1 /* $OpenBSD: bio_ssl.c,v 1.40 2023/07/19 13:34:33 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <errno.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/bio.h> 65 #include <openssl/crypto.h> 66 #include <openssl/err.h> 67 #include <openssl/ssl.h> 68 69 #include "bio_local.h" 70 #include "ssl_local.h" 71 72 static int ssl_write(BIO *h, const char *buf, int num); 73 static int ssl_read(BIO *h, char *buf, int size); 74 static int ssl_puts(BIO *h, const char *str); 75 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 76 static int ssl_new(BIO *h); 77 static int ssl_free(BIO *data); 78 static long ssl_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); 79 typedef struct bio_ssl_st { 80 SSL *ssl; /* The ssl handle :-) */ 81 /* re-negotiate every time the total number of bytes is this size */ 82 int num_renegotiates; 83 unsigned long renegotiate_count; 84 unsigned long byte_count; 85 unsigned long renegotiate_timeout; 86 time_t last_time; 87 } BIO_SSL; 88 89 static const BIO_METHOD methods_sslp = { 90 .type = BIO_TYPE_SSL, 91 .name = "ssl", 92 .bwrite = ssl_write, 93 .bread = ssl_read, 94 .bputs = ssl_puts, 95 .ctrl = ssl_ctrl, 96 .create = ssl_new, 97 .destroy = ssl_free, 98 .callback_ctrl = ssl_callback_ctrl, 99 }; 100 101 const BIO_METHOD * 102 BIO_f_ssl(void) 103 { 104 return (&methods_sslp); 105 } 106 LSSL_ALIAS(BIO_f_ssl); 107 108 static int 109 ssl_new(BIO *bi) 110 { 111 BIO_SSL *bs; 112 113 bs = calloc(1, sizeof(BIO_SSL)); 114 if (bs == NULL) { 115 SSLerrorx(ERR_R_MALLOC_FAILURE); 116 return (0); 117 } 118 bi->init = 0; 119 bi->ptr = (char *)bs; 120 bi->flags = 0; 121 return (1); 122 } 123 LSSL_ALIAS(BIO_f_ssl); 124 125 static int 126 ssl_free(BIO *a) 127 { 128 BIO_SSL *bs; 129 130 if (a == NULL) 131 return (0); 132 bs = (BIO_SSL *)a->ptr; 133 if (bs->ssl != NULL) 134 SSL_shutdown(bs->ssl); 135 if (a->shutdown) { 136 if (a->init && (bs->ssl != NULL)) 137 SSL_free(bs->ssl); 138 a->init = 0; 139 a->flags = 0; 140 } 141 free(a->ptr); 142 return (1); 143 } 144 145 static int 146 ssl_read(BIO *b, char *out, int outl) 147 { 148 int ret = 1; 149 BIO_SSL *sb; 150 SSL *ssl; 151 int retry_reason = 0; 152 int r = 0; 153 154 if (out == NULL) 155 return (0); 156 sb = (BIO_SSL *)b->ptr; 157 ssl = sb->ssl; 158 159 BIO_clear_retry_flags(b); 160 161 ret = SSL_read(ssl, out, outl); 162 163 switch (SSL_get_error(ssl, ret)) { 164 case SSL_ERROR_NONE: 165 if (ret <= 0) 166 break; 167 if (sb->renegotiate_count > 0) { 168 sb->byte_count += ret; 169 if (sb->byte_count > sb->renegotiate_count) { 170 sb->byte_count = 0; 171 sb->num_renegotiates++; 172 SSL_renegotiate(ssl); 173 r = 1; 174 } 175 } 176 if ((sb->renegotiate_timeout > 0) && (!r)) { 177 time_t tm; 178 179 tm = time(NULL); 180 if (tm > sb->last_time + sb->renegotiate_timeout) { 181 sb->last_time = tm; 182 sb->num_renegotiates++; 183 SSL_renegotiate(ssl); 184 } 185 } 186 187 break; 188 case SSL_ERROR_WANT_READ: 189 BIO_set_retry_read(b); 190 break; 191 case SSL_ERROR_WANT_WRITE: 192 BIO_set_retry_write(b); 193 break; 194 case SSL_ERROR_WANT_X509_LOOKUP: 195 BIO_set_retry_special(b); 196 retry_reason = BIO_RR_SSL_X509_LOOKUP; 197 break; 198 case SSL_ERROR_WANT_ACCEPT: 199 BIO_set_retry_special(b); 200 retry_reason = BIO_RR_ACCEPT; 201 break; 202 case SSL_ERROR_WANT_CONNECT: 203 BIO_set_retry_special(b); 204 retry_reason = BIO_RR_CONNECT; 205 break; 206 case SSL_ERROR_SYSCALL: 207 case SSL_ERROR_SSL: 208 case SSL_ERROR_ZERO_RETURN: 209 default: 210 break; 211 } 212 213 b->retry_reason = retry_reason; 214 return (ret); 215 } 216 217 static int 218 ssl_write(BIO *b, const char *out, int outl) 219 { 220 int ret, r = 0; 221 int retry_reason = 0; 222 SSL *ssl; 223 BIO_SSL *bs; 224 225 if (out == NULL) 226 return (0); 227 bs = (BIO_SSL *)b->ptr; 228 ssl = bs->ssl; 229 230 BIO_clear_retry_flags(b); 231 232 /* ret=SSL_do_handshake(ssl); 233 if (ret > 0) */ 234 ret = SSL_write(ssl, out, outl); 235 236 switch (SSL_get_error(ssl, ret)) { 237 case SSL_ERROR_NONE: 238 if (ret <= 0) 239 break; 240 if (bs->renegotiate_count > 0) { 241 bs->byte_count += ret; 242 if (bs->byte_count > bs->renegotiate_count) { 243 bs->byte_count = 0; 244 bs->num_renegotiates++; 245 SSL_renegotiate(ssl); 246 r = 1; 247 } 248 } 249 if ((bs->renegotiate_timeout > 0) && (!r)) { 250 time_t tm; 251 252 tm = time(NULL); 253 if (tm > bs->last_time + bs->renegotiate_timeout) { 254 bs->last_time = tm; 255 bs->num_renegotiates++; 256 SSL_renegotiate(ssl); 257 } 258 } 259 break; 260 case SSL_ERROR_WANT_WRITE: 261 BIO_set_retry_write(b); 262 break; 263 case SSL_ERROR_WANT_READ: 264 BIO_set_retry_read(b); 265 break; 266 case SSL_ERROR_WANT_X509_LOOKUP: 267 BIO_set_retry_special(b); 268 retry_reason = BIO_RR_SSL_X509_LOOKUP; 269 break; 270 case SSL_ERROR_WANT_CONNECT: 271 BIO_set_retry_special(b); 272 retry_reason = BIO_RR_CONNECT; 273 case SSL_ERROR_SYSCALL: 274 case SSL_ERROR_SSL: 275 default: 276 break; 277 } 278 279 b->retry_reason = retry_reason; 280 return (ret); 281 } 282 283 static long 284 ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 285 { 286 SSL **sslp, *ssl; 287 BIO_SSL *bs; 288 BIO *dbio, *bio; 289 long ret = 1; 290 291 bs = (BIO_SSL *)b->ptr; 292 ssl = bs->ssl; 293 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 294 return (0); 295 switch (cmd) { 296 case BIO_CTRL_RESET: 297 SSL_shutdown(ssl); 298 299 if (ssl->handshake_func == ssl->method->ssl_connect) 300 SSL_set_connect_state(ssl); 301 else if (ssl->handshake_func == ssl->method->ssl_accept) 302 SSL_set_accept_state(ssl); 303 304 SSL_clear(ssl); 305 306 if (b->next_bio != NULL) 307 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 308 else if (ssl->rbio != NULL) 309 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 310 else 311 ret = 1; 312 break; 313 case BIO_CTRL_INFO: 314 ret = 0; 315 break; 316 case BIO_C_SSL_MODE: 317 if (num) /* client mode */ 318 SSL_set_connect_state(ssl); 319 else 320 SSL_set_accept_state(ssl); 321 break; 322 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 323 ret = bs->renegotiate_timeout; 324 if (num < 60) 325 num = 5; 326 bs->renegotiate_timeout = (unsigned long)num; 327 bs->last_time = time(NULL); 328 break; 329 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 330 ret = bs->renegotiate_count; 331 if ((long)num >=512) 332 bs->renegotiate_count = (unsigned long)num; 333 break; 334 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 335 ret = bs->num_renegotiates; 336 break; 337 case BIO_C_SET_SSL: 338 if (ssl != NULL) { 339 ssl_free(b); 340 if (!ssl_new(b)) 341 return 0; 342 } 343 b->shutdown = (int)num; 344 ssl = (SSL *)ptr; 345 ((BIO_SSL *)b->ptr)->ssl = ssl; 346 bio = SSL_get_rbio(ssl); 347 if (bio != NULL) { 348 if (b->next_bio != NULL) 349 BIO_push(bio, b->next_bio); 350 b->next_bio = bio; 351 CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); 352 } 353 b->init = 1; 354 break; 355 case BIO_C_GET_SSL: 356 if (ptr != NULL) { 357 sslp = (SSL **)ptr; 358 *sslp = ssl; 359 } else 360 ret = 0; 361 break; 362 case BIO_CTRL_GET_CLOSE: 363 ret = b->shutdown; 364 break; 365 case BIO_CTRL_SET_CLOSE: 366 b->shutdown = (int)num; 367 break; 368 case BIO_CTRL_WPENDING: 369 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 370 break; 371 case BIO_CTRL_PENDING: 372 ret = SSL_pending(ssl); 373 if (ret == 0) 374 ret = BIO_pending(ssl->rbio); 375 break; 376 case BIO_CTRL_FLUSH: 377 BIO_clear_retry_flags(b); 378 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 379 BIO_copy_next_retry(b); 380 break; 381 case BIO_CTRL_PUSH: 382 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) { 383 SSL_set_bio(ssl, b->next_bio, b->next_bio); 384 CRYPTO_add(&b->next_bio->references, 1, 385 CRYPTO_LOCK_BIO); 386 } 387 break; 388 case BIO_CTRL_POP: 389 /* Only detach if we are the BIO explicitly being popped */ 390 if (b == ptr) { 391 /* Shouldn't happen in practice because the 392 * rbio and wbio are the same when pushed. 393 */ 394 if (ssl->rbio != ssl->wbio) 395 BIO_free_all(ssl->wbio); 396 if (b->next_bio != NULL) 397 CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO); 398 ssl->wbio = NULL; 399 ssl->rbio = NULL; 400 } 401 break; 402 case BIO_C_DO_STATE_MACHINE: 403 BIO_clear_retry_flags(b); 404 405 b->retry_reason = 0; 406 ret = (int)SSL_do_handshake(ssl); 407 408 switch (SSL_get_error(ssl, (int)ret)) { 409 case SSL_ERROR_WANT_READ: 410 BIO_set_flags(b, 411 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); 412 break; 413 case SSL_ERROR_WANT_WRITE: 414 BIO_set_flags(b, 415 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); 416 break; 417 case SSL_ERROR_WANT_CONNECT: 418 BIO_set_flags(b, 419 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); 420 b->retry_reason = b->next_bio->retry_reason; 421 break; 422 default: 423 break; 424 } 425 break; 426 case BIO_CTRL_DUP: 427 dbio = (BIO *)ptr; 428 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) 429 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); 430 ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl); 431 ((BIO_SSL *)dbio->ptr)->renegotiate_count = 432 ((BIO_SSL *)b->ptr)->renegotiate_count; 433 ((BIO_SSL *)dbio->ptr)->byte_count = 434 ((BIO_SSL *)b->ptr)->byte_count; 435 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout = 436 ((BIO_SSL *)b->ptr)->renegotiate_timeout; 437 ((BIO_SSL *)dbio->ptr)->last_time = 438 ((BIO_SSL *)b->ptr)->last_time; 439 ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL); 440 break; 441 case BIO_C_GET_FD: 442 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 443 break; 444 case BIO_CTRL_SET_CALLBACK: 445 { 446 ret = 0; 447 } 448 break; 449 case BIO_CTRL_GET_CALLBACK: 450 { 451 void (**fptr)(const SSL *xssl, int type, int val); 452 453 fptr = (void (**)(const SSL *xssl, int type, int val)) 454 ptr; 455 *fptr = SSL_get_info_callback(ssl); 456 } 457 break; 458 default: 459 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 460 break; 461 } 462 return (ret); 463 } 464 465 static long 466 ssl_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) 467 { 468 SSL *ssl; 469 BIO_SSL *bs; 470 long ret = 1; 471 472 bs = (BIO_SSL *)b->ptr; 473 ssl = bs->ssl; 474 switch (cmd) { 475 case BIO_CTRL_SET_CALLBACK: 476 { 477 /* FIXME: setting this via a completely different prototype 478 seems like a crap idea */ 479 SSL_set_info_callback(ssl, 480 (void (*)(const SSL *, int, int))fp); 481 } 482 break; 483 default: 484 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 485 break; 486 } 487 return (ret); 488 } 489 490 static int 491 ssl_puts(BIO *bp, const char *str) 492 { 493 int n, ret; 494 495 n = strlen(str); 496 ret = BIO_write(bp, str, n); 497 return (ret); 498 } 499 500 BIO * 501 BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 502 { 503 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 504 505 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 506 goto err; 507 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 508 goto err; 509 if ((ret = BIO_push(buf, ssl)) == NULL) 510 goto err; 511 return (ret); 512 513 err: 514 BIO_free(buf); 515 BIO_free(ssl); 516 return (NULL); 517 } 518 LSSL_ALIAS(BIO_new_buffer_ssl_connect); 519 520 BIO * 521 BIO_new_ssl_connect(SSL_CTX *ctx) 522 { 523 BIO *ret = NULL, *con = NULL, *ssl = NULL; 524 525 if ((con = BIO_new(BIO_s_connect())) == NULL) 526 goto err; 527 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 528 goto err; 529 if ((ret = BIO_push(ssl, con)) == NULL) 530 goto err; 531 return (ret); 532 533 err: 534 BIO_free(con); 535 BIO_free(ssl); 536 return (NULL); 537 } 538 LSSL_ALIAS(BIO_new_ssl_connect); 539 540 BIO * 541 BIO_new_ssl(SSL_CTX *ctx, int client) 542 { 543 BIO *ret; 544 SSL *ssl; 545 546 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 547 goto err; 548 if ((ssl = SSL_new(ctx)) == NULL) 549 goto err; 550 551 if (client) 552 SSL_set_connect_state(ssl); 553 else 554 SSL_set_accept_state(ssl); 555 556 BIO_set_ssl(ret, ssl, BIO_CLOSE); 557 return (ret); 558 559 err: 560 BIO_free(ret); 561 return (NULL); 562 } 563 LSSL_ALIAS(BIO_new_ssl); 564 565 int 566 BIO_ssl_copy_session_id(BIO *t, BIO *f) 567 { 568 t = BIO_find_type(t, BIO_TYPE_SSL); 569 f = BIO_find_type(f, BIO_TYPE_SSL); 570 if ((t == NULL) || (f == NULL)) 571 return (0); 572 if ((((BIO_SSL *)t->ptr)->ssl == NULL) || 573 (((BIO_SSL *)f->ptr)->ssl == NULL)) 574 return (0); 575 if (!SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, 576 ((BIO_SSL *)f->ptr)->ssl)) 577 return (0); 578 return (1); 579 } 580 LSSL_ALIAS(BIO_ssl_copy_session_id); 581 582 void 583 BIO_ssl_shutdown(BIO *b) 584 { 585 SSL *s; 586 587 while (b != NULL) { 588 if (b->method->type == BIO_TYPE_SSL) { 589 s = ((BIO_SSL *)b->ptr)->ssl; 590 SSL_shutdown(s); 591 break; 592 } 593 b = b->next_bio; 594 } 595 } 596 LSSL_ALIAS(BIO_ssl_shutdown); 597