1 /* 2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <errno.h> 14 #include <openssl/crypto.h> 15 #include "internal/bio.h" 16 #include <openssl/err.h> 17 #include "ssl_locl.h" 18 19 static int ssl_write(BIO *h, const char *buf, int num); 20 static int ssl_read(BIO *h, char *buf, int size); 21 static int ssl_puts(BIO *h, const char *str); 22 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 23 static int ssl_new(BIO *h); 24 static int ssl_free(BIO *data); 25 static long ssl_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); 26 typedef struct bio_ssl_st { 27 SSL *ssl; /* The ssl handle :-) */ 28 /* re-negotiate every time the total number of bytes is this size */ 29 int num_renegotiates; 30 unsigned long renegotiate_count; 31 unsigned long byte_count; 32 unsigned long renegotiate_timeout; 33 unsigned long last_time; 34 } BIO_SSL; 35 36 static const BIO_METHOD methods_sslp = { 37 BIO_TYPE_SSL, 38 "ssl", 39 ssl_write, 40 ssl_read, 41 ssl_puts, 42 NULL, /* ssl_gets, */ 43 ssl_ctrl, 44 ssl_new, 45 ssl_free, 46 ssl_callback_ctrl, 47 }; 48 49 const BIO_METHOD *BIO_f_ssl(void) 50 { 51 return (&methods_sslp); 52 } 53 54 static int ssl_new(BIO *bi) 55 { 56 BIO_SSL *bs = OPENSSL_zalloc(sizeof(*bs)); 57 58 if (bs == NULL) { 59 BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); 60 return (0); 61 } 62 BIO_set_init(bi, 0); 63 BIO_set_data(bi, bs); 64 /* Clear all flags */ 65 BIO_clear_flags(bi, ~0); 66 67 return 1; 68 } 69 70 static int ssl_free(BIO *a) 71 { 72 BIO_SSL *bs; 73 74 if (a == NULL) 75 return (0); 76 bs = BIO_get_data(a); 77 if (bs->ssl != NULL) 78 SSL_shutdown(bs->ssl); 79 if (BIO_get_shutdown(a)) { 80 if (BIO_get_init(a)) 81 SSL_free(bs->ssl); 82 /* Clear all flags */ 83 BIO_clear_flags(a, ~0); 84 BIO_set_init(a, 0); 85 } 86 OPENSSL_free(bs); 87 return 1; 88 } 89 90 static int ssl_read(BIO *b, char *out, int outl) 91 { 92 int ret = 1; 93 BIO_SSL *sb; 94 SSL *ssl; 95 int retry_reason = 0; 96 int r = 0; 97 98 if (out == NULL) 99 return (0); 100 sb = BIO_get_data(b); 101 ssl = sb->ssl; 102 103 BIO_clear_retry_flags(b); 104 105 ret = SSL_read(ssl, out, outl); 106 107 switch (SSL_get_error(ssl, ret)) { 108 case SSL_ERROR_NONE: 109 if (ret <= 0) 110 break; 111 if (sb->renegotiate_count > 0) { 112 sb->byte_count += ret; 113 if (sb->byte_count > sb->renegotiate_count) { 114 sb->byte_count = 0; 115 sb->num_renegotiates++; 116 SSL_renegotiate(ssl); 117 r = 1; 118 } 119 } 120 if ((sb->renegotiate_timeout > 0) && (!r)) { 121 unsigned long tm; 122 123 tm = (unsigned long)time(NULL); 124 if (tm > sb->last_time + sb->renegotiate_timeout) { 125 sb->last_time = tm; 126 sb->num_renegotiates++; 127 SSL_renegotiate(ssl); 128 } 129 } 130 131 break; 132 case SSL_ERROR_WANT_READ: 133 BIO_set_retry_read(b); 134 break; 135 case SSL_ERROR_WANT_WRITE: 136 BIO_set_retry_write(b); 137 break; 138 case SSL_ERROR_WANT_X509_LOOKUP: 139 BIO_set_retry_special(b); 140 retry_reason = BIO_RR_SSL_X509_LOOKUP; 141 break; 142 case SSL_ERROR_WANT_ACCEPT: 143 BIO_set_retry_special(b); 144 retry_reason = BIO_RR_ACCEPT; 145 break; 146 case SSL_ERROR_WANT_CONNECT: 147 BIO_set_retry_special(b); 148 retry_reason = BIO_RR_CONNECT; 149 break; 150 case SSL_ERROR_SYSCALL: 151 case SSL_ERROR_SSL: 152 case SSL_ERROR_ZERO_RETURN: 153 default: 154 break; 155 } 156 157 BIO_set_retry_reason(b, retry_reason); 158 return (ret); 159 } 160 161 static int ssl_write(BIO *b, const char *out, int outl) 162 { 163 int ret, r = 0; 164 int retry_reason = 0; 165 SSL *ssl; 166 BIO_SSL *bs; 167 168 if (out == NULL) 169 return (0); 170 bs = BIO_get_data(b); 171 ssl = bs->ssl; 172 173 BIO_clear_retry_flags(b); 174 175 /* 176 * ret=SSL_do_handshake(ssl); if (ret > 0) 177 */ 178 ret = SSL_write(ssl, out, outl); 179 180 switch (SSL_get_error(ssl, ret)) { 181 case SSL_ERROR_NONE: 182 if (ret <= 0) 183 break; 184 if (bs->renegotiate_count > 0) { 185 bs->byte_count += ret; 186 if (bs->byte_count > bs->renegotiate_count) { 187 bs->byte_count = 0; 188 bs->num_renegotiates++; 189 SSL_renegotiate(ssl); 190 r = 1; 191 } 192 } 193 if ((bs->renegotiate_timeout > 0) && (!r)) { 194 unsigned long tm; 195 196 tm = (unsigned long)time(NULL); 197 if (tm > bs->last_time + bs->renegotiate_timeout) { 198 bs->last_time = tm; 199 bs->num_renegotiates++; 200 SSL_renegotiate(ssl); 201 } 202 } 203 break; 204 case SSL_ERROR_WANT_WRITE: 205 BIO_set_retry_write(b); 206 break; 207 case SSL_ERROR_WANT_READ: 208 BIO_set_retry_read(b); 209 break; 210 case SSL_ERROR_WANT_X509_LOOKUP: 211 BIO_set_retry_special(b); 212 retry_reason = BIO_RR_SSL_X509_LOOKUP; 213 break; 214 case SSL_ERROR_WANT_CONNECT: 215 BIO_set_retry_special(b); 216 retry_reason = BIO_RR_CONNECT; 217 case SSL_ERROR_SYSCALL: 218 case SSL_ERROR_SSL: 219 default: 220 break; 221 } 222 223 BIO_set_retry_reason(b, retry_reason); 224 return ret; 225 } 226 227 static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 228 { 229 SSL **sslp, *ssl; 230 BIO_SSL *bs, *dbs; 231 BIO *dbio, *bio; 232 long ret = 1; 233 BIO *next; 234 235 bs = BIO_get_data(b); 236 next = BIO_next(b); 237 ssl = bs->ssl; 238 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 239 return (0); 240 switch (cmd) { 241 case BIO_CTRL_RESET: 242 SSL_shutdown(ssl); 243 244 if (ssl->handshake_func == ssl->method->ssl_connect) 245 SSL_set_connect_state(ssl); 246 else if (ssl->handshake_func == ssl->method->ssl_accept) 247 SSL_set_accept_state(ssl); 248 249 if (!SSL_clear(ssl)) { 250 ret = 0; 251 break; 252 } 253 254 if (next != NULL) 255 ret = BIO_ctrl(next, cmd, num, ptr); 256 else if (ssl->rbio != NULL) 257 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 258 else 259 ret = 1; 260 break; 261 case BIO_CTRL_INFO: 262 ret = 0; 263 break; 264 case BIO_C_SSL_MODE: 265 if (num) /* client mode */ 266 SSL_set_connect_state(ssl); 267 else 268 SSL_set_accept_state(ssl); 269 break; 270 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 271 ret = bs->renegotiate_timeout; 272 if (num < 60) 273 num = 5; 274 bs->renegotiate_timeout = (unsigned long)num; 275 bs->last_time = (unsigned long)time(NULL); 276 break; 277 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 278 ret = bs->renegotiate_count; 279 if ((long)num >= 512) 280 bs->renegotiate_count = (unsigned long)num; 281 break; 282 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 283 ret = bs->num_renegotiates; 284 break; 285 case BIO_C_SET_SSL: 286 if (ssl != NULL) { 287 ssl_free(b); 288 if (!ssl_new(b)) 289 return 0; 290 } 291 BIO_set_shutdown(b, num); 292 ssl = (SSL *)ptr; 293 bs->ssl = ssl; 294 bio = SSL_get_rbio(ssl); 295 if (bio != NULL) { 296 if (next != NULL) 297 BIO_push(bio, next); 298 BIO_set_next(b, bio); 299 BIO_up_ref(bio); 300 } 301 BIO_set_init(b, 1); 302 break; 303 case BIO_C_GET_SSL: 304 if (ptr != NULL) { 305 sslp = (SSL **)ptr; 306 *sslp = ssl; 307 } else 308 ret = 0; 309 break; 310 case BIO_CTRL_GET_CLOSE: 311 ret = BIO_get_shutdown(b); 312 break; 313 case BIO_CTRL_SET_CLOSE: 314 BIO_set_shutdown(b, (int)num); 315 break; 316 case BIO_CTRL_WPENDING: 317 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 318 break; 319 case BIO_CTRL_PENDING: 320 ret = SSL_pending(ssl); 321 if (ret == 0) 322 ret = BIO_pending(ssl->rbio); 323 break; 324 case BIO_CTRL_FLUSH: 325 BIO_clear_retry_flags(b); 326 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 327 BIO_copy_next_retry(b); 328 break; 329 case BIO_CTRL_PUSH: 330 if ((next != NULL) && (next != ssl->rbio)) { 331 /* 332 * We are going to pass ownership of next to the SSL object...but 333 * we don't own a reference to pass yet - so up ref 334 */ 335 BIO_up_ref(next); 336 SSL_set_bio(ssl, next, next); 337 } 338 break; 339 case BIO_CTRL_POP: 340 /* Only detach if we are the BIO explicitly being popped */ 341 if (b == ptr) { 342 /* This will clear the reference we obtained during push */ 343 SSL_set_bio(ssl, NULL, NULL); 344 } 345 break; 346 case BIO_C_DO_STATE_MACHINE: 347 BIO_clear_retry_flags(b); 348 349 BIO_set_retry_reason(b, 0); 350 ret = (int)SSL_do_handshake(ssl); 351 352 switch (SSL_get_error(ssl, (int)ret)) { 353 case SSL_ERROR_WANT_READ: 354 BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY); 355 break; 356 case SSL_ERROR_WANT_WRITE: 357 BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY); 358 break; 359 case SSL_ERROR_WANT_CONNECT: 360 BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL | BIO_FLAGS_SHOULD_RETRY); 361 BIO_set_retry_reason(b, BIO_get_retry_reason(next)); 362 break; 363 case SSL_ERROR_WANT_X509_LOOKUP: 364 BIO_set_retry_special(b); 365 BIO_set_retry_reason(b, BIO_RR_SSL_X509_LOOKUP); 366 break; 367 default: 368 break; 369 } 370 break; 371 case BIO_CTRL_DUP: 372 dbio = (BIO *)ptr; 373 dbs = BIO_get_data(dbio); 374 SSL_free(dbs->ssl); 375 dbs->ssl = SSL_dup(ssl); 376 dbs->num_renegotiates = bs->num_renegotiates; 377 dbs->renegotiate_count = bs->renegotiate_count; 378 dbs->byte_count = bs->byte_count; 379 dbs->renegotiate_timeout = bs->renegotiate_timeout; 380 dbs->last_time = bs->last_time; 381 ret = (dbs->ssl != NULL); 382 break; 383 case BIO_C_GET_FD: 384 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 385 break; 386 case BIO_CTRL_SET_CALLBACK: 387 { 388 #if 0 /* FIXME: Should this be used? -- Richard 389 * Levitte */ 390 SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 391 ret = -1; 392 #else 393 ret = 0; 394 #endif 395 } 396 break; 397 default: 398 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 399 break; 400 } 401 return (ret); 402 } 403 404 static long ssl_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) 405 { 406 SSL *ssl; 407 BIO_SSL *bs; 408 long ret = 1; 409 410 bs = BIO_get_data(b); 411 ssl = bs->ssl; 412 switch (cmd) { 413 case BIO_CTRL_SET_CALLBACK: 414 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 415 break; 416 default: 417 ret = 0; 418 break; 419 } 420 return (ret); 421 } 422 423 static int ssl_puts(BIO *bp, const char *str) 424 { 425 int n, ret; 426 427 n = strlen(str); 428 ret = BIO_write(bp, str, n); 429 return (ret); 430 } 431 432 BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 433 { 434 #ifndef OPENSSL_NO_SOCK 435 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 436 437 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 438 return (NULL); 439 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 440 goto err; 441 if ((ret = BIO_push(buf, ssl)) == NULL) 442 goto err; 443 return (ret); 444 err: 445 BIO_free(buf); 446 BIO_free(ssl); 447 #endif 448 return (NULL); 449 } 450 451 BIO *BIO_new_ssl_connect(SSL_CTX *ctx) 452 { 453 #ifndef OPENSSL_NO_SOCK 454 BIO *ret = NULL, *con = NULL, *ssl = NULL; 455 456 if ((con = BIO_new(BIO_s_connect())) == NULL) 457 return (NULL); 458 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 459 goto err; 460 if ((ret = BIO_push(ssl, con)) == NULL) 461 goto err; 462 return (ret); 463 err: 464 BIO_free(con); 465 #endif 466 return (NULL); 467 } 468 469 BIO *BIO_new_ssl(SSL_CTX *ctx, int client) 470 { 471 BIO *ret; 472 SSL *ssl; 473 474 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 475 return (NULL); 476 if ((ssl = SSL_new(ctx)) == NULL) { 477 BIO_free(ret); 478 return (NULL); 479 } 480 if (client) 481 SSL_set_connect_state(ssl); 482 else 483 SSL_set_accept_state(ssl); 484 485 BIO_set_ssl(ret, ssl, BIO_CLOSE); 486 return (ret); 487 } 488 489 int BIO_ssl_copy_session_id(BIO *t, BIO *f) 490 { 491 BIO_SSL *tdata, *fdata; 492 t = BIO_find_type(t, BIO_TYPE_SSL); 493 f = BIO_find_type(f, BIO_TYPE_SSL); 494 if ((t == NULL) || (f == NULL)) 495 return 0; 496 tdata = BIO_get_data(t); 497 fdata = BIO_get_data(f); 498 if ((tdata->ssl == NULL) || (fdata->ssl == NULL)) 499 return (0); 500 if (!SSL_copy_session_id(tdata->ssl, (fdata->ssl))) 501 return 0; 502 return (1); 503 } 504 505 void BIO_ssl_shutdown(BIO *b) 506 { 507 BIO_SSL *bdata; 508 509 for (; b != NULL; b = BIO_next(b)) { 510 if (BIO_method_type(b) != BIO_TYPE_SSL) 511 continue; 512 bdata = BIO_get_data(b); 513 if (bdata != NULL && bdata->ssl != NULL) 514 SSL_shutdown(bdata->ssl); 515 } 516 } 517