1 /* $OpenBSD: bio_ssl.c,v 1.24 2017/01/23 13:36:12 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <errno.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/bio.h> 65 #include <openssl/crypto.h> 66 #include <openssl/err.h> 67 #include <openssl/ssl.h> 68 69 #include "ssl_locl.h" 70 71 static int ssl_write(BIO *h, const char *buf, int num); 72 static int ssl_read(BIO *h, char *buf, int size); 73 static int ssl_puts(BIO *h, const char *str); 74 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 75 static int ssl_new(BIO *h); 76 static int ssl_free(BIO *data); 77 static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); 78 typedef struct bio_ssl_st { 79 SSL *ssl; /* The ssl handle :-) */ 80 /* re-negotiate every time the total number of bytes is this size */ 81 int num_renegotiates; 82 unsigned long renegotiate_count; 83 unsigned long byte_count; 84 unsigned long renegotiate_timeout; 85 time_t last_time; 86 } BIO_SSL; 87 88 static BIO_METHOD methods_sslp = { 89 .type = BIO_TYPE_SSL, 90 .name = "ssl", 91 .bwrite = ssl_write, 92 .bread = ssl_read, 93 .bputs = ssl_puts, 94 .ctrl = ssl_ctrl, 95 .create = ssl_new, 96 .destroy = ssl_free, 97 .callback_ctrl = ssl_callback_ctrl, 98 }; 99 100 BIO_METHOD * 101 BIO_f_ssl(void) 102 { 103 return (&methods_sslp); 104 } 105 106 static int 107 ssl_new(BIO *bi) 108 { 109 BIO_SSL *bs; 110 111 bs = calloc(1, sizeof(BIO_SSL)); 112 if (bs == NULL) { 113 BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); 114 return (0); 115 } 116 bi->init = 0; 117 bi->ptr = (char *)bs; 118 bi->flags = 0; 119 return (1); 120 } 121 122 static int 123 ssl_free(BIO *a) 124 { 125 BIO_SSL *bs; 126 127 if (a == NULL) 128 return (0); 129 bs = (BIO_SSL *)a->ptr; 130 if (bs->ssl != NULL) 131 SSL_shutdown(bs->ssl); 132 if (a->shutdown) { 133 if (a->init && (bs->ssl != NULL)) 134 SSL_free(bs->ssl); 135 a->init = 0; 136 a->flags = 0; 137 } 138 free(a->ptr); 139 return (1); 140 } 141 142 static int 143 ssl_read(BIO *b, char *out, int outl) 144 { 145 int ret = 1; 146 BIO_SSL *sb; 147 SSL *ssl; 148 int retry_reason = 0; 149 int r = 0; 150 151 if (out == NULL) 152 return (0); 153 sb = (BIO_SSL *)b->ptr; 154 ssl = sb->ssl; 155 156 BIO_clear_retry_flags(b); 157 158 ret = SSL_read(ssl, out, outl); 159 160 switch (SSL_get_error(ssl, ret)) { 161 case SSL_ERROR_NONE: 162 if (ret <= 0) 163 break; 164 if (sb->renegotiate_count > 0) { 165 sb->byte_count += ret; 166 if (sb->byte_count > sb->renegotiate_count) { 167 sb->byte_count = 0; 168 sb->num_renegotiates++; 169 SSL_renegotiate(ssl); 170 r = 1; 171 } 172 } 173 if ((sb->renegotiate_timeout > 0) && (!r)) { 174 time_t tm; 175 176 tm = time(NULL); 177 if (tm > sb->last_time + sb->renegotiate_timeout) { 178 sb->last_time = tm; 179 sb->num_renegotiates++; 180 SSL_renegotiate(ssl); 181 } 182 } 183 184 break; 185 case SSL_ERROR_WANT_READ: 186 BIO_set_retry_read(b); 187 break; 188 case SSL_ERROR_WANT_WRITE: 189 BIO_set_retry_write(b); 190 break; 191 case SSL_ERROR_WANT_X509_LOOKUP: 192 BIO_set_retry_special(b); 193 retry_reason = BIO_RR_SSL_X509_LOOKUP; 194 break; 195 case SSL_ERROR_WANT_ACCEPT: 196 BIO_set_retry_special(b); 197 retry_reason = BIO_RR_ACCEPT; 198 break; 199 case SSL_ERROR_WANT_CONNECT: 200 BIO_set_retry_special(b); 201 retry_reason = BIO_RR_CONNECT; 202 break; 203 case SSL_ERROR_SYSCALL: 204 case SSL_ERROR_SSL: 205 case SSL_ERROR_ZERO_RETURN: 206 default: 207 break; 208 } 209 210 b->retry_reason = retry_reason; 211 return (ret); 212 } 213 214 static int 215 ssl_write(BIO *b, const char *out, int outl) 216 { 217 int ret, r = 0; 218 int retry_reason = 0; 219 SSL *ssl; 220 BIO_SSL *bs; 221 222 if (out == NULL) 223 return (0); 224 bs = (BIO_SSL *)b->ptr; 225 ssl = bs->ssl; 226 227 BIO_clear_retry_flags(b); 228 229 /* ret=SSL_do_handshake(ssl); 230 if (ret > 0) */ 231 ret = SSL_write(ssl, out, outl); 232 233 switch (SSL_get_error(ssl, ret)) { 234 case SSL_ERROR_NONE: 235 if (ret <= 0) 236 break; 237 if (bs->renegotiate_count > 0) { 238 bs->byte_count += ret; 239 if (bs->byte_count > bs->renegotiate_count) { 240 bs->byte_count = 0; 241 bs->num_renegotiates++; 242 SSL_renegotiate(ssl); 243 r = 1; 244 } 245 } 246 if ((bs->renegotiate_timeout > 0) && (!r)) { 247 time_t tm; 248 249 tm = time(NULL); 250 if (tm > bs->last_time + bs->renegotiate_timeout) { 251 bs->last_time = tm; 252 bs->num_renegotiates++; 253 SSL_renegotiate(ssl); 254 } 255 } 256 break; 257 case SSL_ERROR_WANT_WRITE: 258 BIO_set_retry_write(b); 259 break; 260 case SSL_ERROR_WANT_READ: 261 BIO_set_retry_read(b); 262 break; 263 case SSL_ERROR_WANT_X509_LOOKUP: 264 BIO_set_retry_special(b); 265 retry_reason = BIO_RR_SSL_X509_LOOKUP; 266 break; 267 case SSL_ERROR_WANT_CONNECT: 268 BIO_set_retry_special(b); 269 retry_reason = BIO_RR_CONNECT; 270 case SSL_ERROR_SYSCALL: 271 case SSL_ERROR_SSL: 272 default: 273 break; 274 } 275 276 b->retry_reason = retry_reason; 277 return (ret); 278 } 279 280 static long 281 ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 282 { 283 SSL **sslp, *ssl; 284 BIO_SSL *bs; 285 BIO *dbio, *bio; 286 long ret = 1; 287 288 bs = (BIO_SSL *)b->ptr; 289 ssl = bs->ssl; 290 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 291 return (0); 292 switch (cmd) { 293 case BIO_CTRL_RESET: 294 SSL_shutdown(ssl); 295 296 if (ssl->internal->handshake_func == ssl->method->internal->ssl_connect) 297 SSL_set_connect_state(ssl); 298 else if (ssl->internal->handshake_func == ssl->method->internal->ssl_accept) 299 SSL_set_accept_state(ssl); 300 301 SSL_clear(ssl); 302 303 if (b->next_bio != NULL) 304 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 305 else if (ssl->rbio != NULL) 306 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 307 else 308 ret = 1; 309 break; 310 case BIO_CTRL_INFO: 311 ret = 0; 312 break; 313 case BIO_C_SSL_MODE: 314 if (num) /* client mode */ 315 SSL_set_connect_state(ssl); 316 else 317 SSL_set_accept_state(ssl); 318 break; 319 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 320 ret = bs->renegotiate_timeout; 321 if (num < 60) 322 num = 5; 323 bs->renegotiate_timeout = (unsigned long)num; 324 bs->last_time = time(NULL); 325 break; 326 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 327 ret = bs->renegotiate_count; 328 if ((long)num >=512) 329 bs->renegotiate_count = (unsigned long)num; 330 break; 331 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 332 ret = bs->num_renegotiates; 333 break; 334 case BIO_C_SET_SSL: 335 if (ssl != NULL) { 336 ssl_free(b); 337 if (!ssl_new(b)) 338 return 0; 339 } 340 b->shutdown = (int)num; 341 ssl = (SSL *)ptr; 342 ((BIO_SSL *)b->ptr)->ssl = ssl; 343 bio = SSL_get_rbio(ssl); 344 if (bio != NULL) { 345 if (b->next_bio != NULL) 346 BIO_push(bio, b->next_bio); 347 b->next_bio = bio; 348 CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); 349 } 350 b->init = 1; 351 break; 352 case BIO_C_GET_SSL: 353 if (ptr != NULL) { 354 sslp = (SSL **)ptr; 355 *sslp = ssl; 356 } else 357 ret = 0; 358 break; 359 case BIO_CTRL_GET_CLOSE: 360 ret = b->shutdown; 361 break; 362 case BIO_CTRL_SET_CLOSE: 363 b->shutdown = (int)num; 364 break; 365 case BIO_CTRL_WPENDING: 366 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 367 break; 368 case BIO_CTRL_PENDING: 369 ret = SSL_pending(ssl); 370 if (ret == 0) 371 ret = BIO_pending(ssl->rbio); 372 break; 373 case BIO_CTRL_FLUSH: 374 BIO_clear_retry_flags(b); 375 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 376 BIO_copy_next_retry(b); 377 break; 378 case BIO_CTRL_PUSH: 379 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) { 380 SSL_set_bio(ssl, b->next_bio, b->next_bio); 381 CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO); 382 } 383 break; 384 case BIO_CTRL_POP: 385 /* Only detach if we are the BIO explicitly being popped */ 386 if (b == ptr) { 387 /* Shouldn't happen in practice because the 388 * rbio and wbio are the same when pushed. 389 */ 390 if (ssl->rbio != ssl->wbio) 391 BIO_free_all(ssl->wbio); 392 if (b->next_bio != NULL) 393 CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO); 394 ssl->wbio = NULL; 395 ssl->rbio = NULL; 396 } 397 break; 398 case BIO_C_DO_STATE_MACHINE: 399 BIO_clear_retry_flags(b); 400 401 b->retry_reason = 0; 402 ret = (int)SSL_do_handshake(ssl); 403 404 switch (SSL_get_error(ssl, (int)ret)) { 405 case SSL_ERROR_WANT_READ: 406 BIO_set_flags(b, 407 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); 408 break; 409 case SSL_ERROR_WANT_WRITE: 410 BIO_set_flags(b, 411 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); 412 break; 413 case SSL_ERROR_WANT_CONNECT: 414 BIO_set_flags(b, 415 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); 416 b->retry_reason = b->next_bio->retry_reason; 417 break; 418 default: 419 break; 420 } 421 break; 422 case BIO_CTRL_DUP: 423 dbio = (BIO *)ptr; 424 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) 425 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); 426 ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl); 427 ((BIO_SSL *)dbio->ptr)->renegotiate_count = 428 ((BIO_SSL *)b->ptr)->renegotiate_count; 429 ((BIO_SSL *)dbio->ptr)->byte_count = 430 ((BIO_SSL *)b->ptr)->byte_count; 431 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout = 432 ((BIO_SSL *)b->ptr)->renegotiate_timeout; 433 ((BIO_SSL *)dbio->ptr)->last_time = 434 ((BIO_SSL *)b->ptr)->last_time; 435 ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL); 436 break; 437 case BIO_C_GET_FD: 438 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 439 break; 440 case BIO_CTRL_SET_CALLBACK: 441 { 442 ret = 0; 443 } 444 break; 445 case BIO_CTRL_GET_CALLBACK: 446 { 447 void (**fptr)(const SSL *xssl, int type, int val); 448 449 fptr = (void (**)(const SSL *xssl, int type, int val))ptr; 450 *fptr = SSL_get_info_callback(ssl); 451 } 452 break; 453 default: 454 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 455 break; 456 } 457 return (ret); 458 } 459 460 static long 461 ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) 462 { 463 SSL *ssl; 464 BIO_SSL *bs; 465 long ret = 1; 466 467 bs = (BIO_SSL *)b->ptr; 468 ssl = bs->ssl; 469 switch (cmd) { 470 case BIO_CTRL_SET_CALLBACK: 471 { 472 /* FIXME: setting this via a completely different prototype 473 seems like a crap idea */ 474 SSL_set_info_callback(ssl, (void (*)(const SSL *, int, int))fp); 475 } 476 break; 477 default: 478 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 479 break; 480 } 481 return (ret); 482 } 483 484 static int 485 ssl_puts(BIO *bp, const char *str) 486 { 487 int n, ret; 488 489 n = strlen(str); 490 ret = BIO_write(bp, str, n); 491 return (ret); 492 } 493 494 BIO * 495 BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 496 { 497 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 498 499 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 500 goto err; 501 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 502 goto err; 503 if ((ret = BIO_push(buf, ssl)) == NULL) 504 goto err; 505 return (ret); 506 507 err: 508 BIO_free(buf); 509 BIO_free(ssl); 510 return (NULL); 511 } 512 513 BIO * 514 BIO_new_ssl_connect(SSL_CTX *ctx) 515 { 516 BIO *ret = NULL, *con = NULL, *ssl = NULL; 517 518 if ((con = BIO_new(BIO_s_connect())) == NULL) 519 goto err; 520 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 521 goto err; 522 if ((ret = BIO_push(ssl, con)) == NULL) 523 goto err; 524 return (ret); 525 526 err: 527 BIO_free(con); 528 BIO_free(ssl); 529 return (NULL); 530 } 531 532 BIO * 533 BIO_new_ssl(SSL_CTX *ctx, int client) 534 { 535 BIO *ret; 536 SSL *ssl; 537 538 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 539 goto err; 540 if ((ssl = SSL_new(ctx)) == NULL) 541 goto err; 542 543 if (client) 544 SSL_set_connect_state(ssl); 545 else 546 SSL_set_accept_state(ssl); 547 548 BIO_set_ssl(ret, ssl, BIO_CLOSE); 549 return (ret); 550 551 err: 552 BIO_free(ret); 553 return (NULL); 554 } 555 556 int 557 BIO_ssl_copy_session_id(BIO *t, BIO *f) 558 { 559 t = BIO_find_type(t, BIO_TYPE_SSL); 560 f = BIO_find_type(f, BIO_TYPE_SSL); 561 if ((t == NULL) || (f == NULL)) 562 return (0); 563 if ((((BIO_SSL *)t->ptr)->ssl == NULL) || 564 (((BIO_SSL *)f->ptr)->ssl == NULL)) 565 return (0); 566 SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, ((BIO_SSL *)f->ptr)->ssl); 567 return (1); 568 } 569 570 void 571 BIO_ssl_shutdown(BIO *b) 572 { 573 SSL *s; 574 575 while (b != NULL) { 576 if (b->method->type == BIO_TYPE_SSL) { 577 s = ((BIO_SSL *)b->ptr)->ssl; 578 SSL_shutdown(s); 579 break; 580 } 581 b = b->next_bio; 582 } 583 } 584