1 /* $OpenBSD: bio_ssl.c,v 1.37 2022/11/26 16:08:55 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <errno.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/bio.h> 65 #include <openssl/crypto.h> 66 #include <openssl/err.h> 67 #include <openssl/ssl.h> 68 69 #include "bio_local.h" 70 #include "ssl_local.h" 71 72 static int ssl_write(BIO *h, const char *buf, int num); 73 static int ssl_read(BIO *h, char *buf, int size); 74 static int ssl_puts(BIO *h, const char *str); 75 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 76 static int ssl_new(BIO *h); 77 static int ssl_free(BIO *data); 78 static long ssl_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); 79 typedef struct bio_ssl_st { 80 SSL *ssl; /* The ssl handle :-) */ 81 /* re-negotiate every time the total number of bytes is this size */ 82 int num_renegotiates; 83 unsigned long renegotiate_count; 84 unsigned long byte_count; 85 unsigned long renegotiate_timeout; 86 time_t last_time; 87 } BIO_SSL; 88 89 static const BIO_METHOD methods_sslp = { 90 .type = BIO_TYPE_SSL, 91 .name = "ssl", 92 .bwrite = ssl_write, 93 .bread = ssl_read, 94 .bputs = ssl_puts, 95 .ctrl = ssl_ctrl, 96 .create = ssl_new, 97 .destroy = ssl_free, 98 .callback_ctrl = ssl_callback_ctrl, 99 }; 100 101 const BIO_METHOD * 102 BIO_f_ssl(void) 103 { 104 return (&methods_sslp); 105 } 106 LSSL_ALIAS(BIO_f_ssl) 107 108 static int 109 ssl_new(BIO *bi) 110 { 111 BIO_SSL *bs; 112 113 bs = calloc(1, sizeof(BIO_SSL)); 114 if (bs == NULL) { 115 SSLerrorx(ERR_R_MALLOC_FAILURE); 116 return (0); 117 } 118 bi->init = 0; 119 bi->ptr = (char *)bs; 120 bi->flags = 0; 121 return (1); 122 } 123 124 static int 125 ssl_free(BIO *a) 126 { 127 BIO_SSL *bs; 128 129 if (a == NULL) 130 return (0); 131 bs = (BIO_SSL *)a->ptr; 132 if (bs->ssl != NULL) 133 SSL_shutdown(bs->ssl); 134 if (a->shutdown) { 135 if (a->init && (bs->ssl != NULL)) 136 SSL_free(bs->ssl); 137 a->init = 0; 138 a->flags = 0; 139 } 140 free(a->ptr); 141 return (1); 142 } 143 144 static int 145 ssl_read(BIO *b, char *out, int outl) 146 { 147 int ret = 1; 148 BIO_SSL *sb; 149 SSL *ssl; 150 int retry_reason = 0; 151 int r = 0; 152 153 if (out == NULL) 154 return (0); 155 sb = (BIO_SSL *)b->ptr; 156 ssl = sb->ssl; 157 158 BIO_clear_retry_flags(b); 159 160 ret = SSL_read(ssl, out, outl); 161 162 switch (SSL_get_error(ssl, ret)) { 163 case SSL_ERROR_NONE: 164 if (ret <= 0) 165 break; 166 if (sb->renegotiate_count > 0) { 167 sb->byte_count += ret; 168 if (sb->byte_count > sb->renegotiate_count) { 169 sb->byte_count = 0; 170 sb->num_renegotiates++; 171 SSL_renegotiate(ssl); 172 r = 1; 173 } 174 } 175 if ((sb->renegotiate_timeout > 0) && (!r)) { 176 time_t tm; 177 178 tm = time(NULL); 179 if (tm > sb->last_time + sb->renegotiate_timeout) { 180 sb->last_time = tm; 181 sb->num_renegotiates++; 182 SSL_renegotiate(ssl); 183 } 184 } 185 186 break; 187 case SSL_ERROR_WANT_READ: 188 BIO_set_retry_read(b); 189 break; 190 case SSL_ERROR_WANT_WRITE: 191 BIO_set_retry_write(b); 192 break; 193 case SSL_ERROR_WANT_X509_LOOKUP: 194 BIO_set_retry_special(b); 195 retry_reason = BIO_RR_SSL_X509_LOOKUP; 196 break; 197 case SSL_ERROR_WANT_ACCEPT: 198 BIO_set_retry_special(b); 199 retry_reason = BIO_RR_ACCEPT; 200 break; 201 case SSL_ERROR_WANT_CONNECT: 202 BIO_set_retry_special(b); 203 retry_reason = BIO_RR_CONNECT; 204 break; 205 case SSL_ERROR_SYSCALL: 206 case SSL_ERROR_SSL: 207 case SSL_ERROR_ZERO_RETURN: 208 default: 209 break; 210 } 211 212 b->retry_reason = retry_reason; 213 return (ret); 214 } 215 216 static int 217 ssl_write(BIO *b, const char *out, int outl) 218 { 219 int ret, r = 0; 220 int retry_reason = 0; 221 SSL *ssl; 222 BIO_SSL *bs; 223 224 if (out == NULL) 225 return (0); 226 bs = (BIO_SSL *)b->ptr; 227 ssl = bs->ssl; 228 229 BIO_clear_retry_flags(b); 230 231 /* ret=SSL_do_handshake(ssl); 232 if (ret > 0) */ 233 ret = SSL_write(ssl, out, outl); 234 235 switch (SSL_get_error(ssl, ret)) { 236 case SSL_ERROR_NONE: 237 if (ret <= 0) 238 break; 239 if (bs->renegotiate_count > 0) { 240 bs->byte_count += ret; 241 if (bs->byte_count > bs->renegotiate_count) { 242 bs->byte_count = 0; 243 bs->num_renegotiates++; 244 SSL_renegotiate(ssl); 245 r = 1; 246 } 247 } 248 if ((bs->renegotiate_timeout > 0) && (!r)) { 249 time_t tm; 250 251 tm = time(NULL); 252 if (tm > bs->last_time + bs->renegotiate_timeout) { 253 bs->last_time = tm; 254 bs->num_renegotiates++; 255 SSL_renegotiate(ssl); 256 } 257 } 258 break; 259 case SSL_ERROR_WANT_WRITE: 260 BIO_set_retry_write(b); 261 break; 262 case SSL_ERROR_WANT_READ: 263 BIO_set_retry_read(b); 264 break; 265 case SSL_ERROR_WANT_X509_LOOKUP: 266 BIO_set_retry_special(b); 267 retry_reason = BIO_RR_SSL_X509_LOOKUP; 268 break; 269 case SSL_ERROR_WANT_CONNECT: 270 BIO_set_retry_special(b); 271 retry_reason = BIO_RR_CONNECT; 272 case SSL_ERROR_SYSCALL: 273 case SSL_ERROR_SSL: 274 default: 275 break; 276 } 277 278 b->retry_reason = retry_reason; 279 return (ret); 280 } 281 282 static long 283 ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 284 { 285 SSL **sslp, *ssl; 286 BIO_SSL *bs; 287 BIO *dbio, *bio; 288 long ret = 1; 289 290 bs = (BIO_SSL *)b->ptr; 291 ssl = bs->ssl; 292 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 293 return (0); 294 switch (cmd) { 295 case BIO_CTRL_RESET: 296 SSL_shutdown(ssl); 297 298 if (ssl->handshake_func == ssl->method->ssl_connect) 299 SSL_set_connect_state(ssl); 300 else if (ssl->handshake_func == ssl->method->ssl_accept) 301 SSL_set_accept_state(ssl); 302 303 SSL_clear(ssl); 304 305 if (b->next_bio != NULL) 306 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 307 else if (ssl->rbio != NULL) 308 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 309 else 310 ret = 1; 311 break; 312 case BIO_CTRL_INFO: 313 ret = 0; 314 break; 315 case BIO_C_SSL_MODE: 316 if (num) /* client mode */ 317 SSL_set_connect_state(ssl); 318 else 319 SSL_set_accept_state(ssl); 320 break; 321 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 322 ret = bs->renegotiate_timeout; 323 if (num < 60) 324 num = 5; 325 bs->renegotiate_timeout = (unsigned long)num; 326 bs->last_time = time(NULL); 327 break; 328 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 329 ret = bs->renegotiate_count; 330 if ((long)num >=512) 331 bs->renegotiate_count = (unsigned long)num; 332 break; 333 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 334 ret = bs->num_renegotiates; 335 break; 336 case BIO_C_SET_SSL: 337 if (ssl != NULL) { 338 ssl_free(b); 339 if (!ssl_new(b)) 340 return 0; 341 } 342 b->shutdown = (int)num; 343 ssl = (SSL *)ptr; 344 ((BIO_SSL *)b->ptr)->ssl = ssl; 345 bio = SSL_get_rbio(ssl); 346 if (bio != NULL) { 347 if (b->next_bio != NULL) 348 BIO_push(bio, b->next_bio); 349 b->next_bio = bio; 350 CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); 351 } 352 b->init = 1; 353 break; 354 case BIO_C_GET_SSL: 355 if (ptr != NULL) { 356 sslp = (SSL **)ptr; 357 *sslp = ssl; 358 } else 359 ret = 0; 360 break; 361 case BIO_CTRL_GET_CLOSE: 362 ret = b->shutdown; 363 break; 364 case BIO_CTRL_SET_CLOSE: 365 b->shutdown = (int)num; 366 break; 367 case BIO_CTRL_WPENDING: 368 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 369 break; 370 case BIO_CTRL_PENDING: 371 ret = SSL_pending(ssl); 372 if (ret == 0) 373 ret = BIO_pending(ssl->rbio); 374 break; 375 case BIO_CTRL_FLUSH: 376 BIO_clear_retry_flags(b); 377 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 378 BIO_copy_next_retry(b); 379 break; 380 case BIO_CTRL_PUSH: 381 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) { 382 SSL_set_bio(ssl, b->next_bio, b->next_bio); 383 CRYPTO_add(&b->next_bio->references, 1, 384 CRYPTO_LOCK_BIO); 385 } 386 break; 387 case BIO_CTRL_POP: 388 /* Only detach if we are the BIO explicitly being popped */ 389 if (b == ptr) { 390 /* Shouldn't happen in practice because the 391 * rbio and wbio are the same when pushed. 392 */ 393 if (ssl->rbio != ssl->wbio) 394 BIO_free_all(ssl->wbio); 395 if (b->next_bio != NULL) 396 CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO); 397 ssl->wbio = NULL; 398 ssl->rbio = NULL; 399 } 400 break; 401 case BIO_C_DO_STATE_MACHINE: 402 BIO_clear_retry_flags(b); 403 404 b->retry_reason = 0; 405 ret = (int)SSL_do_handshake(ssl); 406 407 switch (SSL_get_error(ssl, (int)ret)) { 408 case SSL_ERROR_WANT_READ: 409 BIO_set_flags(b, 410 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); 411 break; 412 case SSL_ERROR_WANT_WRITE: 413 BIO_set_flags(b, 414 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); 415 break; 416 case SSL_ERROR_WANT_CONNECT: 417 BIO_set_flags(b, 418 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); 419 b->retry_reason = b->next_bio->retry_reason; 420 break; 421 default: 422 break; 423 } 424 break; 425 case BIO_CTRL_DUP: 426 dbio = (BIO *)ptr; 427 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) 428 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); 429 ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl); 430 ((BIO_SSL *)dbio->ptr)->renegotiate_count = 431 ((BIO_SSL *)b->ptr)->renegotiate_count; 432 ((BIO_SSL *)dbio->ptr)->byte_count = 433 ((BIO_SSL *)b->ptr)->byte_count; 434 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout = 435 ((BIO_SSL *)b->ptr)->renegotiate_timeout; 436 ((BIO_SSL *)dbio->ptr)->last_time = 437 ((BIO_SSL *)b->ptr)->last_time; 438 ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL); 439 break; 440 case BIO_C_GET_FD: 441 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 442 break; 443 case BIO_CTRL_SET_CALLBACK: 444 { 445 ret = 0; 446 } 447 break; 448 case BIO_CTRL_GET_CALLBACK: 449 { 450 void (**fptr)(const SSL *xssl, int type, int val); 451 452 fptr = (void (**)(const SSL *xssl, int type, int val)) 453 ptr; 454 *fptr = SSL_get_info_callback(ssl); 455 } 456 break; 457 default: 458 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 459 break; 460 } 461 return (ret); 462 } 463 464 static long 465 ssl_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) 466 { 467 SSL *ssl; 468 BIO_SSL *bs; 469 long ret = 1; 470 471 bs = (BIO_SSL *)b->ptr; 472 ssl = bs->ssl; 473 switch (cmd) { 474 case BIO_CTRL_SET_CALLBACK: 475 { 476 /* FIXME: setting this via a completely different prototype 477 seems like a crap idea */ 478 SSL_set_info_callback(ssl, 479 (void (*)(const SSL *, int, int))fp); 480 } 481 break; 482 default: 483 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 484 break; 485 } 486 return (ret); 487 } 488 489 static int 490 ssl_puts(BIO *bp, const char *str) 491 { 492 int n, ret; 493 494 n = strlen(str); 495 ret = BIO_write(bp, str, n); 496 return (ret); 497 } 498 499 BIO * 500 BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 501 { 502 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 503 504 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 505 goto err; 506 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 507 goto err; 508 if ((ret = BIO_push(buf, ssl)) == NULL) 509 goto err; 510 return (ret); 511 512 err: 513 BIO_free(buf); 514 BIO_free(ssl); 515 return (NULL); 516 } 517 518 BIO * 519 BIO_new_ssl_connect(SSL_CTX *ctx) 520 { 521 BIO *ret = NULL, *con = NULL, *ssl = NULL; 522 523 if ((con = BIO_new(BIO_s_connect())) == NULL) 524 goto err; 525 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 526 goto err; 527 if ((ret = BIO_push(ssl, con)) == NULL) 528 goto err; 529 return (ret); 530 531 err: 532 BIO_free(con); 533 BIO_free(ssl); 534 return (NULL); 535 } 536 LSSL_ALIAS(BIO_new_ssl_connect) 537 538 BIO * 539 BIO_new_ssl(SSL_CTX *ctx, int client) 540 { 541 BIO *ret; 542 SSL *ssl; 543 544 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 545 goto err; 546 if ((ssl = SSL_new(ctx)) == NULL) 547 goto err; 548 549 if (client) 550 SSL_set_connect_state(ssl); 551 else 552 SSL_set_accept_state(ssl); 553 554 BIO_set_ssl(ret, ssl, BIO_CLOSE); 555 return (ret); 556 557 err: 558 BIO_free(ret); 559 return (NULL); 560 } 561 LSSL_ALIAS(BIO_new_ssl) 562 563 int 564 BIO_ssl_copy_session_id(BIO *t, BIO *f) 565 { 566 t = BIO_find_type(t, BIO_TYPE_SSL); 567 f = BIO_find_type(f, BIO_TYPE_SSL); 568 if ((t == NULL) || (f == NULL)) 569 return (0); 570 if ((((BIO_SSL *)t->ptr)->ssl == NULL) || 571 (((BIO_SSL *)f->ptr)->ssl == NULL)) 572 return (0); 573 if (!SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, 574 ((BIO_SSL *)f->ptr)->ssl)) 575 return (0); 576 return (1); 577 } 578 579 void 580 BIO_ssl_shutdown(BIO *b) 581 { 582 SSL *s; 583 584 while (b != NULL) { 585 if (b->method->type == BIO_TYPE_SSL) { 586 s = ((BIO_SSL *)b->ptr)->ssl; 587 SSL_shutdown(s); 588 break; 589 } 590 b = b->next_bio; 591 } 592 } 593