1 /*
2  * Copyright (c) 2009-2012 Niels Provos and Nick Mathewson
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  * 3. The name of the author may not be used to endorse or promote products
13  *    derived from this software without specific prior written permission.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  */
26 
27 #include <sys/types.h>
28 
29 #include "event2/event-config.h"
30 
31 #ifdef _EVENT_HAVE_SYS_TIME_H
32 #include <sys/time.h>
33 #endif
34 
35 #include <errno.h>
36 #include <stdio.h>
37 #include <stdlib.h>
38 #include <string.h>
39 #ifdef _EVENT_HAVE_STDARG_H
40 #include <stdarg.h>
41 #endif
42 #ifdef _EVENT_HAVE_UNISTD_H
43 #include <unistd.h>
44 #endif
45 
46 #ifdef WIN32
47 #include <winsock2.h>
48 #endif
49 
50 #include "event2/bufferevent.h"
51 #include "event2/bufferevent_struct.h"
52 #include "event2/bufferevent_ssl.h"
53 #include "event2/buffer.h"
54 #include "event2/event.h"
55 
56 #include "mm-internal.h"
57 #include "bufferevent-internal.h"
58 #include "log-internal.h"
59 
60 #include <openssl/bio.h>
61 #include <openssl/ssl.h>
62 #include <openssl/err.h>
63 
64 /*
65  * Define an OpenSSL bio that targets a bufferevent.
66  */
67 
68 /* --------------------
69    A BIO is an OpenSSL abstraction that handles reading and writing data.  The
70    library will happily speak SSL over anything that implements a BIO
71    interface.
72 
73    Here we define a BIO implementation that directs its output to a
74    bufferevent.  We'll want to use this only when none of OpenSSL's built-in
75    IO mechanisms work for us.
76    -------------------- */
77 
78 /* every BIO type needs its own integer type value. */
79 #define BIO_TYPE_LIBEVENT 57
80 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on
81  * this. */
82 
83 #if 0
84 static void
85 print_err(int val)
86 {
87 	int err;
88 	printf("Error was %d\n", val);
89 
90 	while ((err = ERR_get_error())) {
91 		const char *msg = (const char*)ERR_reason_error_string(err);
92 		const char *lib = (const char*)ERR_lib_error_string(err);
93 		const char *func = (const char*)ERR_func_error_string(err);
94 
95 		printf("%s in %s %s\n", msg, lib, func);
96 	}
97 }
98 #else
99 #define print_err(v) ((void)0)
100 #endif
101 
102 /* Called to initialize a new BIO */
103 static int
bio_bufferevent_new(BIO * b)104 bio_bufferevent_new(BIO *b)
105 {
106 	b->init = 0;
107 	b->num = -1;
108 	b->ptr = NULL; /* We'll be putting the bufferevent in this field.*/
109 	b->flags = 0;
110 	return 1;
111 }
112 
113 /* Called to uninitialize the BIO. */
114 static int
bio_bufferevent_free(BIO * b)115 bio_bufferevent_free(BIO *b)
116 {
117 	if (!b)
118 		return 0;
119 	if (b->shutdown) {
120 		if (b->init && b->ptr)
121 			bufferevent_free(b->ptr);
122 		b->init = 0;
123 		b->flags = 0;
124 		b->ptr = NULL;
125 	}
126 	return 1;
127 }
128 
129 /* Called to extract data from the BIO. */
130 static int
bio_bufferevent_read(BIO * b,char * out,int outlen)131 bio_bufferevent_read(BIO *b, char *out, int outlen)
132 {
133 	int r = 0;
134 	struct evbuffer *input;
135 
136 	BIO_clear_retry_flags(b);
137 
138 	if (!out)
139 		return 0;
140 	if (!b->ptr)
141 		return -1;
142 
143 	input = bufferevent_get_input(b->ptr);
144 	if (evbuffer_get_length(input) == 0) {
145 		/* If there's no data to read, say so. */
146 		BIO_set_retry_read(b);
147 		return -1;
148 	} else {
149 		r = evbuffer_remove(input, out, outlen);
150 	}
151 
152 	return r;
153 }
154 
155 /* Called to write data info the BIO */
156 static int
bio_bufferevent_write(BIO * b,const char * in,int inlen)157 bio_bufferevent_write(BIO *b, const char *in, int inlen)
158 {
159 	struct bufferevent *bufev = b->ptr;
160 	struct evbuffer *output;
161 	size_t outlen;
162 
163 	BIO_clear_retry_flags(b);
164 
165 	if (!b->ptr)
166 		return -1;
167 
168 	output = bufferevent_get_output(bufev);
169 	outlen = evbuffer_get_length(output);
170 
171 	/* Copy only as much data onto the output buffer as can fit under the
172 	 * high-water mark. */
173 	if (bufev->wm_write.high && bufev->wm_write.high <= (outlen+inlen)) {
174 		if (bufev->wm_write.high <= outlen) {
175 			/* If no data can fit, we'll need to retry later. */
176 			BIO_set_retry_write(b);
177 			return -1;
178 		}
179 		inlen = bufev->wm_write.high - outlen;
180 	}
181 
182 	EVUTIL_ASSERT(inlen > 0);
183 	evbuffer_add(output, in, inlen);
184 	return inlen;
185 }
186 
187 /* Called to handle various requests */
188 static long
bio_bufferevent_ctrl(BIO * b,int cmd,long num,void * ptr)189 bio_bufferevent_ctrl(BIO *b, int cmd, long num, void *ptr)
190 {
191 	struct bufferevent *bufev = b->ptr;
192 	long ret = 1;
193 
194 	switch (cmd) {
195 	case BIO_CTRL_GET_CLOSE:
196 		ret = b->shutdown;
197 		break;
198 	case BIO_CTRL_SET_CLOSE:
199 		b->shutdown = (int)num;
200 		break;
201 	case BIO_CTRL_PENDING:
202 		ret = evbuffer_get_length(bufferevent_get_input(bufev)) != 0;
203 		break;
204 	case BIO_CTRL_WPENDING:
205 		ret = evbuffer_get_length(bufferevent_get_output(bufev)) != 0;
206 		break;
207 	/* XXXX These two are given a special-case treatment because
208 	 * of cargo-cultism.  I should come up with a better reason. */
209 	case BIO_CTRL_DUP:
210 	case BIO_CTRL_FLUSH:
211 		ret = 1;
212 		break;
213 	default:
214 		ret = 0;
215 		break;
216 	}
217 	return ret;
218 }
219 
220 /* Called to write a string to the BIO */
221 static int
bio_bufferevent_puts(BIO * b,const char * s)222 bio_bufferevent_puts(BIO *b, const char *s)
223 {
224 	return bio_bufferevent_write(b, s, strlen(s));
225 }
226 
227 /* Method table for the bufferevent BIO */
228 static BIO_METHOD methods_bufferevent = {
229 	BIO_TYPE_LIBEVENT, "bufferevent",
230 	bio_bufferevent_write,
231 	bio_bufferevent_read,
232 	bio_bufferevent_puts,
233 	NULL /* bio_bufferevent_gets */,
234 	bio_bufferevent_ctrl,
235 	bio_bufferevent_new,
236 	bio_bufferevent_free,
237 	NULL /* callback_ctrl */,
238 };
239 
240 /* Return the method table for the bufferevents BIO */
241 static BIO_METHOD *
BIO_s_bufferevent(void)242 BIO_s_bufferevent(void)
243 {
244 	return &methods_bufferevent;
245 }
246 
247 /* Create a new BIO to wrap communication around a bufferevent.  If close_flag
248  * is true, the bufferevent will be freed when the BIO is closed. */
249 static BIO *
BIO_new_bufferevent(struct bufferevent * bufferevent,int close_flag)250 BIO_new_bufferevent(struct bufferevent *bufferevent, int close_flag)
251 {
252 	BIO *result;
253 	if (!bufferevent)
254 		return NULL;
255 	if (!(result = BIO_new(BIO_s_bufferevent())))
256 		return NULL;
257 	result->init = 1;
258 	result->ptr = bufferevent;
259 	result->shutdown = close_flag ? 1 : 0;
260 	return result;
261 }
262 
263 /* --------------------
264    Now, here's the OpenSSL-based implementation of bufferevent.
265 
266    The implementation comes in two flavors: one that connects its SSL object
267    to an underlying bufferevent using a BIO_bufferevent, and one that has the
268    SSL object connect to a socket directly.  The latter should generally be
269    faster, except on Windows, where your best bet is using a
270    bufferevent_async.
271 
272    (OpenSSL supports many other BIO types, too.  But we can't use any unless
273    we have a good way to get notified when they become readable/writable.)
274    -------------------- */
275 
276 struct bio_data_counts {
277 	unsigned long n_written;
278 	unsigned long n_read;
279 };
280 
281 struct bufferevent_openssl {
282 	/* Shared fields with common bufferevent implementation code.
283 	   If we were set up with an underlying bufferevent, we use the
284 	   events here as timers only.  If we have an SSL, then we use
285 	   the events as socket events.
286 	 */
287 	struct bufferevent_private bev;
288 	/* An underlying bufferevent that we're directing our output to.
289 	   If it's NULL, then we're connected to an fd, not an evbuffer. */
290 	struct bufferevent *underlying;
291 	/* The SSL object doing our encryption. */
292 	SSL *ssl;
293 
294 	/* A callback that's invoked when data arrives on our outbuf so we
295 	   know to write data to the SSL. */
296 	struct evbuffer_cb_entry *outbuf_cb;
297 
298 	/* A count of how much data the bios have read/written total.  Used
299 	   for rate-limiting. */
300 	struct bio_data_counts counts;
301 
302 	/* If this value is greater than 0, then the last SSL_write blocked,
303 	 * and we need to try it again with this many bytes. */
304 	ev_ssize_t last_write;
305 
306 #define NUM_ERRORS 3
307 	ev_uint32_t errors[NUM_ERRORS];
308 
309 	/* When we next get available space, we should say "read" instead of
310 	   "write". This can happen if there's a renegotiation during a read
311 	   operation. */
312 	unsigned read_blocked_on_write : 1;
313 	/* When we next get data, we should say "write" instead of "read". */
314 	unsigned write_blocked_on_read : 1;
315 	/* XXX */
316 	unsigned allow_dirty_shutdown : 1;
317 	/* XXXX */
318 	unsigned fd_is_set : 1;
319 	/* XXX */
320 	unsigned n_errors : 2;
321 
322 	/* Are we currently connecting, accepting, or doing IO? */
323 	unsigned state : 2;
324 };
325 
326 static int be_openssl_enable(struct bufferevent *, short);
327 static int be_openssl_disable(struct bufferevent *, short);
328 static void be_openssl_destruct(struct bufferevent *);
329 static int be_openssl_adj_timeouts(struct bufferevent *);
330 static int be_openssl_flush(struct bufferevent *bufev,
331     short iotype, enum bufferevent_flush_mode mode);
332 static int be_openssl_ctrl(struct bufferevent *, enum bufferevent_ctrl_op, union bufferevent_ctrl_data *);
333 
334 const struct bufferevent_ops bufferevent_ops_openssl = {
335 	"ssl",
336 	evutil_offsetof(struct bufferevent_openssl, bev.bev),
337 	be_openssl_enable,
338 	be_openssl_disable,
339 	be_openssl_destruct,
340 	be_openssl_adj_timeouts,
341 	be_openssl_flush,
342 	be_openssl_ctrl,
343 };
344 
345 /* Given a bufferevent, return a pointer to the bufferevent_openssl that
346  * contains it, if any. */
347 static inline struct bufferevent_openssl *
upcast(struct bufferevent * bev)348 upcast(struct bufferevent *bev)
349 {
350 	struct bufferevent_openssl *bev_o;
351 	if (bev->be_ops != &bufferevent_ops_openssl)
352 		return NULL;
353 	bev_o = (void*)( ((char*)bev) -
354 			 evutil_offsetof(struct bufferevent_openssl, bev.bev));
355 	EVUTIL_ASSERT(bev_o->bev.bev.be_ops == &bufferevent_ops_openssl);
356 	return bev_o;
357 }
358 
359 static inline void
put_error(struct bufferevent_openssl * bev_ssl,unsigned long err)360 put_error(struct bufferevent_openssl *bev_ssl, unsigned long err)
361 {
362 	if (bev_ssl->n_errors == NUM_ERRORS)
363 		return;
364 	/* The error type according to openssl is "unsigned long", but
365 	   openssl never uses more than 32 bits of it.  It _can't_ use more
366 	   than 32 bits of it, since it needs to report errors on systems
367 	   where long is only 32 bits.
368 	 */
369 	bev_ssl->errors[bev_ssl->n_errors++] = (ev_uint32_t) err;
370 }
371 
372 /* Have the base communications channel (either the underlying bufferevent or
373  * ev_read and ev_write) start reading.  Take the read-blocked-on-write flag
374  * into account. */
375 static int
start_reading(struct bufferevent_openssl * bev_ssl)376 start_reading(struct bufferevent_openssl *bev_ssl)
377 {
378 	if (bev_ssl->underlying) {
379 		bufferevent_unsuspend_read(bev_ssl->underlying,
380 		    BEV_SUSPEND_FILT_READ);
381 		return 0;
382 	} else {
383 		struct bufferevent *bev = &bev_ssl->bev.bev;
384 		int r;
385 		r = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
386 		if (r == 0 && bev_ssl->read_blocked_on_write)
387 			r = _bufferevent_add_event(&bev->ev_write,
388 			    &bev->timeout_write);
389 		return r;
390 	}
391 }
392 
393 /* Have the base communications channel (either the underlying bufferevent or
394  * ev_read and ev_write) start writing.  Take the write-blocked-on-read flag
395  * into account. */
396 static int
start_writing(struct bufferevent_openssl * bev_ssl)397 start_writing(struct bufferevent_openssl *bev_ssl)
398 {
399 	int r = 0;
400 	if (bev_ssl->underlying) {
401 		;
402 	} else {
403 		struct bufferevent *bev = &bev_ssl->bev.bev;
404 		r = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
405 		if (!r && bev_ssl->write_blocked_on_read)
406 			r = _bufferevent_add_event(&bev->ev_read,
407 			    &bev->timeout_read);
408 	}
409 	return r;
410 }
411 
412 static void
stop_reading(struct bufferevent_openssl * bev_ssl)413 stop_reading(struct bufferevent_openssl *bev_ssl)
414 {
415 	if (bev_ssl->write_blocked_on_read)
416 		return;
417 	if (bev_ssl->underlying) {
418 		bufferevent_suspend_read(bev_ssl->underlying,
419 		    BEV_SUSPEND_FILT_READ);
420 	} else {
421 		struct bufferevent *bev = &bev_ssl->bev.bev;
422 		event_del(&bev->ev_read);
423 	}
424 }
425 
426 static void
stop_writing(struct bufferevent_openssl * bev_ssl)427 stop_writing(struct bufferevent_openssl *bev_ssl)
428 {
429 	if (bev_ssl->read_blocked_on_write)
430 		return;
431 	if (bev_ssl->underlying) {
432 		;
433 	} else {
434 		struct bufferevent *bev = &bev_ssl->bev.bev;
435 		event_del(&bev->ev_write);
436 	}
437 }
438 
439 static int
set_rbow(struct bufferevent_openssl * bev_ssl)440 set_rbow(struct bufferevent_openssl *bev_ssl)
441 {
442 	if (!bev_ssl->underlying)
443 		stop_reading(bev_ssl);
444 	bev_ssl->read_blocked_on_write = 1;
445 	return start_writing(bev_ssl);
446 }
447 
448 static int
set_wbor(struct bufferevent_openssl * bev_ssl)449 set_wbor(struct bufferevent_openssl *bev_ssl)
450 {
451 	if (!bev_ssl->underlying)
452 		stop_writing(bev_ssl);
453 	bev_ssl->write_blocked_on_read = 1;
454 	return start_reading(bev_ssl);
455 }
456 
457 static int
clear_rbow(struct bufferevent_openssl * bev_ssl)458 clear_rbow(struct bufferevent_openssl *bev_ssl)
459 {
460 	struct bufferevent *bev = &bev_ssl->bev.bev;
461 	int r = 0;
462 	bev_ssl->read_blocked_on_write = 0;
463 	if (!(bev->enabled & EV_WRITE))
464 		stop_writing(bev_ssl);
465 	if (bev->enabled & EV_READ)
466 		r = start_reading(bev_ssl);
467 	return r;
468 }
469 
470 
471 static int
clear_wbor(struct bufferevent_openssl * bev_ssl)472 clear_wbor(struct bufferevent_openssl *bev_ssl)
473 {
474 	struct bufferevent *bev = &bev_ssl->bev.bev;
475 	int r = 0;
476 	bev_ssl->write_blocked_on_read = 0;
477 	if (!(bev->enabled & EV_READ))
478 		stop_reading(bev_ssl);
479 	if (bev->enabled & EV_WRITE)
480 		r = start_writing(bev_ssl);
481 	return r;
482 }
483 
484 static void
conn_closed(struct bufferevent_openssl * bev_ssl,int errcode,int ret)485 conn_closed(struct bufferevent_openssl *bev_ssl, int errcode, int ret)
486 {
487 	int event = BEV_EVENT_ERROR;
488 	int dirty_shutdown = 0;
489 	unsigned long err;
490 
491 	switch (errcode) {
492 	case SSL_ERROR_ZERO_RETURN:
493 		/* Possibly a clean shutdown. */
494 		if (SSL_get_shutdown(bev_ssl->ssl) & SSL_RECEIVED_SHUTDOWN)
495 			event = BEV_EVENT_EOF;
496 		else
497 			dirty_shutdown = 1;
498 		break;
499 	case SSL_ERROR_SYSCALL:
500 		/* IO error; possibly a dirty shutdown. */
501 		if (ret == 0 && ERR_peek_error() == 0)
502 			dirty_shutdown = 1;
503 		break;
504 	case SSL_ERROR_SSL:
505 		/* Protocol error. */
506 		break;
507 	case SSL_ERROR_WANT_X509_LOOKUP:
508 		/* XXXX handle this. */
509 		break;
510 	case SSL_ERROR_NONE:
511 	case SSL_ERROR_WANT_READ:
512 	case SSL_ERROR_WANT_WRITE:
513 	case SSL_ERROR_WANT_CONNECT:
514 	case SSL_ERROR_WANT_ACCEPT:
515 	default:
516 		/* should be impossible; treat as normal error. */
517 		event_warnx("BUG: Unexpected OpenSSL error code %d", errcode);
518 		break;
519 	}
520 
521 	while ((err = ERR_get_error())) {
522 		put_error(bev_ssl, err);
523 	}
524 
525 	if (dirty_shutdown && bev_ssl->allow_dirty_shutdown)
526 		event = BEV_EVENT_EOF;
527 
528 	stop_reading(bev_ssl);
529 	stop_writing(bev_ssl);
530 
531 	_bufferevent_run_eventcb(&bev_ssl->bev.bev, event);
532 }
533 
534 static void
init_bio_counts(struct bufferevent_openssl * bev_ssl)535 init_bio_counts(struct bufferevent_openssl *bev_ssl)
536 {
537 	bev_ssl->counts.n_written =
538 	    BIO_number_written(SSL_get_wbio(bev_ssl->ssl));
539 	bev_ssl->counts.n_read =
540 	    BIO_number_read(SSL_get_rbio(bev_ssl->ssl));
541 }
542 
543 static inline void
decrement_buckets(struct bufferevent_openssl * bev_ssl)544 decrement_buckets(struct bufferevent_openssl *bev_ssl)
545 {
546 	unsigned long num_w = BIO_number_written(SSL_get_wbio(bev_ssl->ssl));
547 	unsigned long num_r = BIO_number_read(SSL_get_rbio(bev_ssl->ssl));
548 	/* These next two subtractions can wrap around. That's okay. */
549 	unsigned long w = num_w - bev_ssl->counts.n_written;
550 	unsigned long r = num_r - bev_ssl->counts.n_read;
551 	if (w)
552 		_bufferevent_decrement_write_buckets(&bev_ssl->bev, w);
553 	if (r)
554 		_bufferevent_decrement_read_buckets(&bev_ssl->bev, r);
555 	bev_ssl->counts.n_written = num_w;
556 	bev_ssl->counts.n_read = num_r;
557 }
558 
559 #define OP_MADE_PROGRESS 1
560 #define OP_BLOCKED 2
561 #define OP_ERR 4
562 
563 /* Return a bitmask of OP_MADE_PROGRESS (if we read anything); OP_BLOCKED (if
564    we're now blocked); and OP_ERR (if an error occurred). */
565 static int
do_read(struct bufferevent_openssl * bev_ssl,int n_to_read)566 do_read(struct bufferevent_openssl *bev_ssl, int n_to_read) {
567 	/* Requires lock */
568 	struct bufferevent *bev = &bev_ssl->bev.bev;
569 	struct evbuffer *input = bev->input;
570 	int r, n, i, n_used = 0, atmost;
571 	struct evbuffer_iovec space[2];
572 	int result = 0;
573 
574 	if (bev_ssl->bev.read_suspended)
575 		return 0;
576 
577 	atmost = _bufferevent_get_read_max(&bev_ssl->bev);
578 	if (n_to_read > atmost)
579 		n_to_read = atmost;
580 
581 	n = evbuffer_reserve_space(input, n_to_read, space, 2);
582 	if (n < 0)
583 		return OP_ERR;
584 
585 	for (i=0; i<n; ++i) {
586 		if (bev_ssl->bev.read_suspended)
587 			break;
588 		r = SSL_read(bev_ssl->ssl, space[i].iov_base, space[i].iov_len);
589 		if (r>0) {
590 			result |= OP_MADE_PROGRESS;
591 			if (bev_ssl->read_blocked_on_write)
592 				if (clear_rbow(bev_ssl) < 0)
593 					return OP_ERR | result;
594 			++n_used;
595 			space[i].iov_len = r;
596 			decrement_buckets(bev_ssl);
597 		} else {
598 			int err = SSL_get_error(bev_ssl->ssl, r);
599 			print_err(err);
600 			switch (err) {
601 			case SSL_ERROR_WANT_READ:
602 				/* Can't read until underlying has more data. */
603 				if (bev_ssl->read_blocked_on_write)
604 					if (clear_rbow(bev_ssl) < 0)
605 						return OP_ERR | result;
606 				break;
607 			case SSL_ERROR_WANT_WRITE:
608 				/* This read operation requires a write, and the
609 				 * underlying is full */
610 				if (!bev_ssl->read_blocked_on_write)
611 					if (set_rbow(bev_ssl) < 0)
612 						return OP_ERR | result;
613 				break;
614 			default:
615 				conn_closed(bev_ssl, err, r);
616 				break;
617 			}
618 			result |= OP_BLOCKED;
619 			break; /* out of the loop */
620 		}
621 	}
622 
623 	if (n_used) {
624 		evbuffer_commit_space(input, space, n_used);
625 		if (bev_ssl->underlying)
626 			BEV_RESET_GENERIC_READ_TIMEOUT(bev);
627 	}
628 
629 	return result;
630 }
631 
632 /* Return a bitmask of OP_MADE_PROGRESS (if we wrote anything); OP_BLOCKED (if
633    we're now blocked); and OP_ERR (if an error occurred). */
634 static int
do_write(struct bufferevent_openssl * bev_ssl,int atmost)635 do_write(struct bufferevent_openssl *bev_ssl, int atmost)
636 {
637 	int i, r, n, n_written = 0;
638 	struct bufferevent *bev = &bev_ssl->bev.bev;
639 	struct evbuffer *output = bev->output;
640 	struct evbuffer_iovec space[8];
641 	int result = 0;
642 
643 	if (bev_ssl->last_write > 0)
644 		atmost = bev_ssl->last_write;
645 	else
646 		atmost = _bufferevent_get_write_max(&bev_ssl->bev);
647 
648 	n = evbuffer_peek(output, atmost, NULL, space, 8);
649 	if (n < 0)
650 		return OP_ERR | result;
651 
652 	if (n > 8)
653 		n = 8;
654 	for (i=0; i < n; ++i) {
655 		if (bev_ssl->bev.write_suspended)
656 			break;
657 
658 		/* SSL_write will (reasonably) return 0 if we tell it to
659 		   send 0 data.  Skip this case so we don't interpret the
660 		   result as an error */
661 		if (space[i].iov_len == 0)
662 			continue;
663 
664 		r = SSL_write(bev_ssl->ssl, space[i].iov_base,
665 		    space[i].iov_len);
666 		if (r > 0) {
667 			result |= OP_MADE_PROGRESS;
668 			if (bev_ssl->write_blocked_on_read)
669 				if (clear_wbor(bev_ssl) < 0)
670 					return OP_ERR | result;
671 			n_written += r;
672 			bev_ssl->last_write = -1;
673 			decrement_buckets(bev_ssl);
674 		} else {
675 			int err = SSL_get_error(bev_ssl->ssl, r);
676 			print_err(err);
677 			switch (err) {
678 			case SSL_ERROR_WANT_WRITE:
679 				/* Can't read until underlying has more data. */
680 				if (bev_ssl->write_blocked_on_read)
681 					if (clear_wbor(bev_ssl) < 0)
682 						return OP_ERR | result;
683 				bev_ssl->last_write = space[i].iov_len;
684 				break;
685 			case SSL_ERROR_WANT_READ:
686 				/* This read operation requires a write, and the
687 				 * underlying is full */
688 				if (!bev_ssl->write_blocked_on_read)
689 					if (set_wbor(bev_ssl) < 0)
690 						return OP_ERR | result;
691 				bev_ssl->last_write = space[i].iov_len;
692 				break;
693 			default:
694 				conn_closed(bev_ssl, err, r);
695 				bev_ssl->last_write = -1;
696 				break;
697 			}
698 			result |= OP_BLOCKED;
699 			break;
700 		}
701 	}
702 	if (n_written) {
703 		evbuffer_drain(output, n_written);
704 		if (bev_ssl->underlying)
705 			BEV_RESET_GENERIC_WRITE_TIMEOUT(bev);
706 
707 		if (evbuffer_get_length(output) <= bev->wm_write.low)
708 			_bufferevent_run_writecb(bev);
709 	}
710 	return result;
711 }
712 
713 #define WRITE_FRAME 15000
714 
715 #define READ_DEFAULT 4096
716 
717 /* Try to figure out how many bytes to read; return 0 if we shouldn't be
718  * reading. */
719 static int
bytes_to_read(struct bufferevent_openssl * bev)720 bytes_to_read(struct bufferevent_openssl *bev)
721 {
722 	struct evbuffer *input = bev->bev.bev.input;
723 	struct event_watermark *wm = &bev->bev.bev.wm_read;
724 	int result = READ_DEFAULT;
725 	ev_ssize_t limit;
726 	/* XXX 99% of this is generic code that nearly all bufferevents will
727 	 * want. */
728 
729 	if (bev->write_blocked_on_read) {
730 		return 0;
731 	}
732 
733 	if (! (bev->bev.bev.enabled & EV_READ)) {
734 		return 0;
735 	}
736 
737 	if (bev->bev.read_suspended) {
738 		return 0;
739 	}
740 
741 	if (wm->high) {
742 		if (evbuffer_get_length(input) >= wm->high) {
743 			return 0;
744 		}
745 
746 		result = wm->high - evbuffer_get_length(input);
747 	} else {
748 		result = READ_DEFAULT;
749 	}
750 
751 	/* Respect the rate limit */
752 	limit = _bufferevent_get_read_max(&bev->bev);
753 	if (result > limit) {
754 		result = limit;
755 	}
756 
757 	return result;
758 }
759 
760 
761 /* Things look readable.  If write is blocked on read, write till it isn't.
762  * Read from the underlying buffer until we block or we hit our high-water
763  * mark.
764  */
765 static void
consider_reading(struct bufferevent_openssl * bev_ssl)766 consider_reading(struct bufferevent_openssl *bev_ssl)
767 {
768 	int r;
769 	int n_to_read;
770 	int all_result_flags = 0;
771 
772 	while (bev_ssl->write_blocked_on_read) {
773 		r = do_write(bev_ssl, WRITE_FRAME);
774 		if (r & (OP_BLOCKED|OP_ERR))
775 			break;
776 	}
777 	if (bev_ssl->write_blocked_on_read)
778 		return;
779 
780 	n_to_read = bytes_to_read(bev_ssl);
781 
782 	while (n_to_read) {
783 		r = do_read(bev_ssl, n_to_read);
784 		all_result_flags |= r;
785 
786 		if (r & (OP_BLOCKED|OP_ERR))
787 			break;
788 
789 		if (bev_ssl->bev.read_suspended)
790 			break;
791 
792 		/* Read all pending data.  This won't hit the network
793 		 * again, and will (most importantly) put us in a state
794 		 * where we don't need to read anything else until the
795 		 * socket is readable again.  It'll potentially make us
796 		 * overrun our read high-watermark (somewhat
797 		 * regrettable).  The damage to the rate-limit has
798 		 * already been done, since OpenSSL went and read a
799 		 * whole SSL record anyway. */
800 		n_to_read = SSL_pending(bev_ssl->ssl);
801 
802 		/* XXX This if statement is actually a bad bug, added to avoid
803 		 * XXX a worse bug.
804 		 *
805 		 * The bad bug: It can potentially cause resource unfairness
806 		 * by reading too much data from the underlying bufferevent;
807 		 * it can potentially cause read looping if the underlying
808 		 * bufferevent is a bufferevent_pair and deferred callbacks
809 		 * aren't used.
810 		 *
811 		 * The worse bug: If we didn't do this, then we would
812 		 * potentially not read any more from bev_ssl->underlying
813 		 * until more data arrived there, which could lead to us
814 		 * waiting forever.
815 		 */
816 		if (!n_to_read && bev_ssl->underlying)
817 			n_to_read = bytes_to_read(bev_ssl);
818 	}
819 
820 	if (all_result_flags & OP_MADE_PROGRESS) {
821 		struct bufferevent *bev = &bev_ssl->bev.bev;
822 		struct evbuffer *input = bev->input;
823 
824 		if (evbuffer_get_length(input) >= bev->wm_read.low) {
825 			_bufferevent_run_readcb(bev);
826 		}
827 	}
828 
829 	if (!bev_ssl->underlying) {
830 		/* Should be redundant, but let's avoid busy-looping */
831 		if (bev_ssl->bev.read_suspended ||
832 		    !(bev_ssl->bev.bev.enabled & EV_READ)) {
833 			event_del(&bev_ssl->bev.bev.ev_read);
834 		}
835 	}
836 }
837 
838 static void
consider_writing(struct bufferevent_openssl * bev_ssl)839 consider_writing(struct bufferevent_openssl *bev_ssl)
840 {
841 	int r;
842 	struct evbuffer *output = bev_ssl->bev.bev.output;
843 	struct evbuffer *target = NULL;
844 	struct event_watermark *wm = NULL;
845 
846 	while (bev_ssl->read_blocked_on_write) {
847 		r = do_read(bev_ssl, 1024); /* XXXX 1024 is a hack */
848 		if (r & OP_MADE_PROGRESS) {
849 			struct bufferevent *bev = &bev_ssl->bev.bev;
850 			struct evbuffer *input = bev->input;
851 
852 			if (evbuffer_get_length(input) >= bev->wm_read.low) {
853 				_bufferevent_run_readcb(bev);
854 			}
855 		}
856 		if (r & (OP_ERR|OP_BLOCKED))
857 			break;
858 	}
859 	if (bev_ssl->read_blocked_on_write)
860 		return;
861 	if (bev_ssl->underlying) {
862 		target = bev_ssl->underlying->output;
863 		wm = &bev_ssl->underlying->wm_write;
864 	}
865 	while ((bev_ssl->bev.bev.enabled & EV_WRITE) &&
866 	    (! bev_ssl->bev.write_suspended) &&
867 	    evbuffer_get_length(output) &&
868 	    (!target || (! wm->high || evbuffer_get_length(target) < wm->high))) {
869 		int n_to_write;
870 		if (wm && wm->high)
871 			n_to_write = wm->high - evbuffer_get_length(target);
872 		else
873 			n_to_write = WRITE_FRAME;
874 		r = do_write(bev_ssl, n_to_write);
875 		if (r & (OP_BLOCKED|OP_ERR))
876 			break;
877 	}
878 
879 	if (!bev_ssl->underlying) {
880 		if (evbuffer_get_length(output) == 0) {
881 			event_del(&bev_ssl->bev.bev.ev_write);
882 		} else if (bev_ssl->bev.write_suspended ||
883 		    !(bev_ssl->bev.bev.enabled & EV_WRITE)) {
884 			/* Should be redundant, but let's avoid busy-looping */
885 			event_del(&bev_ssl->bev.bev.ev_write);
886 		}
887 	}
888 }
889 
890 static void
be_openssl_readcb(struct bufferevent * bev_base,void * ctx)891 be_openssl_readcb(struct bufferevent *bev_base, void *ctx)
892 {
893 	struct bufferevent_openssl *bev_ssl = ctx;
894 	consider_reading(bev_ssl);
895 }
896 
897 static void
be_openssl_writecb(struct bufferevent * bev_base,void * ctx)898 be_openssl_writecb(struct bufferevent *bev_base, void *ctx)
899 {
900 	struct bufferevent_openssl *bev_ssl = ctx;
901 	consider_writing(bev_ssl);
902 }
903 
904 static void
be_openssl_eventcb(struct bufferevent * bev_base,short what,void * ctx)905 be_openssl_eventcb(struct bufferevent *bev_base, short what, void *ctx)
906 {
907 	struct bufferevent_openssl *bev_ssl = ctx;
908 	int event = 0;
909 
910 	if (what & BEV_EVENT_EOF) {
911 		if (bev_ssl->allow_dirty_shutdown)
912 			event = BEV_EVENT_EOF;
913 		else
914 			event = BEV_EVENT_ERROR;
915 	} else if (what & BEV_EVENT_TIMEOUT) {
916 		/* We sure didn't set this.  Propagate it to the user. */
917 		event = what;
918 	} else if (what & BEV_EVENT_ERROR) {
919 		/* An error occurred on the connection.  Propagate it to the user. */
920 		event = what;
921 	} else if (what & BEV_EVENT_CONNECTED) {
922 		/* Ignore it.  We're saying SSL_connect() already, which will
923 		   eat it. */
924 	}
925 	if (event)
926 		_bufferevent_run_eventcb(&bev_ssl->bev.bev, event);
927 }
928 
929 static void
be_openssl_readeventcb(evutil_socket_t fd,short what,void * ptr)930 be_openssl_readeventcb(evutil_socket_t fd, short what, void *ptr)
931 {
932 	struct bufferevent_openssl *bev_ssl = ptr;
933 	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
934 	if (what == EV_TIMEOUT) {
935 		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
936 		    BEV_EVENT_TIMEOUT|BEV_EVENT_READING);
937 	} else {
938 		consider_reading(bev_ssl);
939 	}
940 	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
941 }
942 
943 static void
be_openssl_writeeventcb(evutil_socket_t fd,short what,void * ptr)944 be_openssl_writeeventcb(evutil_socket_t fd, short what, void *ptr)
945 {
946 	struct bufferevent_openssl *bev_ssl = ptr;
947 	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
948 	if (what == EV_TIMEOUT) {
949 		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
950 		    BEV_EVENT_TIMEOUT|BEV_EVENT_WRITING);
951 	} else {
952 		consider_writing(bev_ssl);
953 	}
954 	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
955 }
956 
957 static int
set_open_callbacks(struct bufferevent_openssl * bev_ssl,evutil_socket_t fd)958 set_open_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd)
959 {
960 	if (bev_ssl->underlying) {
961 		bufferevent_setcb(bev_ssl->underlying,
962 		    be_openssl_readcb, be_openssl_writecb, be_openssl_eventcb,
963 		    bev_ssl);
964 		return 0;
965 	} else {
966 		struct bufferevent *bev = &bev_ssl->bev.bev;
967 		int rpending=0, wpending=0, r1=0, r2=0;
968 		if (fd < 0 && bev_ssl->fd_is_set)
969 			fd = event_get_fd(&bev->ev_read);
970 		if (bev_ssl->fd_is_set) {
971 			rpending = event_pending(&bev->ev_read, EV_READ, NULL);
972 			wpending = event_pending(&bev->ev_write, EV_WRITE, NULL);
973 			event_del(&bev->ev_read);
974 			event_del(&bev->ev_write);
975 		}
976 		event_assign(&bev->ev_read, bev->ev_base, fd,
977 		    EV_READ|EV_PERSIST, be_openssl_readeventcb, bev_ssl);
978 		event_assign(&bev->ev_write, bev->ev_base, fd,
979 		    EV_WRITE|EV_PERSIST, be_openssl_writeeventcb, bev_ssl);
980 		if (rpending)
981 			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
982 		if (wpending)
983 			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
984 		if (fd >= 0) {
985 			bev_ssl->fd_is_set = 1;
986 		}
987 		return (r1<0 || r2<0) ? -1 : 0;
988 	}
989 }
990 
991 static int
do_handshake(struct bufferevent_openssl * bev_ssl)992 do_handshake(struct bufferevent_openssl *bev_ssl)
993 {
994 	int r;
995 
996 	switch (bev_ssl->state) {
997 	default:
998 	case BUFFEREVENT_SSL_OPEN:
999 		EVUTIL_ASSERT(0);
1000 		return -1;
1001 	case BUFFEREVENT_SSL_CONNECTING:
1002 	case BUFFEREVENT_SSL_ACCEPTING:
1003 		r = SSL_do_handshake(bev_ssl->ssl);
1004 		break;
1005 	}
1006 	decrement_buckets(bev_ssl);
1007 
1008 	if (r==1) {
1009 		/* We're done! */
1010 		bev_ssl->state = BUFFEREVENT_SSL_OPEN;
1011 		set_open_callbacks(bev_ssl, -1); /* XXXX handle failure */
1012 		/* Call do_read and do_write as needed */
1013 		bufferevent_enable(&bev_ssl->bev.bev, bev_ssl->bev.bev.enabled);
1014 		_bufferevent_run_eventcb(&bev_ssl->bev.bev,
1015 		    BEV_EVENT_CONNECTED);
1016 		return 1;
1017 	} else {
1018 		int err = SSL_get_error(bev_ssl->ssl, r);
1019 		print_err(err);
1020 		switch (err) {
1021 		case SSL_ERROR_WANT_WRITE:
1022 			if (!bev_ssl->underlying) {
1023 				stop_reading(bev_ssl);
1024 				return start_writing(bev_ssl);
1025 			}
1026 			return 0;
1027 		case SSL_ERROR_WANT_READ:
1028 			if (!bev_ssl->underlying) {
1029 				stop_writing(bev_ssl);
1030 				return start_reading(bev_ssl);
1031 			}
1032 			return 0;
1033 		default:
1034 			conn_closed(bev_ssl, err, r);
1035 			return -1;
1036 		}
1037 	}
1038 }
1039 
1040 static void
be_openssl_handshakecb(struct bufferevent * bev_base,void * ctx)1041 be_openssl_handshakecb(struct bufferevent *bev_base, void *ctx)
1042 {
1043 	struct bufferevent_openssl *bev_ssl = ctx;
1044 	do_handshake(bev_ssl);/* XXX handle failure */
1045 }
1046 
1047 static void
be_openssl_handshakeeventcb(evutil_socket_t fd,short what,void * ptr)1048 be_openssl_handshakeeventcb(evutil_socket_t fd, short what, void *ptr)
1049 {
1050 	struct bufferevent_openssl *bev_ssl = ptr;
1051 
1052 	_bufferevent_incref_and_lock(&bev_ssl->bev.bev);
1053 	if (what & EV_TIMEOUT) {
1054 		_bufferevent_run_eventcb(&bev_ssl->bev.bev, BEV_EVENT_TIMEOUT);
1055 	} else
1056 		do_handshake(bev_ssl);/* XXX handle failure */
1057 	_bufferevent_decref_and_unlock(&bev_ssl->bev.bev);
1058 }
1059 
1060 static int
set_handshake_callbacks(struct bufferevent_openssl * bev_ssl,evutil_socket_t fd)1061 set_handshake_callbacks(struct bufferevent_openssl *bev_ssl, evutil_socket_t fd)
1062 {
1063 	if (bev_ssl->underlying) {
1064 		bufferevent_setcb(bev_ssl->underlying,
1065 		    be_openssl_handshakecb, be_openssl_handshakecb,
1066 		    be_openssl_eventcb,
1067 		    bev_ssl);
1068 		return do_handshake(bev_ssl);
1069 	} else {
1070 		struct bufferevent *bev = &bev_ssl->bev.bev;
1071 		int r1=0, r2=0;
1072 		if (fd < 0 && bev_ssl->fd_is_set)
1073 			fd = event_get_fd(&bev->ev_read);
1074 		if (bev_ssl->fd_is_set) {
1075 			event_del(&bev->ev_read);
1076 			event_del(&bev->ev_write);
1077 		}
1078 		event_assign(&bev->ev_read, bev->ev_base, fd,
1079 		    EV_READ|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl);
1080 		event_assign(&bev->ev_write, bev->ev_base, fd,
1081 		    EV_WRITE|EV_PERSIST, be_openssl_handshakeeventcb, bev_ssl);
1082 		if (fd >= 0) {
1083 			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
1084 			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
1085 			bev_ssl->fd_is_set = 1;
1086 		}
1087 		return (r1<0 || r2<0) ? -1 : 0;
1088 	}
1089 }
1090 
1091 int
bufferevent_ssl_renegotiate(struct bufferevent * bev)1092 bufferevent_ssl_renegotiate(struct bufferevent *bev)
1093 {
1094 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1095 	if (!bev_ssl)
1096 		return -1;
1097 	if (SSL_renegotiate(bev_ssl->ssl) < 0)
1098 		return -1;
1099 	bev_ssl->state = BUFFEREVENT_SSL_CONNECTING;
1100 	if (set_handshake_callbacks(bev_ssl, -1) < 0)
1101 		return -1;
1102 	if (!bev_ssl->underlying)
1103 		return do_handshake(bev_ssl);
1104 	return 0;
1105 }
1106 
1107 static void
be_openssl_outbuf_cb(struct evbuffer * buf,const struct evbuffer_cb_info * cbinfo,void * arg)1108 be_openssl_outbuf_cb(struct evbuffer *buf,
1109     const struct evbuffer_cb_info *cbinfo, void *arg)
1110 {
1111 	struct bufferevent_openssl *bev_ssl = arg;
1112 	int r = 0;
1113 	/* XXX need to hold a reference here. */
1114 
1115 	if (cbinfo->n_added && bev_ssl->state == BUFFEREVENT_SSL_OPEN) {
1116 		if (cbinfo->orig_size == 0)
1117 			r = _bufferevent_add_event(&bev_ssl->bev.bev.ev_write,
1118 			    &bev_ssl->bev.bev.timeout_write);
1119 		consider_writing(bev_ssl);
1120 	}
1121 	/* XXX Handle r < 0 */
1122         (void)r;
1123 }
1124 
1125 
1126 static int
be_openssl_enable(struct bufferevent * bev,short events)1127 be_openssl_enable(struct bufferevent *bev, short events)
1128 {
1129 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1130 	int r1 = 0, r2 = 0;
1131 
1132 	if (bev_ssl->state != BUFFEREVENT_SSL_OPEN)
1133 		return 0;
1134 
1135 	if (events & EV_READ)
1136 		r1 = start_reading(bev_ssl);
1137 	if (events & EV_WRITE)
1138 		r2 = start_writing(bev_ssl);
1139 
1140 	if (bev_ssl->underlying) {
1141 		if (events & EV_READ)
1142 			BEV_RESET_GENERIC_READ_TIMEOUT(bev);
1143 		if (events & EV_WRITE)
1144 			BEV_RESET_GENERIC_WRITE_TIMEOUT(bev);
1145 
1146 		if (events & EV_READ)
1147 			consider_reading(bev_ssl);
1148 		if (events & EV_WRITE)
1149 			consider_writing(bev_ssl);
1150 	}
1151 	return (r1 < 0 || r2 < 0) ? -1 : 0;
1152 }
1153 
1154 static int
be_openssl_disable(struct bufferevent * bev,short events)1155 be_openssl_disable(struct bufferevent *bev, short events)
1156 {
1157 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1158 	if (bev_ssl->state != BUFFEREVENT_SSL_OPEN)
1159 		return 0;
1160 
1161 	if (events & EV_READ)
1162 		stop_reading(bev_ssl);
1163 	if (events & EV_WRITE)
1164 		stop_writing(bev_ssl);
1165 
1166 	if (bev_ssl->underlying) {
1167 		if (events & EV_READ)
1168 			BEV_DEL_GENERIC_READ_TIMEOUT(bev);
1169 		if (events & EV_WRITE)
1170 			BEV_DEL_GENERIC_WRITE_TIMEOUT(bev);
1171 	}
1172 	return 0;
1173 }
1174 
1175 static void
be_openssl_destruct(struct bufferevent * bev)1176 be_openssl_destruct(struct bufferevent *bev)
1177 {
1178 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1179 
1180 	if (bev_ssl->underlying) {
1181 		_bufferevent_del_generic_timeout_cbs(bev);
1182 	} else {
1183 		event_del(&bev->ev_read);
1184 		event_del(&bev->ev_write);
1185 	}
1186 
1187 	if (bev_ssl->bev.options & BEV_OPT_CLOSE_ON_FREE) {
1188 		if (bev_ssl->underlying) {
1189 			if (BEV_UPCAST(bev_ssl->underlying)->refcnt < 2) {
1190 				event_warnx("BEV_OPT_CLOSE_ON_FREE set on an "
1191 				    "bufferevent with too few references");
1192 			} else {
1193 				bufferevent_free(bev_ssl->underlying);
1194 				bev_ssl->underlying = NULL;
1195 			}
1196 		} else {
1197 			evutil_socket_t fd = -1;
1198 			BIO *bio = SSL_get_wbio(bev_ssl->ssl);
1199 			if (bio)
1200 				fd = BIO_get_fd(bio, NULL);
1201 			if (fd >= 0)
1202 				evutil_closesocket(fd);
1203 		}
1204 		SSL_free(bev_ssl->ssl);
1205 	} else {
1206 		if (bev_ssl->underlying) {
1207 			if (bev_ssl->underlying->errorcb == be_openssl_eventcb)
1208 				bufferevent_setcb(bev_ssl->underlying,
1209 				    NULL,NULL,NULL,NULL);
1210 			bufferevent_unsuspend_read(bev_ssl->underlying,
1211 			    BEV_SUSPEND_FILT_READ);
1212 		}
1213 	}
1214 }
1215 
1216 static int
be_openssl_adj_timeouts(struct bufferevent * bev)1217 be_openssl_adj_timeouts(struct bufferevent *bev)
1218 {
1219 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1220 
1221 	if (bev_ssl->underlying)
1222 		return _bufferevent_generic_adj_timeouts(bev);
1223 	else {
1224 		int r1=0, r2=0;
1225 		if (event_pending(&bev->ev_read, EV_READ, NULL))
1226 			r1 = _bufferevent_add_event(&bev->ev_read, &bev->timeout_read);
1227 		if (event_pending(&bev->ev_write, EV_WRITE, NULL))
1228 			r2 = _bufferevent_add_event(&bev->ev_write, &bev->timeout_write);
1229 		return (r1<0 || r2<0) ? -1 : 0;
1230 	}
1231 }
1232 
1233 static int
be_openssl_flush(struct bufferevent * bufev,short iotype,enum bufferevent_flush_mode mode)1234 be_openssl_flush(struct bufferevent *bufev,
1235     short iotype, enum bufferevent_flush_mode mode)
1236 {
1237 	/* XXXX Implement this. */
1238 	return 0;
1239 }
1240 
1241 static int
be_openssl_ctrl(struct bufferevent * bev,enum bufferevent_ctrl_op op,union bufferevent_ctrl_data * data)1242 be_openssl_ctrl(struct bufferevent *bev,
1243     enum bufferevent_ctrl_op op, union bufferevent_ctrl_data *data)
1244 {
1245 	struct bufferevent_openssl *bev_ssl = upcast(bev);
1246 	switch (op) {
1247 	case BEV_CTRL_SET_FD:
1248 		if (bev_ssl->underlying)
1249 			return -1;
1250 		{
1251 			BIO *bio;
1252 			bio = BIO_new_socket(data->fd, 0);
1253 			SSL_set_bio(bev_ssl->ssl, bio, bio);
1254 			bev_ssl->fd_is_set = 1;
1255 		}
1256 		if (bev_ssl->state == BUFFEREVENT_SSL_OPEN)
1257 			return set_open_callbacks(bev_ssl, data->fd);
1258 		else {
1259 			return set_handshake_callbacks(bev_ssl, data->fd);
1260 		}
1261 	case BEV_CTRL_GET_FD:
1262 		if (bev_ssl->underlying)
1263 			return -1;
1264 		if (!bev_ssl->fd_is_set)
1265 			return -1;
1266 		data->fd = event_get_fd(&bev->ev_read);
1267 		return 0;
1268 	case BEV_CTRL_GET_UNDERLYING:
1269 		if (!bev_ssl->underlying)
1270 			return -1;
1271 		data->ptr = bev_ssl->underlying;
1272 		return 0;
1273 	case BEV_CTRL_CANCEL_ALL:
1274 	default:
1275 		return -1;
1276 	}
1277 }
1278 
1279 SSL *
bufferevent_openssl_get_ssl(struct bufferevent * bufev)1280 bufferevent_openssl_get_ssl(struct bufferevent *bufev)
1281 {
1282 	struct bufferevent_openssl *bev_ssl = upcast(bufev);
1283 	if (!bev_ssl)
1284 		return NULL;
1285 	return bev_ssl->ssl;
1286 }
1287 
1288 static struct bufferevent *
bufferevent_openssl_new_impl(struct event_base * base,struct bufferevent * underlying,evutil_socket_t fd,SSL * ssl,enum bufferevent_ssl_state state,int options)1289 bufferevent_openssl_new_impl(struct event_base *base,
1290     struct bufferevent *underlying,
1291     evutil_socket_t fd,
1292     SSL *ssl,
1293     enum bufferevent_ssl_state state,
1294     int options)
1295 {
1296 	struct bufferevent_openssl *bev_ssl = NULL;
1297 	struct bufferevent_private *bev_p = NULL;
1298 	int tmp_options = options & ~BEV_OPT_THREADSAFE;
1299 
1300 	if (underlying != NULL && fd >= 0)
1301 		return NULL; /* Only one can be set. */
1302 
1303 	if (!(bev_ssl = mm_calloc(1, sizeof(struct bufferevent_openssl))))
1304 		goto err;
1305 
1306 	bev_p = &bev_ssl->bev;
1307 
1308 	if (bufferevent_init_common(bev_p, base,
1309 		&bufferevent_ops_openssl, tmp_options) < 0)
1310 		goto err;
1311 
1312 	/* Don't explode if we decide to realloc a chunk we're writing from in
1313 	 * the output buffer. */
1314 	SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
1315 
1316 	bev_ssl->underlying = underlying;
1317 	bev_ssl->ssl = ssl;
1318 
1319 	bev_ssl->outbuf_cb = evbuffer_add_cb(bev_p->bev.output,
1320 	    be_openssl_outbuf_cb, bev_ssl);
1321 
1322 	if (options & BEV_OPT_THREADSAFE)
1323 		bufferevent_enable_locking(&bev_ssl->bev.bev, NULL);
1324 
1325 	if (underlying) {
1326 		_bufferevent_init_generic_timeout_cbs(&bev_ssl->bev.bev);
1327 		bufferevent_incref(underlying);
1328 	}
1329 
1330 	bev_ssl->state = state;
1331 	bev_ssl->last_write = -1;
1332 
1333 	init_bio_counts(bev_ssl);
1334 
1335 	switch (state) {
1336 	case BUFFEREVENT_SSL_ACCEPTING:
1337 		SSL_set_accept_state(bev_ssl->ssl);
1338 		if (set_handshake_callbacks(bev_ssl, fd) < 0)
1339 			goto err;
1340 		break;
1341 	case BUFFEREVENT_SSL_CONNECTING:
1342 		SSL_set_connect_state(bev_ssl->ssl);
1343 		if (set_handshake_callbacks(bev_ssl, fd) < 0)
1344 			goto err;
1345 		break;
1346 	case BUFFEREVENT_SSL_OPEN:
1347 		if (set_open_callbacks(bev_ssl, fd) < 0)
1348 			goto err;
1349 		break;
1350 	default:
1351 		goto err;
1352 	}
1353 
1354 	if (underlying) {
1355 		bufferevent_setwatermark(underlying, EV_READ, 0, 0);
1356 		bufferevent_enable(underlying, EV_READ|EV_WRITE);
1357 		if (state == BUFFEREVENT_SSL_OPEN)
1358 			bufferevent_suspend_read(underlying,
1359 			    BEV_SUSPEND_FILT_READ);
1360 	} else {
1361 		bev_ssl->bev.bev.enabled = EV_READ|EV_WRITE;
1362 		if (bev_ssl->fd_is_set) {
1363 			if (state != BUFFEREVENT_SSL_OPEN)
1364 				if (event_add(&bev_ssl->bev.bev.ev_read, NULL) < 0)
1365 					goto err;
1366 			if (event_add(&bev_ssl->bev.bev.ev_write, NULL) < 0)
1367 				goto err;
1368 		}
1369 	}
1370 
1371 	return &bev_ssl->bev.bev;
1372 err:
1373 	if (bev_ssl)
1374 		bufferevent_free(&bev_ssl->bev.bev);
1375 	return NULL;
1376 }
1377 
1378 struct bufferevent *
bufferevent_openssl_filter_new(struct event_base * base,struct bufferevent * underlying,SSL * ssl,enum bufferevent_ssl_state state,int options)1379 bufferevent_openssl_filter_new(struct event_base *base,
1380     struct bufferevent *underlying,
1381     SSL *ssl,
1382     enum bufferevent_ssl_state state,
1383     int options)
1384 {
1385 	/* We don't tell the BIO to close the bufferevent; we do it ourselves
1386 	 * on be_openssl_destruct */
1387 	int close_flag = 0; /* options & BEV_OPT_CLOSE_ON_FREE; */
1388 	BIO *bio;
1389 	if (!underlying)
1390 		return NULL;
1391 	if (!(bio = BIO_new_bufferevent(underlying, close_flag)))
1392 		return NULL;
1393 
1394 	SSL_set_bio(ssl, bio, bio);
1395 
1396 	return bufferevent_openssl_new_impl(
1397 		base, underlying, -1, ssl, state, options);
1398 }
1399 
1400 struct bufferevent *
bufferevent_openssl_socket_new(struct event_base * base,evutil_socket_t fd,SSL * ssl,enum bufferevent_ssl_state state,int options)1401 bufferevent_openssl_socket_new(struct event_base *base,
1402     evutil_socket_t fd,
1403     SSL *ssl,
1404     enum bufferevent_ssl_state state,
1405     int options)
1406 {
1407 	/* Does the SSL already have an fd? */
1408 	BIO *bio = SSL_get_wbio(ssl);
1409 	long have_fd = -1;
1410 
1411 	if (bio)
1412 		have_fd = BIO_get_fd(bio, NULL);
1413 
1414 	if (have_fd >= 0) {
1415 		/* The SSL is already configured with an fd. */
1416 		if (fd < 0) {
1417 			/* We should learn the fd from the SSL. */
1418 			fd = (evutil_socket_t) have_fd;
1419 		} else if (have_fd == (long)fd) {
1420 			/* We already know the fd from the SSL; do nothing */
1421 		} else {
1422 			/* We specified an fd different from that of the SSL.
1423 			   This is probably an error on our part.  Fail. */
1424 			return NULL;
1425 		}
1426 		(void) BIO_set_close(bio, 0);
1427 	} else {
1428 		/* The SSL isn't configured with a BIO with an fd. */
1429 		if (fd >= 0) {
1430 			/* ... and we have an fd we want to use. */
1431 			bio = BIO_new_socket(fd, 0);
1432 			SSL_set_bio(ssl, bio, bio);
1433 		} else {
1434 			/* Leave the fd unset. */
1435 		}
1436 	}
1437 
1438 	return bufferevent_openssl_new_impl(
1439 		base, NULL, fd, ssl, state, options);
1440 }
1441 
1442 unsigned long
bufferevent_get_openssl_error(struct bufferevent * bev)1443 bufferevent_get_openssl_error(struct bufferevent *bev)
1444 {
1445 	unsigned long err = 0;
1446 	struct bufferevent_openssl *bev_ssl;
1447 	BEV_LOCK(bev);
1448 	bev_ssl = upcast(bev);
1449 	if (bev_ssl && bev_ssl->n_errors) {
1450 		err = bev_ssl->errors[--bev_ssl->n_errors];
1451 	}
1452 	BEV_UNLOCK(bev);
1453 	return err;
1454 }
1455