1 /** 2 * \file net_sockets.h 3 * 4 * \brief Network sockets abstraction layer to integrate Mbed TLS into a 5 * BSD-style sockets API. 6 * 7 * The network sockets module provides an example integration of the 8 * Mbed TLS library into a BSD sockets implementation. The module is 9 * intended to be an example of how Mbed TLS can be integrated into a 10 * networking stack, as well as to be Mbed TLS's network integration 11 * for its supported platforms. 12 * 13 * The module is intended only to be used with the Mbed TLS library and 14 * is not intended to be used by third party application software 15 * directly. 16 * 17 * The supported platforms are as follows: 18 * * Microsoft Windows and Windows CE 19 * * POSIX/Unix platforms including Linux, OS X 20 * 21 */ 22 /* 23 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 24 * SPDX-License-Identifier: GPL-2.0 25 * 26 * This program is free software; you can redistribute it and/or modify 27 * it under the terms of the GNU General Public License as published by 28 * the Free Software Foundation; either version 2 of the License, or 29 * (at your option) any later version. 30 * 31 * This program is distributed in the hope that it will be useful, 32 * but WITHOUT ANY WARRANTY; without even the implied warranty of 33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 34 * GNU General Public License for more details. 35 * 36 * You should have received a copy of the GNU General Public License along 37 * with this program; if not, write to the Free Software Foundation, Inc., 38 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 39 * 40 * This file is part of mbed TLS (https://tls.mbed.org) 41 */ 42 #ifndef MBEDTLS_NET_SOCKETS_H 43 #define MBEDTLS_NET_SOCKETS_H 44 45 #if !defined(MBEDTLS_CONFIG_FILE) 46 #include "config.h" 47 #else 48 #include MBEDTLS_CONFIG_FILE 49 #endif 50 51 #include "ssl.h" 52 53 #include <stddef.h> 54 #include <stdint.h> 55 56 #define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ 57 #define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ 58 #define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ 59 #define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ 60 #define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ 61 #define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ 62 #define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ 63 #define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ 64 #define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ 65 #define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ 66 #define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ 67 #define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */ 68 #define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */ 69 70 #define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ 71 72 #define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */ 73 #define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */ 74 75 #define MBEDTLS_NET_POLL_READ 1 /**< Used in \c mbedtls_net_poll to check for pending data */ 76 #define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */ 77 78 #ifdef __cplusplus 79 extern "C" { 80 #endif 81 82 /** 83 * Wrapper type for sockets. 84 * 85 * Currently backed by just a file descriptor, but might be more in the future 86 * (eg two file descriptors for combined IPv4 + IPv6 support, or additional 87 * structures for hand-made UDP demultiplexing). 88 */ 89 typedef struct 90 { 91 int fd; /**< The underlying file descriptor */ 92 } 93 mbedtls_net_context; 94 95 /** 96 * \brief Initialize a context 97 * Just makes the context ready to be used or freed safely. 98 * 99 * \param ctx Context to initialize 100 */ 101 void mbedtls_net_init( mbedtls_net_context *ctx ); 102 103 /** 104 * \brief Initiate a connection with host:port in the given protocol 105 * 106 * \param ctx Socket to use 107 * \param host Host to connect to 108 * \param port Port to connect to 109 * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP 110 * 111 * \return 0 if successful, or one of: 112 * MBEDTLS_ERR_NET_SOCKET_FAILED, 113 * MBEDTLS_ERR_NET_UNKNOWN_HOST, 114 * MBEDTLS_ERR_NET_CONNECT_FAILED 115 * 116 * \note Sets the socket in connected mode even with UDP. 117 */ 118 int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); 119 120 /** 121 * \brief Create a receiving socket on bind_ip:port in the chosen 122 * protocol. If bind_ip == NULL, all interfaces are bound. 123 * 124 * \param ctx Socket to use 125 * \param bind_ip IP to bind to, can be NULL 126 * \param port Port number to use 127 * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP 128 * 129 * \return 0 if successful, or one of: 130 * MBEDTLS_ERR_NET_SOCKET_FAILED, 131 * MBEDTLS_ERR_NET_BIND_FAILED, 132 * MBEDTLS_ERR_NET_LISTEN_FAILED 133 * 134 * \note Regardless of the protocol, opens the sockets and binds it. 135 * In addition, make the socket listening if protocol is TCP. 136 */ 137 int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); 138 139 /** 140 * \brief Accept a connection from a remote client 141 * 142 * \param bind_ctx Relevant socket 143 * \param client_ctx Will contain the connected client socket 144 * \param client_ip Will contain the client IP address, can be NULL 145 * \param buf_size Size of the client_ip buffer 146 * \param ip_len Will receive the size of the client IP written, 147 * can be NULL if client_ip is null 148 * 149 * \return 0 if successful, or 150 * MBEDTLS_ERR_NET_ACCEPT_FAILED, or 151 * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small, 152 * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to 153 * non-blocking and accept() would block. 154 */ 155 int mbedtls_net_accept( mbedtls_net_context *bind_ctx, 156 mbedtls_net_context *client_ctx, 157 void *client_ip, size_t buf_size, size_t *ip_len ); 158 159 /** 160 * \brief Check and wait for the context to be ready for read/write 161 * 162 * \param ctx Socket to check 163 * \param rw Bitflag composed of MBEDTLS_NET_POLL_READ and 164 * MBEDTLS_NET_POLL_WRITE specifying the events 165 * to wait for: 166 * - If MBEDTLS_NET_POLL_READ is set, the function 167 * will return as soon as the net context is available 168 * for reading. 169 * - If MBEDTLS_NET_POLL_WRITE is set, the function 170 * will return as soon as the net context is available 171 * for writing. 172 * \param timeout Maximal amount of time to wait before returning, 173 * in milliseconds. If \c timeout is zero, the 174 * function returns immediately. If \c timeout is 175 * -1u, the function blocks potentially indefinitely. 176 * 177 * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE 178 * on success or timeout, or a negative return code otherwise. 179 */ 180 int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); 181 182 /** 183 * \brief Set the socket blocking 184 * 185 * \param ctx Socket to set 186 * 187 * \return 0 if successful, or a non-zero error code 188 */ 189 int mbedtls_net_set_block( mbedtls_net_context *ctx ); 190 191 /** 192 * \brief Set the socket non-blocking 193 * 194 * \param ctx Socket to set 195 * 196 * \return 0 if successful, or a non-zero error code 197 */ 198 int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); 199 200 /** 201 * \brief Portable usleep helper 202 * 203 * \param usec Amount of microseconds to sleep 204 * 205 * \note Real amount of time slept will not be less than 206 * select()'s timeout granularity (typically, 10ms). 207 */ 208 void mbedtls_net_usleep( unsigned long usec ); 209 210 /** 211 * \brief Read at most 'len' characters. If no error occurs, 212 * the actual amount read is returned. 213 * 214 * \param ctx Socket 215 * \param buf The buffer to write to 216 * \param len Maximum length of the buffer 217 * 218 * \return the number of bytes received, 219 * or a non-zero error code; with a non-blocking socket, 220 * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. 221 */ 222 int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); 223 224 /** 225 * \brief Write at most 'len' characters. If no error occurs, 226 * the actual amount read is returned. 227 * 228 * \param ctx Socket 229 * \param buf The buffer to read from 230 * \param len The length of the buffer 231 * 232 * \return the number of bytes sent, 233 * or a non-zero error code; with a non-blocking socket, 234 * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. 235 */ 236 int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); 237 238 /** 239 * \brief Read at most 'len' characters, blocking for at most 240 * 'timeout' seconds. If no error occurs, the actual amount 241 * read is returned. 242 * 243 * \param ctx Socket 244 * \param buf The buffer to write to 245 * \param len Maximum length of the buffer 246 * \param timeout Maximum number of milliseconds to wait for data 247 * 0 means no timeout (wait forever) 248 * 249 * \return the number of bytes received, 250 * or a non-zero error code: 251 * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, 252 * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. 253 * 254 * \note This function will block (until data becomes available or 255 * timeout is reached) even if the socket is set to 256 * non-blocking. Handling timeouts with non-blocking reads 257 * requires a different strategy. 258 */ 259 int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, 260 uint32_t timeout ); 261 262 /** 263 * \brief Gracefully shutdown the connection and free associated data 264 * 265 * \param ctx The context to free 266 */ 267 void mbedtls_net_free( mbedtls_net_context *ctx ); 268 269 #ifdef __cplusplus 270 } 271 #endif 272 273 #endif /* net_sockets.h */ 274