bufferevent_openssl.c revision 1.2
1/* $NetBSD: bufferevent_openssl.c,v 1.2 2014/12/19 20:43:18 christos Exp $ */ 2 3/* 4 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29// Get rid of OSX 10.7 and greater deprecation warnings. 30#if defined(__APPLE__) && defined(__clang__) 31#pragma clang diagnostic ignored "-Wdeprecated-declarations" 32#endif 33 34#include "event2/event-config.h" 35#include "evconfig-private.h" 36 37#include <sys/types.h> 38 39#ifdef EVENT__HAVE_SYS_TIME_H 40#include <sys/time.h> 41#endif 42 43#include <errno.h> 44#include <stdio.h> 45#include <stdlib.h> 46#include <string.h> 47#ifdef EVENT__HAVE_STDARG_H 48#include <stdarg.h> 49#endif 50#ifdef EVENT__HAVE_UNISTD_H 51#include <unistd.h> 52#endif 53 54#ifdef _WIN32 55#include <winsock2.h> 56#endif 57 58#include "event2/bufferevent.h" 59#include "event2/bufferevent_struct.h" 60#include "event2/bufferevent_ssl.h" 61#include "event2/buffer.h" 62#include "event2/event.h" 63 64#include "mm-internal.h" 65#include "bufferevent-internal.h" 66#include "log-internal.h" 67 68#include <openssl/bio.h> 69#include <openssl/ssl.h> 70#include <openssl/err.h> 71 72/* 73 * Define an OpenSSL bio that targets a bufferevent. 74 */ 75 76/* -------------------- 77 A BIO is an OpenSSL abstraction that handles reading and writing data. The 78 library will happily speak SSL over anything that implements a BIO 79 interface. 80 81 Here we define a BIO implementation that directs its output to a 82 bufferevent. We'll want to use this only when none of OpenSSL's built-in 83 IO mechanisms work for us. 84 -------------------- */ 85 86/* every BIO type needs its own integer type value. */ 87#define BIO_TYPE_LIBEVENT 57 88/* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on 89 * this. */ 90 91#if 0 92static void 93print_err(int val) 94{ 95 int err; 96 printf("Error was %d\n", val); 97 98 while ((err = ERR_get_error())) { 99 const char *msg = (const char*)ERR_reason_error_string(err); 100 const char *lib = (const char*)ERR_lib_error_string(err); 101 const char *func = (const char*)ERR_func_error_string(err); 102 103 printf("%s in %s %s\n", msg, lib, func); 104 } 105} 106#else 107#define print_err(v) ((void)0) 108#endif 109 110/* Called to initialize a new BIO */ 111static int 112bio_bufferevent_new(BIO *b) 113{ 114 b->init = 0; 115 b->num = -1; 116 b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ 117 b->flags = 0; 118 return 1; 119} 120 121/* Called to uninitialize the BIO. */ 122static int 123bio_bufferevent_free(BIO *b) 124{ 125 if (!b) 126 return 0; 127 if (b->shutdown) { 128 if (b->init && b->ptr) 129 bufferevent_free(b->ptr); 130 b->init = 0; 131 b->flags = 0; 132 b->ptr = NULL; 133 } 134 return 1; 135} 136 137/* Called to extract data from the BIO. */ 138static int 139bio_bufferevent_read(BIO *b, char *out, int outlen) 140{ 141 int r = 0; 142 struct evbuffer *input; 143 144 BIO_clear_retry_flags(b); 145 146 if (!out) 147 return 0; 148 if (!b->ptr) 149 return -1; 150 151 input = bufferevent_get_input(b->ptr); 152 if (evbuffer_get_length(input) == 0) { 153 /* If there's no data to read, say so. */ 154 BIO_set_retry_read(b); 155 return -1; 156 } else { 157 r = evbuffer_remove(input, out, outlen); 158 } 159 160 return r; 161} 162 163/* Called to write data info the BIO */ 164static int 165bio_bufferevent_write(BIO *b, const char *in, int inlen) 166{ 167 struct bufferevent *bufev = b->ptr; 168 struct evbuffer *output; 169 size_t outlen; 170 171 BIO_clear_retry_flags(b); 172 173 if (!b->ptr) 174 return -1; 175 176 output = bufferevent_get_output(bufev); 177 outlen = evbuffer_get_length(output); 178 179 /* Copy only as much data onto the output buffer as can fit under the 180 * high-water mark. */ 181 if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { 182 if (bufev->wm_write.high <= outlen) { 183 /* If no data can fit, we'll need to retry later. */ 184 BIO_set_retry_write(b); 185 return -1; 186 } 187 inlen = bufev->wm_write.high - outlen; 188 } 189 190 EVUTIL_ASSERT(inlen > 0); 191 evbuffer_add(output, in, inlen); 192 return inlen; 193} 194 195/* Called to handle various requests */ 196static long 197bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) 198{ 199 struct bufferevent *bufev = b->ptr; 200 long ret = 1; 201 202 switch (cmd) { 203 case BIO_CTRL_GET_CLOSE: 204 ret = b->shutdown; 205 break; 206 case BIO_CTRL_SET_CLOSE: 207 b->shutdown = (int)num; 208 break; 209 case BIO_CTRL_PENDING: 210 ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; 211 break; 212 case BIO_CTRL_WPENDING: 213 ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; 214 break; 215 /* XXXX These two are given a special-case treatment because 216 * of cargo-cultism. I should come up with a better reason. */ 217 case BIO_CTRL_DUP: 218 case BIO_CTRL_FLUSH: 219 ret = 1; 220 break; 221 default: 222 ret = 0; 223 break; 224 } 225 return ret; 226} 227 228/* Called to write a string to the BIO */ 229static int 230bio_bufferevent_puts(BIO *b, const char *s) 231{ 232 return bio_bufferevent_write(b, s, strlen(s)); 233} 234 235/* Method table for the bufferevent BIO */ 236static BIO_METHOD methods_bufferevent = { 237 BIO_TYPE_LIBEVENT, "bufferevent", 238 bio_bufferevent_write, 239 bio_bufferevent_read, 240 bio_bufferevent_puts, 241 NULL /* bio_bufferevent_gets */, 242 bio_bufferevent_ctrl, 243 bio_bufferevent_new, 244 bio_bufferevent_free, 245 NULL /* callback_ctrl */, 246}; 247 248/* Return the method table for the bufferevents BIO */ 249static BIO_METHOD * 250BIO_s_bufferevent(void) 251{ 252 return &methods_bufferevent; 253} 254 255/* Create a new BIO to wrap communication around a bufferevent. If close_flag 256 * is true, the bufferevent will be freed when the BIO is closed. */ 257static BIO * 258BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) 259{ 260 BIO *result; 261 if (!bufferevent) 262 return NULL; 263 if (!(result = BIO_new(BIO_s_bufferevent()))) 264 return NULL; 265 result->init = 1; 266 result->ptr = bufferevent; 267 result->shutdown = close_flag ? 1 : 0; 268 return result; 269} 270 271/* -------------------- 272 Now, here's the OpenSSL-based implementation of bufferevent. 273 274 The implementation comes in two flavors: one that connects its SSL object 275 to an underlying bufferevent using a BIO_bufferevent, and one that has the 276 SSL object connect to a socket directly. The latter should generally be 277 faster, except on Windows, where your best bet is using a 278 bufferevent_async. 279 280 (OpenSSL supports many other BIO types, too. But we can't use any unless 281 we have a good way to get notified when they become readable/writable.) 282 -------------------- */ 283 284struct bio_data_counts { 285 unsigned long n_written; 286 unsigned long n_read; 287}; 288 289struct bufferevent_openssl { 290 /* Shared fields with common bufferevent implementation code. 291 If we were set up with an underlying bufferevent, we use the 292 events here as timers only. If we have an SSL, then we use 293 the events as socket events. 294 */ 295 struct bufferevent_private bev; 296 /* An underlying bufferevent that we're directing our output to. 297 If it's NULL, then we're connected to an fd, not an evbuffer. */ 298 struct bufferevent *underlying; 299 /* The SSL object doing our encryption. */ 300 SSL *ssl; 301 302 /* A callback that's invoked when data arrives on our outbuf so we 303 know to write data to the SSL. */ 304 struct evbuffer_cb_entry *outbuf_cb; 305 306 /* A count of how much data the bios have read/written total. Used 307 for rate-limiting. */ 308 struct bio_data_counts counts; 309 310 /* If this value is greater than 0, then the last SSL_write blocked, 311 * and we need to try it again with this many bytes. */ 312 ev_ssize_t last_write; 313 314#define NUM_ERRORS 3 315 ev_uint32_t errors[NUM_ERRORS]; 316 317 /* When we next get available space, we should say "read" instead of 318 "write". This can happen if there's a renegotiation during a read 319 operation. */ 320 unsigned read_blocked_on_write : 1; 321 /* When we next get data, we should say "write" instead of "read". */ 322 unsigned write_blocked_on_read : 1; 323 /* Treat TCP close before SSL close on SSL >= v3 as clean EOF. */ 324 unsigned allow_dirty_shutdown : 1; 325 /* XXXX */ 326 unsigned fd_is_set : 1; 327 /* XXX */ 328 unsigned n_errors : 2; 329 330 /* Are we currently connecting, accepting, or doing IO? */ 331 unsigned state : 2; 332}; 333 334static int be_openssl_enable(struct bufferevent *, short); 335static int be_openssl_disable(struct bufferevent *, short); 336static void be_openssl_unlink(struct bufferevent *); 337static void be_openssl_destruct(struct bufferevent *); 338static int be_openssl_adj_timeouts(struct bufferevent *); 339static int be_openssl_flush(struct bufferevent *bufev, 340 short iotype, enum bufferevent_flush_mode mode); 341static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); 342 343const struct bufferevent_ops bufferevent_ops_openssl = { 344 "ssl", 345 evutil_offsetof(struct bufferevent_openssl, bev.bev), 346 be_openssl_enable, 347 be_openssl_disable, 348 be_openssl_unlink, 349 be_openssl_destruct, 350 be_openssl_adj_timeouts, 351 be_openssl_flush, 352 be_openssl_ctrl, 353}; 354 355/* Given a bufferevent, return a pointer to the bufferevent_openssl that 356 * contains it, if any. */ 357static inline struct bufferevent_openssl * 358upcast(struct bufferevent *bev) 359{ 360 struct bufferevent_openssl *bev_o; 361 if (bev->be_ops != &bufferevent_ops_openssl) 362 return NULL; 363 bev_o = (void*)( ((char*)bev) - 364 evutil_offsetof(struct bufferevent_openssl, bev.bev)); 365 EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl); 366 return bev_o; 367} 368 369static inline void 370put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) 371{ 372 if (bev_ssl->n_errors == NUM_ERRORS) 373 return; 374 /* The error type according to openssl is "unsigned long", but 375 openssl never uses more than 32 bits of it. It _can't_ use more 376 than 32 bits of it, since it needs to report errors on systems 377 where long is only 32 bits. 378 */ 379 bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; 380} 381 382/* Have the base communications channel (either the underlying bufferevent or 383 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag 384 * into account. */ 385static int 386start_reading(struct bufferevent_openssl *bev_ssl) 387{ 388 if (bev_ssl->underlying) { 389 bufferevent_unsuspend_read_(bev_ssl->underlying, 390 BEV_SUSPEND_FILT_READ); 391 return 0; 392 } else { 393 struct bufferevent *bev = &bev_ssl->bev.bev; 394 int r; 395 r = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 396 if (r == 0 && bev_ssl->read_blocked_on_write) 397 r = bufferevent_add_event_(&bev->ev_write, 398 &bev->timeout_write); 399 return r; 400 } 401} 402 403/* Have the base communications channel (either the underlying bufferevent or 404 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag 405 * into account. */ 406static int 407start_writing(struct bufferevent_openssl *bev_ssl) 408{ 409 int r = 0; 410 if (bev_ssl->underlying) { 411 ; 412 } else { 413 struct bufferevent *bev = &bev_ssl->bev.bev; 414 r = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 415 if (!r && bev_ssl->write_blocked_on_read) 416 r = bufferevent_add_event_(&bev->ev_read, 417 &bev->timeout_read); 418 } 419 return r; 420} 421 422static void 423stop_reading(struct bufferevent_openssl *bev_ssl) 424{ 425 if (bev_ssl->write_blocked_on_read) 426 return; 427 if (bev_ssl->underlying) { 428 bufferevent_suspend_read_(bev_ssl->underlying, 429 BEV_SUSPEND_FILT_READ); 430 } else { 431 struct bufferevent *bev = &bev_ssl->bev.bev; 432 event_del(&bev->ev_read); 433 } 434} 435 436static void 437stop_writing(struct bufferevent_openssl *bev_ssl) 438{ 439 if (bev_ssl->read_blocked_on_write) 440 return; 441 if (bev_ssl->underlying) { 442 ; 443 } else { 444 struct bufferevent *bev = &bev_ssl->bev.bev; 445 event_del(&bev->ev_write); 446 } 447} 448 449static int 450set_rbow(struct bufferevent_openssl *bev_ssl) 451{ 452 if (!bev_ssl->underlying) 453 stop_reading(bev_ssl); 454 bev_ssl->read_blocked_on_write = 1; 455 return start_writing(bev_ssl); 456} 457 458static int 459set_wbor(struct bufferevent_openssl *bev_ssl) 460{ 461 if (!bev_ssl->underlying) 462 stop_writing(bev_ssl); 463 bev_ssl->write_blocked_on_read = 1; 464 return start_reading(bev_ssl); 465} 466 467static int 468clear_rbow(struct bufferevent_openssl *bev_ssl) 469{ 470 struct bufferevent *bev = &bev_ssl->bev.bev; 471 int r = 0; 472 bev_ssl->read_blocked_on_write = 0; 473 if (!(bev->enabled & EV_WRITE)) 474 stop_writing(bev_ssl); 475 if (bev->enabled & EV_READ) 476 r = start_reading(bev_ssl); 477 return r; 478} 479 480 481static int 482clear_wbor(struct bufferevent_openssl *bev_ssl) 483{ 484 struct bufferevent *bev = &bev_ssl->bev.bev; 485 int r = 0; 486 bev_ssl->write_blocked_on_read = 0; 487 if (!(bev->enabled & EV_READ)) 488 stop_reading(bev_ssl); 489 if (bev->enabled & EV_WRITE) 490 r = start_writing(bev_ssl); 491 return r; 492} 493 494static void 495conn_closed(struct bufferevent_openssl *bev_ssl, int when, int errcode, int ret) 496{ 497 int event = BEV_EVENT_ERROR; 498 int dirty_shutdown = 0; 499 unsigned long err; 500 501 switch (errcode) { 502 case SSL_ERROR_ZERO_RETURN: 503 /* Possibly a clean shutdown. */ 504 if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) 505 event = BEV_EVENT_EOF; 506 else 507 dirty_shutdown = 1; 508 break; 509 case SSL_ERROR_SYSCALL: 510 /* IO error; possibly a dirty shutdown. */ 511 if (ret == 0 && ERR_peek_error() == 0) 512 dirty_shutdown = 1; 513 break; 514 case SSL_ERROR_SSL: 515 /* Protocol error. */ 516 break; 517 case SSL_ERROR_WANT_X509_LOOKUP: 518 /* XXXX handle this. */ 519 break; 520 case SSL_ERROR_NONE: 521 case SSL_ERROR_WANT_READ: 522 case SSL_ERROR_WANT_WRITE: 523 case SSL_ERROR_WANT_CONNECT: 524 case SSL_ERROR_WANT_ACCEPT: 525 default: 526 /* should be impossible; treat as normal error. */ 527 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); 528 break; 529 } 530 531 while ((err = ERR_get_error())) { 532 put_error(bev_ssl, err); 533 } 534 535 if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) 536 event = BEV_EVENT_EOF; 537 538 stop_reading(bev_ssl); 539 stop_writing(bev_ssl); 540 541 /* when is BEV_EVENT_{READING|WRITING} */ 542 event = when | event; 543 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 544} 545 546static void 547init_bio_counts(struct bufferevent_openssl *bev_ssl) 548{ 549 bev_ssl->counts.n_written = 550 BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 551 bev_ssl->counts.n_read = 552 BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 553} 554 555static inline void 556decrement_buckets(struct bufferevent_openssl *bev_ssl) 557{ 558 unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 559 unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 560 /* These next two subtractions can wrap around. That's okay. */ 561 unsigned long w = num_w - bev_ssl->counts.n_written; 562 unsigned long r = num_r - bev_ssl->counts.n_read; 563 if (w) 564 bufferevent_decrement_write_buckets_(&bev_ssl->bev, w); 565 if (r) 566 bufferevent_decrement_read_buckets_(&bev_ssl->bev, r); 567 bev_ssl->counts.n_written = num_w; 568 bev_ssl->counts.n_read = num_r; 569} 570 571#define OP_MADE_PROGRESS 1 572#define OP_BLOCKED 2 573#define OP_ERR 4 574 575/* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if 576 we're now blocked); and OP_ERR (if an error occurred). */ 577static int 578do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { 579 /* Requires lock */ 580 struct bufferevent *bev = &bev_ssl->bev.bev; 581 struct evbuffer *input = bev->input; 582 int r, n, i, n_used = 0, atmost; 583 struct evbuffer_iovec space[2]; 584 int result = 0; 585 586 if (bev_ssl->bev.read_suspended) 587 return 0; 588 589 atmost = bufferevent_get_read_max_(&bev_ssl->bev); 590 if (n_to_read > atmost) 591 n_to_read = atmost; 592 593 n = evbuffer_reserve_space(input, n_to_read, space, 2); 594 if (n < 0) 595 return OP_ERR; 596 597 for (i=0; i<n; ++i) { 598 if (bev_ssl->bev.read_suspended) 599 break; 600 r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); 601 if (r>0) { 602 result |= OP_MADE_PROGRESS; 603 if (bev_ssl->read_blocked_on_write) 604 if (clear_rbow(bev_ssl) < 0) 605 return OP_ERR | result; 606 ++n_used; 607 space[i].iov_len = r; 608 decrement_buckets(bev_ssl); 609 } else { 610 int err = SSL_get_error(bev_ssl->ssl, r); 611 print_err(err); 612 switch (err) { 613 case SSL_ERROR_WANT_READ: 614 /* Can't read until underlying has more data. */ 615 if (bev_ssl->read_blocked_on_write) 616 if (clear_rbow(bev_ssl) < 0) 617 return OP_ERR | result; 618 break; 619 case SSL_ERROR_WANT_WRITE: 620 /* This read operation requires a write, and the 621 * underlying is full */ 622 if (!bev_ssl->read_blocked_on_write) 623 if (set_rbow(bev_ssl) < 0) 624 return OP_ERR | result; 625 break; 626 default: 627 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 628 break; 629 } 630 result |= OP_BLOCKED; 631 break; /* out of the loop */ 632 } 633 } 634 635 if (n_used) { 636 evbuffer_commit_space(input, space, n_used); 637 if (bev_ssl->underlying) 638 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 639 } 640 641 return result; 642} 643 644/* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if 645 we're now blocked); and OP_ERR (if an error occurred). */ 646static int 647do_write(struct bufferevent_openssl *bev_ssl, int atmost) 648{ 649 int i, r, n, n_written = 0; 650 struct bufferevent *bev = &bev_ssl->bev.bev; 651 struct evbuffer *output = bev->output; 652 struct evbuffer_iovec space[8]; 653 int result = 0; 654 655 if (bev_ssl->last_write > 0) 656 atmost = bev_ssl->last_write; 657 else 658 atmost = bufferevent_get_write_max_(&bev_ssl->bev); 659 660 n = evbuffer_peek(output, atmost, NULL, space, 8); 661 if (n < 0) 662 return OP_ERR | result; 663 664 if (n > 8) 665 n = 8; 666 for (i=0; i < n; ++i) { 667 if (bev_ssl->bev.write_suspended) 668 break; 669 670 /* SSL_write will (reasonably) return 0 if we tell it to 671 send 0 data. Skip this case so we don't interpret the 672 result as an error */ 673 if (space[i].iov_len == 0) 674 continue; 675 676 r = SSL_write(bev_ssl->ssl, space[i].iov_base, 677 space[i].iov_len); 678 if (r > 0) { 679 result |= OP_MADE_PROGRESS; 680 if (bev_ssl->write_blocked_on_read) 681 if (clear_wbor(bev_ssl) < 0) 682 return OP_ERR | result; 683 n_written += r; 684 bev_ssl->last_write = -1; 685 decrement_buckets(bev_ssl); 686 } else { 687 int err = SSL_get_error(bev_ssl->ssl, r); 688 print_err(err); 689 switch (err) { 690 case SSL_ERROR_WANT_WRITE: 691 /* Can't read until underlying has more data. */ 692 if (bev_ssl->write_blocked_on_read) 693 if (clear_wbor(bev_ssl) < 0) 694 return OP_ERR | result; 695 bev_ssl->last_write = space[i].iov_len; 696 break; 697 case SSL_ERROR_WANT_READ: 698 /* This read operation requires a write, and the 699 * underlying is full */ 700 if (!bev_ssl->write_blocked_on_read) 701 if (set_wbor(bev_ssl) < 0) 702 return OP_ERR | result; 703 bev_ssl->last_write = space[i].iov_len; 704 break; 705 default: 706 conn_closed(bev_ssl, BEV_EVENT_WRITING, err, r); 707 bev_ssl->last_write = -1; 708 break; 709 } 710 result |= OP_BLOCKED; 711 break; 712 } 713 } 714 if (n_written) { 715 evbuffer_drain(output, n_written); 716 if (bev_ssl->underlying) 717 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 718 719 bufferevent_trigger_nolock_(bev, EV_WRITE, 0); 720 } 721 return result; 722} 723 724#define WRITE_FRAME 15000 725 726#define READ_DEFAULT 4096 727 728/* Try to figure out how many bytes to read; return 0 if we shouldn't be 729 * reading. */ 730static int 731bytes_to_read(struct bufferevent_openssl *bev) 732{ 733 struct evbuffer *input = bev->bev.bev.input; 734 struct event_watermark *wm = &bev->bev.bev.wm_read; 735 int result = READ_DEFAULT; 736 ev_ssize_t limit; 737 /* XXX 99% of this is generic code that nearly all bufferevents will 738 * want. */ 739 740 if (bev->write_blocked_on_read) { 741 return 0; 742 } 743 744 if (! (bev->bev.bev.enabled & EV_READ)) { 745 return 0; 746 } 747 748 if (bev->bev.read_suspended) { 749 return 0; 750 } 751 752 if (wm->high) { 753 if (evbuffer_get_length(input) >= wm->high) { 754 return 0; 755 } 756 757 result = wm->high - evbuffer_get_length(input); 758 } else { 759 result = READ_DEFAULT; 760 } 761 762 /* Respect the rate limit */ 763 limit = bufferevent_get_read_max_(&bev->bev); 764 if (result > limit) { 765 result = limit; 766 } 767 768 return result; 769} 770 771 772/* Things look readable. If write is blocked on read, write till it isn't. 773 * Read from the underlying buffer until we block or we hit our high-water 774 * mark. 775 */ 776static void 777consider_reading(struct bufferevent_openssl *bev_ssl) 778{ 779 int r; 780 int n_to_read; 781 int all_result_flags = 0; 782 783 while (bev_ssl->write_blocked_on_read) { 784 r = do_write(bev_ssl, WRITE_FRAME); 785 if (r & (OP_BLOCKED|OP_ERR)) 786 break; 787 } 788 if (bev_ssl->write_blocked_on_read) 789 return; 790 791 n_to_read = bytes_to_read(bev_ssl); 792 793 while (n_to_read) { 794 r = do_read(bev_ssl, n_to_read); 795 all_result_flags |= r; 796 797 if (r & (OP_BLOCKED|OP_ERR)) 798 break; 799 800 if (bev_ssl->bev.read_suspended) 801 break; 802 803 /* Read all pending data. This won't hit the network 804 * again, and will (most importantly) put us in a state 805 * where we don't need to read anything else until the 806 * socket is readable again. It'll potentially make us 807 * overrun our read high-watermark (somewhat 808 * regrettable). The damage to the rate-limit has 809 * already been done, since OpenSSL went and read a 810 * whole SSL record anyway. */ 811 n_to_read = SSL_pending(bev_ssl->ssl); 812 813 /* XXX This if statement is actually a bad bug, added to avoid 814 * XXX a worse bug. 815 * 816 * The bad bug: It can potentially cause resource unfairness 817 * by reading too much data from the underlying bufferevent; 818 * it can potentially cause read looping if the underlying 819 * bufferevent is a bufferevent_pair and deferred callbacks 820 * aren't used. 821 * 822 * The worse bug: If we didn't do this, then we would 823 * potentially not read any more from bev_ssl->underlying 824 * until more data arrived there, which could lead to us 825 * waiting forever. 826 */ 827 if (!n_to_read && bev_ssl->underlying) 828 n_to_read = bytes_to_read(bev_ssl); 829 } 830 831 if (all_result_flags & OP_MADE_PROGRESS) { 832 struct bufferevent *bev = &bev_ssl->bev.bev; 833 834 bufferevent_trigger_nolock_(bev, EV_READ, 0); 835 } 836 837 if (!bev_ssl->underlying) { 838 /* Should be redundant, but let's avoid busy-looping */ 839 if (bev_ssl->bev.read_suspended || 840 !(bev_ssl->bev.bev.enabled & EV_READ)) { 841 event_del(&bev_ssl->bev.bev.ev_read); 842 } 843 } 844} 845 846static void 847consider_writing(struct bufferevent_openssl *bev_ssl) 848{ 849 int r; 850 struct evbuffer *output = bev_ssl->bev.bev.output; 851 struct evbuffer *target = NULL; 852 struct event_watermark *wm = NULL; 853 854 while (bev_ssl->read_blocked_on_write) { 855 r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ 856 if (r & OP_MADE_PROGRESS) { 857 struct bufferevent *bev = &bev_ssl->bev.bev; 858 859 bufferevent_trigger_nolock_(bev, EV_READ, 0); 860 } 861 if (r & (OP_ERR|OP_BLOCKED)) 862 break; 863 } 864 if (bev_ssl->read_blocked_on_write) 865 return; 866 if (bev_ssl->underlying) { 867 target = bev_ssl->underlying->output; 868 wm = &bev_ssl->underlying->wm_write; 869 } 870 while ((bev_ssl->bev.bev.enabled & EV_WRITE) && 871 (! bev_ssl->bev.write_suspended) && 872 evbuffer_get_length(output) && 873 (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { 874 int n_to_write; 875 if (wm && wm->high) 876 n_to_write = wm->high - evbuffer_get_length(target); 877 else 878 n_to_write = WRITE_FRAME; 879 r = do_write(bev_ssl, n_to_write); 880 if (r & (OP_BLOCKED|OP_ERR)) 881 break; 882 } 883 884 if (!bev_ssl->underlying) { 885 if (evbuffer_get_length(output) == 0) { 886 event_del(&bev_ssl->bev.bev.ev_write); 887 } else if (bev_ssl->bev.write_suspended || 888 !(bev_ssl->bev.bev.enabled & EV_WRITE)) { 889 /* Should be redundant, but let's avoid busy-looping */ 890 event_del(&bev_ssl->bev.bev.ev_write); 891 } 892 } 893} 894 895static void 896be_openssl_readcb(struct bufferevent *bev_base, void *ctx) 897{ 898 struct bufferevent_openssl *bev_ssl = ctx; 899 consider_reading(bev_ssl); 900} 901 902static void 903be_openssl_writecb(struct bufferevent *bev_base, void *ctx) 904{ 905 struct bufferevent_openssl *bev_ssl = ctx; 906 consider_writing(bev_ssl); 907} 908 909static void 910be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) 911{ 912 struct bufferevent_openssl *bev_ssl = ctx; 913 int event = 0; 914 915 if (what & BEV_EVENT_EOF) { 916 if (bev_ssl->allow_dirty_shutdown) 917 event = BEV_EVENT_EOF; 918 else 919 event = BEV_EVENT_ERROR; 920 } else if (what & BEV_EVENT_TIMEOUT) { 921 /* We sure didn't set this. Propagate it to the user. */ 922 event = what; 923 } else if (what & BEV_EVENT_ERROR) { 924 /* An error occurred on the connection. Propagate it to the user. */ 925 event = what; 926 } else if (what & BEV_EVENT_CONNECTED) { 927 /* Ignore it. We're saying SSL_connect() already, which will 928 eat it. */ 929 } 930 if (event) 931 bufferevent_run_eventcb_(&bev_ssl->bev.bev, event, 0); 932} 933 934static void 935be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) 936{ 937 struct bufferevent_openssl *bev_ssl = ptr; 938 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 939 if (what == EV_TIMEOUT) { 940 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 941 BEV_EVENT_TIMEOUT|BEV_EVENT_READING, 0); 942 } else { 943 consider_reading(bev_ssl); 944 } 945 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 946} 947 948static void 949be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) 950{ 951 struct bufferevent_openssl *bev_ssl = ptr; 952 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 953 if (what == EV_TIMEOUT) { 954 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 955 BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING, 0); 956 } else { 957 consider_writing(bev_ssl); 958 } 959 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 960} 961 962static int 963set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 964{ 965 if (bev_ssl->underlying) { 966 bufferevent_setcb(bev_ssl->underlying, 967 be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, 968 bev_ssl); 969 return 0; 970 } else { 971 struct bufferevent *bev = &bev_ssl->bev.bev; 972 int rpending=0, wpending=0, r1=0, r2=0; 973 if (fd < 0 && bev_ssl->fd_is_set) 974 fd = event_get_fd(&bev->ev_read); 975 if (bev_ssl->fd_is_set) { 976 rpending = event_pending(&bev->ev_read, EV_READ, NULL); 977 wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); 978 event_del(&bev->ev_read); 979 event_del(&bev->ev_write); 980 } 981 event_assign(&bev->ev_read, bev->ev_base, fd, 982 EV_READ|EV_PERSIST|EV_FINALIZE, 983 be_openssl_readeventcb, bev_ssl); 984 event_assign(&bev->ev_write, bev->ev_base, fd, 985 EV_WRITE|EV_PERSIST|EV_FINALIZE, 986 be_openssl_writeeventcb, bev_ssl); 987 if (rpending) 988 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 989 if (wpending) 990 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 991 if (fd >= 0) { 992 bev_ssl->fd_is_set = 1; 993 } 994 return (r1<0 || r2<0) ? -1 : 0; 995 } 996} 997 998static int 999do_handshake(struct bufferevent_openssl *bev_ssl) 1000{ 1001 int r; 1002 1003 switch (bev_ssl->state) { 1004 default: 1005 case BUFFEREVENT_SSL_OPEN: 1006 EVUTIL_ASSERT(0); 1007 return -1; 1008 case BUFFEREVENT_SSL_CONNECTING: 1009 case BUFFEREVENT_SSL_ACCEPTING: 1010 r = SSL_do_handshake(bev_ssl->ssl); 1011 break; 1012 } 1013 decrement_buckets(bev_ssl); 1014 1015 if (r==1) { 1016 /* We're done! */ 1017 bev_ssl->state = BUFFEREVENT_SSL_OPEN; 1018 set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */ 1019 /* Call do_read and do_write as needed */ 1020 bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); 1021 bufferevent_run_eventcb_(&bev_ssl->bev.bev, 1022 BEV_EVENT_CONNECTED, 0); 1023 return 1; 1024 } else { 1025 int err = SSL_get_error(bev_ssl->ssl, r); 1026 print_err(err); 1027 switch (err) { 1028 case SSL_ERROR_WANT_WRITE: 1029 if (!bev_ssl->underlying) { 1030 stop_reading(bev_ssl); 1031 return start_writing(bev_ssl); 1032 } 1033 return 0; 1034 case SSL_ERROR_WANT_READ: 1035 if (!bev_ssl->underlying) { 1036 stop_writing(bev_ssl); 1037 return start_reading(bev_ssl); 1038 } 1039 return 0; 1040 default: 1041 conn_closed(bev_ssl, BEV_EVENT_READING, err, r); 1042 return -1; 1043 } 1044 } 1045} 1046 1047static void 1048be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) 1049{ 1050 struct bufferevent_openssl *bev_ssl = ctx; 1051 do_handshake(bev_ssl);/* XXX handle failure */ 1052} 1053 1054static void 1055be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) 1056{ 1057 struct bufferevent_openssl *bev_ssl = ptr; 1058 1059 bufferevent_incref_and_lock_(&bev_ssl->bev.bev); 1060 if (what & EV_TIMEOUT) { 1061 bufferevent_run_eventcb_(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT, 0); 1062 } else 1063 do_handshake(bev_ssl);/* XXX handle failure */ 1064 bufferevent_decref_and_unlock_(&bev_ssl->bev.bev); 1065} 1066 1067static int 1068set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 1069{ 1070 if (bev_ssl->underlying) { 1071 bufferevent_setcb(bev_ssl->underlying, 1072 be_openssl_handshakecb, be_openssl_handshakecb, 1073 be_openssl_eventcb, 1074 bev_ssl); 1075 return do_handshake(bev_ssl); 1076 } else { 1077 struct bufferevent *bev = &bev_ssl->bev.bev; 1078 int r1=0, r2=0; 1079 if (fd < 0 && bev_ssl->fd_is_set) 1080 fd = event_get_fd(&bev->ev_read); 1081 if (bev_ssl->fd_is_set) { 1082 event_del(&bev->ev_read); 1083 event_del(&bev->ev_write); 1084 } 1085 event_assign(&bev->ev_read, bev->ev_base, fd, 1086 EV_READ|EV_PERSIST|EV_FINALIZE, 1087 be_openssl_handshakeeventcb, bev_ssl); 1088 event_assign(&bev->ev_write, bev->ev_base, fd, 1089 EV_WRITE|EV_PERSIST|EV_FINALIZE, 1090 be_openssl_handshakeeventcb, bev_ssl); 1091 if (fd >= 0) { 1092 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1093 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1094 bev_ssl->fd_is_set = 1; 1095 } 1096 return (r1<0 || r2<0) ? -1 : 0; 1097 } 1098} 1099 1100int 1101bufferevent_ssl_renegotiate(struct bufferevent *bev) 1102{ 1103 struct bufferevent_openssl *bev_ssl = upcast(bev); 1104 if (!bev_ssl) 1105 return -1; 1106 if (SSL_renegotiate(bev_ssl->ssl) < 0) 1107 return -1; 1108 bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; 1109 if (set_handshake_callbacks(bev_ssl, -1) < 0) 1110 return -1; 1111 if (!bev_ssl->underlying) 1112 return do_handshake(bev_ssl); 1113 return 0; 1114} 1115 1116static void 1117be_openssl_outbuf_cb(struct evbuffer *buf, 1118 const struct evbuffer_cb_info *cbinfo, void *arg) 1119{ 1120 struct bufferevent_openssl *bev_ssl = arg; 1121 int r = 0; 1122 /* XXX need to hold a reference here. */ 1123 1124 if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { 1125 if (cbinfo->orig_size == 0) 1126 r = bufferevent_add_event_(&bev_ssl->bev.bev.ev_write, 1127 &bev_ssl->bev.bev.timeout_write); 1128 consider_writing(bev_ssl); 1129 } 1130 /* XXX Handle r < 0 */ 1131 (void)r; 1132} 1133 1134 1135static int 1136be_openssl_enable(struct bufferevent *bev, short events) 1137{ 1138 struct bufferevent_openssl *bev_ssl = upcast(bev); 1139 int r1 = 0, r2 = 0; 1140 1141 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1142 return 0; 1143 1144 if (events & EV_READ) 1145 r1 = start_reading(bev_ssl); 1146 if (events & EV_WRITE) 1147 r2 = start_writing(bev_ssl); 1148 1149 if (bev_ssl->underlying) { 1150 if (events & EV_READ) 1151 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 1152 if (events & EV_WRITE) 1153 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 1154 1155 if (events & EV_READ) 1156 consider_reading(bev_ssl); 1157 if (events & EV_WRITE) 1158 consider_writing(bev_ssl); 1159 } 1160 return (r1 < 0 || r2 < 0) ? -1 : 0; 1161} 1162 1163static int 1164be_openssl_disable(struct bufferevent *bev, short events) 1165{ 1166 struct bufferevent_openssl *bev_ssl = upcast(bev); 1167 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1168 return 0; 1169 1170 if (events & EV_READ) 1171 stop_reading(bev_ssl); 1172 if (events & EV_WRITE) 1173 stop_writing(bev_ssl); 1174 1175 if (bev_ssl->underlying) { 1176 if (events & EV_READ) 1177 BEV_DEL_GENERIC_READ_TIMEOUT(bev); 1178 if (events & EV_WRITE) 1179 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); 1180 } 1181 return 0; 1182} 1183 1184static void 1185be_openssl_unlink(struct bufferevent *bev) 1186{ 1187 struct bufferevent_openssl *bev_ssl = upcast(bev); 1188 1189 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1190 if (bev_ssl->underlying) { 1191 if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { 1192 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " 1193 "bufferevent with too few references"); 1194 } else { 1195 bufferevent_free(bev_ssl->underlying); 1196 /* We still have a reference to it, via our 1197 * BIO. So we don't drop this. */ 1198 // bev_ssl->underlying = NULL; 1199 } 1200 } 1201 } else { 1202 if (bev_ssl->underlying) { 1203 if (bev_ssl->underlying->errorcb == be_openssl_eventcb) 1204 bufferevent_setcb(bev_ssl->underlying, 1205 NULL,NULL,NULL,NULL); 1206 bufferevent_unsuspend_read_(bev_ssl->underlying, 1207 BEV_SUSPEND_FILT_READ); 1208 } 1209 } 1210} 1211 1212static void 1213be_openssl_destruct(struct bufferevent *bev) 1214{ 1215 struct bufferevent_openssl *bev_ssl = upcast(bev); 1216 1217 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1218 if (! bev_ssl->underlying) { 1219 evutil_socket_t fd = -1; 1220 BIO *bio = SSL_get_wbio(bev_ssl->ssl); 1221 if (bio) 1222 fd = BIO_get_fd(bio, NULL); 1223 if (fd >= 0) 1224 evutil_closesocket(fd); 1225 } 1226 SSL_free(bev_ssl->ssl); 1227 } 1228} 1229 1230static int 1231be_openssl_adj_timeouts(struct bufferevent *bev) 1232{ 1233 struct bufferevent_openssl *bev_ssl = upcast(bev); 1234 1235 if (bev_ssl->underlying) { 1236 return bufferevent_generic_adj_timeouts_(bev); 1237 } else { 1238 int r1=0, r2=0; 1239 if (event_pending(&bev->ev_read, EV_READ, NULL)) { 1240 if (evutil_timerisset(&bev->timeout_read)) { 1241 r1 = bufferevent_add_event_(&bev->ev_read, &bev->timeout_read); 1242 } else { 1243 event_remove_timer(&bev->ev_read); 1244 } 1245 } 1246 if (event_pending(&bev->ev_write, EV_WRITE, NULL)) { 1247 if (evutil_timerisset(&bev->timeout_write)) { 1248 r2 = bufferevent_add_event_(&bev->ev_write, &bev->timeout_write); 1249 } else { 1250 event_remove_timer(&bev->ev_write); 1251 } 1252 } 1253 1254 return (r1<0 || r2<0) ? -1 : 0; 1255 } 1256} 1257 1258static int 1259be_openssl_flush(struct bufferevent *bufev, 1260 short iotype, enum bufferevent_flush_mode mode) 1261{ 1262 /* XXXX Implement this. */ 1263 return 0; 1264} 1265 1266static int 1267be_openssl_ctrl(struct bufferevent *bev, 1268 enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) 1269{ 1270 struct bufferevent_openssl *bev_ssl = upcast(bev); 1271 switch (op) { 1272 case BEV_CTRL_SET_FD: 1273 if (bev_ssl->underlying) 1274 return -1; 1275 { 1276 BIO *bio; 1277 bio = BIO_new_socket(data->fd, 0); 1278 SSL_set_bio(bev_ssl->ssl, bio, bio); 1279 bev_ssl->fd_is_set = 1; 1280 } 1281 if (bev_ssl->state == BUFFEREVENT_SSL_OPEN) 1282 return set_open_callbacks(bev_ssl, data->fd); 1283 else { 1284 return set_handshake_callbacks(bev_ssl, data->fd); 1285 } 1286 case BEV_CTRL_GET_FD: 1287 if (bev_ssl->underlying) 1288 return -1; 1289 if (!bev_ssl->fd_is_set) 1290 return -1; 1291 data->fd = event_get_fd(&bev->ev_read); 1292 return 0; 1293 case BEV_CTRL_GET_UNDERLYING: 1294 if (!bev_ssl->underlying) 1295 return -1; 1296 data->ptr = bev_ssl->underlying; 1297 return 0; 1298 case BEV_CTRL_CANCEL_ALL: 1299 default: 1300 return -1; 1301 } 1302} 1303 1304SSL * 1305bufferevent_openssl_get_ssl(struct bufferevent *bufev) 1306{ 1307 struct bufferevent_openssl *bev_ssl = upcast(bufev); 1308 if (!bev_ssl) 1309 return NULL; 1310 return bev_ssl->ssl; 1311} 1312 1313static struct bufferevent * 1314bufferevent_openssl_new_impl(struct event_base *base, 1315 struct bufferevent *underlying, 1316 evutil_socket_t fd, 1317 SSL *ssl, 1318 enum bufferevent_ssl_state state, 1319 int options) 1320{ 1321 struct bufferevent_openssl *bev_ssl = NULL; 1322 struct bufferevent_private *bev_p = NULL; 1323 int tmp_options = options & ~BEV_OPT_THREADSAFE; 1324 1325 if (underlying != NULL && fd >= 0) 1326 return NULL; /* Only one can be set. */ 1327 1328 if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) 1329 goto err; 1330 1331 bev_p = &bev_ssl->bev; 1332 1333 if (bufferevent_init_common_(bev_p, base, 1334 &bufferevent_ops_openssl, tmp_options) < 0) 1335 goto err; 1336 1337 /* Don't explode if we decide to realloc a chunk we're writing from in 1338 * the output buffer. */ 1339 SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 1340 1341 bev_ssl->underlying = underlying; 1342 bev_ssl->ssl = ssl; 1343 1344 bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, 1345 be_openssl_outbuf_cb, bev_ssl); 1346 1347 if (options & BEV_OPT_THREADSAFE) 1348 bufferevent_enable_locking_(&bev_ssl->bev.bev, NULL); 1349 1350 if (underlying) { 1351 bufferevent_init_generic_timeout_cbs_(&bev_ssl->bev.bev); 1352 bufferevent_incref_(underlying); 1353 } 1354 1355 bev_ssl->state = state; 1356 bev_ssl->last_write = -1; 1357 1358 init_bio_counts(bev_ssl); 1359 1360 switch (state) { 1361 case BUFFEREVENT_SSL_ACCEPTING: 1362 SSL_set_accept_state(bev_ssl->ssl); 1363 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1364 goto err; 1365 break; 1366 case BUFFEREVENT_SSL_CONNECTING: 1367 SSL_set_connect_state(bev_ssl->ssl); 1368 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1369 goto err; 1370 break; 1371 case BUFFEREVENT_SSL_OPEN: 1372 if (set_open_callbacks(bev_ssl, fd) < 0) 1373 goto err; 1374 break; 1375 default: 1376 goto err; 1377 } 1378 1379 if (underlying) { 1380 bufferevent_setwatermark(underlying, EV_READ, 0, 0); 1381 bufferevent_enable(underlying, EV_READ|EV_WRITE); 1382 if (state == BUFFEREVENT_SSL_OPEN) 1383 bufferevent_suspend_read_(underlying, 1384 BEV_SUSPEND_FILT_READ); 1385 } else { 1386 bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE; 1387 if (bev_ssl->fd_is_set) { 1388 if (state != BUFFEREVENT_SSL_OPEN) 1389 if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0) 1390 goto err; 1391 if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0) 1392 goto err; 1393 } 1394 } 1395 1396 return &bev_ssl->bev.bev; 1397err: 1398 if (bev_ssl) 1399 bufferevent_free(&bev_ssl->bev.bev); 1400 return NULL; 1401} 1402 1403struct bufferevent * 1404bufferevent_openssl_filter_new(struct event_base *base, 1405 struct bufferevent *underlying, 1406 SSL *ssl, 1407 enum bufferevent_ssl_state state, 1408 int options) 1409{ 1410 /* We don't tell the BIO to close the bufferevent; we do it ourselves 1411 * on be_openssl_destruct */ 1412 int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */ 1413 BIO *bio; 1414 if (!underlying) 1415 return NULL; 1416 if (!(bio = BIO_new_bufferevent(underlying, close_flag))) 1417 return NULL; 1418 1419 SSL_set_bio(ssl, bio, bio); 1420 1421 return bufferevent_openssl_new_impl( 1422 base, underlying, -1, ssl, state, options); 1423} 1424 1425struct bufferevent * 1426bufferevent_openssl_socket_new(struct event_base *base, 1427 evutil_socket_t fd, 1428 SSL *ssl, 1429 enum bufferevent_ssl_state state, 1430 int options) 1431{ 1432 /* Does the SSL already have an fd? */ 1433 BIO *bio = SSL_get_wbio(ssl); 1434 long have_fd = -1; 1435 1436 if (bio) 1437 have_fd = BIO_get_fd(bio, NULL); 1438 1439 if (have_fd >= 0) { 1440 /* The SSL is already configured with an fd. */ 1441 if (fd < 0) { 1442 /* We should learn the fd from the SSL. */ 1443 fd = (evutil_socket_t) have_fd; 1444 } else if (have_fd == (long)fd) { 1445 /* We already know the fd from the SSL; do nothing */ 1446 } else { 1447 /* We specified an fd different from that of the SSL. 1448 This is probably an error on our part. Fail. */ 1449 return NULL; 1450 } 1451 (void) BIO_set_close(bio, 0); 1452 } else { 1453 /* The SSL isn't configured with a BIO with an fd. */ 1454 if (fd >= 0) { 1455 /* ... and we have an fd we want to use. */ 1456 bio = BIO_new_socket(fd, 0); 1457 SSL_set_bio(ssl, bio, bio); 1458 } else { 1459 /* Leave the fd unset. */ 1460 } 1461 } 1462 1463 return bufferevent_openssl_new_impl( 1464 base, NULL, fd, ssl, state, options); 1465} 1466 1467int 1468bufferevent_openssl_get_allow_dirty_shutdown(struct bufferevent *bev) 1469{ 1470 int allow_dirty_shutdown = -1; 1471 struct bufferevent_openssl *bev_ssl; 1472 BEV_LOCK(bev); 1473 bev_ssl = upcast(bev); 1474 if (bev_ssl) 1475 allow_dirty_shutdown = bev_ssl->allow_dirty_shutdown; 1476 BEV_UNLOCK(bev); 1477 return allow_dirty_shutdown; 1478} 1479 1480void 1481bufferevent_openssl_set_allow_dirty_shutdown(struct bufferevent *bev, 1482 int allow_dirty_shutdown) 1483{ 1484 struct bufferevent_openssl *bev_ssl; 1485 BEV_LOCK(bev); 1486 bev_ssl = upcast(bev); 1487 if (bev_ssl) 1488 bev_ssl->allow_dirty_shutdown = !!allow_dirty_shutdown; 1489 BEV_UNLOCK(bev); 1490} 1491 1492unsigned long 1493bufferevent_get_openssl_error(struct bufferevent *bev) 1494{ 1495 unsigned long err = 0; 1496 struct bufferevent_openssl *bev_ssl; 1497 BEV_LOCK(bev); 1498 bev_ssl = upcast(bev); 1499 if (bev_ssl && bev_ssl->n_errors) { 1500 err = bev_ssl->errors[--bev_ssl->n_errors]; 1501 } 1502 BEV_UNLOCK(bev); 1503 return err; 1504} 1505