1 /* $NetBSD: bufferevent_openssl.c,v 1.1.1.1 2013/12/27 23:31:17 christos Exp $ */ 2 3 /* 4 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include "event2/event-config.h" 30 #include "evconfig-private.h" 31 32 #include <sys/types.h> 33 34 #ifdef EVENT__HAVE_SYS_TIME_H 35 #include <sys/time.h> 36 #endif 37 38 #include <errno.h> 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <string.h> 42 #ifdef EVENT__HAVE_STDARG_H 43 #include <stdarg.h> 44 #endif 45 #ifdef EVENT__HAVE_UNISTD_H 46 #include <unistd.h> 47 #endif 48 49 #ifdef _WIN32 50 #include <winsock2.h> 51 #endif 52 53 #include "event2/bufferevent.h" 54 #include "event2/bufferevent_struct.h" 55 #include "event2/bufferevent_ssl.h" 56 #include "event2/buffer.h" 57 #include "event2/event.h" 58 59 #include "mm-internal.h" 60 #include "bufferevent-internal.h" 61 #include "log-internal.h" 62 63 #include <openssl/bio.h> 64 #include <openssl/ssl.h> 65 #include <openssl/err.h> 66 67 /* 68 * Define an OpenSSL bio that targets a bufferevent. 69 */ 70 71 /* -------------------- 72 A BIO is an OpenSSL abstraction that handles reading and writing data. The 73 library will happily speak SSL over anything that implements a BIO 74 interface. 75 76 Here we define a BIO implementation that directs its output to a 77 bufferevent. We'll want to use this only when none of OpenSSL's built-in 78 IO mechanisms work for us. 79 -------------------- */ 80 81 /* every BIO type needs its own integer type value. */ 82 #define BIO_TYPE_LIBEVENT 57 83 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on 84 * this. */ 85 86 #if 0 87 static void 88 print_err(int val) 89 { 90 int err; 91 printf("Error was %d\n", val); 92 93 while ((err = ERR_get_error())) { 94 const char *msg = (const char*)ERR_reason_error_string(err); 95 const char *lib = (const char*)ERR_lib_error_string(err); 96 const char *func = (const char*)ERR_func_error_string(err); 97 98 printf("%s in %s %s\n", msg, lib, func); 99 } 100 } 101 #else 102 #define print_err(v) ((void)0) 103 #endif 104 105 /* Called to initialize a new BIO */ 106 static int 107 bio_bufferevent_new(BIO *b) 108 { 109 b->init = 0; 110 b->num = -1; 111 b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ 112 b->flags = 0; 113 return 1; 114 } 115 116 /* Called to uninitialize the BIO. */ 117 static int 118 bio_bufferevent_free(BIO *b) 119 { 120 if (!b) 121 return 0; 122 if (b->shutdown) { 123 if (b->init && b->ptr) 124 bufferevent_free(b->ptr); 125 b->init = 0; 126 b->flags = 0; 127 b->ptr = NULL; 128 } 129 return 1; 130 } 131 132 /* Called to extract data from the BIO. */ 133 static int 134 bio_bufferevent_read(BIO *b, char *out, int outlen) 135 { 136 int r = 0; 137 struct evbuffer *input; 138 139 BIO_clear_retry_flags(b); 140 141 if (!out) 142 return 0; 143 if (!b->ptr) 144 return -1; 145 146 input = bufferevent_get_input(b->ptr); 147 if (evbuffer_get_length(input) == 0) { 148 /* If there's no data to read, say so. */ 149 BIO_set_retry_read(b); 150 return -1; 151 } else { 152 r = evbuffer_remove(input, out, outlen); 153 } 154 155 return r; 156 } 157 158 /* Called to write data info the BIO */ 159 static int 160 bio_bufferevent_write(BIO *b, const char *in, int inlen) 161 { 162 struct bufferevent *bufev = b->ptr; 163 struct evbuffer *output; 164 size_t outlen; 165 166 BIO_clear_retry_flags(b); 167 168 if (!b->ptr) 169 return -1; 170 171 output = bufferevent_get_output(bufev); 172 outlen = evbuffer_get_length(output); 173 174 /* Copy only as much data onto the output buffer as can fit under the 175 * high-water mark. */ 176 if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { 177 if (bufev->wm_write.high <= outlen) { 178 /* If no data can fit, we'll need to retry later. */ 179 BIO_set_retry_write(b); 180 return -1; 181 } 182 inlen = bufev->wm_write.high - outlen; 183 } 184 185 EVUTIL_ASSERT(inlen > 0); 186 evbuffer_add(output, in, inlen); 187 return inlen; 188 } 189 190 /* Called to handle various requests */ 191 static long 192 bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) 193 { 194 struct bufferevent *bufev = b->ptr; 195 long ret = 1; 196 197 switch (cmd) { 198 case BIO_CTRL_GET_CLOSE: 199 ret = b->shutdown; 200 break; 201 case BIO_CTRL_SET_CLOSE: 202 b->shutdown = (int)num; 203 break; 204 case BIO_CTRL_PENDING: 205 ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; 206 break; 207 case BIO_CTRL_WPENDING: 208 ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; 209 break; 210 /* XXXX These two are given a special-case treatment because 211 * of cargo-cultism. I should come up with a better reason. */ 212 case BIO_CTRL_DUP: 213 case BIO_CTRL_FLUSH: 214 ret = 1; 215 break; 216 default: 217 ret = 0; 218 break; 219 } 220 return ret; 221 } 222 223 /* Called to write a string to the BIO */ 224 static int 225 bio_bufferevent_puts(BIO *b, const char *s) 226 { 227 return bio_bufferevent_write(b, s, strlen(s)); 228 } 229 230 /* Method table for the bufferevent BIO */ 231 static BIO_METHOD methods_bufferevent = { 232 BIO_TYPE_LIBEVENT, "bufferevent", 233 bio_bufferevent_write, 234 bio_bufferevent_read, 235 bio_bufferevent_puts, 236 NULL /* bio_bufferevent_gets */, 237 bio_bufferevent_ctrl, 238 bio_bufferevent_new, 239 bio_bufferevent_free, 240 NULL /* callback_ctrl */, 241 }; 242 243 /* Return the method table for the bufferevents BIO */ 244 static BIO_METHOD * 245 BIO_s_bufferevent(void) 246 { 247 return &methods_bufferevent; 248 } 249 250 /* Create a new BIO to wrap communication around a bufferevent. If close_flag 251 * is true, the bufferevent will be freed when the BIO is closed. */ 252 static BIO * 253 BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) 254 { 255 BIO *result; 256 if (!bufferevent) 257 return NULL; 258 if (!(result = BIO_new(BIO_s_bufferevent()))) 259 return NULL; 260 result->init = 1; 261 result->ptr = bufferevent; 262 result->shutdown = close_flag ? 1 : 0; 263 return result; 264 } 265 266 /* -------------------- 267 Now, here's the OpenSSL-based implementation of bufferevent. 268 269 The implementation comes in two flavors: one that connects its SSL object 270 to an underlying bufferevent using a BIO_bufferevent, and one that has the 271 SSL object connect to a socket directly. The latter should generally be 272 faster, except on Windows, where your best bet is using a 273 bufferevent_async. 274 275 (OpenSSL supports many other BIO types, too. But we can't use any unless 276 we have a good way to get notified when they become readable/writable.) 277 -------------------- */ 278 279 struct bio_data_counts { 280 unsigned long n_written; 281 unsigned long n_read; 282 }; 283 284 struct bufferevent_openssl { 285 /* Shared fields with common bufferevent implementation code. 286 If we were set up with an underlying bufferevent, we use the 287 events here as timers only. If we have an SSL, then we use 288 the events as socket events. 289 */ 290 struct bufferevent_private bev; 291 /* An underlying bufferevent that we're directing our output to. 292 If it's NULL, then we're connected to an fd, not an evbuffer. */ 293 struct bufferevent *underlying; 294 /* The SSL object doing our encryption. */ 295 SSL *ssl; 296 297 /* A callback that's invoked when data arrives on our outbuf so we 298 know to write data to the SSL. */ 299 struct evbuffer_cb_entry *outbuf_cb; 300 301 /* A count of how much data the bios have read/written total. Used 302 for rate-limiting. */ 303 struct bio_data_counts counts; 304 305 /* If this value is greater than 0, then the last SSL_write blocked, 306 * and we need to try it again with this many bytes. */ 307 ev_ssize_t last_write; 308 309 #define NUM_ERRORS 3 310 ev_uint32_t errors[NUM_ERRORS]; 311 312 /* When we next get available space, we should say "read" instead of 313 "write". This can happen if there's a renegotiation during a read 314 operation. */ 315 unsigned read_blocked_on_write : 1; 316 /* When we next get data, we should say "write" instead of "read". */ 317 unsigned write_blocked_on_read : 1; 318 /* Treat TCP close before SSL close on SSL >= v3 as clean EOF. */ 319 unsigned allow_dirty_shutdown : 1; 320 /* XXXX */ 321 unsigned fd_is_set : 1; 322 /* XXX */ 323 unsigned n_errors : 2; 324 325 /* Are we currently connecting, accepting, or doing IO? */ 326 unsigned state : 2; 327 }; 328 329 static int be_openssl_enable(struct bufferevent *, short); 330 static int be_openssl_disable(struct bufferevent *, short); 331 static void be_openssl_destruct(struct bufferevent *); 332 static int be_openssl_adj_timeouts(struct bufferevent *); 333 static int be_openssl_flush(struct bufferevent *bufev, 334 short iotype, enum bufferevent_flush_mode mode); 335 static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); 336 337 const struct bufferevent_ops bufferevent_ops_openssl = { 338 "ssl", 339 evutil_offsetof(struct bufferevent_openssl, bev.bev), 340 be_openssl_enable, 341 be_openssl_disable, 342 be_openssl_destruct, 343 be_openssl_adj_timeouts, 344 be_openssl_flush, 345 be_openssl_ctrl, 346 }; 347 348 /* Given a bufferevent, return a pointer to the bufferevent_openssl that 349 * contains it, if any. */ 350 static inline struct bufferevent_openssl * 351 upcast(struct bufferevent *bev) 352 { 353 struct bufferevent_openssl *bev_o; 354 if (bev->be_ops != &bufferevent_ops_openssl) 355 return NULL; 356 bev_o = (void*)( ((char*)bev) - 357 evutil_offsetof(struct bufferevent_openssl, bev.bev)); 358 EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl); 359 return bev_o; 360 } 361 362 static inline void 363 put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) 364 { 365 if (bev_ssl->n_errors == NUM_ERRORS) 366 return; 367 /* The error type according to openssl is "unsigned long", but 368 openssl never uses more than 32 bits of it. It _can't_ use more 369 than 32 bits of it, since it needs to report errors on systems 370 where long is only 32 bits. 371 */ 372 bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; 373 } 374 375 /* Have the base communications channel (either the underlying bufferevent or 376 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag 377 * into account. */ 378 static int 379 start_reading(struct bufferevent_openssl *bev_ssl) 380 { 381 if (bev_ssl->underlying) { 382 bufferevent_unsuspend_read_(bev_ssl->underlying, 383 BEV_SUSPEND_FILT_READ); 384 return 0; 385 } else { 386 struct bufferevent *bev = &bev_ssl->bev.bev; 387 int r; 388 r = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 389 if (r == 0 && bev_ssl->read_blocked_on_write) 390 r = bufferevent_add_event_(&bev->ev_write, 391 &bev->timeout_write); 392 return r; 393 } 394 } 395 396 /* Have the base communications channel (either the underlying bufferevent or 397 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag 398 * into account. */ 399 static int 400 start_writing(struct bufferevent_openssl *bev_ssl) 401 { 402 int r = 0; 403 if (bev_ssl->underlying) { 404 ; 405 } else { 406 struct bufferevent *bev = &bev_ssl->bev.bev; 407 r = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 408 if (!r && bev_ssl->write_blocked_on_read) 409 r = bufferevent_add_event_(&bev->ev_read, 410 &bev->timeout_read); 411 } 412 return r; 413 } 414 415 static void 416 stop_reading(struct bufferevent_openssl *bev_ssl) 417 { 418 if (bev_ssl->write_blocked_on_read) 419 return; 420 if (bev_ssl->underlying) { 421 bufferevent_suspend_read_(bev_ssl->underlying, 422 BEV_SUSPEND_FILT_READ); 423 } else { 424 struct bufferevent *bev = &bev_ssl->bev.bev; 425 event_del(&bev->ev_read); 426 } 427 } 428 429 static void 430 stop_writing(struct bufferevent_openssl *bev_ssl) 431 { 432 if (bev_ssl->read_blocked_on_write) 433 return; 434 if (bev_ssl->underlying) { 435 ; 436 } else { 437 struct bufferevent *bev = &bev_ssl->bev.bev; 438 event_del(&bev->ev_write); 439 } 440 } 441 442 static int 443 set_rbow(struct bufferevent_openssl *bev_ssl) 444 { 445 if (!bev_ssl->underlying) 446 stop_reading(bev_ssl); 447 bev_ssl->read_blocked_on_write = 1; 448 return start_writing(bev_ssl); 449 } 450 451 static int 452 set_wbor(struct bufferevent_openssl *bev_ssl) 453 { 454 if (!bev_ssl->underlying) 455 stop_writing(bev_ssl); 456 bev_ssl->write_blocked_on_read = 1; 457 return start_reading(bev_ssl); 458 } 459 460 static int 461 clear_rbow(struct bufferevent_openssl *bev_ssl) 462 { 463 struct bufferevent *bev = &bev_ssl->bev.bev; 464 int r = 0; 465 bev_ssl->read_blocked_on_write = 0; 466 if (!(bev->enabled & EV_WRITE)) 467 stop_writing(bev_ssl); 468 if (bev->enabled & EV_READ) 469 r = start_reading(bev_ssl); 470 return r; 471 } 472 473 474 static int 475 clear_wbor(struct bufferevent_openssl *bev_ssl) 476 { 477 struct bufferevent *bev = &bev_ssl->bev.bev; 478 int r = 0; 479 bev_ssl->write_blocked_on_read = 0; 480 if (!(bev->enabled & EV_READ)) 481 stop_reading(bev_ssl); 482 if (bev->enabled & EV_WRITE) 483 r = start_writing(bev_ssl); 484 return r; 485 } 486 487 static void 488 conn_closed(struct bufferevent_openssl *bev_ssl, int when, int errcode, int ret) 489 { 490 int event = BEV_EVENT_ERROR; 491 int dirty_shutdown = 0; 492 unsigned long err; 493 494 switch (errcode) { 495 case SSL_ERROR_ZERO_RETURN: 496 /* Possibly a clean shutdown. */ 497 if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) 498 event = BEV_EVENT_EOF; 499 else 500 dirty_shutdown = 1; 501 break; 502 case SSL_ERROR_SYSCALL: 503 /* IO error; possibly a dirty shutdown. */ 504 if (ret == 0 && ERR_peek_error() == 0) 505 dirty_shutdown = 1; 506 break; 507 case SSL_ERROR_SSL: 508 /* Protocol error. */ 509 break; 510 case SSL_ERROR_WANT_X509_LOOKUP: 511 /* XXXX handle this. */ 512 break; 513 case SSL_ERROR_NONE: 514 case SSL_ERROR_WANT_READ: 515 case SSL_ERROR_WANT_WRITE: 516 case SSL_ERROR_WANT_CONNECT: 517 case SSL_ERROR_WANT_ACCEPT: 518 default: 519 /* should be impossible; treat as normal error. */ 520 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); 521 break; 522 } 523 524 while ((err = ERR_get_error())) { 525 put_error(bev_ssl, err); 526 } 527 528 if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) 529 event = BEV_EVENT_EOF; 530 531 stop_reading(bev_ssl); 532 stop_writing(bev_ssl); 533 534 /* when is BEV_EVENT_{READING|WRITING} */ 535 event = when | event; 536 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event); 537 } 538 539 static void 540 init_bio_counts(struct bufferevent_openssl *bev_ssl) 541 { 542 bev_ssl->counts.n_written = 543 BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 544 bev_ssl->counts.n_read = 545 BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 546 } 547 548 static inline void 549 decrement_buckets(struct bufferevent_openssl *bev_ssl) 550 { 551 unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 552 unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 553 /* These next two subtractions can wrap around. That's okay. */ 554 unsigned long w = num_w - bev_ssl->counts.n_written; 555 unsigned long r = num_r - bev_ssl->counts.n_read; 556 if (w) 557 bufferevent_decrement_write_buckets_(&bev_ssl->bev, w); 558 if (r) 559 bufferevent_decrement_read_buckets_(&bev_ssl->bev, r); 560 bev_ssl->counts.n_written = num_w; 561 bev_ssl->counts.n_read = num_r; 562 } 563 564 #define OP_MADE_PROGRESS 1 565 #define OP_BLOCKED 2 566 #define OP_ERR 4 567 568 /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if 569 we're now blocked); and OP_ERR (if an error occurred). */ 570 static int 571 do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { 572 /* Requires lock */ 573 struct bufferevent *bev = &bev_ssl->bev.bev; 574 struct evbuffer *input = bev->input; 575 int r, n, i, n_used = 0, atmost; 576 struct evbuffer_iovec space[2]; 577 int result = 0; 578 579 if (bev_ssl->bev.read_suspended) 580 return 0; 581 582 atmost = bufferevent_get_read_max_(&bev_ssl->bev); 583 if (n_to_read > atmost) 584 n_to_read = atmost; 585 586 n = evbuffer_reserve_space(input, n_to_read, space, 2); 587 if (n < 0) 588 return OP_ERR; 589 590 for (i=0; i<n; ++i) { 591 if (bev_ssl->bev.read_suspended) 592 break; 593 r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); 594 if (r>0) { 595 result |= OP_MADE_PROGRESS; 596 if (bev_ssl->read_blocked_on_write) 597 if (clear_rbow(bev_ssl) < 0) 598 return OP_ERR | result; 599 ++n_used; 600 space[i].iov_len = r; 601 decrement_buckets(bev_ssl); 602 } else { 603 int err = SSL_get_error(bev_ssl->ssl, r); 604 print_err(err); 605 switch (err) { 606 case SSL_ERROR_WANT_READ: 607 /* Can't read until underlying has more data. */ 608 if (bev_ssl->read_blocked_on_write) 609 if (clear_rbow(bev_ssl) < 0) 610 return OP_ERR | result; 611 break; 612 case SSL_ERROR_WANT_WRITE: 613 /* This read operation requires a write, and the 614 * underlying is full */ 615 if (!bev_ssl->read_blocked_on_write) 616 if (set_rbow(bev_ssl) < 0) 617 return OP_ERR | result; 618 break; 619 default: 620 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 621 break; 622 } 623 result |= OP_BLOCKED; 624 break; /* out of the loop */ 625 } 626 } 627 628 if (n_used) { 629 evbuffer_commit_space(input, space, n_used); 630 if (bev_ssl->underlying) 631 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 632 } 633 634 return result; 635 } 636 637 /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if 638 we're now blocked); and OP_ERR (if an error occurred). */ 639 static int 640 do_write(struct bufferevent_openssl *bev_ssl, int atmost) 641 { 642 int i, r, n, n_written = 0; 643 struct bufferevent *bev = &bev_ssl->bev.bev; 644 struct evbuffer *output = bev->output; 645 struct evbuffer_iovec space[8]; 646 int result = 0; 647 648 if (bev_ssl->last_write > 0) 649 atmost = bev_ssl->last_write; 650 else 651 atmost = bufferevent_get_write_max_(&bev_ssl->bev); 652 653 n = evbuffer_peek(output, atmost, NULL, space, 8); 654 if (n < 0) 655 return OP_ERR | result; 656 657 if (n > 8) 658 n = 8; 659 for (i=0; i < n; ++i) { 660 if (bev_ssl->bev.write_suspended) 661 break; 662 663 /* SSL_write will (reasonably) return 0 if we tell it to 664 send 0 data. Skip this case so we don't interpret the 665 result as an error */ 666 if (space[i].iov_len == 0) 667 continue; 668 669 r = SSL_write(bev_ssl->ssl, space[i].iov_base, 670 space[i].iov_len); 671 if (r > 0) { 672 result |= OP_MADE_PROGRESS; 673 if (bev_ssl->write_blocked_on_read) 674 if (clear_wbor(bev_ssl) < 0) 675 return OP_ERR | result; 676 n_written += r; 677 bev_ssl->last_write = -1; 678 decrement_buckets(bev_ssl); 679 } else { 680 int err = SSL_get_error(bev_ssl->ssl, r); 681 print_err(err); 682 switch (err) { 683 case SSL_ERROR_WANT_WRITE: 684 /* Can't read until underlying has more data. */ 685 if (bev_ssl->write_blocked_on_read) 686 if (clear_wbor(bev_ssl) < 0) 687 return OP_ERR | result; 688 bev_ssl->last_write = space[i].iov_len; 689 break; 690 case SSL_ERROR_WANT_READ: 691 /* This read operation requires a write, and the 692 * underlying is full */ 693 if (!bev_ssl->write_blocked_on_read) 694 if (set_wbor(bev_ssl) < 0) 695 return OP_ERR | result; 696 bev_ssl->last_write = space[i].iov_len; 697 break; 698 default: 699 conn_closed(bev_ssl, BEV_EVENT_WRITING, err, r); 700 bev_ssl->last_write = -1; 701 break; 702 } 703 result |= OP_BLOCKED; 704 break; 705 } 706 } 707 if (n_written) { 708 evbuffer_drain(output, n_written); 709 if (bev_ssl->underlying) 710 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 711 712 if (evbuffer_get_length(output) <= bev->wm_write.low) 713 bufferevent_run_writecb_(bev); 714 } 715 return result; 716 } 717 718 #define WRITE_FRAME 15000 719 720 #define READ_DEFAULT 4096 721 722 /* Try to figure out how many bytes to read; return 0 if we shouldn't be 723 * reading. */ 724 static int 725 bytes_to_read(struct bufferevent_openssl *bev) 726 { 727 struct evbuffer *input = bev->bev.bev.input; 728 struct event_watermark *wm = &bev->bev.bev.wm_read; 729 int result = READ_DEFAULT; 730 ev_ssize_t limit; 731 /* XXX 99% of this is generic code that nearly all bufferevents will 732 * want. */ 733 734 if (bev->write_blocked_on_read) { 735 return 0; 736 } 737 738 if (! (bev->bev.bev.enabled & EV_READ)) { 739 return 0; 740 } 741 742 if (bev->bev.read_suspended) { 743 return 0; 744 } 745 746 if (wm->high) { 747 if (evbuffer_get_length(input) >= wm->high) { 748 return 0; 749 } 750 751 result = wm->high - evbuffer_get_length(input); 752 } else { 753 result = READ_DEFAULT; 754 } 755 756 /* Respect the rate limit */ 757 limit = bufferevent_get_read_max_(&bev->bev); 758 if (result > limit) { 759 result = limit; 760 } 761 762 return result; 763 } 764 765 766 /* Things look readable. If write is blocked on read, write till it isn't. 767 * Read from the underlying buffer until we block or we hit our high-water 768 * mark. 769 */ 770 static void 771 consider_reading(struct bufferevent_openssl *bev_ssl) 772 { 773 int r; 774 int n_to_read; 775 int all_result_flags = 0; 776 777 while (bev_ssl->write_blocked_on_read) { 778 r = do_write(bev_ssl, WRITE_FRAME); 779 if (r & (OP_BLOCKED|OP_ERR)) 780 break; 781 } 782 if (bev_ssl->write_blocked_on_read) 783 return; 784 785 n_to_read = bytes_to_read(bev_ssl); 786 787 while (n_to_read) { 788 r = do_read(bev_ssl, n_to_read); 789 all_result_flags |= r; 790 791 if (r & (OP_BLOCKED|OP_ERR)) 792 break; 793 794 if (bev_ssl->bev.read_suspended) 795 break; 796 797 /* Read all pending data. This won't hit the network 798 * again, and will (most importantly) put us in a state 799 * where we don't need to read anything else until the 800 * socket is readable again. It'll potentially make us 801 * overrun our read high-watermark (somewhat 802 * regrettable). The damage to the rate-limit has 803 * already been done, since OpenSSL went and read a 804 * whole SSL record anyway. */ 805 n_to_read = SSL_pending(bev_ssl->ssl); 806 807 /* XXX This if statement is actually a bad bug, added to avoid 808 * XXX a worse bug. 809 * 810 * The bad bug: It can potentially cause resource unfairness 811 * by reading too much data from the underlying bufferevent; 812 * it can potentially cause read looping if the underlying 813 * bufferevent is a bufferevent_pair and deferred callbacks 814 * aren't used. 815 * 816 * The worse bug: If we didn't do this, then we would 817 * potentially not read any more from bev_ssl->underlying 818 * until more data arrived there, which could lead to us 819 * waiting forever. 820 */ 821 if (!n_to_read && bev_ssl->underlying) 822 n_to_read = bytes_to_read(bev_ssl); 823 } 824 825 if (all_result_flags & OP_MADE_PROGRESS) { 826 struct bufferevent *bev = &bev_ssl->bev.bev; 827 struct evbuffer *input = bev->input; 828 829 if (evbuffer_get_length(input) >= bev->wm_read.low) { 830 bufferevent_run_readcb_(bev); 831 } 832 } 833 834 if (!bev_ssl->underlying) { 835 /* Should be redundant, but let's avoid busy-looping */ 836 if (bev_ssl->bev.read_suspended || 837 !(bev_ssl->bev.bev.enabled & EV_READ)) { 838 event_del(&bev_ssl->bev.bev.ev_read); 839 } 840 } 841 } 842 843 static void 844 consider_writing(struct bufferevent_openssl *bev_ssl) 845 { 846 int r; 847 struct evbuffer *output = bev_ssl->bev.bev.output; 848 struct evbuffer *target = NULL; 849 struct event_watermark *wm = NULL; 850 851 while (bev_ssl->read_blocked_on_write) { 852 r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ 853 if (r & OP_MADE_PROGRESS) { 854 struct bufferevent *bev = &bev_ssl->bev.bev; 855 struct evbuffer *input = bev->input; 856 857 if (evbuffer_get_length(input) >= bev->wm_read.low) { 858 bufferevent_run_readcb_(bev); 859 } 860 } 861 if (r & (OP_ERR|OP_BLOCKED)) 862 break; 863 } 864 if (bev_ssl->read_blocked_on_write) 865 return; 866 if (bev_ssl->underlying) { 867 target = bev_ssl->underlying->output; 868 wm = &bev_ssl->underlying->wm_write; 869 } 870 while ((bev_ssl->bev.bev.enabled & EV_WRITE) && 871 (! bev_ssl->bev.write_suspended) && 872 evbuffer_get_length(output) && 873 (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { 874 int n_to_write; 875 if (wm && wm->high) 876 n_to_write = wm->high - evbuffer_get_length(target); 877 else 878 n_to_write = WRITE_FRAME; 879 r = do_write(bev_ssl, n_to_write); 880 if (r & (OP_BLOCKED|OP_ERR)) 881 break; 882 } 883 884 if (!bev_ssl->underlying) { 885 if (evbuffer_get_length(output) == 0) { 886 event_del(&bev_ssl->bev.bev.ev_write); 887 } else if (bev_ssl->bev.write_suspended || 888 !(bev_ssl->bev.bev.enabled & EV_WRITE)) { 889 /* Should be redundant, but let's avoid busy-looping */ 890 event_del(&bev_ssl->bev.bev.ev_write); 891 } 892 } 893 } 894 895 static void 896 be_openssl_readcb(struct bufferevent *bev_base, void *ctx) 897 { 898 struct bufferevent_openssl *bev_ssl = ctx; 899 consider_reading(bev_ssl); 900 } 901 902 static void 903 be_openssl_writecb(struct bufferevent *bev_base, void *ctx) 904 { 905 struct bufferevent_openssl *bev_ssl = ctx; 906 consider_writing(bev_ssl); 907 } 908 909 static void 910 be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) 911 { 912 struct bufferevent_openssl *bev_ssl = ctx; 913 int event = 0; 914 915 if (what & BEV_EVENT_EOF) { 916 if (bev_ssl->allow_dirty_shutdown) 917 event = BEV_EVENT_EOF; 918 else 919 event = BEV_EVENT_ERROR; 920 } else if (what & BEV_EVENT_TIMEOUT) { 921 /* We sure didn't set this. Propagate it to the user. */ 922 event = what; 923 } else if (what & BEV_EVENT_ERROR) { 924 /* An error occurred on the connection. Propagate it to the user. */ 925 event = what; 926 } else if (what & BEV_EVENT_CONNECTED) { 927 /* Ignore it. We're saying SSL_connect() already, which will 928 eat it. */ 929 } 930 if (event) 931 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event); 932 } 933 934 static void 935 be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) 936 { 937 struct bufferevent_openssl *bev_ssl = ptr; 938 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 939 if (what == EV_TIMEOUT) { 940 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 941 BEV_EVENT_TIMEOUT|BEV_EVENT_READING); 942 } else { 943 consider_reading(bev_ssl); 944 } 945 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 946 } 947 948 static void 949 be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) 950 { 951 struct bufferevent_openssl *bev_ssl = ptr; 952 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 953 if (what == EV_TIMEOUT) { 954 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 955 BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING); 956 } else { 957 consider_writing(bev_ssl); 958 } 959 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 960 } 961 962 static int 963 set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 964 { 965 if (bev_ssl->underlying) { 966 bufferevent_setcb(bev_ssl->underlying, 967 be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, 968 bev_ssl); 969 return 0; 970 } else { 971 struct bufferevent *bev = &bev_ssl->bev.bev; 972 int rpending=0, wpending=0, r1=0, r2=0; 973 if (fd < 0 && bev_ssl->fd_is_set) 974 fd = event_get_fd(&bev->ev_read); 975 if (bev_ssl->fd_is_set) { 976 rpending = event_pending(&bev->ev_read, EV_READ, NULL); 977 wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); 978 event_del(&bev->ev_read); 979 event_del(&bev->ev_write); 980 } 981 event_assign(&bev->ev_read, bev->ev_base, fd, 982 EV_READ|EV_PERSIST, be_openssl_readeventcb, bev_ssl); 983 event_assign(&bev->ev_write, bev->ev_base, fd, 984 EV_WRITE|EV_PERSIST, be_openssl_writeeventcb, bev_ssl); 985 if (rpending) 986 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 987 if (wpending) 988 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 989 if (fd >= 0) { 990 bev_ssl->fd_is_set = 1; 991 } 992 return (r1<0 || r2<0) ? -1 : 0; 993 } 994 } 995 996 static int 997 do_handshake(struct bufferevent_openssl *bev_ssl) 998 { 999 int r; 1000 1001 switch (bev_ssl->state) { 1002 default: 1003 case BUFFEREVENT_SSL_OPEN: 1004 EVUTIL_ASSERT(0); 1005 return -1; 1006 case BUFFEREVENT_SSL_CONNECTING: 1007 case BUFFEREVENT_SSL_ACCEPTING: 1008 r = SSL_do_handshake(bev_ssl->ssl); 1009 break; 1010 } 1011 decrement_buckets(bev_ssl); 1012 1013 if (r==1) { 1014 /* We're done! */ 1015 bev_ssl->state = BUFFEREVENT_SSL_OPEN; 1016 set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */ 1017 /* Call do_read and do_write as needed */ 1018 bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); 1019 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 1020 BEV_EVENT_CONNECTED); 1021 return 1; 1022 } else { 1023 int err = SSL_get_error(bev_ssl->ssl, r); 1024 print_err(err); 1025 switch (err) { 1026 case SSL_ERROR_WANT_WRITE: 1027 if (!bev_ssl->underlying) { 1028 stop_reading(bev_ssl); 1029 return start_writing(bev_ssl); 1030 } 1031 return 0; 1032 case SSL_ERROR_WANT_READ: 1033 if (!bev_ssl->underlying) { 1034 stop_writing(bev_ssl); 1035 return start_reading(bev_ssl); 1036 } 1037 return 0; 1038 default: 1039 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 1040 return -1; 1041 } 1042 } 1043 } 1044 1045 static void 1046 be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) 1047 { 1048 struct bufferevent_openssl *bev_ssl = ctx; 1049 do_handshake(bev_ssl);/* XXX handle failure */ 1050 } 1051 1052 static void 1053 be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) 1054 { 1055 struct bufferevent_openssl *bev_ssl = ptr; 1056 1057 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 1058 if (what & EV_TIMEOUT) { 1059 bufferevent_run_eventcb_(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT); 1060 } else 1061 do_handshake(bev_ssl);/* XXX handle failure */ 1062 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 1063 } 1064 1065 static int 1066 set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 1067 { 1068 if (bev_ssl->underlying) { 1069 bufferevent_setcb(bev_ssl->underlying, 1070 be_openssl_handshakecb, be_openssl_handshakecb, 1071 be_openssl_eventcb, 1072 bev_ssl); 1073 return do_handshake(bev_ssl); 1074 } else { 1075 struct bufferevent *bev = &bev_ssl->bev.bev; 1076 int r1=0, r2=0; 1077 if (fd < 0 && bev_ssl->fd_is_set) 1078 fd = event_get_fd(&bev->ev_read); 1079 if (bev_ssl->fd_is_set) { 1080 event_del(&bev->ev_read); 1081 event_del(&bev->ev_write); 1082 } 1083 event_assign(&bev->ev_read, bev->ev_base, fd, 1084 EV_READ|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); 1085 event_assign(&bev->ev_write, bev->ev_base, fd, 1086 EV_WRITE|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); 1087 if (fd >= 0) { 1088 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1089 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1090 bev_ssl->fd_is_set = 1; 1091 } 1092 return (r1<0 || r2<0) ? -1 : 0; 1093 } 1094 } 1095 1096 int 1097 bufferevent_ssl_renegotiate(struct bufferevent *bev) 1098 { 1099 struct bufferevent_openssl *bev_ssl = upcast(bev); 1100 if (!bev_ssl) 1101 return -1; 1102 if (SSL_renegotiate(bev_ssl->ssl) < 0) 1103 return -1; 1104 bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; 1105 if (set_handshake_callbacks(bev_ssl, -1) < 0) 1106 return -1; 1107 if (!bev_ssl->underlying) 1108 return do_handshake(bev_ssl); 1109 return 0; 1110 } 1111 1112 static void 1113 be_openssl_outbuf_cb(struct evbuffer *buf, 1114 const struct evbuffer_cb_info *cbinfo, void *arg) 1115 { 1116 struct bufferevent_openssl *bev_ssl = arg; 1117 int r = 0; 1118 /* XXX need to hold a reference here. */ 1119 1120 if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { 1121 if (cbinfo->orig_size == 0) 1122 r = bufferevent_add_event_(&bev_ssl->bev.bev.ev_write, 1123 &bev_ssl->bev.bev.timeout_write); 1124 consider_writing(bev_ssl); 1125 } 1126 /* XXX Handle r < 0 */ 1127 (void)r; 1128 } 1129 1130 1131 static int 1132 be_openssl_enable(struct bufferevent *bev, short events) 1133 { 1134 struct bufferevent_openssl *bev_ssl = upcast(bev); 1135 int r1 = 0, r2 = 0; 1136 1137 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1138 return 0; 1139 1140 if (events & EV_READ) 1141 r1 = start_reading(bev_ssl); 1142 if (events & EV_WRITE) 1143 r2 = start_writing(bev_ssl); 1144 1145 if (bev_ssl->underlying) { 1146 if (events & EV_READ) 1147 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 1148 if (events & EV_WRITE) 1149 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 1150 1151 if (events & EV_READ) 1152 consider_reading(bev_ssl); 1153 if (events & EV_WRITE) 1154 consider_writing(bev_ssl); 1155 } 1156 return (r1 < 0 || r2 < 0) ? -1 : 0; 1157 } 1158 1159 static int 1160 be_openssl_disable(struct bufferevent *bev, short events) 1161 { 1162 struct bufferevent_openssl *bev_ssl = upcast(bev); 1163 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1164 return 0; 1165 1166 if (events & EV_READ) 1167 stop_reading(bev_ssl); 1168 if (events & EV_WRITE) 1169 stop_writing(bev_ssl); 1170 1171 if (bev_ssl->underlying) { 1172 if (events & EV_READ) 1173 BEV_DEL_GENERIC_READ_TIMEOUT(bev); 1174 if (events & EV_WRITE) 1175 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); 1176 } 1177 return 0; 1178 } 1179 1180 static void 1181 be_openssl_destruct(struct bufferevent *bev) 1182 { 1183 struct bufferevent_openssl *bev_ssl = upcast(bev); 1184 1185 if (bev_ssl->underlying) { 1186 bufferevent_del_generic_timeout_cbs_(bev); 1187 } else { 1188 event_del(&bev->ev_read); 1189 event_del(&bev->ev_write); 1190 } 1191 1192 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1193 if (bev_ssl->underlying) { 1194 if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { 1195 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " 1196 "bufferevent with too few references"); 1197 } else { 1198 bufferevent_free(bev_ssl->underlying); 1199 bev_ssl->underlying = NULL; 1200 } 1201 } else { 1202 evutil_socket_t fd = -1; 1203 BIO *bio = SSL_get_wbio(bev_ssl->ssl); 1204 if (bio) 1205 fd = BIO_get_fd(bio, NULL); 1206 if (fd >= 0) 1207 evutil_closesocket(fd); 1208 } 1209 SSL_free(bev_ssl->ssl); 1210 } else { 1211 if (bev_ssl->underlying) { 1212 if (bev_ssl->underlying->errorcb == be_openssl_eventcb) 1213 bufferevent_setcb(bev_ssl->underlying, 1214 NULL,NULL,NULL,NULL); 1215 bufferevent_unsuspend_read_(bev_ssl->underlying, 1216 BEV_SUSPEND_FILT_READ); 1217 } 1218 } 1219 } 1220 1221 static int 1222 be_openssl_adj_timeouts(struct bufferevent *bev) 1223 { 1224 struct bufferevent_openssl *bev_ssl = upcast(bev); 1225 1226 if (bev_ssl->underlying) { 1227 return bufferevent_generic_adj_timeouts_(bev); 1228 } else { 1229 int r1=0, r2=0; 1230 if (event_pending(&bev->ev_read, EV_READ, NULL)) { 1231 if (evutil_timerisset(&bev->timeout_read)) { 1232 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1233 } else { 1234 event_remove_timer(&bev->ev_read); 1235 } 1236 } 1237 if (event_pending(&bev->ev_write, EV_WRITE, NULL)) { 1238 if (evutil_timerisset(&bev->timeout_write)) { 1239 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1240 } else { 1241 event_remove_timer(&bev->ev_write); 1242 } 1243 } 1244 1245 return (r1<0 || r2<0) ? -1 : 0; 1246 } 1247 } 1248 1249 static int 1250 be_openssl_flush(struct bufferevent *bufev, 1251 short iotype, enum bufferevent_flush_mode mode) 1252 { 1253 /* XXXX Implement this. */ 1254 return 0; 1255 } 1256 1257 static int 1258 be_openssl_ctrl(struct bufferevent *bev, 1259 enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) 1260 { 1261 struct bufferevent_openssl *bev_ssl = upcast(bev); 1262 switch (op) { 1263 case BEV_CTRL_SET_FD: 1264 if (bev_ssl->underlying) 1265 return -1; 1266 { 1267 BIO *bio; 1268 bio = BIO_new_socket(data->fd, 0); 1269 SSL_set_bio(bev_ssl->ssl, bio, bio); 1270 bev_ssl->fd_is_set = 1; 1271 } 1272 if (bev_ssl->state == BUFFEREVENT_SSL_OPEN) 1273 return set_open_callbacks(bev_ssl, data->fd); 1274 else { 1275 return set_handshake_callbacks(bev_ssl, data->fd); 1276 } 1277 case BEV_CTRL_GET_FD: 1278 if (bev_ssl->underlying) 1279 return -1; 1280 if (!bev_ssl->fd_is_set) 1281 return -1; 1282 data->fd = event_get_fd(&bev->ev_read); 1283 return 0; 1284 case BEV_CTRL_GET_UNDERLYING: 1285 if (!bev_ssl->underlying) 1286 return -1; 1287 data->ptr = bev_ssl->underlying; 1288 return 0; 1289 case BEV_CTRL_CANCEL_ALL: 1290 default: 1291 return -1; 1292 } 1293 } 1294 1295 SSL * 1296 bufferevent_openssl_get_ssl(struct bufferevent *bufev) 1297 { 1298 struct bufferevent_openssl *bev_ssl = upcast(bufev); 1299 if (!bev_ssl) 1300 return NULL; 1301 return bev_ssl->ssl; 1302 } 1303 1304 static struct bufferevent * 1305 bufferevent_openssl_new_impl(struct event_base *base, 1306 struct bufferevent *underlying, 1307 evutil_socket_t fd, 1308 SSL *ssl, 1309 enum bufferevent_ssl_state state, 1310 int options) 1311 { 1312 struct bufferevent_openssl *bev_ssl = NULL; 1313 struct bufferevent_private *bev_p = NULL; 1314 int tmp_options = options & ~BEV_OPT_THREADSAFE; 1315 1316 if (underlying != NULL && fd >= 0) 1317 return NULL; /* Only one can be set. */ 1318 1319 if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) 1320 goto err; 1321 1322 bev_p = &bev_ssl->bev; 1323 1324 if (bufferevent_init_common_(bev_p, base, 1325 &bufferevent_ops_openssl, tmp_options) < 0) 1326 goto err; 1327 1328 /* Don't explode if we decide to realloc a chunk we're writing from in 1329 * the output buffer. */ 1330 SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 1331 1332 bev_ssl->underlying = underlying; 1333 bev_ssl->ssl = ssl; 1334 1335 bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, 1336 be_openssl_outbuf_cb, bev_ssl); 1337 1338 if (options & BEV_OPT_THREADSAFE) 1339 bufferevent_enable_locking_(&bev_ssl->bev.bev, NULL); 1340 1341 if (underlying) { 1342 bufferevent_init_generic_timeout_cbs_(&bev_ssl->bev.bev); 1343 bufferevent_incref_(underlying); 1344 } 1345 1346 bev_ssl->state = state; 1347 bev_ssl->last_write = -1; 1348 1349 init_bio_counts(bev_ssl); 1350 1351 switch (state) { 1352 case BUFFEREVENT_SSL_ACCEPTING: 1353 SSL_set_accept_state(bev_ssl->ssl); 1354 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1355 goto err; 1356 break; 1357 case BUFFEREVENT_SSL_CONNECTING: 1358 SSL_set_connect_state(bev_ssl->ssl); 1359 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1360 goto err; 1361 break; 1362 case BUFFEREVENT_SSL_OPEN: 1363 if (set_open_callbacks(bev_ssl, fd) < 0) 1364 goto err; 1365 break; 1366 default: 1367 goto err; 1368 } 1369 1370 if (underlying) { 1371 bufferevent_setwatermark(underlying, EV_READ, 0, 0); 1372 bufferevent_enable(underlying, EV_READ|EV_WRITE); 1373 if (state == BUFFEREVENT_SSL_OPEN) 1374 bufferevent_suspend_read_(underlying, 1375 BEV_SUSPEND_FILT_READ); 1376 } else { 1377 bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE; 1378 if (bev_ssl->fd_is_set) { 1379 if (state != BUFFEREVENT_SSL_OPEN) 1380 if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0) 1381 goto err; 1382 if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0) 1383 goto err; 1384 } 1385 } 1386 1387 return &bev_ssl->bev.bev; 1388 err: 1389 if (bev_ssl) 1390 bufferevent_free(&bev_ssl->bev.bev); 1391 return NULL; 1392 } 1393 1394 struct bufferevent * 1395 bufferevent_openssl_filter_new(struct event_base *base, 1396 struct bufferevent *underlying, 1397 SSL *ssl, 1398 enum bufferevent_ssl_state state, 1399 int options) 1400 { 1401 /* We don't tell the BIO to close the bufferevent; we do it ourselves 1402 * on be_openssl_destruct */ 1403 int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */ 1404 BIO *bio; 1405 if (!underlying) 1406 return NULL; 1407 if (!(bio = BIO_new_bufferevent(underlying, close_flag))) 1408 return NULL; 1409 1410 SSL_set_bio(ssl, bio, bio); 1411 1412 return bufferevent_openssl_new_impl( 1413 base, underlying, -1, ssl, state, options); 1414 } 1415 1416 struct bufferevent * 1417 bufferevent_openssl_socket_new(struct event_base *base, 1418 evutil_socket_t fd, 1419 SSL *ssl, 1420 enum bufferevent_ssl_state state, 1421 int options) 1422 { 1423 /* Does the SSL already have an fd? */ 1424 BIO *bio = SSL_get_wbio(ssl); 1425 long have_fd = -1; 1426 1427 if (bio) 1428 have_fd = BIO_get_fd(bio, NULL); 1429 1430 if (have_fd >= 0) { 1431 /* The SSL is already configured with an fd. */ 1432 if (fd < 0) { 1433 /* We should learn the fd from the SSL. */ 1434 fd = (evutil_socket_t) have_fd; 1435 } else if (have_fd == (long)fd) { 1436 /* We already know the fd from the SSL; do nothing */ 1437 } else { 1438 /* We specified an fd different from that of the SSL. 1439 This is probably an error on our part. Fail. */ 1440 return NULL; 1441 } 1442 (void) BIO_set_close(bio, 0); 1443 } else { 1444 /* The SSL isn't configured with a BIO with an fd. */ 1445 if (fd >= 0) { 1446 /* ... and we have an fd we want to use. */ 1447 bio = BIO_new_socket(fd, 0); 1448 SSL_set_bio(ssl, bio, bio); 1449 } else { 1450 /* Leave the fd unset. */ 1451 } 1452 } 1453 1454 return bufferevent_openssl_new_impl( 1455 base, NULL, fd, ssl, state, options); 1456 } 1457 1458 int 1459 bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev) 1460 { 1461 int allow_dirty_shutdown = -1; 1462 struct bufferevent_openssl *bev_ssl; 1463 BEV_LOCK(bev); 1464 bev_ssl = upcast(bev); 1465 if (bev_ssl) 1466 allow_dirty_shutdown = bev_ssl->allow_dirty_shutdown; 1467 BEV_UNLOCK(bev); 1468 return allow_dirty_shutdown; 1469 } 1470 1471 void 1472 bufferevent_openssl_set_allow_dirty_shutdown(struct bufferevent *bev, 1473 int allow_dirty_shutdown) 1474 { 1475 struct bufferevent_openssl *bev_ssl; 1476 BEV_LOCK(bev); 1477 bev_ssl = upcast(bev); 1478 if (bev_ssl) 1479 bev_ssl->allow_dirty_shutdown = !!allow_dirty_shutdown; 1480 BEV_UNLOCK(bev); 1481 } 1482 1483 unsigned long 1484 bufferevent_get_openssl_error(struct bufferevent *bev) 1485 { 1486 unsigned long err = 0; 1487 struct bufferevent_openssl *bev_ssl; 1488 BEV_LOCK(bev); 1489 bev_ssl = upcast(bev); 1490 if (bev_ssl && bev_ssl->n_errors) { 1491 err = bev_ssl->errors[--bev_ssl->n_errors]; 1492 } 1493 BEV_UNLOCK(bev); 1494 return err; 1495 } 1496