1 /*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License").
5 * You may not use this file except in compliance with the License.
6 * A copy of the License is located at
7 *
8 * http://aws.amazon.com/apache2.0
9 *
10 * or in the "license" file accompanying this file. This file is distributed
11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 * express or implied. See the License for the specific language governing
13 * permissions and limitations under the License.
14 */
15
16 #include <sys/param.h>
17 #include <errno.h>
18 #include <s2n.h>
19
20 #include "error/s2n_errno.h"
21
22 #include "tls/s2n_cipher_suites.h"
23 #include "tls/s2n_connection.h"
24 #include "tls/s2n_handshake.h"
25 #include "tls/s2n_post_handshake.h"
26 #include "tls/s2n_record.h"
27
28 #include "stuffer/s2n_stuffer.h"
29
30 #include "crypto/s2n_cipher.h"
31
32 #include "utils/s2n_safety.h"
33 #include "utils/s2n_blob.h"
34
s2n_flush(struct s2n_connection * conn,s2n_blocked_status * blocked)35 int s2n_flush(struct s2n_connection *conn, s2n_blocked_status * blocked)
36 {
37 int w;
38
39 *blocked = S2N_BLOCKED_ON_WRITE;
40
41 /* Write any data that's already pending */
42 WRITE:
43 while (s2n_stuffer_data_available(&conn->out)) {
44 errno = 0;
45 w = s2n_connection_send_stuffer(&conn->out, conn, s2n_stuffer_data_available(&conn->out));
46 if (w < 0) {
47 if (errno == EWOULDBLOCK || errno == EAGAIN) {
48 POSIX_BAIL(S2N_ERR_IO_BLOCKED);
49 }
50 POSIX_BAIL(S2N_ERR_IO);
51 }
52 conn->wire_bytes_out += w;
53 }
54
55 if (conn->closing) {
56 conn->closed = 1;
57 }
58 POSIX_GUARD(s2n_stuffer_rewrite(&conn->out));
59
60 /* If there's an alert pending out, send that */
61 if (s2n_stuffer_data_available(&conn->reader_alert_out) == 2) {
62 struct s2n_blob alert = {0};
63 alert.data = conn->reader_alert_out.blob.data;
64 alert.size = 2;
65 POSIX_GUARD(s2n_record_write(conn, TLS_ALERT, &alert));
66 POSIX_GUARD(s2n_stuffer_rewrite(&conn->reader_alert_out));
67 conn->closing = 1;
68
69 /* Actually write it ... */
70 goto WRITE;
71 }
72
73 /* Do the same for writer driven alerts */
74 if (s2n_stuffer_data_available(&conn->writer_alert_out) == 2) {
75 struct s2n_blob alert = {0};
76 alert.data = conn->writer_alert_out.blob.data;
77 alert.size = 2;
78 POSIX_GUARD(s2n_record_write(conn, TLS_ALERT, &alert));
79 POSIX_GUARD(s2n_stuffer_rewrite(&conn->writer_alert_out));
80 conn->closing = 1;
81
82 /* Actually write it ... */
83 goto WRITE;
84 }
85
86 *blocked = S2N_NOT_BLOCKED;
87
88 return 0;
89 }
90
s2n_sendv_with_offset_impl(struct s2n_connection * conn,const struct iovec * bufs,ssize_t count,ssize_t offs,s2n_blocked_status * blocked)91 ssize_t s2n_sendv_with_offset_impl(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked)
92 {
93 ssize_t user_data_sent, total_size = 0;
94
95 POSIX_ENSURE(!conn->closed, S2N_ERR_CLOSED);
96 POSIX_ENSURE(!s2n_connection_is_quic_enabled(conn), S2N_ERR_UNSUPPORTED_WITH_QUIC);
97
98 /* Flush any pending I/O */
99 POSIX_GUARD(s2n_flush(conn, blocked));
100
101 /* Acknowledge consumed and flushed user data as sent */
102 user_data_sent = conn->current_user_data_consumed;
103
104 *blocked = S2N_BLOCKED_ON_WRITE;
105
106 uint16_t max_payload_size = 0;
107 POSIX_GUARD_RESULT(s2n_record_max_write_payload_size(conn, &max_payload_size));
108
109 /* TLS 1.0 and SSLv3 are vulnerable to the so-called Beast attack. Work
110 * around this by splitting messages into one byte records, and then
111 * the remainder can follow as usual.
112 */
113 int cbcHackUsed = 0;
114
115 struct s2n_crypto_parameters *writer = conn->server;
116 if (conn->mode == S2N_CLIENT) {
117 writer = conn->client;
118 }
119
120 /* Defensive check against an invalid retry */
121 if (offs) {
122 const struct iovec* _bufs = bufs;
123 ssize_t _count = count;
124 while (offs >= _bufs->iov_len && _count > 0) {
125 offs -= _bufs->iov_len;
126 _bufs++;
127 _count--;
128 }
129 bufs = _bufs;
130 count = _count;
131 }
132 for (ssize_t i = 0; i < count; i++) {
133 total_size += bufs[i].iov_len;
134 }
135 total_size -= offs;
136 S2N_ERROR_IF(conn->current_user_data_consumed > total_size, S2N_ERR_SEND_SIZE);
137 POSIX_GUARD_RESULT(s2n_early_data_validate_send(conn, total_size));
138
139 if (conn->dynamic_record_timeout_threshold > 0) {
140 uint64_t elapsed;
141 POSIX_GUARD_RESULT(s2n_timer_elapsed(conn->config, &conn->write_timer, &elapsed));
142 /* Reset record size back to a single segment after threshold seconds of inactivity */
143 if (elapsed - conn->last_write_elapsed > (uint64_t) conn->dynamic_record_timeout_threshold * 1000000000) {
144 conn->active_application_bytes_consumed = 0;
145 }
146 conn->last_write_elapsed = elapsed;
147 }
148
149 /* Now write the data we were asked to send this round */
150 while (total_size - conn->current_user_data_consumed) {
151 ssize_t to_write = MIN(total_size - conn->current_user_data_consumed, max_payload_size);
152
153 /* If dynamic record size is enabled,
154 * use small TLS records that fit into a single TCP segment for the threshold bytes of data
155 */
156 if (conn->active_application_bytes_consumed < (uint64_t) conn->dynamic_record_resize_threshold) {
157 uint16_t min_payload_size = 0;
158 POSIX_GUARD_RESULT(s2n_record_min_write_payload_size(conn, &min_payload_size));
159 to_write = MIN(min_payload_size, to_write);
160 }
161
162 /* Don't split messages in server mode for interoperability with naive clients.
163 * Some clients may have expectations based on the amount of content in the first record.
164 */
165 if (conn->actual_protocol_version < S2N_TLS11 && writer->cipher_suite->record_alg->cipher->type == S2N_CBC && conn->mode != S2N_SERVER) {
166 if (to_write > 1 && cbcHackUsed == 0) {
167 to_write = 1;
168 cbcHackUsed = 1;
169 }
170 }
171
172 POSIX_GUARD(s2n_stuffer_rewrite(&conn->out));
173
174 POSIX_GUARD(s2n_post_handshake_send(conn, blocked));
175
176 /* Write and encrypt the record */
177 POSIX_GUARD(s2n_record_writev(conn, TLS_APPLICATION_DATA, bufs, count,
178 conn->current_user_data_consumed + offs, to_write));
179 conn->current_user_data_consumed += to_write;
180 conn->active_application_bytes_consumed += to_write;
181
182 /* Send it */
183 if (s2n_flush(conn, blocked) < 0) {
184 if (s2n_errno == S2N_ERR_IO_BLOCKED && user_data_sent > 0) {
185 /* We successfully sent >0 user bytes on the wire, but not the full requested payload
186 * because we became blocked on I/O. Acknowledge the data sent. */
187
188 conn->current_user_data_consumed -= user_data_sent;
189 return user_data_sent;
190 } else {
191 S2N_ERROR_PRESERVE_ERRNO();
192 }
193 }
194
195 /* Acknowledge consumed and flushed user data as sent */
196 user_data_sent = conn->current_user_data_consumed;
197 }
198
199 /* If everything has been written, then there's no user data pending */
200 conn->current_user_data_consumed = 0;
201
202 *blocked = S2N_NOT_BLOCKED;
203
204 POSIX_GUARD_RESULT(s2n_early_data_record_bytes(conn, total_size));
205 return total_size;
206 }
207
s2n_sendv_with_offset(struct s2n_connection * conn,const struct iovec * bufs,ssize_t count,ssize_t offs,s2n_blocked_status * blocked)208 ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked)
209 {
210 POSIX_ENSURE(!conn->send_in_use, S2N_ERR_REENTRANCY);
211 conn->send_in_use = true;
212 ssize_t result = s2n_sendv_with_offset_impl(conn, bufs, count, offs, blocked);
213 conn->send_in_use = false;
214 return result;
215 }
216
s2n_sendv(struct s2n_connection * conn,const struct iovec * bufs,ssize_t count,s2n_blocked_status * blocked)217 ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked)
218 {
219 return s2n_sendv_with_offset(conn, bufs, count, 0, blocked);
220 }
221
s2n_send(struct s2n_connection * conn,const void * buf,ssize_t size,s2n_blocked_status * blocked)222 ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked)
223 {
224 struct iovec iov;
225 iov.iov_base = (void*)(uintptr_t)buf;
226 iov.iov_len = size;
227 return s2n_sendv_with_offset(conn, &iov, 1, 0, blocked);
228 }
229