1 /* $OpenBSD: bio_ssl.c,v 1.29 2018/08/24 20:30:21 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <errno.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/bio.h> 65 #include <openssl/crypto.h> 66 #include <openssl/err.h> 67 #include <openssl/ssl.h> 68 69 #include "ssl_locl.h" 70 71 static int ssl_write(BIO *h, const char *buf, int num); 72 static int ssl_read(BIO *h, char *buf, int size); 73 static int ssl_puts(BIO *h, const char *str); 74 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 75 static int ssl_new(BIO *h); 76 static int ssl_free(BIO *data); 77 static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); 78 typedef struct bio_ssl_st { 79 SSL *ssl; /* The ssl handle :-) */ 80 /* re-negotiate every time the total number of bytes is this size */ 81 int num_renegotiates; 82 unsigned long renegotiate_count; 83 unsigned long byte_count; 84 unsigned long renegotiate_timeout; 85 time_t last_time; 86 } BIO_SSL; 87 88 static const BIO_METHOD methods_sslp = { 89 .type = BIO_TYPE_SSL, 90 .name = "ssl", 91 .bwrite = ssl_write, 92 .bread = ssl_read, 93 .bputs = ssl_puts, 94 .ctrl = ssl_ctrl, 95 .create = ssl_new, 96 .destroy = ssl_free, 97 .callback_ctrl = ssl_callback_ctrl, 98 }; 99 100 const BIO_METHOD * 101 BIO_f_ssl(void) 102 { 103 return (&methods_sslp); 104 } 105 106 static int 107 ssl_new(BIO *bi) 108 { 109 BIO_SSL *bs; 110 111 bs = calloc(1, sizeof(BIO_SSL)); 112 if (bs == NULL) { 113 SSLerrorx(ERR_R_MALLOC_FAILURE); 114 return (0); 115 } 116 bi->init = 0; 117 bi->ptr = (char *)bs; 118 bi->flags = 0; 119 return (1); 120 } 121 122 static int 123 ssl_free(BIO *a) 124 { 125 BIO_SSL *bs; 126 127 if (a == NULL) 128 return (0); 129 bs = (BIO_SSL *)a->ptr; 130 if (bs->ssl != NULL) 131 SSL_shutdown(bs->ssl); 132 if (a->shutdown) { 133 if (a->init && (bs->ssl != NULL)) 134 SSL_free(bs->ssl); 135 a->init = 0; 136 a->flags = 0; 137 } 138 free(a->ptr); 139 return (1); 140 } 141 142 static int 143 ssl_read(BIO *b, char *out, int outl) 144 { 145 int ret = 1; 146 BIO_SSL *sb; 147 SSL *ssl; 148 int retry_reason = 0; 149 int r = 0; 150 151 if (out == NULL) 152 return (0); 153 sb = (BIO_SSL *)b->ptr; 154 ssl = sb->ssl; 155 156 BIO_clear_retry_flags(b); 157 158 ret = SSL_read(ssl, out, outl); 159 160 switch (SSL_get_error(ssl, ret)) { 161 case SSL_ERROR_NONE: 162 if (ret <= 0) 163 break; 164 if (sb->renegotiate_count > 0) { 165 sb->byte_count += ret; 166 if (sb->byte_count > sb->renegotiate_count) { 167 sb->byte_count = 0; 168 sb->num_renegotiates++; 169 SSL_renegotiate(ssl); 170 r = 1; 171 } 172 } 173 if ((sb->renegotiate_timeout > 0) && (!r)) { 174 time_t tm; 175 176 tm = time(NULL); 177 if (tm > sb->last_time + sb->renegotiate_timeout) { 178 sb->last_time = tm; 179 sb->num_renegotiates++; 180 SSL_renegotiate(ssl); 181 } 182 } 183 184 break; 185 case SSL_ERROR_WANT_READ: 186 BIO_set_retry_read(b); 187 break; 188 case SSL_ERROR_WANT_WRITE: 189 BIO_set_retry_write(b); 190 break; 191 case SSL_ERROR_WANT_X509_LOOKUP: 192 BIO_set_retry_special(b); 193 retry_reason = BIO_RR_SSL_X509_LOOKUP; 194 break; 195 case SSL_ERROR_WANT_ACCEPT: 196 BIO_set_retry_special(b); 197 retry_reason = BIO_RR_ACCEPT; 198 break; 199 case SSL_ERROR_WANT_CONNECT: 200 BIO_set_retry_special(b); 201 retry_reason = BIO_RR_CONNECT; 202 break; 203 case SSL_ERROR_SYSCALL: 204 case SSL_ERROR_SSL: 205 case SSL_ERROR_ZERO_RETURN: 206 default: 207 break; 208 } 209 210 b->retry_reason = retry_reason; 211 return (ret); 212 } 213 214 static int 215 ssl_write(BIO *b, const char *out, int outl) 216 { 217 int ret, r = 0; 218 int retry_reason = 0; 219 SSL *ssl; 220 BIO_SSL *bs; 221 222 if (out == NULL) 223 return (0); 224 bs = (BIO_SSL *)b->ptr; 225 ssl = bs->ssl; 226 227 BIO_clear_retry_flags(b); 228 229 /* ret=SSL_do_handshake(ssl); 230 if (ret > 0) */ 231 ret = SSL_write(ssl, out, outl); 232 233 switch (SSL_get_error(ssl, ret)) { 234 case SSL_ERROR_NONE: 235 if (ret <= 0) 236 break; 237 if (bs->renegotiate_count > 0) { 238 bs->byte_count += ret; 239 if (bs->byte_count > bs->renegotiate_count) { 240 bs->byte_count = 0; 241 bs->num_renegotiates++; 242 SSL_renegotiate(ssl); 243 r = 1; 244 } 245 } 246 if ((bs->renegotiate_timeout > 0) && (!r)) { 247 time_t tm; 248 249 tm = time(NULL); 250 if (tm > bs->last_time + bs->renegotiate_timeout) { 251 bs->last_time = tm; 252 bs->num_renegotiates++; 253 SSL_renegotiate(ssl); 254 } 255 } 256 break; 257 case SSL_ERROR_WANT_WRITE: 258 BIO_set_retry_write(b); 259 break; 260 case SSL_ERROR_WANT_READ: 261 BIO_set_retry_read(b); 262 break; 263 case SSL_ERROR_WANT_X509_LOOKUP: 264 BIO_set_retry_special(b); 265 retry_reason = BIO_RR_SSL_X509_LOOKUP; 266 break; 267 case SSL_ERROR_WANT_CONNECT: 268 BIO_set_retry_special(b); 269 retry_reason = BIO_RR_CONNECT; 270 case SSL_ERROR_SYSCALL: 271 case SSL_ERROR_SSL: 272 default: 273 break; 274 } 275 276 b->retry_reason = retry_reason; 277 return (ret); 278 } 279 280 static long 281 ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 282 { 283 SSL **sslp, *ssl; 284 BIO_SSL *bs; 285 BIO *dbio, *bio; 286 long ret = 1; 287 288 bs = (BIO_SSL *)b->ptr; 289 ssl = bs->ssl; 290 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 291 return (0); 292 switch (cmd) { 293 case BIO_CTRL_RESET: 294 SSL_shutdown(ssl); 295 296 if (ssl->internal->handshake_func == 297 ssl->method->internal->ssl_connect) 298 SSL_set_connect_state(ssl); 299 else if (ssl->internal->handshake_func == 300 ssl->method->internal->ssl_accept) 301 SSL_set_accept_state(ssl); 302 303 SSL_clear(ssl); 304 305 if (b->next_bio != NULL) 306 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 307 else if (ssl->rbio != NULL) 308 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 309 else 310 ret = 1; 311 break; 312 case BIO_CTRL_INFO: 313 ret = 0; 314 break; 315 case BIO_C_SSL_MODE: 316 if (num) /* client mode */ 317 SSL_set_connect_state(ssl); 318 else 319 SSL_set_accept_state(ssl); 320 break; 321 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 322 ret = bs->renegotiate_timeout; 323 if (num < 60) 324 num = 5; 325 bs->renegotiate_timeout = (unsigned long)num; 326 bs->last_time = time(NULL); 327 break; 328 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 329 ret = bs->renegotiate_count; 330 if ((long)num >=512) 331 bs->renegotiate_count = (unsigned long)num; 332 break; 333 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 334 ret = bs->num_renegotiates; 335 break; 336 case BIO_C_SET_SSL: 337 if (ssl != NULL) { 338 ssl_free(b); 339 if (!ssl_new(b)) 340 return 0; 341 } 342 b->shutdown = (int)num; 343 ssl = (SSL *)ptr; 344 ((BIO_SSL *)b->ptr)->ssl = ssl; 345 bio = SSL_get_rbio(ssl); 346 if (bio != NULL) { 347 if (b->next_bio != NULL) 348 BIO_push(bio, b->next_bio); 349 b->next_bio = bio; 350 CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); 351 } 352 b->init = 1; 353 break; 354 case BIO_C_GET_SSL: 355 if (ptr != NULL) { 356 sslp = (SSL **)ptr; 357 *sslp = ssl; 358 } else 359 ret = 0; 360 break; 361 case BIO_CTRL_GET_CLOSE: 362 ret = b->shutdown; 363 break; 364 case BIO_CTRL_SET_CLOSE: 365 b->shutdown = (int)num; 366 break; 367 case BIO_CTRL_WPENDING: 368 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 369 break; 370 case BIO_CTRL_PENDING: 371 ret = SSL_pending(ssl); 372 if (ret == 0) 373 ret = BIO_pending(ssl->rbio); 374 break; 375 case BIO_CTRL_FLUSH: 376 BIO_clear_retry_flags(b); 377 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 378 BIO_copy_next_retry(b); 379 break; 380 case BIO_CTRL_PUSH: 381 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) { 382 SSL_set_bio(ssl, b->next_bio, b->next_bio); 383 CRYPTO_add(&b->next_bio->references, 1, 384 CRYPTO_LOCK_BIO); 385 } 386 break; 387 case BIO_CTRL_POP: 388 /* Only detach if we are the BIO explicitly being popped */ 389 if (b == ptr) { 390 /* Shouldn't happen in practice because the 391 * rbio and wbio are the same when pushed. 392 */ 393 if (ssl->rbio != ssl->wbio) 394 BIO_free_all(ssl->wbio); 395 if (b->next_bio != NULL) 396 CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO); 397 ssl->wbio = NULL; 398 ssl->rbio = NULL; 399 } 400 break; 401 case BIO_C_DO_STATE_MACHINE: 402 BIO_clear_retry_flags(b); 403 404 b->retry_reason = 0; 405 ret = (int)SSL_do_handshake(ssl); 406 407 switch (SSL_get_error(ssl, (int)ret)) { 408 case SSL_ERROR_WANT_READ: 409 BIO_set_flags(b, 410 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); 411 break; 412 case SSL_ERROR_WANT_WRITE: 413 BIO_set_flags(b, 414 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); 415 break; 416 case SSL_ERROR_WANT_CONNECT: 417 BIO_set_flags(b, 418 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); 419 b->retry_reason = b->next_bio->retry_reason; 420 break; 421 default: 422 break; 423 } 424 break; 425 case BIO_CTRL_DUP: 426 dbio = (BIO *)ptr; 427 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) 428 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); 429 ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl); 430 ((BIO_SSL *)dbio->ptr)->renegotiate_count = 431 ((BIO_SSL *)b->ptr)->renegotiate_count; 432 ((BIO_SSL *)dbio->ptr)->byte_count = 433 ((BIO_SSL *)b->ptr)->byte_count; 434 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout = 435 ((BIO_SSL *)b->ptr)->renegotiate_timeout; 436 ((BIO_SSL *)dbio->ptr)->last_time = 437 ((BIO_SSL *)b->ptr)->last_time; 438 ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL); 439 break; 440 case BIO_C_GET_FD: 441 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 442 break; 443 case BIO_CTRL_SET_CALLBACK: 444 { 445 ret = 0; 446 } 447 break; 448 case BIO_CTRL_GET_CALLBACK: 449 { 450 void (**fptr)(const SSL *xssl, int type, int val); 451 452 fptr = (void (**)(const SSL *xssl, int type, int val)) 453 ptr; 454 *fptr = SSL_get_info_callback(ssl); 455 } 456 break; 457 default: 458 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 459 break; 460 } 461 return (ret); 462 } 463 464 static long 465 ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) 466 { 467 SSL *ssl; 468 BIO_SSL *bs; 469 long ret = 1; 470 471 bs = (BIO_SSL *)b->ptr; 472 ssl = bs->ssl; 473 switch (cmd) { 474 case BIO_CTRL_SET_CALLBACK: 475 { 476 /* FIXME: setting this via a completely different prototype 477 seems like a crap idea */ 478 SSL_set_info_callback(ssl, 479 (void (*)(const SSL *, int, int))fp); 480 } 481 break; 482 default: 483 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 484 break; 485 } 486 return (ret); 487 } 488 489 static int 490 ssl_puts(BIO *bp, const char *str) 491 { 492 int n, ret; 493 494 n = strlen(str); 495 ret = BIO_write(bp, str, n); 496 return (ret); 497 } 498 499 BIO * 500 BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 501 { 502 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 503 504 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 505 goto err; 506 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 507 goto err; 508 if ((ret = BIO_push(buf, ssl)) == NULL) 509 goto err; 510 return (ret); 511 512 err: 513 BIO_free(buf); 514 BIO_free(ssl); 515 return (NULL); 516 } 517 518 BIO * 519 BIO_new_ssl_connect(SSL_CTX *ctx) 520 { 521 BIO *ret = NULL, *con = NULL, *ssl = NULL; 522 523 if ((con = BIO_new(BIO_s_connect())) == NULL) 524 goto err; 525 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 526 goto err; 527 if ((ret = BIO_push(ssl, con)) == NULL) 528 goto err; 529 return (ret); 530 531 err: 532 BIO_free(con); 533 BIO_free(ssl); 534 return (NULL); 535 } 536 537 BIO * 538 BIO_new_ssl(SSL_CTX *ctx, int client) 539 { 540 BIO *ret; 541 SSL *ssl; 542 543 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 544 goto err; 545 if ((ssl = SSL_new(ctx)) == NULL) 546 goto err; 547 548 if (client) 549 SSL_set_connect_state(ssl); 550 else 551 SSL_set_accept_state(ssl); 552 553 BIO_set_ssl(ret, ssl, BIO_CLOSE); 554 return (ret); 555 556 err: 557 BIO_free(ret); 558 return (NULL); 559 } 560 561 int 562 BIO_ssl_copy_session_id(BIO *t, BIO *f) 563 { 564 t = BIO_find_type(t, BIO_TYPE_SSL); 565 f = BIO_find_type(f, BIO_TYPE_SSL); 566 if ((t == NULL) || (f == NULL)) 567 return (0); 568 if ((((BIO_SSL *)t->ptr)->ssl == NULL) || 569 (((BIO_SSL *)f->ptr)->ssl == NULL)) 570 return (0); 571 if (!SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, 572 ((BIO_SSL *)f->ptr)->ssl)) 573 return (0); 574 return (1); 575 } 576 577 void 578 BIO_ssl_shutdown(BIO *b) 579 { 580 SSL *s; 581 582 while (b != NULL) { 583 if (b->method->type == BIO_TYPE_SSL) { 584 s = ((BIO_SSL *)b->ptr)->ssl; 585 SSL_shutdown(s); 586 break; 587 } 588 b = b->next_bio; 589 } 590 } 591