michael@0: /* michael@0: * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson michael@0: * michael@0: * Redistribution and use in source and binary forms, with or without michael@0: * modification, are permitted provided that the following conditions michael@0: * are met: michael@0: * 1. Redistributions of source code must retain the above copyright michael@0: * notice, this list of conditions and the following disclaimer. michael@0: * 2. Redistributions in binary form must reproduce the above copyright michael@0: * notice, this list of conditions and the following disclaimer in the michael@0: * documentation and/or other materials provided with the distribution. michael@0: * 3. The name of the author may not be used to endorse or promote products michael@0: * derived from this software without specific prior written permission. michael@0: * michael@0: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR michael@0: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES michael@0: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. michael@0: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, michael@0: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT michael@0: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, michael@0: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY michael@0: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT michael@0: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF michael@0: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. michael@0: */ michael@0: michael@0: #include michael@0: michael@0: #include "event2/event-config.h" michael@0: michael@0: #ifdef _EVENT_HAVE_SYS_TIME_H michael@0: #include michael@0: #endif michael@0: michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #ifdef _EVENT_HAVE_STDARG_H michael@0: #include michael@0: #endif michael@0: #ifdef _EVENT_HAVE_UNISTD_H michael@0: #include michael@0: #endif michael@0: michael@0: #ifdef WIN32 michael@0: #include michael@0: #endif michael@0: michael@0: #include "event2/bufferevent.h" michael@0: #include "event2/bufferevent_struct.h" michael@0: #include "event2/bufferevent_ssl.h" michael@0: #include "event2/buffer.h" michael@0: #include "event2/event.h" michael@0: michael@0: #include "mm-internal.h" michael@0: #include "bufferevent-internal.h" michael@0: #include "log-internal.h" michael@0: michael@0: #include michael@0: #include michael@0: #include michael@0: michael@0: /* michael@0: * Define an OpenSSL bio that targets a bufferevent. michael@0: */ michael@0: michael@0: /* -------------------- michael@0: A BIO is an OpenSSL abstraction that handles reading and writing data. The michael@0: library will happily speak SSL over anything that implements a BIO michael@0: interface. michael@0: michael@0: Here we define a BIO implementation that directs its output to a michael@0: bufferevent. We'll want to use this only when none of OpenSSL's built-in michael@0: IO mechanisms work for us. michael@0: -------------------- */ michael@0: michael@0: /* every BIO type needs its own integer type value. */ michael@0: #define BIO_TYPE_LIBEVENT 57 michael@0: /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on michael@0: * this. */ michael@0: michael@0: #if 0 michael@0: static void michael@0: print_err(int val) michael@0: { michael@0: int err; michael@0: printf("Error was %d\n", val); michael@0: michael@0: while ((err = ERR_get_error())) { michael@0: const char *msg = (const char*)ERR_reason_error_string(err); michael@0: const char *lib = (const char*)ERR_lib_error_string(err); michael@0: const char *func = (const char*)ERR_func_error_string(err); michael@0: michael@0: printf("%s in %s %s\n", msg, lib, func); michael@0: } michael@0: } michael@0: #else michael@0: #define print_err(v) ((void)0) michael@0: #endif michael@0: michael@0: /* Called to initialize a new BIO */ michael@0: static int michael@0: bio_bufferevent_new(BIO *b) michael@0: { michael@0: b->init = 0; michael@0: b->num = -1; michael@0: b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/ michael@0: b->flags = 0; michael@0: return 1; michael@0: } michael@0: michael@0: /* Called to uninitialize the BIO. */ michael@0: static int michael@0: bio_bufferevent_free(BIO *b) michael@0: { michael@0: if (!b) michael@0: return 0; michael@0: if (b->shutdown) { michael@0: if (b->init && b->ptr) michael@0: bufferevent_free(b->ptr); michael@0: b->init = 0; michael@0: b->flags = 0; michael@0: b->ptr = NULL; michael@0: } michael@0: return 1; michael@0: } michael@0: michael@0: /* Called to extract data from the BIO. */ michael@0: static int michael@0: bio_bufferevent_read(BIO *b, char *out, int outlen) michael@0: { michael@0: int r = 0; michael@0: struct evbuffer *input; michael@0: michael@0: BIO_clear_retry_flags(b); michael@0: michael@0: if (!out) michael@0: return 0; michael@0: if (!b->ptr) michael@0: return -1; michael@0: michael@0: input = bufferevent_get_input(b->ptr); michael@0: if (evbuffer_get_length(input) == 0) { michael@0: /* If there's no data to read, say so. */ michael@0: BIO_set_retry_read(b); michael@0: return -1; michael@0: } else { michael@0: r = evbuffer_remove(input, out, outlen); michael@0: } michael@0: michael@0: return r; michael@0: } michael@0: michael@0: /* Called to write data info the BIO */ michael@0: static int michael@0: bio_bufferevent_write(BIO *b, const char *in, int inlen) michael@0: { michael@0: struct bufferevent *bufev = b->ptr; michael@0: struct evbuffer *output; michael@0: size_t outlen; michael@0: michael@0: BIO_clear_retry_flags(b); michael@0: michael@0: if (!b->ptr) michael@0: return -1; michael@0: michael@0: output = bufferevent_get_output(bufev); michael@0: outlen = evbuffer_get_length(output); michael@0: michael@0: /* Copy only as much data onto the output buffer as can fit under the michael@0: * high-water mark. */ michael@0: if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) { michael@0: if (bufev->wm_write.high <= outlen) { michael@0: /* If no data can fit, we'll need to retry later. */ michael@0: BIO_set_retry_write(b); michael@0: return -1; michael@0: } michael@0: inlen = bufev->wm_write.high - outlen; michael@0: } michael@0: michael@0: EVUTIL_ASSERT(inlen > 0); michael@0: evbuffer_add(output, in, inlen); michael@0: return inlen; michael@0: } michael@0: michael@0: /* Called to handle various requests */ michael@0: static long michael@0: bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr) michael@0: { michael@0: struct bufferevent *bufev = b->ptr; michael@0: long ret = 1; michael@0: michael@0: switch (cmd) { michael@0: case BIO_CTRL_GET_CLOSE: michael@0: ret = b->shutdown; michael@0: break; michael@0: case BIO_CTRL_SET_CLOSE: michael@0: b->shutdown = (int)num; michael@0: break; michael@0: case BIO_CTRL_PENDING: michael@0: ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0; michael@0: break; michael@0: case BIO_CTRL_WPENDING: michael@0: ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0; michael@0: break; michael@0: /* XXXX These two are given a special-case treatment because michael@0: * of cargo-cultism. I should come up with a better reason. */ michael@0: case BIO_CTRL_DUP: michael@0: case BIO_CTRL_FLUSH: michael@0: ret = 1; michael@0: break; michael@0: default: michael@0: ret = 0; michael@0: break; michael@0: } michael@0: return ret; michael@0: } michael@0: michael@0: /* Called to write a string to the BIO */ michael@0: static int michael@0: bio_bufferevent_puts(BIO *b, const char *s) michael@0: { michael@0: return bio_bufferevent_write(b, s, strlen(s)); michael@0: } michael@0: michael@0: /* Method table for the bufferevent BIO */ michael@0: static BIO_METHOD methods_bufferevent = { michael@0: BIO_TYPE_LIBEVENT, "bufferevent", michael@0: bio_bufferevent_write, michael@0: bio_bufferevent_read, michael@0: bio_bufferevent_puts, michael@0: NULL /* bio_bufferevent_gets */, michael@0: bio_bufferevent_ctrl, michael@0: bio_bufferevent_new, michael@0: bio_bufferevent_free, michael@0: NULL /* callback_ctrl */, michael@0: }; michael@0: michael@0: /* Return the method table for the bufferevents BIO */ michael@0: static BIO_METHOD * michael@0: BIO_s_bufferevent(void) michael@0: { michael@0: return &methods_bufferevent; michael@0: } michael@0: michael@0: /* Create a new BIO to wrap communication around a bufferevent. If close_flag michael@0: * is true, the bufferevent will be freed when the BIO is closed. */ michael@0: static BIO * michael@0: BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag) michael@0: { michael@0: BIO *result; michael@0: if (!bufferevent) michael@0: return NULL; michael@0: if (!(result = BIO_new(BIO_s_bufferevent()))) michael@0: return NULL; michael@0: result->init = 1; michael@0: result->ptr = bufferevent; michael@0: result->shutdown = close_flag ? 1 : 0; michael@0: return result; michael@0: } michael@0: michael@0: /* -------------------- michael@0: Now, here's the OpenSSL-based implementation of bufferevent. michael@0: michael@0: The implementation comes in two flavors: one that connects its SSL object michael@0: to an underlying bufferevent using a BIO_bufferevent, and one that has the michael@0: SSL object connect to a socket directly. The latter should generally be michael@0: faster, except on Windows, where your best bet is using a michael@0: bufferevent_async. michael@0: michael@0: (OpenSSL supports many other BIO types, too. But we can't use any unless michael@0: we have a good way to get notified when they become readable/writable.) michael@0: -------------------- */ michael@0: michael@0: struct bio_data_counts { michael@0: unsigned long n_written; michael@0: unsigned long n_read; michael@0: }; michael@0: michael@0: struct bufferevent_openssl { michael@0: /* Shared fields with common bufferevent implementation code. michael@0: If we were set up with an underlying bufferevent, we use the michael@0: events here as timers only. If we have an SSL, then we use michael@0: the events as socket events. michael@0: */ michael@0: struct bufferevent_private bev; michael@0: /* An underlying bufferevent that we're directing our output to. michael@0: If it's NULL, then we're connected to an fd, not an evbuffer. */ michael@0: struct bufferevent *underlying; michael@0: /* The SSL object doing our encryption. */ michael@0: SSL *ssl; michael@0: michael@0: /* A callback that's invoked when data arrives on our outbuf so we michael@0: know to write data to the SSL. */ michael@0: struct evbuffer_cb_entry *outbuf_cb; michael@0: michael@0: /* A count of how much data the bios have read/written total. Used michael@0: for rate-limiting. */ michael@0: struct bio_data_counts counts; michael@0: michael@0: /* If this value is greater than 0, then the last SSL_write blocked, michael@0: * and we need to try it again with this many bytes. */ michael@0: ev_ssize_t last_write; michael@0: michael@0: #define NUM_ERRORS 3 michael@0: ev_uint32_t errors[NUM_ERRORS]; michael@0: michael@0: /* When we next get available space, we should say "read" instead of michael@0: "write". This can happen if there's a renegotiation during a read michael@0: operation. */ michael@0: unsigned read_blocked_on_write : 1; michael@0: /* When we next get data, we should say "write" instead of "read". */ michael@0: unsigned write_blocked_on_read : 1; michael@0: /* XXX */ michael@0: unsigned allow_dirty_shutdown : 1; michael@0: /* XXXX */ michael@0: unsigned fd_is_set : 1; michael@0: /* XXX */ michael@0: unsigned n_errors : 2; michael@0: michael@0: /* Are we currently connecting, accepting, or doing IO? */ michael@0: unsigned state : 2; michael@0: }; michael@0: michael@0: static int be_openssl_enable(struct bufferevent *, short); michael@0: static int be_openssl_disable(struct bufferevent *, short); michael@0: static void be_openssl_destruct(struct bufferevent *); michael@0: static int be_openssl_adj_timeouts(struct bufferevent *); michael@0: static int be_openssl_flush(struct bufferevent *bufev, michael@0: short iotype, enum bufferevent_flush_mode mode); michael@0: static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *); michael@0: michael@0: const struct bufferevent_ops bufferevent_ops_openssl = { michael@0: "ssl", michael@0: evutil_offsetof(struct bufferevent_openssl, bev.bev), michael@0: be_openssl_enable, michael@0: be_openssl_disable, michael@0: be_openssl_destruct, michael@0: be_openssl_adj_timeouts, michael@0: be_openssl_flush, michael@0: be_openssl_ctrl, michael@0: }; michael@0: michael@0: /* Given a bufferevent, return a pointer to the bufferevent_openssl that michael@0: * contains it, if any. */ michael@0: static inline struct bufferevent_openssl * michael@0: upcast(struct bufferevent *bev) michael@0: { michael@0: struct bufferevent_openssl *bev_o; michael@0: if (bev->be_ops != &bufferevent_ops_openssl) michael@0: return NULL; michael@0: bev_o = (void*)( ((char*)bev) - michael@0: evutil_offsetof(struct bufferevent_openssl, bev.bev)); michael@0: EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl); michael@0: return bev_o; michael@0: } michael@0: michael@0: static inline void michael@0: put_error(struct bufferevent_openssl *bev_ssl, unsigned long err) michael@0: { michael@0: if (bev_ssl->n_errors == NUM_ERRORS) michael@0: return; michael@0: /* The error type according to openssl is "unsigned long", but michael@0: openssl never uses more than 32 bits of it. It _can't_ use more michael@0: than 32 bits of it, since it needs to report errors on systems michael@0: where long is only 32 bits. michael@0: */ michael@0: bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err; michael@0: } michael@0: michael@0: /* Have the base communications channel (either the underlying bufferevent or michael@0: * ev_read and ev_write) start reading. Take the read-blocked-on-write flag michael@0: * into account. */ michael@0: static int michael@0: start_reading(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: if (bev_ssl->underlying) { michael@0: bufferevent_unsuspend_read(bev_ssl->underlying, michael@0: BEV_SUSPEND_FILT_READ); michael@0: return 0; michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: int r; michael@0: r = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); michael@0: if (r == 0 && bev_ssl->read_blocked_on_write) michael@0: r = _bufferevent_add_event(&bev->ev_write, michael@0: &bev->timeout_write); michael@0: return r; michael@0: } michael@0: } michael@0: michael@0: /* Have the base communications channel (either the underlying bufferevent or michael@0: * ev_read and ev_write) start writing. Take the write-blocked-on-read flag michael@0: * into account. */ michael@0: static int michael@0: start_writing(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: int r = 0; michael@0: if (bev_ssl->underlying) { michael@0: ; michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: r = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); michael@0: if (!r && bev_ssl->write_blocked_on_read) michael@0: r = _bufferevent_add_event(&bev->ev_read, michael@0: &bev->timeout_read); michael@0: } michael@0: return r; michael@0: } michael@0: michael@0: static void michael@0: stop_reading(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: if (bev_ssl->write_blocked_on_read) michael@0: return; michael@0: if (bev_ssl->underlying) { michael@0: bufferevent_suspend_read(bev_ssl->underlying, michael@0: BEV_SUSPEND_FILT_READ); michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: event_del(&bev->ev_read); michael@0: } michael@0: } michael@0: michael@0: static void michael@0: stop_writing(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: if (bev_ssl->read_blocked_on_write) michael@0: return; michael@0: if (bev_ssl->underlying) { michael@0: ; michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: event_del(&bev->ev_write); michael@0: } michael@0: } michael@0: michael@0: static int michael@0: set_rbow(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: if (!bev_ssl->underlying) michael@0: stop_reading(bev_ssl); michael@0: bev_ssl->read_blocked_on_write = 1; michael@0: return start_writing(bev_ssl); michael@0: } michael@0: michael@0: static int michael@0: set_wbor(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: if (!bev_ssl->underlying) michael@0: stop_writing(bev_ssl); michael@0: bev_ssl->write_blocked_on_read = 1; michael@0: return start_reading(bev_ssl); michael@0: } michael@0: michael@0: static int michael@0: clear_rbow(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: int r = 0; michael@0: bev_ssl->read_blocked_on_write = 0; michael@0: if (!(bev->enabled & EV_WRITE)) michael@0: stop_writing(bev_ssl); michael@0: if (bev->enabled & EV_READ) michael@0: r = start_reading(bev_ssl); michael@0: return r; michael@0: } michael@0: michael@0: michael@0: static int michael@0: clear_wbor(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: int r = 0; michael@0: bev_ssl->write_blocked_on_read = 0; michael@0: if (!(bev->enabled & EV_READ)) michael@0: stop_reading(bev_ssl); michael@0: if (bev->enabled & EV_WRITE) michael@0: r = start_writing(bev_ssl); michael@0: return r; michael@0: } michael@0: michael@0: static void michael@0: conn_closed(struct bufferevent_openssl *bev_ssl, int errcode, int ret) michael@0: { michael@0: int event = BEV_EVENT_ERROR; michael@0: int dirty_shutdown = 0; michael@0: unsigned long err; michael@0: michael@0: switch (errcode) { michael@0: case SSL_ERROR_ZERO_RETURN: michael@0: /* Possibly a clean shutdown. */ michael@0: if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN) michael@0: event = BEV_EVENT_EOF; michael@0: else michael@0: dirty_shutdown = 1; michael@0: break; michael@0: case SSL_ERROR_SYSCALL: michael@0: /* IO error; possibly a dirty shutdown. */ michael@0: if (ret == 0 && ERR_peek_error() == 0) michael@0: dirty_shutdown = 1; michael@0: break; michael@0: case SSL_ERROR_SSL: michael@0: /* Protocol error. */ michael@0: break; michael@0: case SSL_ERROR_WANT_X509_LOOKUP: michael@0: /* XXXX handle this. */ michael@0: break; michael@0: case SSL_ERROR_NONE: michael@0: case SSL_ERROR_WANT_READ: michael@0: case SSL_ERROR_WANT_WRITE: michael@0: case SSL_ERROR_WANT_CONNECT: michael@0: case SSL_ERROR_WANT_ACCEPT: michael@0: default: michael@0: /* should be impossible; treat as normal error. */ michael@0: event_warnx("BUG: Unexpected OpenSSL error code %d", errcode); michael@0: break; michael@0: } michael@0: michael@0: while ((err = ERR_get_error())) { michael@0: put_error(bev_ssl, err); michael@0: } michael@0: michael@0: if (dirty_shutdown && bev_ssl->allow_dirty_shutdown) michael@0: event = BEV_EVENT_EOF; michael@0: michael@0: stop_reading(bev_ssl); michael@0: stop_writing(bev_ssl); michael@0: michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, event); michael@0: } michael@0: michael@0: static void michael@0: init_bio_counts(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: bev_ssl->counts.n_written = michael@0: BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); michael@0: bev_ssl->counts.n_read = michael@0: BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); michael@0: } michael@0: michael@0: static inline void michael@0: decrement_buckets(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl)); michael@0: unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl)); michael@0: /* These next two subtractions can wrap around. That's okay. */ michael@0: unsigned long w = num_w - bev_ssl->counts.n_written; michael@0: unsigned long r = num_r - bev_ssl->counts.n_read; michael@0: if (w) michael@0: _bufferevent_decrement_write_buckets(&bev_ssl->bev, w); michael@0: if (r) michael@0: _bufferevent_decrement_read_buckets(&bev_ssl->bev, r); michael@0: bev_ssl->counts.n_written = num_w; michael@0: bev_ssl->counts.n_read = num_r; michael@0: } michael@0: michael@0: #define OP_MADE_PROGRESS 1 michael@0: #define OP_BLOCKED 2 michael@0: #define OP_ERR 4 michael@0: michael@0: /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if michael@0: we're now blocked); and OP_ERR (if an error occurred). */ michael@0: static int michael@0: do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) { michael@0: /* Requires lock */ michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: struct evbuffer *input = bev->input; michael@0: int r, n, i, n_used = 0, atmost; michael@0: struct evbuffer_iovec space[2]; michael@0: int result = 0; michael@0: michael@0: if (bev_ssl->bev.read_suspended) michael@0: return 0; michael@0: michael@0: atmost = _bufferevent_get_read_max(&bev_ssl->bev); michael@0: if (n_to_read > atmost) michael@0: n_to_read = atmost; michael@0: michael@0: n = evbuffer_reserve_space(input, n_to_read, space, 2); michael@0: if (n < 0) michael@0: return OP_ERR; michael@0: michael@0: for (i=0; ibev.read_suspended) michael@0: break; michael@0: r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len); michael@0: if (r>0) { michael@0: result |= OP_MADE_PROGRESS; michael@0: if (bev_ssl->read_blocked_on_write) michael@0: if (clear_rbow(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: ++n_used; michael@0: space[i].iov_len = r; michael@0: decrement_buckets(bev_ssl); michael@0: } else { michael@0: int err = SSL_get_error(bev_ssl->ssl, r); michael@0: print_err(err); michael@0: switch (err) { michael@0: case SSL_ERROR_WANT_READ: michael@0: /* Can't read until underlying has more data. */ michael@0: if (bev_ssl->read_blocked_on_write) michael@0: if (clear_rbow(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: break; michael@0: case SSL_ERROR_WANT_WRITE: michael@0: /* This read operation requires a write, and the michael@0: * underlying is full */ michael@0: if (!bev_ssl->read_blocked_on_write) michael@0: if (set_rbow(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: break; michael@0: default: michael@0: conn_closed(bev_ssl, err, r); michael@0: break; michael@0: } michael@0: result |= OP_BLOCKED; michael@0: break; /* out of the loop */ michael@0: } michael@0: } michael@0: michael@0: if (n_used) { michael@0: evbuffer_commit_space(input, space, n_used); michael@0: if (bev_ssl->underlying) michael@0: BEV_RESET_GENERIC_READ_TIMEOUT(bev); michael@0: } michael@0: michael@0: return result; michael@0: } michael@0: michael@0: /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if michael@0: we're now blocked); and OP_ERR (if an error occurred). */ michael@0: static int michael@0: do_write(struct bufferevent_openssl *bev_ssl, int atmost) michael@0: { michael@0: int i, r, n, n_written = 0; michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: struct evbuffer *output = bev->output; michael@0: struct evbuffer_iovec space[8]; michael@0: int result = 0; michael@0: michael@0: if (bev_ssl->last_write > 0) michael@0: atmost = bev_ssl->last_write; michael@0: else michael@0: atmost = _bufferevent_get_write_max(&bev_ssl->bev); michael@0: michael@0: n = evbuffer_peek(output, atmost, NULL, space, 8); michael@0: if (n < 0) michael@0: return OP_ERR | result; michael@0: michael@0: if (n > 8) michael@0: n = 8; michael@0: for (i=0; i < n; ++i) { michael@0: if (bev_ssl->bev.write_suspended) michael@0: break; michael@0: michael@0: /* SSL_write will (reasonably) return 0 if we tell it to michael@0: send 0 data. Skip this case so we don't interpret the michael@0: result as an error */ michael@0: if (space[i].iov_len == 0) michael@0: continue; michael@0: michael@0: r = SSL_write(bev_ssl->ssl, space[i].iov_base, michael@0: space[i].iov_len); michael@0: if (r > 0) { michael@0: result |= OP_MADE_PROGRESS; michael@0: if (bev_ssl->write_blocked_on_read) michael@0: if (clear_wbor(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: n_written += r; michael@0: bev_ssl->last_write = -1; michael@0: decrement_buckets(bev_ssl); michael@0: } else { michael@0: int err = SSL_get_error(bev_ssl->ssl, r); michael@0: print_err(err); michael@0: switch (err) { michael@0: case SSL_ERROR_WANT_WRITE: michael@0: /* Can't read until underlying has more data. */ michael@0: if (bev_ssl->write_blocked_on_read) michael@0: if (clear_wbor(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: bev_ssl->last_write = space[i].iov_len; michael@0: break; michael@0: case SSL_ERROR_WANT_READ: michael@0: /* This read operation requires a write, and the michael@0: * underlying is full */ michael@0: if (!bev_ssl->write_blocked_on_read) michael@0: if (set_wbor(bev_ssl) < 0) michael@0: return OP_ERR | result; michael@0: bev_ssl->last_write = space[i].iov_len; michael@0: break; michael@0: default: michael@0: conn_closed(bev_ssl, err, r); michael@0: bev_ssl->last_write = -1; michael@0: break; michael@0: } michael@0: result |= OP_BLOCKED; michael@0: break; michael@0: } michael@0: } michael@0: if (n_written) { michael@0: evbuffer_drain(output, n_written); michael@0: if (bev_ssl->underlying) michael@0: BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); michael@0: michael@0: if (evbuffer_get_length(output) <= bev->wm_write.low) michael@0: _bufferevent_run_writecb(bev); michael@0: } michael@0: return result; michael@0: } michael@0: michael@0: #define WRITE_FRAME 15000 michael@0: michael@0: #define READ_DEFAULT 4096 michael@0: michael@0: /* Try to figure out how many bytes to read; return 0 if we shouldn't be michael@0: * reading. */ michael@0: static int michael@0: bytes_to_read(struct bufferevent_openssl *bev) michael@0: { michael@0: struct evbuffer *input = bev->bev.bev.input; michael@0: struct event_watermark *wm = &bev->bev.bev.wm_read; michael@0: int result = READ_DEFAULT; michael@0: ev_ssize_t limit; michael@0: /* XXX 99% of this is generic code that nearly all bufferevents will michael@0: * want. */ michael@0: michael@0: if (bev->write_blocked_on_read) { michael@0: return 0; michael@0: } michael@0: michael@0: if (! (bev->bev.bev.enabled & EV_READ)) { michael@0: return 0; michael@0: } michael@0: michael@0: if (bev->bev.read_suspended) { michael@0: return 0; michael@0: } michael@0: michael@0: if (wm->high) { michael@0: if (evbuffer_get_length(input) >= wm->high) { michael@0: return 0; michael@0: } michael@0: michael@0: result = wm->high - evbuffer_get_length(input); michael@0: } else { michael@0: result = READ_DEFAULT; michael@0: } michael@0: michael@0: /* Respect the rate limit */ michael@0: limit = _bufferevent_get_read_max(&bev->bev); michael@0: if (result > limit) { michael@0: result = limit; michael@0: } michael@0: michael@0: return result; michael@0: } michael@0: michael@0: michael@0: /* Things look readable. If write is blocked on read, write till it isn't. michael@0: * Read from the underlying buffer until we block or we hit our high-water michael@0: * mark. michael@0: */ michael@0: static void michael@0: consider_reading(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: int r; michael@0: int n_to_read; michael@0: int all_result_flags = 0; michael@0: michael@0: while (bev_ssl->write_blocked_on_read) { michael@0: r = do_write(bev_ssl, WRITE_FRAME); michael@0: if (r & (OP_BLOCKED|OP_ERR)) michael@0: break; michael@0: } michael@0: if (bev_ssl->write_blocked_on_read) michael@0: return; michael@0: michael@0: n_to_read = bytes_to_read(bev_ssl); michael@0: michael@0: while (n_to_read) { michael@0: r = do_read(bev_ssl, n_to_read); michael@0: all_result_flags |= r; michael@0: michael@0: if (r & (OP_BLOCKED|OP_ERR)) michael@0: break; michael@0: michael@0: if (bev_ssl->bev.read_suspended) michael@0: break; michael@0: michael@0: /* Read all pending data. This won't hit the network michael@0: * again, and will (most importantly) put us in a state michael@0: * where we don't need to read anything else until the michael@0: * socket is readable again. It'll potentially make us michael@0: * overrun our read high-watermark (somewhat michael@0: * regrettable). The damage to the rate-limit has michael@0: * already been done, since OpenSSL went and read a michael@0: * whole SSL record anyway. */ michael@0: n_to_read = SSL_pending(bev_ssl->ssl); michael@0: michael@0: /* XXX This if statement is actually a bad bug, added to avoid michael@0: * XXX a worse bug. michael@0: * michael@0: * The bad bug: It can potentially cause resource unfairness michael@0: * by reading too much data from the underlying bufferevent; michael@0: * it can potentially cause read looping if the underlying michael@0: * bufferevent is a bufferevent_pair and deferred callbacks michael@0: * aren't used. michael@0: * michael@0: * The worse bug: If we didn't do this, then we would michael@0: * potentially not read any more from bev_ssl->underlying michael@0: * until more data arrived there, which could lead to us michael@0: * waiting forever. michael@0: */ michael@0: if (!n_to_read && bev_ssl->underlying) michael@0: n_to_read = bytes_to_read(bev_ssl); michael@0: } michael@0: michael@0: if (all_result_flags & OP_MADE_PROGRESS) { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: struct evbuffer *input = bev->input; michael@0: michael@0: if (evbuffer_get_length(input) >= bev->wm_read.low) { michael@0: _bufferevent_run_readcb(bev); michael@0: } michael@0: } michael@0: michael@0: if (!bev_ssl->underlying) { michael@0: /* Should be redundant, but let's avoid busy-looping */ michael@0: if (bev_ssl->bev.read_suspended || michael@0: !(bev_ssl->bev.bev.enabled & EV_READ)) { michael@0: event_del(&bev_ssl->bev.bev.ev_read); michael@0: } michael@0: } michael@0: } michael@0: michael@0: static void michael@0: consider_writing(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: int r; michael@0: struct evbuffer *output = bev_ssl->bev.bev.output; michael@0: struct evbuffer *target = NULL; michael@0: struct event_watermark *wm = NULL; michael@0: michael@0: while (bev_ssl->read_blocked_on_write) { michael@0: r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */ michael@0: if (r & OP_MADE_PROGRESS) { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: struct evbuffer *input = bev->input; michael@0: michael@0: if (evbuffer_get_length(input) >= bev->wm_read.low) { michael@0: _bufferevent_run_readcb(bev); michael@0: } michael@0: } michael@0: if (r & (OP_ERR|OP_BLOCKED)) michael@0: break; michael@0: } michael@0: if (bev_ssl->read_blocked_on_write) michael@0: return; michael@0: if (bev_ssl->underlying) { michael@0: target = bev_ssl->underlying->output; michael@0: wm = &bev_ssl->underlying->wm_write; michael@0: } michael@0: while ((bev_ssl->bev.bev.enabled & EV_WRITE) && michael@0: (! bev_ssl->bev.write_suspended) && michael@0: evbuffer_get_length(output) && michael@0: (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) { michael@0: int n_to_write; michael@0: if (wm && wm->high) michael@0: n_to_write = wm->high - evbuffer_get_length(target); michael@0: else michael@0: n_to_write = WRITE_FRAME; michael@0: r = do_write(bev_ssl, n_to_write); michael@0: if (r & (OP_BLOCKED|OP_ERR)) michael@0: break; michael@0: } michael@0: michael@0: if (!bev_ssl->underlying) { michael@0: if (evbuffer_get_length(output) == 0) { michael@0: event_del(&bev_ssl->bev.bev.ev_write); michael@0: } else if (bev_ssl->bev.write_suspended || michael@0: !(bev_ssl->bev.bev.enabled & EV_WRITE)) { michael@0: /* Should be redundant, but let's avoid busy-looping */ michael@0: event_del(&bev_ssl->bev.bev.ev_write); michael@0: } michael@0: } michael@0: } michael@0: michael@0: static void michael@0: be_openssl_readcb(struct bufferevent *bev_base, void *ctx) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ctx; michael@0: consider_reading(bev_ssl); michael@0: } michael@0: michael@0: static void michael@0: be_openssl_writecb(struct bufferevent *bev_base, void *ctx) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ctx; michael@0: consider_writing(bev_ssl); michael@0: } michael@0: michael@0: static void michael@0: be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ctx; michael@0: int event = 0; michael@0: michael@0: if (what & BEV_EVENT_EOF) { michael@0: if (bev_ssl->allow_dirty_shutdown) michael@0: event = BEV_EVENT_EOF; michael@0: else michael@0: event = BEV_EVENT_ERROR; michael@0: } else if (what & BEV_EVENT_TIMEOUT) { michael@0: /* We sure didn't set this. Propagate it to the user. */ michael@0: event = what; michael@0: } else if (what & BEV_EVENT_ERROR) { michael@0: /* An error occurred on the connection. Propagate it to the user. */ michael@0: event = what; michael@0: } else if (what & BEV_EVENT_CONNECTED) { michael@0: /* Ignore it. We're saying SSL_connect() already, which will michael@0: eat it. */ michael@0: } michael@0: if (event) michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, event); michael@0: } michael@0: michael@0: static void michael@0: be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ptr; michael@0: _bufferevent_incref_and_lock(&bev_ssl->bev.bev); michael@0: if (what == EV_TIMEOUT) { michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, michael@0: BEV_EVENT_TIMEOUT|BEV_EVENT_READING); michael@0: } else { michael@0: consider_reading(bev_ssl); michael@0: } michael@0: _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); michael@0: } michael@0: michael@0: static void michael@0: be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ptr; michael@0: _bufferevent_incref_and_lock(&bev_ssl->bev.bev); michael@0: if (what == EV_TIMEOUT) { michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, michael@0: BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING); michael@0: } else { michael@0: consider_writing(bev_ssl); michael@0: } michael@0: _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); michael@0: } michael@0: michael@0: static int michael@0: set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) michael@0: { michael@0: if (bev_ssl->underlying) { michael@0: bufferevent_setcb(bev_ssl->underlying, michael@0: be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb, michael@0: bev_ssl); michael@0: return 0; michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: int rpending=0, wpending=0, r1=0, r2=0; michael@0: if (fd < 0 && bev_ssl->fd_is_set) michael@0: fd = event_get_fd(&bev->ev_read); michael@0: if (bev_ssl->fd_is_set) { michael@0: rpending = event_pending(&bev->ev_read, EV_READ, NULL); michael@0: wpending = event_pending(&bev->ev_write, EV_WRITE, NULL); michael@0: event_del(&bev->ev_read); michael@0: event_del(&bev->ev_write); michael@0: } michael@0: event_assign(&bev->ev_read, bev->ev_base, fd, michael@0: EV_READ|EV_PERSIST, be_openssl_readeventcb, bev_ssl); michael@0: event_assign(&bev->ev_write, bev->ev_base, fd, michael@0: EV_WRITE|EV_PERSIST, be_openssl_writeeventcb, bev_ssl); michael@0: if (rpending) michael@0: r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); michael@0: if (wpending) michael@0: r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); michael@0: if (fd >= 0) { michael@0: bev_ssl->fd_is_set = 1; michael@0: } michael@0: return (r1<0 || r2<0) ? -1 : 0; michael@0: } michael@0: } michael@0: michael@0: static int michael@0: do_handshake(struct bufferevent_openssl *bev_ssl) michael@0: { michael@0: int r; michael@0: michael@0: switch (bev_ssl->state) { michael@0: default: michael@0: case BUFFEREVENT_SSL_OPEN: michael@0: EVUTIL_ASSERT(0); michael@0: return -1; michael@0: case BUFFEREVENT_SSL_CONNECTING: michael@0: case BUFFEREVENT_SSL_ACCEPTING: michael@0: r = SSL_do_handshake(bev_ssl->ssl); michael@0: break; michael@0: } michael@0: decrement_buckets(bev_ssl); michael@0: michael@0: if (r==1) { michael@0: /* We're done! */ michael@0: bev_ssl->state = BUFFEREVENT_SSL_OPEN; michael@0: set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */ michael@0: /* Call do_read and do_write as needed */ michael@0: bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled); michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, michael@0: BEV_EVENT_CONNECTED); michael@0: return 1; michael@0: } else { michael@0: int err = SSL_get_error(bev_ssl->ssl, r); michael@0: print_err(err); michael@0: switch (err) { michael@0: case SSL_ERROR_WANT_WRITE: michael@0: if (!bev_ssl->underlying) { michael@0: stop_reading(bev_ssl); michael@0: return start_writing(bev_ssl); michael@0: } michael@0: return 0; michael@0: case SSL_ERROR_WANT_READ: michael@0: if (!bev_ssl->underlying) { michael@0: stop_writing(bev_ssl); michael@0: return start_reading(bev_ssl); michael@0: } michael@0: return 0; michael@0: default: michael@0: conn_closed(bev_ssl, err, r); michael@0: return -1; michael@0: } michael@0: } michael@0: } michael@0: michael@0: static void michael@0: be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ctx; michael@0: do_handshake(bev_ssl);/* XXX handle failure */ michael@0: } michael@0: michael@0: static void michael@0: be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = ptr; michael@0: michael@0: _bufferevent_incref_and_lock(&bev_ssl->bev.bev); michael@0: if (what & EV_TIMEOUT) { michael@0: _bufferevent_run_eventcb(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT); michael@0: } else michael@0: do_handshake(bev_ssl);/* XXX handle failure */ michael@0: _bufferevent_decref_and_unlock(&bev_ssl->bev.bev); michael@0: } michael@0: michael@0: static int michael@0: set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd) michael@0: { michael@0: if (bev_ssl->underlying) { michael@0: bufferevent_setcb(bev_ssl->underlying, michael@0: be_openssl_handshakecb, be_openssl_handshakecb, michael@0: be_openssl_eventcb, michael@0: bev_ssl); michael@0: return do_handshake(bev_ssl); michael@0: } else { michael@0: struct bufferevent *bev = &bev_ssl->bev.bev; michael@0: int r1=0, r2=0; michael@0: if (fd < 0 && bev_ssl->fd_is_set) michael@0: fd = event_get_fd(&bev->ev_read); michael@0: if (bev_ssl->fd_is_set) { michael@0: event_del(&bev->ev_read); michael@0: event_del(&bev->ev_write); michael@0: } michael@0: event_assign(&bev->ev_read, bev->ev_base, fd, michael@0: EV_READ|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); michael@0: event_assign(&bev->ev_write, bev->ev_base, fd, michael@0: EV_WRITE|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl); michael@0: if (fd >= 0) { michael@0: r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); michael@0: r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); michael@0: bev_ssl->fd_is_set = 1; michael@0: } michael@0: return (r1<0 || r2<0) ? -1 : 0; michael@0: } michael@0: } michael@0: michael@0: int michael@0: bufferevent_ssl_renegotiate(struct bufferevent *bev) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: if (!bev_ssl) michael@0: return -1; michael@0: if (SSL_renegotiate(bev_ssl->ssl) < 0) michael@0: return -1; michael@0: bev_ssl->state = BUFFEREVENT_SSL_CONNECTING; michael@0: if (set_handshake_callbacks(bev_ssl, -1) < 0) michael@0: return -1; michael@0: if (!bev_ssl->underlying) michael@0: return do_handshake(bev_ssl); michael@0: return 0; michael@0: } michael@0: michael@0: static void michael@0: be_openssl_outbuf_cb(struct evbuffer *buf, michael@0: const struct evbuffer_cb_info *cbinfo, void *arg) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = arg; michael@0: int r = 0; michael@0: /* XXX need to hold a reference here. */ michael@0: michael@0: if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) { michael@0: if (cbinfo->orig_size == 0) michael@0: r = _bufferevent_add_event(&bev_ssl->bev.bev.ev_write, michael@0: &bev_ssl->bev.bev.timeout_write); michael@0: consider_writing(bev_ssl); michael@0: } michael@0: /* XXX Handle r < 0 */ michael@0: (void)r; michael@0: } michael@0: michael@0: michael@0: static int michael@0: be_openssl_enable(struct bufferevent *bev, short events) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: int r1 = 0, r2 = 0; michael@0: michael@0: if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) michael@0: return 0; michael@0: michael@0: if (events & EV_READ) michael@0: r1 = start_reading(bev_ssl); michael@0: if (events & EV_WRITE) michael@0: r2 = start_writing(bev_ssl); michael@0: michael@0: if (bev_ssl->underlying) { michael@0: if (events & EV_READ) michael@0: BEV_RESET_GENERIC_READ_TIMEOUT(bev); michael@0: if (events & EV_WRITE) michael@0: BEV_RESET_GENERIC_WRITE_TIMEOUT(bev); michael@0: michael@0: if (events & EV_READ) michael@0: consider_reading(bev_ssl); michael@0: if (events & EV_WRITE) michael@0: consider_writing(bev_ssl); michael@0: } michael@0: return (r1 < 0 || r2 < 0) ? -1 : 0; michael@0: } michael@0: michael@0: static int michael@0: be_openssl_disable(struct bufferevent *bev, short events) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: if (bev_ssl->state != BUFFEREVENT_SSL_OPEN) michael@0: return 0; michael@0: michael@0: if (events & EV_READ) michael@0: stop_reading(bev_ssl); michael@0: if (events & EV_WRITE) michael@0: stop_writing(bev_ssl); michael@0: michael@0: if (bev_ssl->underlying) { michael@0: if (events & EV_READ) michael@0: BEV_DEL_GENERIC_READ_TIMEOUT(bev); michael@0: if (events & EV_WRITE) michael@0: BEV_DEL_GENERIC_WRITE_TIMEOUT(bev); michael@0: } michael@0: return 0; michael@0: } michael@0: michael@0: static void michael@0: be_openssl_destruct(struct bufferevent *bev) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: michael@0: if (bev_ssl->underlying) { michael@0: _bufferevent_del_generic_timeout_cbs(bev); michael@0: } else { michael@0: event_del(&bev->ev_read); michael@0: event_del(&bev->ev_write); michael@0: } michael@0: michael@0: if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) { michael@0: if (bev_ssl->underlying) { michael@0: if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) { michael@0: event_warnx("BEV_OPT_CLOSE_ON_FREE set on an " michael@0: "bufferevent with too few references"); michael@0: } else { michael@0: bufferevent_free(bev_ssl->underlying); michael@0: bev_ssl->underlying = NULL; michael@0: } michael@0: } else { michael@0: evutil_socket_t fd = -1; michael@0: BIO *bio = SSL_get_wbio(bev_ssl->ssl); michael@0: if (bio) michael@0: fd = BIO_get_fd(bio, NULL); michael@0: if (fd >= 0) michael@0: evutil_closesocket(fd); michael@0: } michael@0: SSL_free(bev_ssl->ssl); michael@0: } else { michael@0: if (bev_ssl->underlying) { michael@0: if (bev_ssl->underlying->errorcb == be_openssl_eventcb) michael@0: bufferevent_setcb(bev_ssl->underlying, michael@0: NULL,NULL,NULL,NULL); michael@0: bufferevent_unsuspend_read(bev_ssl->underlying, michael@0: BEV_SUSPEND_FILT_READ); michael@0: } michael@0: } michael@0: } michael@0: michael@0: static int michael@0: be_openssl_adj_timeouts(struct bufferevent *bev) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: michael@0: if (bev_ssl->underlying) michael@0: return _bufferevent_generic_adj_timeouts(bev); michael@0: else { michael@0: int r1=0, r2=0; michael@0: if (event_pending(&bev->ev_read, EV_READ, NULL)) michael@0: r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read); michael@0: if (event_pending(&bev->ev_write, EV_WRITE, NULL)) michael@0: r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write); michael@0: return (r1<0 || r2<0) ? -1 : 0; michael@0: } michael@0: } michael@0: michael@0: static int michael@0: be_openssl_flush(struct bufferevent *bufev, michael@0: short iotype, enum bufferevent_flush_mode mode) michael@0: { michael@0: /* XXXX Implement this. */ michael@0: return 0; michael@0: } michael@0: michael@0: static int michael@0: be_openssl_ctrl(struct bufferevent *bev, michael@0: enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bev); michael@0: switch (op) { michael@0: case BEV_CTRL_SET_FD: michael@0: if (bev_ssl->underlying) michael@0: return -1; michael@0: { michael@0: BIO *bio; michael@0: bio = BIO_new_socket(data->fd, 0); michael@0: SSL_set_bio(bev_ssl->ssl, bio, bio); michael@0: bev_ssl->fd_is_set = 1; michael@0: } michael@0: if (bev_ssl->state == BUFFEREVENT_SSL_OPEN) michael@0: return set_open_callbacks(bev_ssl, data->fd); michael@0: else { michael@0: return set_handshake_callbacks(bev_ssl, data->fd); michael@0: } michael@0: case BEV_CTRL_GET_FD: michael@0: if (bev_ssl->underlying) michael@0: return -1; michael@0: if (!bev_ssl->fd_is_set) michael@0: return -1; michael@0: data->fd = event_get_fd(&bev->ev_read); michael@0: return 0; michael@0: case BEV_CTRL_GET_UNDERLYING: michael@0: if (!bev_ssl->underlying) michael@0: return -1; michael@0: data->ptr = bev_ssl->underlying; michael@0: return 0; michael@0: case BEV_CTRL_CANCEL_ALL: michael@0: default: michael@0: return -1; michael@0: } michael@0: } michael@0: michael@0: SSL * michael@0: bufferevent_openssl_get_ssl(struct bufferevent *bufev) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = upcast(bufev); michael@0: if (!bev_ssl) michael@0: return NULL; michael@0: return bev_ssl->ssl; michael@0: } michael@0: michael@0: static struct bufferevent * michael@0: bufferevent_openssl_new_impl(struct event_base *base, michael@0: struct bufferevent *underlying, michael@0: evutil_socket_t fd, michael@0: SSL *ssl, michael@0: enum bufferevent_ssl_state state, michael@0: int options) michael@0: { michael@0: struct bufferevent_openssl *bev_ssl = NULL; michael@0: struct bufferevent_private *bev_p = NULL; michael@0: int tmp_options = options & ~BEV_OPT_THREADSAFE; michael@0: michael@0: if (underlying != NULL && fd >= 0) michael@0: return NULL; /* Only one can be set. */ michael@0: michael@0: if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl)))) michael@0: goto err; michael@0: michael@0: bev_p = &bev_ssl->bev; michael@0: michael@0: if (bufferevent_init_common(bev_p, base, michael@0: &bufferevent_ops_openssl, tmp_options) < 0) michael@0: goto err; michael@0: michael@0: /* Don't explode if we decide to realloc a chunk we're writing from in michael@0: * the output buffer. */ michael@0: SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); michael@0: michael@0: bev_ssl->underlying = underlying; michael@0: bev_ssl->ssl = ssl; michael@0: michael@0: bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output, michael@0: be_openssl_outbuf_cb, bev_ssl); michael@0: michael@0: if (options & BEV_OPT_THREADSAFE) michael@0: bufferevent_enable_locking(&bev_ssl->bev.bev, NULL); michael@0: michael@0: if (underlying) { michael@0: _bufferevent_init_generic_timeout_cbs(&bev_ssl->bev.bev); michael@0: bufferevent_incref(underlying); michael@0: } michael@0: michael@0: bev_ssl->state = state; michael@0: bev_ssl->last_write = -1; michael@0: michael@0: init_bio_counts(bev_ssl); michael@0: michael@0: switch (state) { michael@0: case BUFFEREVENT_SSL_ACCEPTING: michael@0: SSL_set_accept_state(bev_ssl->ssl); michael@0: if (set_handshake_callbacks(bev_ssl, fd) < 0) michael@0: goto err; michael@0: break; michael@0: case BUFFEREVENT_SSL_CONNECTING: michael@0: SSL_set_connect_state(bev_ssl->ssl); michael@0: if (set_handshake_callbacks(bev_ssl, fd) < 0) michael@0: goto err; michael@0: break; michael@0: case BUFFEREVENT_SSL_OPEN: michael@0: if (set_open_callbacks(bev_ssl, fd) < 0) michael@0: goto err; michael@0: break; michael@0: default: michael@0: goto err; michael@0: } michael@0: michael@0: if (underlying) { michael@0: bufferevent_setwatermark(underlying, EV_READ, 0, 0); michael@0: bufferevent_enable(underlying, EV_READ|EV_WRITE); michael@0: if (state == BUFFEREVENT_SSL_OPEN) michael@0: bufferevent_suspend_read(underlying, michael@0: BEV_SUSPEND_FILT_READ); michael@0: } else { michael@0: bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE; michael@0: if (bev_ssl->fd_is_set) { michael@0: if (state != BUFFEREVENT_SSL_OPEN) michael@0: if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0) michael@0: goto err; michael@0: if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0) michael@0: goto err; michael@0: } michael@0: } michael@0: michael@0: return &bev_ssl->bev.bev; michael@0: err: michael@0: if (bev_ssl) michael@0: bufferevent_free(&bev_ssl->bev.bev); michael@0: return NULL; michael@0: } michael@0: michael@0: struct bufferevent * michael@0: bufferevent_openssl_filter_new(struct event_base *base, michael@0: struct bufferevent *underlying, michael@0: SSL *ssl, michael@0: enum bufferevent_ssl_state state, michael@0: int options) michael@0: { michael@0: /* We don't tell the BIO to close the bufferevent; we do it ourselves michael@0: * on be_openssl_destruct */ michael@0: int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */ michael@0: BIO *bio; michael@0: if (!underlying) michael@0: return NULL; michael@0: if (!(bio = BIO_new_bufferevent(underlying, close_flag))) michael@0: return NULL; michael@0: michael@0: SSL_set_bio(ssl, bio, bio); michael@0: michael@0: return bufferevent_openssl_new_impl( michael@0: base, underlying, -1, ssl, state, options); michael@0: } michael@0: michael@0: struct bufferevent * michael@0: bufferevent_openssl_socket_new(struct event_base *base, michael@0: evutil_socket_t fd, michael@0: SSL *ssl, michael@0: enum bufferevent_ssl_state state, michael@0: int options) michael@0: { michael@0: /* Does the SSL already have an fd? */ michael@0: BIO *bio = SSL_get_wbio(ssl); michael@0: long have_fd = -1; michael@0: michael@0: if (bio) michael@0: have_fd = BIO_get_fd(bio, NULL); michael@0: michael@0: if (have_fd >= 0) { michael@0: /* The SSL is already configured with an fd. */ michael@0: if (fd < 0) { michael@0: /* We should learn the fd from the SSL. */ michael@0: fd = (evutil_socket_t) have_fd; michael@0: } else if (have_fd == (long)fd) { michael@0: /* We already know the fd from the SSL; do nothing */ michael@0: } else { michael@0: /* We specified an fd different from that of the SSL. michael@0: This is probably an error on our part. Fail. */ michael@0: return NULL; michael@0: } michael@0: (void) BIO_set_close(bio, 0); michael@0: } else { michael@0: /* The SSL isn't configured with a BIO with an fd. */ michael@0: if (fd >= 0) { michael@0: /* ... and we have an fd we want to use. */ michael@0: bio = BIO_new_socket(fd, 0); michael@0: SSL_set_bio(ssl, bio, bio); michael@0: } else { michael@0: /* Leave the fd unset. */ michael@0: } michael@0: } michael@0: michael@0: return bufferevent_openssl_new_impl( michael@0: base, NULL, fd, ssl, state, options); michael@0: } michael@0: michael@0: unsigned long michael@0: bufferevent_get_openssl_error(struct bufferevent *bev) michael@0: { michael@0: unsigned long err = 0; michael@0: struct bufferevent_openssl *bev_ssl; michael@0: BEV_LOCK(bev); michael@0: bev_ssl = upcast(bev); michael@0: if (bev_ssl && bev_ssl->n_errors) { michael@0: err = bev_ssl->errors[--bev_ssl->n_errors]; michael@0: } michael@0: BEV_UNLOCK(bev); michael@0: return err; michael@0: }