xref: /openbsd-src/lib/libcrypto/man/BIO_s_bio.3 (revision f2da64fbbbf1b03f09f390ab01267c93dfd77c4c) 
1.Dd $Mdocdate: August 2 2015 $
2.Dt BIO_S_BIO 3
3.Os
4.Sh NAME
5.Nm BIO_s_bio ,
6.Nm BIO_make_bio_pair ,
7.Nm BIO_destroy_bio_pair ,
8.Nm BIO_shutdown_wr ,
9.Nm BIO_set_write_buf_size ,
10.Nm BIO_get_write_buf_size ,
11.Nm BIO_new_bio_pair ,
12.Nm BIO_get_write_guarantee ,
13.Nm BIO_ctrl_get_write_guarantee ,
14.Nm BIO_get_read_request ,
15.Nm BIO_ctrl_get_read_request ,
16.Nm BIO_ctrl_reset_read_request
17.Nd BIO pair BIO
18.Sh SYNOPSIS
19.In openssl/bio.h
20.Ft BIO_METHOD *
21.Fo BIO_s_bio
22.Fa void
23.Fc
24.Bd -unfilled
25#define	BIO_make_bio_pair(b1, b2) \e
26	(int)BIO_ctrl(b1, BIO_C_MAKE_BIO_PAIR, 0, b2)
27#define	BIO_destroy_bio_pair(b) \e
28	(int)BIO_ctrl(b, BIO_C_DESTROY_BIO_PAIR, 0, NULL)
29#define	BIO_shutdown_wr(b) \e
30	(int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
31#define	BIO_set_write_buf_size(b, size) \e
32	(int)BIO_ctrl(b, BIO_C_SET_WRITE_BUF_SIZE, size, NULL)
33#define	BIO_get_write_buf_size(b, size) \e
34	(size_t)BIO_ctrl(b, BIO_C_GET_WRITE_BUF_SIZE, size, NULL)
35.Ed
36.Pp
37.Ft int
38.Fo BIO_new_bio_pair
39.Fa "BIO **bio1"
40.Fa "size_t writebuf1"
41.Fa "BIO **bio2"
42.Fa "size_t writebuf2"
43.Fc
44.Bd -unfilled
45#define	BIO_get_write_guarantee(b) \e
46	(int)BIO_ctrl(b, BIO_C_GET_WRITE_GUARANTEE, 0, NULL)
47.Ed
48.Pp
49.Ft size_t
50.Fo BIO_ctrl_get_write_guarantee
51.Fa "BIO *b"
52.Fc
53.Bd -unfilled
54#define	BIO_get_read_request(b) \e
55	(int)BIO_ctrl(b, BIO_C_GET_READ_REQUEST, 0, NULL)
56.Ed
57.Pp
58.Ft size_t
59.Fo BIO_ctrl_get_read_request
60.Fa "BIO *b"
61.Fc
62.Ft int
63.Fo BIO_ctrl_reset_read_request
64.Fa "BIO *b"
65.Fc
66.Sh DESCRIPTION
67.Fn BIO_s_bio
68returns the method for a BIO pair.
69A BIO pair is a pair of source/sink BIOs where data written to either
70half of the pair is buffered and can be read from the other half.
71Both halves must usually be handled by the same application thread
72since no locking is done on the internal data structures.
73.Pp
74Since BIO chains typically end in a source/sink BIO,
75it is possible to make this one half of a BIO pair and
76have all the data processed by the chain under application control.
77.Pp
78One typical use of BIO pairs is
79to place TLS/SSL I/O under application control.
80This can be used when the application wishes to use a non standard
81transport for TLS/SSL or the normal socket routines are inappropriate.
82.Pp
83Calls to
84.Xr BIO_read 3
85will read data from the buffer or request a retry if no data is available.
86.Pp
87Calls to
88.Xr BIO_write 3
89will place data in the buffer or request a retry if the buffer is full.
90.Pp
91The standard calls
92.Xr BIO_ctrl_pending 3
93and
94.Xr BIO_ctrl_wpending 3
95can be used to determine the amount of pending data
96in the read or write buffer.
97.Pp
98.Xr BIO_reset 3
99clears any data in the write buffer.
100.Pp
101.Fn BIO_make_bio_pair
102joins two separate BIOs into a connected pair.
103.Pp
104.Fn BIO_destroy_pair
105destroys the association between two connected BIOs.
106Freeing up any half of the pair will automatically destroy the association.
107.Pp
108.Fn BIO_shutdown_wr
109is used to close down a BIO
110.Fa b .
111After this call no further writes on BIO
112.Fa b
113are allowed; they will return an error.
114Reads on the other half of the pair will return any pending data
115or EOF when all pending data has been read.
116.Pp
117.Fn BIO_set_write_buf_size
118sets the write buffer size of BIO
119.Fa b
120to
121.Fa size .
122If the size is not initialized a default value is used.
123This is currently 17K, sufficient for a maximum size TLS record.
124.Pp
125.Fn BIO_get_write_buf_size
126returns the size of the write buffer.
127.Pp
128.Fn BIO_new_bio_pair
129combines the calls to
130.Xr BIO_new 3 ,
131.Fn BIO_make_bio_pair
132and
133.Fn BIO_set_write_buf_size
134to create a connected pair of BIOs
135.Fa bio1
136and
137.Fa bio2
138with write buffer sizes
139.Fa writebuf1
140and
141.Fa writebuf2 .
142If either size is zero, then the default size is used.
143.Fn BIO_new_bio_pair
144does not check whether
145.Fa bio1
146or
147.Fa bio2
148do point to some other BIO, the values are overwritten,
149.Xr BIO_free 3
150is not called.
151.Pp
152.Fn BIO_get_write_guarantee
153and
154.Fn BIO_ctrl_get_write_guarantee
155return the maximum length of data
156that can be currently written to the BIO.
157Writes larger than this value will return a value from
158.Xr BIO_write 3
159less than the amount requested or if the buffer is full request a retry.
160.Fn BIO_ctrl_get_write_guarantee
161is a function whereas
162.Fn BIO_get_write_guarantee
163is a macro.
164.Pp
165.Fn BIO_get_read_request
166and
167.Fn BIO_ctrl_get_read_request
168return the amount of data requested, or the buffer size if it is less,
169if the last read attempt at the other half of the BIO pair failed
170due to an empty buffer.
171This can be used to determine how much data should be
172written to the BIO so the next read will succeed:
173this is most useful in TLS/SSL applications where the amount of
174data read is usually meaningful rather than just a buffer size.
175After a successful read this call will return zero.
176It also will return zero once new data has been written
177satisfying the read request or part of it.
178Note that
179.Fn BIO_get_read_request
180never returns an amount larger than that returned by
181.Fn BIO_get_write_guarantee .
182.Pp
183.Fn BIO_ctrl_reset_read_request
184can also be used to reset the value returned by
185.Fn BIO_get_read_request
186to zero.
187.Sh RETURN VALUES
188.Fn BIO_new_bio_pair
189returns 1 on success, with the new BIOs available in
190.Fa bio1
191and
192.Fa bio2 ,
193or 0 on failure, with NULL pointers stored into the locations for
194.Fa bio1
195and
196.Fa bio2 .
197Check the error stack for more information.
198.\" XXX More return values need to be added here.
199.Sh NOTES
200Both halves of a BIO pair should be freed.
201Even if one half is implicitly freed due to a
202.Xr BIO_free_all 3
203or
204.Xr SSL_free 3
205call, the other half still needs to be freed.
206.Pp
207When used in bidirectional applications (such as TLS/SSL)
208care should be taken to flush any data in the write buffer.
209This can be done by calling
210.Xr BIO_pending 3
211on the other half of the pair and, if any data is pending,
212reading it and sending it to the underlying transport.
213This must be done before any normal processing (such as calling
214.Xr select 2 )
215due to a request and
216.Xr BIO_should_read 3
217being true.
218.Pp
219To see why this is important,
220consider a case where a request is sent using
221.Xr BIO_write 3
222and a response read with
223.Xr BIO_read 3 ,
224this can occur during a TLS/SSL handshake for example.
225.Xr BIO_write 3
226will succeed and place data in the write buffer.
227.Xr BIO_read 3
228will initially fail and
229.Xr BIO_should_read 3
230will be true.
231If the application then waits for data to become available
232on the underlying transport before flushing the write buffer,
233it will never succeed because the request was never sent.
234.Sh EXAMPLE
235The BIO pair can be used to have full control
236over the network access of an application.
237The application can call
238.Xr select 2
239on the socket as required without having to go through the SSL-interface.
240.Bd -literal -offset 2n
241BIO *internal_bio, *network_bio;
242\&...
243BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
244SSL_set_bio(ssl, internal_bio, internal_bio);
245SSL_operations();
246\&...
247
248application |   TLS-engine
249   |        |
250   +----------> SSL_operations()
251            |     /\e    ||
252            |     ||    \e/
253            |   BIO-pair (internal_bio)
254   +----------< BIO-pair (network_bio)
255   |        |
256 socket     |
257
258\&...
259SSL_free(ssl);		/* implicitly frees internal_bio */
260BIO_free(network_bio);
261\&...
262.Ed
263.Pp
264As the BIO pair will only buffer the data and never directly access
265the connection, it behaves non-blocking and will return as soon as
266the write buffer is full or the read buffer is drained.
267Then the application has to flush the write buffer
268and/or fill the read buffer.
269.Pp
270Use
271.Xr BIO_ctrl_pending 3
272to find out whether data is buffered in the BIO
273and must be transferred to the network.
274Use
275.Fn BIO_ctrl_get_read_request
276to find out how many bytes must be written into the buffer before the
277.Xr SSL_operation 3
278can successfully be continued.
279.Sh SEE ALSO
280.Xr bio 3 ,
281.Xr BIO_read 3 ,
282.Xr BIO_should_retry 3 ,
283.Xr ssl 3 ,
284.Xr SSL_set_bio 3
285.Sh CAVEATS
286As the data is buffered,
287.Xr SSL_operation 3
288may return with an
289.Dv ERROR_SSL_WANT_READ
290condition, but there is still data in the write buffer.
291An application must not rely on the error value of
292.Xr SSL_operation 3
293but must assure that the write buffer is always flushed first.
294Otherwise a deadlock may occur as the peer might be waiting
295for the data before being able to continue.
296