1 /* 2 * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. The name of the author may not be used to endorse or promote products 13 * derived from this software without specific prior written permission. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include <sys/types.h> 28 29 #include "event2/event-config.h" 30 31 #ifdef _EVENT_HAVE_SYS_TIME_H 32 #include <sys/time.h> 33 #endif 34 35 #include <errno.h> 36 #include <stdio.h> 37 #include <stdlib.h> 38 #include <string.h> 39 #ifdef _EVENT_HAVE_STDARG_H 40 #include <stdarg.h> 41 #endif 42 #ifdef _EVENT_HAVE_UNISTD_H 43 #include <unistd.h> 44 #endif 45 46 #ifdef WIN32 47 #include <winsock2.h> 48 #endif 49 50 #include "event2/bufferevent.h" 51 #include "event2/bufferevent_struct.h" 52 #include "event2/bufferevent_ssl.h" 53 #include "event2/buffer.h" 54 #include "event2/event.h" 55 56 #include "mm-internal.h" 57 #include "bufferevent-internal.h" 58 #include "log-internal.h" 59 60 #include <openssl/bio.h> 61 #include <openssl/ssl.h> 62 #include <openssl/err.h> 63 64 /* 65 * Define an OpenSSL bio that targets a bufferevent. 66 */ 67 68 /* -------------------- 69 A BIO is an OpenSSL abstraction that handles reading and writing data. The 70 library will happily speak SSL over anything that implements a BIO 71 interface. 72 73 Here we define a BIO implementation that directs its output to a 74 bufferevent. We'll want to use this only when none of OpenSSL's built-in 75 IO mechanisms work for us. 76 -------------------- */ 77 78 /* every BIO type needs its own integer type value. */ 79 #define BIO_TYPE_LIBEVENT 57 80 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on 81 * this. */ 82 83 #if 0 84 static void 85 print_err(int val) 86 { 87 int err; 88 printf("Error was %d\n", val); 89 90 while ((err = ERR_get_error())) { 91 const char *msg = (const char*)ERR_reason_error_string(err); 92 const char *lib = (const char*)ERR_lib_error_string(err); 93 const char *func = (const char*)ERR_func_error_string(err); 94 95 printf("%s in %s %s\n", msg, lib, func); 96 } 97 } 98 #else 99 #define print_err(v) ((void)0) 100 #endif 101 102 /* Called to initialize a new BIO */ 103 static int 104 bio_bufferevent_new(BIO *b) 105 { 106 b->init = 0; 107 b->num = -1; 108 b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ 109 b->flags = 0; 110 return 1; 111 } 112 113 /* Called to uninitialize the BIO. */ 114 static int 115 bio_bufferevent_free(BIO *b) 116 { 117 if (!b) 118 return 0; 119 if (b->shutdown) { 120 if (b->init && b->ptr) 121 bufferevent_free(b->ptr); 122 b->init = 0; 123 b->flags = 0; 124 b->ptr = NULL; 125 } 126 return 1; 127 } 128 129 /* Called to extract data from the BIO. */ 130 static int 131 bio_bufferevent_read(BIO *b, char *out, int outlen) 132 { 133 int r = 0; 134 struct evbuffer *input; 135 136 BIO_clear_retry_flags(b); 137 138 if (!out) 139 return 0; 140 if (!b->ptr) 141 return -1; 142 143 input = bufferevent_get_input(b->ptr); 144 if (evbuffer_get_length(input) == 0) { 145 /* If there's no data to read, say so. */ 146 BIO_set_retry_read(b); 147 return -1; 148 } else { 149 r = evbuffer_remove(input, out, outlen); 150 } 151 152 return r; 153 } 154 155 /* Called to write data info the BIO */ 156 static int 157 bio_bufferevent_write(BIO *b, const char *in, int inlen) 158 { 159 struct bufferevent *bufev = b->ptr; 160 struct evbuffer *output; 161 size_t outlen; 162 163 BIO_clear_retry_flags(b); 164 165 if (!b->ptr) 166 return -1; 167 168 output = bufferevent_get_output(bufev); 169 outlen = evbuffer_get_length(output); 170 171 /* Copy only as much data onto the output buffer as can fit under the 172 * high-water mark. */ 173 if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { 174 if (bufev->wm_write.high <= outlen) { 175 /* If no data can fit, we'll need to retry later. */ 176 BIO_set_retry_write(b); 177 return -1; 178 } 179 inlen = bufev->wm_write.high - outlen; 180 } 181 182 EVUTIL_ASSERT(inlen > 0); 183 evbuffer_add(output, in, inlen); 184 return inlen; 185 } 186 187 /* Called to handle various requests */ 188 static long 189 bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) 190 { 191 struct bufferevent *bufev = b->ptr; 192 long ret = 1; 193 194 switch (cmd) { 195 case BIO_CTRL_GET_CLOSE: 196 ret = b->shutdown; 197 break; 198 case BIO_CTRL_SET_CLOSE: 199 b->shutdown = (int)num; 200 break; 201 case BIO_CTRL_PENDING: 202 ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; 203 break; 204 case BIO_CTRL_WPENDING: 205 ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; 206 break; 207 /* XXXX These two are given a special-case treatment because 208 * of cargo-cultism. I should come up with a better reason. */ 209 case BIO_CTRL_DUP: 210 case BIO_CTRL_FLUSH: 211 ret = 1; 212 break; 213 default: 214 ret = 0; 215 break; 216 } 217 return ret; 218 } 219 220 /* Called to write a string to the BIO */ 221 static int 222 bio_bufferevent_puts(BIO *b, const char *s) 223 { 224 return bio_bufferevent_write(b, s, strlen(s)); 225 } 226 227 /* Method table for the bufferevent BIO */ 228 static BIO_METHOD methods_bufferevent = { 229 BIO_TYPE_LIBEVENT, "bufferevent", 230 bio_bufferevent_write, 231 bio_bufferevent_read, 232 bio_bufferevent_puts, 233 NULL /* bio_bufferevent_gets */, 234 bio_bufferevent_ctrl, 235 bio_bufferevent_new, 236 bio_bufferevent_free, 237 NULL /* callback_ctrl */, 238 }; 239 240 /* Return the method table for the bufferevents BIO */ 241 static BIO_METHOD * 242 BIO_s_bufferevent(void) 243 { 244 return &methods_bufferevent; 245 } 246 247 /* Create a new BIO to wrap communication around a bufferevent. If close_flag 248 * is true, the bufferevent will be freed when the BIO is closed. */ 249 static BIO * 250 BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) 251 { 252 BIO *result; 253 if (!bufferevent) 254 return NULL; 255 if (!(result = BIO_new(BIO_s_bufferevent()))) 256 return NULL; 257 result->init = 1; 258 result->ptr = bufferevent; 259 result->shutdown = close_flag ? 1 : 0; 260 return result; 261 } 262 263 /* -------------------- 264 Now, here's the OpenSSL-based implementation of bufferevent. 265 266 The implementation comes in two flavors: one that connects its SSL object 267 to an underlying bufferevent using a BIO_bufferevent, and one that has the 268 SSL object connect to a socket directly. The latter should generally be 269 faster, except on Windows, where your best bet is using a 270 bufferevent_async. 271 272 (OpenSSL supports many other BIO types, too. But we can't use any unless 273 we have a good way to get notified when they become readable/writable.) 274 -------------------- */ 275 276 struct bio_data_counts { 277 unsigned long n_written; 278 unsigned long n_read; 279 }; 280 281 struct bufferevent_openssl { 282 /* Shared fields with common bufferevent implementation code. 283 If we were set up with an underlying bufferevent, we use the 284 events here as timers only. If we have an SSL, then we use 285 the events as socket events. 286 */ 287 struct bufferevent_private bev; 288 /* An underlying bufferevent that we're directing our output to. 289 If it's NULL, then we're connected to an fd, not an evbuffer. */ 290 struct bufferevent *underlying; 291 /* The SSL object doing our encryption. */ 292 SSL *ssl; 293 294 /* A callback that's invoked when data arrives on our outbuf so we 295 know to write data to the SSL. */ 296 struct evbuffer_cb_entry *outbuf_cb; 297 298 /* A count of how much data the bios have read/written total. Used 299 for rate-limiting. */ 300 struct bio_data_counts counts; 301 302 /* If this value is greater than 0, then the last SSL_write blocked, 303 * and we need to try it again with this many bytes. */ 304 ev_ssize_t last_write; 305 306 #define NUM_ERRORS 3 307 ev_uint32_t errors[NUM_ERRORS]; 308 309 /* When we next get available space, we should say "read" instead of 310 "write". This can happen if there's a renegotiation during a read 311 operation. */ 312 unsigned read_blocked_on_write : 1; 313 /* When we next get data, we should say "write" instead of "read". */ 314 unsigned write_blocked_on_read : 1; 315 /* XXX */ 316 unsigned allow_dirty_shutdown : 1; 317 /* XXXX */ 318 unsigned fd_is_set : 1; 319 /* XXX */ 320 unsigned n_errors : 2; 321 322 /* Are we currently connecting, accepting, or doing IO? */ 323 unsigned state : 2; 324 }; 325 326 static int be_openssl_enable(struct bufferevent *, short); 327 static int be_openssl_disable(struct bufferevent *, short); 328 static void be_openssl_destruct(struct bufferevent *); 329 static int be_openssl_adj_timeouts(struct bufferevent *); 330 static int be_openssl_flush(struct bufferevent *bufev, 331 short iotype, enum bufferevent_flush_mode mode); 332 static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); 333 334 const struct bufferevent_ops bufferevent_ops_openssl = { 335 "ssl", 336 evutil_offsetof(struct bufferevent_openssl, bev.bev), 337 be_openssl_enable, 338 be_openssl_disable, 339 be_openssl_destruct, 340 be_openssl_adj_timeouts, 341 be_openssl_flush, 342 be_openssl_ctrl, 343 }; 344 345 /* Given a bufferevent, return a pointer to the bufferevent_openssl that 346 * contains it, if any. */ 347 static inline struct bufferevent_openssl * 348 upcast(struct bufferevent *bev) 349 { 350 struct bufferevent_openssl *bev_o; 351 if (bev->be_ops != &bufferevent_ops_openssl) 352 return NULL; 353 bev_o = (void*)( ((char*)bev) - 354 evutil_offsetof(struct bufferevent_openssl, bev.bev)); 355 EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl); 356 return bev_o; 357 } 358 359 static inline void 360 put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) 361 { 362 if (bev_ssl->n_errors == NUM_ERRORS) 363 return; 364 /* The error type according to openssl is "unsigned long", but 365 openssl never uses more than 32 bits of it. It _can't_ use more 366 than 32 bits of it, since it needs to report errors on systems 367 where long is only 32 bits. 368 */ 369 bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; 370 } 371 372 /* Have the base communications channel (either the underlying bufferevent or 373 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag 374 * into account. */ 375 static int 376 start_reading(struct bufferevent_openssl *bev_ssl) 377 { 378 if (bev_ssl->underlying) { 379 bufferevent_unsuspend_read(bev_ssl->underlying, 380 BEV_SUSPEND_FILT_READ); 381 return 0; 382 } else { 383 struct bufferevent *bev = &bev_ssl->bev.bev; 384 int r; 385 r = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); 386 if (r == 0 && bev_ssl->read_blocked_on_write) 387 r = _bufferevent_add_event(&bev->ev_write, 388 &bev->timeout_write); 389 return r; 390 } 391 } 392 393 /* Have the base communications channel (either the underlying bufferevent or 394 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag 395 * into account. */ 396 static int 397 start_writing(struct bufferevent_openssl *bev_ssl) 398 { 399 int r = 0; 400 if (bev_ssl->underlying) { 401 ; 402 } else { 403 struct bufferevent *bev = &bev_ssl->bev.bev; 404 r = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); 405 if (!r && bev_ssl->write_blocked_on_read) 406 r = _bufferevent_add_event(&bev->ev_read, 407 &bev->timeout_read); 408 } 409 return r; 410 } 411 412 static void 413 stop_reading(struct bufferevent_openssl *bev_ssl) 414 { 415 if (bev_ssl->write_blocked_on_read) 416 return; 417 if (bev_ssl->underlying) { 418 bufferevent_suspend_read(bev_ssl->underlying, 419 BEV_SUSPEND_FILT_READ); 420 } else { 421 struct bufferevent *bev = &bev_ssl->bev.bev; 422 event_del(&bev->ev_read); 423 } 424 } 425 426 static void 427 stop_writing(struct bufferevent_openssl *bev_ssl) 428 { 429 if (bev_ssl->read_blocked_on_write) 430 return; 431 if (bev_ssl->underlying) { 432 ; 433 } else { 434 struct bufferevent *bev = &bev_ssl->bev.bev; 435 event_del(&bev->ev_write); 436 } 437 } 438 439 static int 440 set_rbow(struct bufferevent_openssl *bev_ssl) 441 { 442 if (!bev_ssl->underlying) 443 stop_reading(bev_ssl); 444 bev_ssl->read_blocked_on_write = 1; 445 return start_writing(bev_ssl); 446 } 447 448 static int 449 set_wbor(struct bufferevent_openssl *bev_ssl) 450 { 451 if (!bev_ssl->underlying) 452 stop_writing(bev_ssl); 453 bev_ssl->write_blocked_on_read = 1; 454 return start_reading(bev_ssl); 455 } 456 457 static int 458 clear_rbow(struct bufferevent_openssl *bev_ssl) 459 { 460 struct bufferevent *bev = &bev_ssl->bev.bev; 461 int r = 0; 462 bev_ssl->read_blocked_on_write = 0; 463 if (!(bev->enabled & EV_WRITE)) 464 stop_writing(bev_ssl); 465 if (bev->enabled & EV_READ) 466 r = start_reading(bev_ssl); 467 return r; 468 } 469 470 471 static int 472 clear_wbor(struct bufferevent_openssl *bev_ssl) 473 { 474 struct bufferevent *bev = &bev_ssl->bev.bev; 475 int r = 0; 476 bev_ssl->write_blocked_on_read = 0; 477 if (!(bev->enabled & EV_READ)) 478 stop_reading(bev_ssl); 479 if (bev->enabled & EV_WRITE) 480 r = start_writing(bev_ssl); 481 return r; 482 } 483 484 static void 485 conn_closed(struct bufferevent_openssl *bev_ssl, int errcode, int ret) 486 { 487 int event = BEV_EVENT_ERROR; 488 int dirty_shutdown = 0; 489 unsigned long err; 490 491 switch (errcode) { 492 case SSL_ERROR_ZERO_RETURN: 493 /* Possibly a clean shutdown. */ 494 if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) 495 event = BEV_EVENT_EOF; 496 else 497 dirty_shutdown = 1; 498 break; 499 case SSL_ERROR_SYSCALL: 500 /* IO error; possibly a dirty shutdown. */ 501 if (ret == 0 && ERR_peek_error() == 0) 502 dirty_shutdown = 1; 503 break; 504 case SSL_ERROR_SSL: 505 /* Protocol error. */ 506 break; 507 case SSL_ERROR_WANT_X509_LOOKUP: 508 /* XXXX handle this. */ 509 break; 510 case SSL_ERROR_NONE: 511 case SSL_ERROR_WANT_READ: 512 case SSL_ERROR_WANT_WRITE: 513 case SSL_ERROR_WANT_CONNECT: 514 case SSL_ERROR_WANT_ACCEPT: 515 default: 516 /* should be impossible; treat as normal error. */ 517 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); 518 break; 519 } 520 521 while ((err = ERR_get_error())) { 522 put_error(bev_ssl, err); 523 } 524 525 if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) 526 event = BEV_EVENT_EOF; 527 528 stop_reading(bev_ssl); 529 stop_writing(bev_ssl); 530 531 _bufferevent_run_eventcb(&bev_ssl->bev.bev, event); 532 } 533 534 static void 535 init_bio_counts(struct bufferevent_openssl *bev_ssl) 536 { 537 bev_ssl->counts.n_written = 538 BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 539 bev_ssl->counts.n_read = 540 BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 541 } 542 543 static inline void 544 decrement_buckets(struct bufferevent_openssl *bev_ssl) 545 { 546 unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); 547 unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); 548 /* These next two subtractions can wrap around. That's okay. */ 549 unsigned long w = num_w - bev_ssl->counts.n_written; 550 unsigned long r = num_r - bev_ssl->counts.n_read; 551 if (w) 552 _bufferevent_decrement_write_buckets(&bev_ssl->bev, w); 553 if (r) 554 _bufferevent_decrement_read_buckets(&bev_ssl->bev, r); 555 bev_ssl->counts.n_written = num_w; 556 bev_ssl->counts.n_read = num_r; 557 } 558 559 #define OP_MADE_PROGRESS 1 560 #define OP_BLOCKED 2 561 #define OP_ERR 4 562 563 /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if 564 we're now blocked); and OP_ERR (if an error occurred). */ 565 static int 566 do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { 567 /* Requires lock */ 568 struct bufferevent *bev = &bev_ssl->bev.bev; 569 struct evbuffer *input = bev->input; 570 int r, n, i, n_used = 0, atmost; 571 struct evbuffer_iovec space[2]; 572 int result = 0; 573 574 if (bev_ssl->bev.read_suspended) 575 return 0; 576 577 atmost = _bufferevent_get_read_max(&bev_ssl->bev); 578 if (n_to_read > atmost) 579 n_to_read = atmost; 580 581 n = evbuffer_reserve_space(input, n_to_read, space, 2); 582 if (n < 0) 583 return OP_ERR; 584 585 for (i=0; i<n; ++i) { 586 if (bev_ssl->bev.read_suspended) 587 break; 588 r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); 589 if (r>0) { 590 result |= OP_MADE_PROGRESS; 591 if (bev_ssl->read_blocked_on_write) 592 if (clear_rbow(bev_ssl) < 0) 593 return OP_ERR | result; 594 ++n_used; 595 space[i].iov_len = r; 596 decrement_buckets(bev_ssl); 597 } else { 598 int err = SSL_get_error(bev_ssl->ssl, r); 599 print_err(err); 600 switch (err) { 601 case SSL_ERROR_WANT_READ: 602 /* Can't read until underlying has more data. */ 603 if (bev_ssl->read_blocked_on_write) 604 if (clear_rbow(bev_ssl) < 0) 605 return OP_ERR | result; 606 break; 607 case SSL_ERROR_WANT_WRITE: 608 /* This read operation requires a write, and the 609 * underlying is full */ 610 if (!bev_ssl->read_blocked_on_write) 611 if (set_rbow(bev_ssl) < 0) 612 return OP_ERR | result; 613 break; 614 default: 615 conn_closed(bev_ssl, err, r); 616 break; 617 } 618 result |= OP_BLOCKED; 619 break; /* out of the loop */ 620 } 621 } 622 623 if (n_used) { 624 evbuffer_commit_space(input, space, n_used); 625 if (bev_ssl->underlying) 626 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 627 } 628 629 return result; 630 } 631 632 /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if 633 we're now blocked); and OP_ERR (if an error occurred). */ 634 static int 635 do_write(struct bufferevent_openssl *bev_ssl, int atmost) 636 { 637 int i, r, n, n_written = 0; 638 struct bufferevent *bev = &bev_ssl->bev.bev; 639 struct evbuffer *output = bev->output; 640 struct evbuffer_iovec space[8]; 641 int result = 0; 642 643 if (bev_ssl->last_write > 0) 644 atmost = bev_ssl->last_write; 645 else 646 atmost = _bufferevent_get_write_max(&bev_ssl->bev); 647 648 n = evbuffer_peek(output, atmost, NULL, space, 8); 649 if (n < 0) 650 return OP_ERR | result; 651 652 if (n > 8) 653 n = 8; 654 for (i=0; i < n; ++i) { 655 if (bev_ssl->bev.write_suspended) 656 break; 657 658 /* SSL_write will (reasonably) return 0 if we tell it to 659 send 0 data. Skip this case so we don't interpret the 660 result as an error */ 661 if (space[i].iov_len == 0) 662 continue; 663 664 r = SSL_write(bev_ssl->ssl, space[i].iov_base, 665 space[i].iov_len); 666 if (r > 0) { 667 result |= OP_MADE_PROGRESS; 668 if (bev_ssl->write_blocked_on_read) 669 if (clear_wbor(bev_ssl) < 0) 670 return OP_ERR | result; 671 n_written += r; 672 bev_ssl->last_write = -1; 673 decrement_buckets(bev_ssl); 674 } else { 675 int err = SSL_get_error(bev_ssl->ssl, r); 676 print_err(err); 677 switch (err) { 678 case SSL_ERROR_WANT_WRITE: 679 /* Can't read until underlying has more data. */ 680 if (bev_ssl->write_blocked_on_read) 681 if (clear_wbor(bev_ssl) < 0) 682 return OP_ERR | result; 683 bev_ssl->last_write = space[i].iov_len; 684 break; 685 case SSL_ERROR_WANT_READ: 686 /* This read operation requires a write, and the 687 * underlying is full */ 688 if (!bev_ssl->write_blocked_on_read) 689 if (set_wbor(bev_ssl) < 0) 690 return OP_ERR | result; 691 bev_ssl->last_write = space[i].iov_len; 692 break; 693 default: 694 conn_closed(bev_ssl, err, r); 695 bev_ssl->last_write = -1; 696 break; 697 } 698 result |= OP_BLOCKED; 699 break; 700 } 701 } 702 if (n_written) { 703 evbuffer_drain(output, n_written); 704 if (bev_ssl->underlying) 705 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 706 707 if (evbuffer_get_length(output) <= bev->wm_write.low) 708 _bufferevent_run_writecb(bev); 709 } 710 return result; 711 } 712 713 #define WRITE_FRAME 15000 714 715 #define READ_DEFAULT 4096 716 717 /* Try to figure out how many bytes to read; return 0 if we shouldn't be 718 * reading. */ 719 static int 720 bytes_to_read(struct bufferevent_openssl *bev) 721 { 722 struct evbuffer *input = bev->bev.bev.input; 723 struct event_watermark *wm = &bev->bev.bev.wm_read; 724 int result = READ_DEFAULT; 725 ev_ssize_t limit; 726 /* XXX 99% of this is generic code that nearly all bufferevents will 727 * want. */ 728 729 if (bev->write_blocked_on_read) { 730 return 0; 731 } 732 733 if (! (bev->bev.bev.enabled & EV_READ)) { 734 return 0; 735 } 736 737 if (bev->bev.read_suspended) { 738 return 0; 739 } 740 741 if (wm->high) { 742 if (evbuffer_get_length(input) >= wm->high) { 743 return 0; 744 } 745 746 result = wm->high - evbuffer_get_length(input); 747 } else { 748 result = READ_DEFAULT; 749 } 750 751 /* Respect the rate limit */ 752 limit = _bufferevent_get_read_max(&bev->bev); 753 if (result > limit) { 754 result = limit; 755 } 756 757 return result; 758 } 759 760 761 /* Things look readable. If write is blocked on read, write till it isn't. 762 * Read from the underlying buffer until we block or we hit our high-water 763 * mark. 764 */ 765 static void 766 consider_reading(struct bufferevent_openssl *bev_ssl) 767 { 768 int r; 769 int n_to_read; 770 int all_result_flags = 0; 771 772 while (bev_ssl->write_blocked_on_read) { 773 r = do_write(bev_ssl, WRITE_FRAME); 774 if (r & (OP_BLOCKED|OP_ERR)) 775 break; 776 } 777 if (bev_ssl->write_blocked_on_read) 778 return; 779 780 n_to_read = bytes_to_read(bev_ssl); 781 782 while (n_to_read) { 783 r = do_read(bev_ssl, n_to_read); 784 all_result_flags |= r; 785 786 if (r & (OP_BLOCKED|OP_ERR)) 787 break; 788 789 if (bev_ssl->bev.read_suspended) 790 break; 791 792 /* Read all pending data. This won't hit the network 793 * again, and will (most importantly) put us in a state 794 * where we don't need to read anything else until the 795 * socket is readable again. It'll potentially make us 796 * overrun our read high-watermark (somewhat 797 * regrettable). The damage to the rate-limit has 798 * already been done, since OpenSSL went and read a 799 * whole SSL record anyway. */ 800 n_to_read = SSL_pending(bev_ssl->ssl); 801 802 /* XXX This if statement is actually a bad bug, added to avoid 803 * XXX a worse bug. 804 * 805 * The bad bug: It can potentially cause resource unfairness 806 * by reading too much data from the underlying bufferevent; 807 * it can potentially cause read looping if the underlying 808 * bufferevent is a bufferevent_pair and deferred callbacks 809 * aren't used. 810 * 811 * The worse bug: If we didn't do this, then we would 812 * potentially not read any more from bev_ssl->underlying 813 * until more data arrived there, which could lead to us 814 * waiting forever. 815 */ 816 if (!n_to_read && bev_ssl->underlying) 817 n_to_read = bytes_to_read(bev_ssl); 818 } 819 820 if (all_result_flags & OP_MADE_PROGRESS) { 821 struct bufferevent *bev = &bev_ssl->bev.bev; 822 struct evbuffer *input = bev->input; 823 824 if (evbuffer_get_length(input) >= bev->wm_read.low) { 825 _bufferevent_run_readcb(bev); 826 } 827 } 828 829 if (!bev_ssl->underlying) { 830 /* Should be redundant, but let's avoid busy-looping */ 831 if (bev_ssl->bev.read_suspended || 832 !(bev_ssl->bev.bev.enabled & EV_READ)) { 833 event_del(&bev_ssl->bev.bev.ev_read); 834 } 835 } 836 } 837 838 static void 839 consider_writing(struct bufferevent_openssl *bev_ssl) 840 { 841 int r; 842 struct evbuffer *output = bev_ssl->bev.bev.output; 843 struct evbuffer *target = NULL; 844 struct event_watermark *wm = NULL; 845 846 while (bev_ssl->read_blocked_on_write) { 847 r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ 848 if (r & OP_MADE_PROGRESS) { 849 struct bufferevent *bev = &bev_ssl->bev.bev; 850 struct evbuffer *input = bev->input; 851 852 if (evbuffer_get_length(input) >= bev->wm_read.low) { 853 _bufferevent_run_readcb(bev); 854 } 855 } 856 if (r & (OP_ERR|OP_BLOCKED)) 857 break; 858 } 859 if (bev_ssl->read_blocked_on_write) 860 return; 861 if (bev_ssl->underlying) { 862 target = bev_ssl->underlying->output; 863 wm = &bev_ssl->underlying->wm_write; 864 } 865 while ((bev_ssl->bev.bev.enabled & EV_WRITE) && 866 (! bev_ssl->bev.write_suspended) && 867 evbuffer_get_length(output) && 868 (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { 869 int n_to_write; 870 if (wm && wm->high) 871 n_to_write = wm->high - evbuffer_get_length(target); 872 else 873 n_to_write = WRITE_FRAME; 874 r = do_write(bev_ssl, n_to_write); 875 if (r & (OP_BLOCKED|OP_ERR)) 876 break; 877 } 878 879 if (!bev_ssl->underlying) { 880 if (evbuffer_get_length(output) == 0) { 881 event_del(&bev_ssl->bev.bev.ev_write); 882 } else if (bev_ssl->bev.write_suspended || 883 !(bev_ssl->bev.bev.enabled & EV_WRITE)) { 884 /* Should be redundant, but let's avoid busy-looping */ 885 event_del(&bev_ssl->bev.bev.ev_write); 886 } 887 } 888 } 889 890 static void 891 be_openssl_readcb(struct bufferevent *bev_base, void *ctx) 892 { 893 struct bufferevent_openssl *bev_ssl = ctx; 894 consider_reading(bev_ssl); 895 } 896 897 static void 898 be_openssl_writecb(struct bufferevent *bev_base, void *ctx) 899 { 900 struct bufferevent_openssl *bev_ssl = ctx; 901 consider_writing(bev_ssl); 902 } 903 904 static void 905 be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) 906 { 907 struct bufferevent_openssl *bev_ssl = ctx; 908 int event = 0; 909 910 if (what & BEV_EVENT_EOF) { 911 if (bev_ssl->allow_dirty_shutdown) 912 event = BEV_EVENT_EOF; 913 else 914 event = BEV_EVENT_ERROR; 915 } else if (what & BEV_EVENT_TIMEOUT) { 916 /* We sure didn't set this. Propagate it to the user. */ 917 event = what; 918 } else if (what & BEV_EVENT_ERROR) { 919 /* An error occurred on the connection. Propagate it to the user. */ 920 event = what; 921 } else if (what & BEV_EVENT_CONNECTED) { 922 /* Ignore it. We're saying SSL_connect() already, which will 923 eat it. */ 924 } 925 if (event) 926 _bufferevent_run_eventcb(&bev_ssl->bev.bev, event); 927 } 928 929 static void 930 be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) 931 { 932 struct bufferevent_openssl *bev_ssl = ptr; 933 _bufferevent_incref_and_lock(&bev_ssl->bev.bev); 934 if (what == EV_TIMEOUT) { 935 _bufferevent_run_eventcb(&bev_ssl->bev.bev, 936 BEV_EVENT_TIMEOUT|BEV_EVENT_READING); 937 } else { 938 consider_reading(bev_ssl); 939 } 940 _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); 941 } 942 943 static void 944 be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) 945 { 946 struct bufferevent_openssl *bev_ssl = ptr; 947 _bufferevent_incref_and_lock(&bev_ssl->bev.bev); 948 if (what == EV_TIMEOUT) { 949 _bufferevent_run_eventcb(&bev_ssl->bev.bev, 950 BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING); 951 } else { 952 consider_writing(bev_ssl); 953 } 954 _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); 955 } 956 957 static int 958 set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 959 { 960 if (bev_ssl->underlying) { 961 bufferevent_setcb(bev_ssl->underlying, 962 be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, 963 bev_ssl); 964 return 0; 965 } else { 966 struct bufferevent *bev = &bev_ssl->bev.bev; 967 int rpending=0, wpending=0, r1=0, r2=0; 968 if (fd < 0 && bev_ssl->fd_is_set) 969 fd = event_get_fd(&bev->ev_read); 970 if (bev_ssl->fd_is_set) { 971 rpending = event_pending(&bev->ev_read, EV_READ, NULL); 972 wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); 973 event_del(&bev->ev_read); 974 event_del(&bev->ev_write); 975 } 976 event_assign(&bev->ev_read, bev->ev_base, fd, 977 EV_READ|EV_PERSIST, be_openssl_readeventcb, bev_ssl); 978 event_assign(&bev->ev_write, bev->ev_base, fd, 979 EV_WRITE|EV_PERSIST, be_openssl_writeeventcb, bev_ssl); 980 if (rpending) 981 r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); 982 if (wpending) 983 r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); 984 if (fd >= 0) { 985 bev_ssl->fd_is_set = 1; 986 } 987 return (r1<0 || r2<0) ? -1 : 0; 988 } 989 } 990 991 static int 992 do_handshake(struct bufferevent_openssl *bev_ssl) 993 { 994 int r; 995 996 switch (bev_ssl->state) { 997 default: 998 case BUFFEREVENT_SSL_OPEN: 999 EVUTIL_ASSERT(0); 1000 return -1; 1001 case BUFFEREVENT_SSL_CONNECTING: 1002 case BUFFEREVENT_SSL_ACCEPTING: 1003 r = SSL_do_handshake(bev_ssl->ssl); 1004 break; 1005 } 1006 decrement_buckets(bev_ssl); 1007 1008 if (r==1) { 1009 /* We're done! */ 1010 bev_ssl->state = BUFFEREVENT_SSL_OPEN; 1011 set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */ 1012 /* Call do_read and do_write as needed */ 1013 bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); 1014 _bufferevent_run_eventcb(&bev_ssl->bev.bev, 1015 BEV_EVENT_CONNECTED); 1016 return 1; 1017 } else { 1018 int err = SSL_get_error(bev_ssl->ssl, r); 1019 print_err(err); 1020 switch (err) { 1021 case SSL_ERROR_WANT_WRITE: 1022 if (!bev_ssl->underlying) { 1023 stop_reading(bev_ssl); 1024 return start_writing(bev_ssl); 1025 } 1026 return 0; 1027 case SSL_ERROR_WANT_READ: 1028 if (!bev_ssl->underlying) { 1029 stop_writing(bev_ssl); 1030 return start_reading(bev_ssl); 1031 } 1032 return 0; 1033 default: 1034 conn_closed(bev_ssl, err, r); 1035 return -1; 1036 } 1037 } 1038 } 1039 1040 static void 1041 be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) 1042 { 1043 struct bufferevent_openssl *bev_ssl = ctx; 1044 do_handshake(bev_ssl);/* XXX handle failure */ 1045 } 1046 1047 static void 1048 be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) 1049 { 1050 struct bufferevent_openssl *bev_ssl = ptr; 1051 1052 _bufferevent_incref_and_lock(&bev_ssl->bev.bev); 1053 if (what & EV_TIMEOUT) { 1054 _bufferevent_run_eventcb(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT); 1055 } else 1056 do_handshake(bev_ssl);/* XXX handle failure */ 1057 _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); 1058 } 1059 1060 static int 1061 set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) 1062 { 1063 if (bev_ssl->underlying) { 1064 bufferevent_setcb(bev_ssl->underlying, 1065 be_openssl_handshakecb, be_openssl_handshakecb, 1066 be_openssl_eventcb, 1067 bev_ssl); 1068 return do_handshake(bev_ssl); 1069 } else { 1070 struct bufferevent *bev = &bev_ssl->bev.bev; 1071 int r1=0, r2=0; 1072 if (fd < 0 && bev_ssl->fd_is_set) 1073 fd = event_get_fd(&bev->ev_read); 1074 if (bev_ssl->fd_is_set) { 1075 event_del(&bev->ev_read); 1076 event_del(&bev->ev_write); 1077 } 1078 event_assign(&bev->ev_read, bev->ev_base, fd, 1079 EV_READ|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); 1080 event_assign(&bev->ev_write, bev->ev_base, fd, 1081 EV_WRITE|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); 1082 if (fd >= 0) { 1083 r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); 1084 r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); 1085 bev_ssl->fd_is_set = 1; 1086 } 1087 return (r1<0 || r2<0) ? -1 : 0; 1088 } 1089 } 1090 1091 int 1092 bufferevent_ssl_renegotiate(struct bufferevent *bev) 1093 { 1094 struct bufferevent_openssl *bev_ssl = upcast(bev); 1095 if (!bev_ssl) 1096 return -1; 1097 if (SSL_renegotiate(bev_ssl->ssl) < 0) 1098 return -1; 1099 bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; 1100 if (set_handshake_callbacks(bev_ssl, -1) < 0) 1101 return -1; 1102 if (!bev_ssl->underlying) 1103 return do_handshake(bev_ssl); 1104 return 0; 1105 } 1106 1107 static void 1108 be_openssl_outbuf_cb(struct evbuffer *buf, 1109 const struct evbuffer_cb_info *cbinfo, void *arg) 1110 { 1111 struct bufferevent_openssl *bev_ssl = arg; 1112 int r = 0; 1113 /* XXX need to hold a reference here. */ 1114 1115 if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { 1116 if (cbinfo->orig_size == 0) 1117 r = _bufferevent_add_event(&bev_ssl->bev.bev.ev_write, 1118 &bev_ssl->bev.bev.timeout_write); 1119 consider_writing(bev_ssl); 1120 } 1121 /* XXX Handle r < 0 */ 1122 (void)r; 1123 } 1124 1125 1126 static int 1127 be_openssl_enable(struct bufferevent *bev, short events) 1128 { 1129 struct bufferevent_openssl *bev_ssl = upcast(bev); 1130 int r1 = 0, r2 = 0; 1131 1132 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1133 return 0; 1134 1135 if (events & EV_READ) 1136 r1 = start_reading(bev_ssl); 1137 if (events & EV_WRITE) 1138 r2 = start_writing(bev_ssl); 1139 1140 if (bev_ssl->underlying) { 1141 if (events & EV_READ) 1142 BEV_RESET_GENERIC_READ_TIMEOUT(bev); 1143 if (events & EV_WRITE) 1144 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); 1145 1146 if (events & EV_READ) 1147 consider_reading(bev_ssl); 1148 if (events & EV_WRITE) 1149 consider_writing(bev_ssl); 1150 } 1151 return (r1 < 0 || r2 < 0) ? -1 : 0; 1152 } 1153 1154 static int 1155 be_openssl_disable(struct bufferevent *bev, short events) 1156 { 1157 struct bufferevent_openssl *bev_ssl = upcast(bev); 1158 if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) 1159 return 0; 1160 1161 if (events & EV_READ) 1162 stop_reading(bev_ssl); 1163 if (events & EV_WRITE) 1164 stop_writing(bev_ssl); 1165 1166 if (bev_ssl->underlying) { 1167 if (events & EV_READ) 1168 BEV_DEL_GENERIC_READ_TIMEOUT(bev); 1169 if (events & EV_WRITE) 1170 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); 1171 } 1172 return 0; 1173 } 1174 1175 static void 1176 be_openssl_destruct(struct bufferevent *bev) 1177 { 1178 struct bufferevent_openssl *bev_ssl = upcast(bev); 1179 1180 if (bev_ssl->underlying) { 1181 _bufferevent_del_generic_timeout_cbs(bev); 1182 } else { 1183 event_del(&bev->ev_read); 1184 event_del(&bev->ev_write); 1185 } 1186 1187 if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { 1188 if (bev_ssl->underlying) { 1189 if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { 1190 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " 1191 "bufferevent with too few references"); 1192 } else { 1193 bufferevent_free(bev_ssl->underlying); 1194 bev_ssl->underlying = NULL; 1195 } 1196 } else { 1197 evutil_socket_t fd = -1; 1198 BIO *bio = SSL_get_wbio(bev_ssl->ssl); 1199 if (bio) 1200 fd = BIO_get_fd(bio, NULL); 1201 if (fd >= 0) 1202 evutil_closesocket(fd); 1203 } 1204 SSL_free(bev_ssl->ssl); 1205 } else { 1206 if (bev_ssl->underlying) { 1207 if (bev_ssl->underlying->errorcb == be_openssl_eventcb) 1208 bufferevent_setcb(bev_ssl->underlying, 1209 NULL,NULL,NULL,NULL); 1210 bufferevent_unsuspend_read(bev_ssl->underlying, 1211 BEV_SUSPEND_FILT_READ); 1212 } 1213 } 1214 } 1215 1216 static int 1217 be_openssl_adj_timeouts(struct bufferevent *bev) 1218 { 1219 struct bufferevent_openssl *bev_ssl = upcast(bev); 1220 1221 if (bev_ssl->underlying) 1222 return _bufferevent_generic_adj_timeouts(bev); 1223 else { 1224 int r1=0, r2=0; 1225 if (event_pending(&bev->ev_read, EV_READ, NULL)) 1226 r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); 1227 if (event_pending(&bev->ev_write, EV_WRITE, NULL)) 1228 r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); 1229 return (r1<0 || r2<0) ? -1 : 0; 1230 } 1231 } 1232 1233 static int 1234 be_openssl_flush(struct bufferevent *bufev, 1235 short iotype, enum bufferevent_flush_mode mode) 1236 { 1237 /* XXXX Implement this. */ 1238 return 0; 1239 } 1240 1241 static int 1242 be_openssl_ctrl(struct bufferevent *bev, 1243 enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) 1244 { 1245 struct bufferevent_openssl *bev_ssl = upcast(bev); 1246 switch (op) { 1247 case BEV_CTRL_SET_FD: 1248 if (bev_ssl->underlying) 1249 return -1; 1250 { 1251 BIO *bio; 1252 bio = BIO_new_socket(data->fd, 0); 1253 SSL_set_bio(bev_ssl->ssl, bio, bio); 1254 bev_ssl->fd_is_set = 1; 1255 } 1256 if (bev_ssl->state == BUFFEREVENT_SSL_OPEN) 1257 return set_open_callbacks(bev_ssl, data->fd); 1258 else { 1259 return set_handshake_callbacks(bev_ssl, data->fd); 1260 } 1261 case BEV_CTRL_GET_FD: 1262 if (bev_ssl->underlying) 1263 return -1; 1264 if (!bev_ssl->fd_is_set) 1265 return -1; 1266 data->fd = event_get_fd(&bev->ev_read); 1267 return 0; 1268 case BEV_CTRL_GET_UNDERLYING: 1269 if (!bev_ssl->underlying) 1270 return -1; 1271 data->ptr = bev_ssl->underlying; 1272 return 0; 1273 case BEV_CTRL_CANCEL_ALL: 1274 default: 1275 return -1; 1276 } 1277 } 1278 1279 SSL * 1280 bufferevent_openssl_get_ssl(struct bufferevent *bufev) 1281 { 1282 struct bufferevent_openssl *bev_ssl = upcast(bufev); 1283 if (!bev_ssl) 1284 return NULL; 1285 return bev_ssl->ssl; 1286 } 1287 1288 static struct bufferevent * 1289 bufferevent_openssl_new_impl(struct event_base *base, 1290 struct bufferevent *underlying, 1291 evutil_socket_t fd, 1292 SSL *ssl, 1293 enum bufferevent_ssl_state state, 1294 int options) 1295 { 1296 struct bufferevent_openssl *bev_ssl = NULL; 1297 struct bufferevent_private *bev_p = NULL; 1298 int tmp_options = options & ~BEV_OPT_THREADSAFE; 1299 1300 if (underlying != NULL && fd >= 0) 1301 return NULL; /* Only one can be set. */ 1302 1303 if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) 1304 goto err; 1305 1306 bev_p = &bev_ssl->bev; 1307 1308 if (bufferevent_init_common(bev_p, base, 1309 &bufferevent_ops_openssl, tmp_options) < 0) 1310 goto err; 1311 1312 /* Don't explode if we decide to realloc a chunk we're writing from in 1313 * the output buffer. */ 1314 SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 1315 1316 bev_ssl->underlying = underlying; 1317 bev_ssl->ssl = ssl; 1318 1319 bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, 1320 be_openssl_outbuf_cb, bev_ssl); 1321 1322 if (options & BEV_OPT_THREADSAFE) 1323 bufferevent_enable_locking(&bev_ssl->bev.bev, NULL); 1324 1325 if (underlying) { 1326 _bufferevent_init_generic_timeout_cbs(&bev_ssl->bev.bev); 1327 bufferevent_incref(underlying); 1328 } 1329 1330 bev_ssl->state = state; 1331 bev_ssl->last_write = -1; 1332 1333 init_bio_counts(bev_ssl); 1334 1335 switch (state) { 1336 case BUFFEREVENT_SSL_ACCEPTING: 1337 SSL_set_accept_state(bev_ssl->ssl); 1338 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1339 goto err; 1340 break; 1341 case BUFFEREVENT_SSL_CONNECTING: 1342 SSL_set_connect_state(bev_ssl->ssl); 1343 if (set_handshake_callbacks(bev_ssl, fd) < 0) 1344 goto err; 1345 break; 1346 case BUFFEREVENT_SSL_OPEN: 1347 if (set_open_callbacks(bev_ssl, fd) < 0) 1348 goto err; 1349 break; 1350 default: 1351 goto err; 1352 } 1353 1354 if (underlying) { 1355 bufferevent_setwatermark(underlying, EV_READ, 0, 0); 1356 bufferevent_enable(underlying, EV_READ|EV_WRITE); 1357 if (state == BUFFEREVENT_SSL_OPEN) 1358 bufferevent_suspend_read(underlying, 1359 BEV_SUSPEND_FILT_READ); 1360 } else { 1361 bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE; 1362 if (bev_ssl->fd_is_set) { 1363 if (state != BUFFEREVENT_SSL_OPEN) 1364 if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0) 1365 goto err; 1366 if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0) 1367 goto err; 1368 } 1369 } 1370 1371 return &bev_ssl->bev.bev; 1372 err: 1373 if (bev_ssl) 1374 bufferevent_free(&bev_ssl->bev.bev); 1375 return NULL; 1376 } 1377 1378 struct bufferevent * 1379 bufferevent_openssl_filter_new(struct event_base *base, 1380 struct bufferevent *underlying, 1381 SSL *ssl, 1382 enum bufferevent_ssl_state state, 1383 int options) 1384 { 1385 /* We don't tell the BIO to close the bufferevent; we do it ourselves 1386 * on be_openssl_destruct */ 1387 int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */ 1388 BIO *bio; 1389 if (!underlying) 1390 return NULL; 1391 if (!(bio = BIO_new_bufferevent(underlying, close_flag))) 1392 return NULL; 1393 1394 SSL_set_bio(ssl, bio, bio); 1395 1396 return bufferevent_openssl_new_impl( 1397 base, underlying, -1, ssl, state, options); 1398 } 1399 1400 struct bufferevent * 1401 bufferevent_openssl_socket_new(struct event_base *base, 1402 evutil_socket_t fd, 1403 SSL *ssl, 1404 enum bufferevent_ssl_state state, 1405 int options) 1406 { 1407 /* Does the SSL already have an fd? */ 1408 BIO *bio = SSL_get_wbio(ssl); 1409 long have_fd = -1; 1410 1411 if (bio) 1412 have_fd = BIO_get_fd(bio, NULL); 1413 1414 if (have_fd >= 0) { 1415 /* The SSL is already configured with an fd. */ 1416 if (fd < 0) { 1417 /* We should learn the fd from the SSL. */ 1418 fd = (evutil_socket_t) have_fd; 1419 } else if (have_fd == (long)fd) { 1420 /* We already know the fd from the SSL; do nothing */ 1421 } else { 1422 /* We specified an fd different from that of the SSL. 1423 This is probably an error on our part. Fail. */ 1424 return NULL; 1425 } 1426 (void) BIO_set_close(bio, 0); 1427 } else { 1428 /* The SSL isn't configured with a BIO with an fd. */ 1429 if (fd >= 0) { 1430 /* ... and we have an fd we want to use. */ 1431 bio = BIO_new_socket(fd, 0); 1432 SSL_set_bio(ssl, bio, bio); 1433 } else { 1434 /* Leave the fd unset. */ 1435 } 1436 } 1437 1438 return bufferevent_openssl_new_impl( 1439 base, NULL, fd, ssl, state, options); 1440 } 1441 1442 unsigned long 1443 bufferevent_get_openssl_error(struct bufferevent *bev) 1444 { 1445 unsigned long err = 0; 1446 struct bufferevent_openssl *bev_ssl; 1447 BEV_LOCK(bev); 1448 bev_ssl = upcast(bev); 1449 if (bev_ssl && bev_ssl->n_errors) { 1450 err = bev_ssl->errors[--bev_ssl->n_errors]; 1451 } 1452 BEV_UNLOCK(bev); 1453 return err; 1454 } 1455
