLOSE_ON_FREE set on an "
*e985b929SDavid van Moolenbroek				    "bufferevent with too few references");
*e985b929SDavid van Moolenbroek			} else {
*e985b929SDavid van Moolenbroek				bufferevent_free(bev_ssl->underlying);
*e985b929SDavid van Moolenbroek				bev_ssl->underlying = NULL;
*e985b929SDavid van Moolenbroek			}
*e985b929SDavid van Moolenbroek		} else {
*e985b929SDavid van Moolenbroek			evutil_socket_t fd = -1;
*e985b929SDavid van Moolenbroek			BIO *bio = SSL_get_wbio(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek			if (bio)
*e985b929SDavid van Moolenbroek				fd = BIO_get_fd(bio, NULL);
*e985b929SDavid van Moolenbroek			if (fd >= 0)
*e985b929SDavid van Moolenbroek				evutil_closesocket(fd);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		SSL_free(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying) {
*e985b929SDavid van Moolenbroek			if (bev_ssl->underlying->errorcb == be_openssl_eventcb)
*e985b929SDavid van Moolenbroek				bufferevent_setcb(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek				    NULL,NULL,NULL,NULL);
*e985b929SDavid van Moolenbroek			bufferevent_unsuspend_read(bev_ssl->underlying,
*e985b929SDavid van Moolenbroek			    BEV_SUSPEND_FILT_READ);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbe_openssl_adj_timeouts(struct bufferevent *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bev_ssl->underlying)
*e985b929SDavid van Moolenbroek		return _bufferevent_generic_adj_timeouts(bev);
*e985b929SDavid van Moolenbroek	else {
*e985b929SDavid van Moolenbroek		int r1=0, r2=0;
*e985b929SDavid van Moolenbroek		if (event_pending(&bev->ev_read, EV_READ, NULL))
*e985b929SDavid van Moolenbroek			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
*e985b929SDavid van Moolenbroek		if (event_pending(&bev->ev_write, EV_WRITE, NULL))
*e985b929SDavid van Moolenbroek			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
*e985b929SDavid van Moolenbroek		return (r1<0 || r2<0) ? -1 : 0;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbe_openssl_flush(struct bufferevent *bufev,
*e985b929SDavid van Moolenbroek    short iotype, enum bufferevent_flush_mode mode)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	/* XXXX Implement this. */
*e985b929SDavid van Moolenbroek	return 0;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic int
*e985b929SDavid van Moolenbroekbe_openssl_ctrl(struct bufferevent *bev,
*e985b929SDavid van Moolenbroek    enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek	switch (op) {
*e985b929SDavid van Moolenbroek	case BEV_CTRL_SET_FD:
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		{
*e985b929SDavid van Moolenbroek			BIO *bio;
*e985b929SDavid van Moolenbroek			bio = BIO_new_socket(data->fd, 0);
*e985b929SDavid van Moolenbroek			SSL_set_bio(bev_ssl->ssl, bio, bio);
*e985b929SDavid van Moolenbroek			bev_ssl->fd_is_set = 1;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		if (bev_ssl->state == BUFFEREVENT_SSL_OPEN)
*e985b929SDavid van Moolenbroek			return set_open_callbacks(bev_ssl, data->fd);
*e985b929SDavid van Moolenbroek		else {
*e985b929SDavid van Moolenbroek			return set_handshake_callbacks(bev_ssl, data->fd);
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	case BEV_CTRL_GET_FD:
*e985b929SDavid van Moolenbroek		if (bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		if (!bev_ssl->fd_is_set)
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		data->fd = event_get_fd(&bev->ev_read);
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	case BEV_CTRL_GET_UNDERLYING:
*e985b929SDavid van Moolenbroek		if (!bev_ssl->underlying)
*e985b929SDavid van Moolenbroek			return -1;
*e985b929SDavid van Moolenbroek		data->ptr = bev_ssl->underlying;
*e985b929SDavid van Moolenbroek		return 0;
*e985b929SDavid van Moolenbroek	case BEV_CTRL_CANCEL_ALL:
*e985b929SDavid van Moolenbroek	default:
*e985b929SDavid van Moolenbroek		return -1;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van MoolenbroekSSL *
*e985b929SDavid van Moolenbroekbufferevent_openssl_get_ssl(struct bufferevent *bufev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = upcast(bufev);
*e985b929SDavid van Moolenbroek	if (!bev_ssl)
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek	return bev_ssl->ssl;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstatic struct bufferevent *
*e985b929SDavid van Moolenbroekbufferevent_openssl_new_impl(struct event_base *base,
*e985b929SDavid van Moolenbroek    struct bufferevent *underlying,
*e985b929SDavid van Moolenbroek    evutil_socket_t fd,
*e985b929SDavid van Moolenbroek    SSL *ssl,
*e985b929SDavid van Moolenbroek    enum bufferevent_ssl_state state,
*e985b929SDavid van Moolenbroek    int options)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl = NULL;
*e985b929SDavid van Moolenbroek	struct bufferevent_private *bev_p = NULL;
*e985b929SDavid van Moolenbroek	int tmp_options = options & ~BEV_OPT_THREADSAFE;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (underlying != NULL && fd >= 0)
*e985b929SDavid van Moolenbroek		return NULL; /* Only one can be set. */
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl))))
*e985b929SDavid van Moolenbroek		goto err;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	bev_p = &bev_ssl->bev;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bufferevent_init_common(bev_p, base,
*e985b929SDavid van Moolenbroek		&bufferevent_ops_openssl, tmp_options) < 0)
*e985b929SDavid van Moolenbroek		goto err;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	/* Don't explode if we decide to realloc a chunk we're writing from in
*e985b929SDavid van Moolenbroek	 * the output buffer. */
*e985b929SDavid van Moolenbroek	SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	bev_ssl->underlying = underlying;
*e985b929SDavid van Moolenbroek	bev_ssl->ssl = ssl;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output,
*e985b929SDavid van Moolenbroek	    be_openssl_outbuf_cb, bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (options & BEV_OPT_THREADSAFE)
*e985b929SDavid van Moolenbroek		bufferevent_enable_locking(&bev_ssl->bev.bev, NULL);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (underlying) {
*e985b929SDavid van Moolenbroek		_bufferevent_init_generic_timeout_cbs(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek		bufferevent_incref(underlying);
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	bev_ssl->state = state;
*e985b929SDavid van Moolenbroek	bev_ssl->last_write = -1;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	init_bio_counts(bev_ssl);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	switch (state) {
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_ACCEPTING:
*e985b929SDavid van Moolenbroek		SSL_set_accept_state(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek		if (set_handshake_callbacks(bev_ssl, fd) < 0)
*e985b929SDavid van Moolenbroek			goto err;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_CONNECTING:
*e985b929SDavid van Moolenbroek		SSL_set_connect_state(bev_ssl->ssl);
*e985b929SDavid van Moolenbroek		if (set_handshake_callbacks(bev_ssl, fd) < 0)
*e985b929SDavid van Moolenbroek			goto err;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	case BUFFEREVENT_SSL_OPEN:
*e985b929SDavid van Moolenbroek		if (set_open_callbacks(bev_ssl, fd) < 0)
*e985b929SDavid van Moolenbroek			goto err;
*e985b929SDavid van Moolenbroek		break;
*e985b929SDavid van Moolenbroek	default:
*e985b929SDavid van Moolenbroek		goto err;
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (underlying) {
*e985b929SDavid van Moolenbroek		bufferevent_setwatermark(underlying, EV_READ, 0, 0);
*e985b929SDavid van Moolenbroek		bufferevent_enable(underlying, EV_READ|EV_WRITE);
*e985b929SDavid van Moolenbroek		if (state == BUFFEREVENT_SSL_OPEN)
*e985b929SDavid van Moolenbroek			bufferevent_suspend_read(underlying,
*e985b929SDavid van Moolenbroek			    BEV_SUSPEND_FILT_READ);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE;
*e985b929SDavid van Moolenbroek		if (bev_ssl->fd_is_set) {
*e985b929SDavid van Moolenbroek			if (state != BUFFEREVENT_SSL_OPEN)
*e985b929SDavid van Moolenbroek				if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0)
*e985b929SDavid van Moolenbroek					goto err;
*e985b929SDavid van Moolenbroek			if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0)
*e985b929SDavid van Moolenbroek				goto err;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return &bev_ssl->bev.bev;
*e985b929SDavid van Moolenbroekerr:
*e985b929SDavid van Moolenbroek	if (bev_ssl)
*e985b929SDavid van Moolenbroek		bufferevent_free(&bev_ssl->bev.bev);
*e985b929SDavid van Moolenbroek	return NULL;
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstruct bufferevent *
*e985b929SDavid van Moolenbroekbufferevent_openssl_filter_new(struct event_base *base,
*e985b929SDavid van Moolenbroek    struct bufferevent *underlying,
*e985b929SDavid van Moolenbroek    SSL *ssl,
*e985b929SDavid van Moolenbroek    enum bufferevent_ssl_state state,
*e985b929SDavid van Moolenbroek    int options)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	/* We don't tell the BIO to close the bufferevent; we do it ourselves
*e985b929SDavid van Moolenbroek	 * on be_openssl_destruct */
*e985b929SDavid van Moolenbroek	int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */
*e985b929SDavid van Moolenbroek	BIO *bio;
*e985b929SDavid van Moolenbroek	if (!underlying)
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek	if (!(bio = BIO_new_bufferevent(underlying, close_flag)))
*e985b929SDavid van Moolenbroek		return NULL;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	SSL_set_bio(ssl, bio, bio);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return bufferevent_openssl_new_impl(
*e985b929SDavid van Moolenbroek		base, underlying, -1, ssl, state, options);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekstruct bufferevent *
*e985b929SDavid van Moolenbroekbufferevent_openssl_socket_new(struct event_base *base,
*e985b929SDavid van Moolenbroek    evutil_socket_t fd,
*e985b929SDavid van Moolenbroek    SSL *ssl,
*e985b929SDavid van Moolenbroek    enum bufferevent_ssl_state state,
*e985b929SDavid van Moolenbroek    int options)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	/* Does the SSL already have an fd? */
*e985b929SDavid van Moolenbroek	BIO *bio = SSL_get_wbio(ssl);
*e985b929SDavid van Moolenbroek	long have_fd = -1;
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (bio)
*e985b929SDavid van Moolenbroek		have_fd = BIO_get_fd(bio, NULL);
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	if (have_fd >= 0) {
*e985b929SDavid van Moolenbroek		/* The SSL is already configured with an fd. */
*e985b929SDavid van Moolenbroek		if (fd < 0) {
*e985b929SDavid van Moolenbroek			/* We should learn the fd from the SSL. */
*e985b929SDavid van Moolenbroek			fd = (evutil_socket_t) have_fd;
*e985b929SDavid van Moolenbroek		} else if (have_fd == (long)fd) {
*e985b929SDavid van Moolenbroek			/* We already know the fd from the SSL; do nothing */
*e985b929SDavid van Moolenbroek		} else {
*e985b929SDavid van Moolenbroek			/* We specified an fd different from that of the SSL.
*e985b929SDavid van Moolenbroek			   This is probably an error on our part.  Fail. */
*e985b929SDavid van Moolenbroek			return NULL;
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek		(void) BIO_set_close(bio, 0);
*e985b929SDavid van Moolenbroek	} else {
*e985b929SDavid van Moolenbroek		/* The SSL isn't configured with a BIO with an fd. */
*e985b929SDavid van Moolenbroek		if (fd >= 0) {
*e985b929SDavid van Moolenbroek			/* ... and we have an fd we want to use. */
*e985b929SDavid van Moolenbroek			bio = BIO_new_socket(fd, 0);
*e985b929SDavid van Moolenbroek			SSL_set_bio(ssl, bio, bio);
*e985b929SDavid van Moolenbroek		} else {
*e985b929SDavid van Moolenbroek			/* Leave the fd unset. */
*e985b929SDavid van Moolenbroek		}
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroek	return bufferevent_openssl_new_impl(
*e985b929SDavid van Moolenbroek		base, NULL, fd, ssl, state, options);
*e985b929SDavid van Moolenbroek}
*e985b929SDavid van Moolenbroek
*e985b929SDavid van Moolenbroekunsigned long
*e985b929SDavid van Moolenbroekbufferevent_get_openssl_error(struct bufferevent *bev)
*e985b929SDavid van Moolenbroek{
*e985b929SDavid van Moolenbroek	unsigned long err = 0;
*e985b929SDavid van Moolenbroek	struct bufferevent_openssl *bev_ssl;
*e985b929SDavid van Moolenbroek	BEV_LOCK(bev);
*e985b929SDavid van Moolenbroek	bev_ssl = upcast(bev);
*e985b929SDavid van Moolenbroek	if (bev_ssl && bev_ssl->n_errors) {
*e985b929SDavid van Moolenbroek		err = bev_ssl->errors[--bev_ssl->n_errors];
*e985b929SDavid van Moolenbroek	}
*e985b929SDavid van Moolenbroek	BEV_UNLOCK(bev);
*e985b929SDavid van Moolenbroek	return err;
*e985b929SDavid van Moolenbroek}