1 /* $OpenBSD: bio_ssl.c,v 1.33 2022/01/14 09:12:53 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <errno.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/bio.h> 65 #include <openssl/crypto.h> 66 #include <openssl/err.h> 67 #include <openssl/ssl.h> 68 69 #include "bio_local.h" 70 #include "ssl_locl.h" 71 72 static int ssl_write(BIO *h, const char *buf, int num); 73 static int ssl_read(BIO *h, char *buf, int size); 74 static int ssl_puts(BIO *h, const char *str); 75 static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); 76 static int ssl_new(BIO *h); 77 static int ssl_free(BIO *data); 78 static long ssl_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); 79 typedef struct bio_ssl_st { 80 SSL *ssl; /* The ssl handle :-) */ 81 /* re-negotiate every time the total number of bytes is this size */ 82 int num_renegotiates; 83 unsigned long renegotiate_count; 84 unsigned long byte_count; 85 unsigned long renegotiate_timeout; 86 time_t last_time; 87 } BIO_SSL; 88 89 static const BIO_METHOD methods_sslp = { 90 .type = BIO_TYPE_SSL, 91 .name = "ssl", 92 .bwrite = ssl_write, 93 .bread = ssl_read, 94 .bputs = ssl_puts, 95 .ctrl = ssl_ctrl, 96 .create = ssl_new, 97 .destroy = ssl_free, 98 .callback_ctrl = ssl_callback_ctrl, 99 }; 100 101 const BIO_METHOD * 102 BIO_f_ssl(void) 103 { 104 return (&methods_sslp); 105 } 106 107 static int 108 ssl_new(BIO *bi) 109 { 110 BIO_SSL *bs; 111 112 bs = calloc(1, sizeof(BIO_SSL)); 113 if (bs == NULL) { 114 SSLerrorx(ERR_R_MALLOC_FAILURE); 115 return (0); 116 } 117 bi->init = 0; 118 bi->ptr = (char *)bs; 119 bi->flags = 0; 120 return (1); 121 } 122 123 static int 124 ssl_free(BIO *a) 125 { 126 BIO_SSL *bs; 127 128 if (a == NULL) 129 return (0); 130 bs = (BIO_SSL *)a->ptr; 131 if (bs->ssl != NULL) 132 SSL_shutdown(bs->ssl); 133 if (a->shutdown) { 134 if (a->init && (bs->ssl != NULL)) 135 SSL_free(bs->ssl); 136 a->init = 0; 137 a->flags = 0; 138 } 139 free(a->ptr); 140 return (1); 141 } 142 143 static int 144 ssl_read(BIO *b, char *out, int outl) 145 { 146 int ret = 1; 147 BIO_SSL *sb; 148 SSL *ssl; 149 int retry_reason = 0; 150 int r = 0; 151 152 if (out == NULL) 153 return (0); 154 sb = (BIO_SSL *)b->ptr; 155 ssl = sb->ssl; 156 157 BIO_clear_retry_flags(b); 158 159 ret = SSL_read(ssl, out, outl); 160 161 switch (SSL_get_error(ssl, ret)) { 162 case SSL_ERROR_NONE: 163 if (ret <= 0) 164 break; 165 if (sb->renegotiate_count > 0) { 166 sb->byte_count += ret; 167 if (sb->byte_count > sb->renegotiate_count) { 168 sb->byte_count = 0; 169 sb->num_renegotiates++; 170 SSL_renegotiate(ssl); 171 r = 1; 172 } 173 } 174 if ((sb->renegotiate_timeout > 0) && (!r)) { 175 time_t tm; 176 177 tm = time(NULL); 178 if (tm > sb->last_time + sb->renegotiate_timeout) { 179 sb->last_time = tm; 180 sb->num_renegotiates++; 181 SSL_renegotiate(ssl); 182 } 183 } 184 185 break; 186 case SSL_ERROR_WANT_READ: 187 BIO_set_retry_read(b); 188 break; 189 case SSL_ERROR_WANT_WRITE: 190 BIO_set_retry_write(b); 191 break; 192 case SSL_ERROR_WANT_X509_LOOKUP: 193 BIO_set_retry_special(b); 194 retry_reason = BIO_RR_SSL_X509_LOOKUP; 195 break; 196 case SSL_ERROR_WANT_ACCEPT: 197 BIO_set_retry_special(b); 198 retry_reason = BIO_RR_ACCEPT; 199 break; 200 case SSL_ERROR_WANT_CONNECT: 201 BIO_set_retry_special(b); 202 retry_reason = BIO_RR_CONNECT; 203 break; 204 case SSL_ERROR_SYSCALL: 205 case SSL_ERROR_SSL: 206 case SSL_ERROR_ZERO_RETURN: 207 default: 208 break; 209 } 210 211 b->retry_reason = retry_reason; 212 return (ret); 213 } 214 215 static int 216 ssl_write(BIO *b, const char *out, int outl) 217 { 218 int ret, r = 0; 219 int retry_reason = 0; 220 SSL *ssl; 221 BIO_SSL *bs; 222 223 if (out == NULL) 224 return (0); 225 bs = (BIO_SSL *)b->ptr; 226 ssl = bs->ssl; 227 228 BIO_clear_retry_flags(b); 229 230 /* ret=SSL_do_handshake(ssl); 231 if (ret > 0) */ 232 ret = SSL_write(ssl, out, outl); 233 234 switch (SSL_get_error(ssl, ret)) { 235 case SSL_ERROR_NONE: 236 if (ret <= 0) 237 break; 238 if (bs->renegotiate_count > 0) { 239 bs->byte_count += ret; 240 if (bs->byte_count > bs->renegotiate_count) { 241 bs->byte_count = 0; 242 bs->num_renegotiates++; 243 SSL_renegotiate(ssl); 244 r = 1; 245 } 246 } 247 if ((bs->renegotiate_timeout > 0) && (!r)) { 248 time_t tm; 249 250 tm = time(NULL); 251 if (tm > bs->last_time + bs->renegotiate_timeout) { 252 bs->last_time = tm; 253 bs->num_renegotiates++; 254 SSL_renegotiate(ssl); 255 } 256 } 257 break; 258 case SSL_ERROR_WANT_WRITE: 259 BIO_set_retry_write(b); 260 break; 261 case SSL_ERROR_WANT_READ: 262 BIO_set_retry_read(b); 263 break; 264 case SSL_ERROR_WANT_X509_LOOKUP: 265 BIO_set_retry_special(b); 266 retry_reason = BIO_RR_SSL_X509_LOOKUP; 267 break; 268 case SSL_ERROR_WANT_CONNECT: 269 BIO_set_retry_special(b); 270 retry_reason = BIO_RR_CONNECT; 271 case SSL_ERROR_SYSCALL: 272 case SSL_ERROR_SSL: 273 default: 274 break; 275 } 276 277 b->retry_reason = retry_reason; 278 return (ret); 279 } 280 281 static long 282 ssl_ctrl(BIO *b, int cmd, long num, void *ptr) 283 { 284 SSL **sslp, *ssl; 285 BIO_SSL *bs; 286 BIO *dbio, *bio; 287 long ret = 1; 288 289 bs = (BIO_SSL *)b->ptr; 290 ssl = bs->ssl; 291 if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) 292 return (0); 293 switch (cmd) { 294 case BIO_CTRL_RESET: 295 SSL_shutdown(ssl); 296 297 if (ssl->internal->handshake_func == 298 ssl->method->ssl_connect) 299 SSL_set_connect_state(ssl); 300 else if (ssl->internal->handshake_func == 301 ssl->method->ssl_accept) 302 SSL_set_accept_state(ssl); 303 304 SSL_clear(ssl); 305 306 if (b->next_bio != NULL) 307 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 308 else if (ssl->rbio != NULL) 309 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 310 else 311 ret = 1; 312 break; 313 case BIO_CTRL_INFO: 314 ret = 0; 315 break; 316 case BIO_C_SSL_MODE: 317 if (num) /* client mode */ 318 SSL_set_connect_state(ssl); 319 else 320 SSL_set_accept_state(ssl); 321 break; 322 case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: 323 ret = bs->renegotiate_timeout; 324 if (num < 60) 325 num = 5; 326 bs->renegotiate_timeout = (unsigned long)num; 327 bs->last_time = time(NULL); 328 break; 329 case BIO_C_SET_SSL_RENEGOTIATE_BYTES: 330 ret = bs->renegotiate_count; 331 if ((long)num >=512) 332 bs->renegotiate_count = (unsigned long)num; 333 break; 334 case BIO_C_GET_SSL_NUM_RENEGOTIATES: 335 ret = bs->num_renegotiates; 336 break; 337 case BIO_C_SET_SSL: 338 if (ssl != NULL) { 339 ssl_free(b); 340 if (!ssl_new(b)) 341 return 0; 342 } 343 b->shutdown = (int)num; 344 ssl = (SSL *)ptr; 345 ((BIO_SSL *)b->ptr)->ssl = ssl; 346 bio = SSL_get_rbio(ssl); 347 if (bio != NULL) { 348 if (b->next_bio != NULL) 349 BIO_push(bio, b->next_bio); 350 b->next_bio = bio; 351 CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO); 352 } 353 b->init = 1; 354 break; 355 case BIO_C_GET_SSL: 356 if (ptr != NULL) { 357 sslp = (SSL **)ptr; 358 *sslp = ssl; 359 } else 360 ret = 0; 361 break; 362 case BIO_CTRL_GET_CLOSE: 363 ret = b->shutdown; 364 break; 365 case BIO_CTRL_SET_CLOSE: 366 b->shutdown = (int)num; 367 break; 368 case BIO_CTRL_WPENDING: 369 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 370 break; 371 case BIO_CTRL_PENDING: 372 ret = SSL_pending(ssl); 373 if (ret == 0) 374 ret = BIO_pending(ssl->rbio); 375 break; 376 case BIO_CTRL_FLUSH: 377 BIO_clear_retry_flags(b); 378 ret = BIO_ctrl(ssl->wbio, cmd, num, ptr); 379 BIO_copy_next_retry(b); 380 break; 381 case BIO_CTRL_PUSH: 382 if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) { 383 SSL_set_bio(ssl, b->next_bio, b->next_bio); 384 CRYPTO_add(&b->next_bio->references, 1, 385 CRYPTO_LOCK_BIO); 386 } 387 break; 388 case BIO_CTRL_POP: 389 /* Only detach if we are the BIO explicitly being popped */ 390 if (b == ptr) { 391 /* Shouldn't happen in practice because the 392 * rbio and wbio are the same when pushed. 393 */ 394 if (ssl->rbio != ssl->wbio) 395 BIO_free_all(ssl->wbio); 396 if (b->next_bio != NULL) 397 CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO); 398 ssl->wbio = NULL; 399 ssl->rbio = NULL; 400 } 401 break; 402 case BIO_C_DO_STATE_MACHINE: 403 BIO_clear_retry_flags(b); 404 405 b->retry_reason = 0; 406 ret = (int)SSL_do_handshake(ssl); 407 408 switch (SSL_get_error(ssl, (int)ret)) { 409 case SSL_ERROR_WANT_READ: 410 BIO_set_flags(b, 411 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); 412 break; 413 case SSL_ERROR_WANT_WRITE: 414 BIO_set_flags(b, 415 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); 416 break; 417 case SSL_ERROR_WANT_CONNECT: 418 BIO_set_flags(b, 419 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); 420 b->retry_reason = b->next_bio->retry_reason; 421 break; 422 default: 423 break; 424 } 425 break; 426 case BIO_CTRL_DUP: 427 dbio = (BIO *)ptr; 428 if (((BIO_SSL *)dbio->ptr)->ssl != NULL) 429 SSL_free(((BIO_SSL *)dbio->ptr)->ssl); 430 ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl); 431 ((BIO_SSL *)dbio->ptr)->renegotiate_count = 432 ((BIO_SSL *)b->ptr)->renegotiate_count; 433 ((BIO_SSL *)dbio->ptr)->byte_count = 434 ((BIO_SSL *)b->ptr)->byte_count; 435 ((BIO_SSL *)dbio->ptr)->renegotiate_timeout = 436 ((BIO_SSL *)b->ptr)->renegotiate_timeout; 437 ((BIO_SSL *)dbio->ptr)->last_time = 438 ((BIO_SSL *)b->ptr)->last_time; 439 ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL); 440 break; 441 case BIO_C_GET_FD: 442 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 443 break; 444 case BIO_CTRL_SET_CALLBACK: 445 { 446 ret = 0; 447 } 448 break; 449 case BIO_CTRL_GET_CALLBACK: 450 { 451 void (**fptr)(const SSL *xssl, int type, int val); 452 453 fptr = (void (**)(const SSL *xssl, int type, int val)) 454 ptr; 455 *fptr = SSL_get_info_callback(ssl); 456 } 457 break; 458 default: 459 ret = BIO_ctrl(ssl->rbio, cmd, num, ptr); 460 break; 461 } 462 return (ret); 463 } 464 465 static long 466 ssl_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) 467 { 468 SSL *ssl; 469 BIO_SSL *bs; 470 long ret = 1; 471 472 bs = (BIO_SSL *)b->ptr; 473 ssl = bs->ssl; 474 switch (cmd) { 475 case BIO_CTRL_SET_CALLBACK: 476 { 477 /* FIXME: setting this via a completely different prototype 478 seems like a crap idea */ 479 SSL_set_info_callback(ssl, 480 (void (*)(const SSL *, int, int))fp); 481 } 482 break; 483 default: 484 ret = BIO_callback_ctrl(ssl->rbio, cmd, fp); 485 break; 486 } 487 return (ret); 488 } 489 490 static int 491 ssl_puts(BIO *bp, const char *str) 492 { 493 int n, ret; 494 495 n = strlen(str); 496 ret = BIO_write(bp, str, n); 497 return (ret); 498 } 499 500 BIO * 501 BIO_new_buffer_ssl_connect(SSL_CTX *ctx) 502 { 503 BIO *ret = NULL, *buf = NULL, *ssl = NULL; 504 505 if ((buf = BIO_new(BIO_f_buffer())) == NULL) 506 goto err; 507 if ((ssl = BIO_new_ssl_connect(ctx)) == NULL) 508 goto err; 509 if ((ret = BIO_push(buf, ssl)) == NULL) 510 goto err; 511 return (ret); 512 513 err: 514 BIO_free(buf); 515 BIO_free(ssl); 516 return (NULL); 517 } 518 519 BIO * 520 BIO_new_ssl_connect(SSL_CTX *ctx) 521 { 522 BIO *ret = NULL, *con = NULL, *ssl = NULL; 523 524 if ((con = BIO_new(BIO_s_connect())) == NULL) 525 goto err; 526 if ((ssl = BIO_new_ssl(ctx, 1)) == NULL) 527 goto err; 528 if ((ret = BIO_push(ssl, con)) == NULL) 529 goto err; 530 return (ret); 531 532 err: 533 BIO_free(con); 534 BIO_free(ssl); 535 return (NULL); 536 } 537 538 BIO * 539 BIO_new_ssl(SSL_CTX *ctx, int client) 540 { 541 BIO *ret; 542 SSL *ssl; 543 544 if ((ret = BIO_new(BIO_f_ssl())) == NULL) 545 goto err; 546 if ((ssl = SSL_new(ctx)) == NULL) 547 goto err; 548 549 if (client) 550 SSL_set_connect_state(ssl); 551 else 552 SSL_set_accept_state(ssl); 553 554 BIO_set_ssl(ret, ssl, BIO_CLOSE); 555 return (ret); 556 557 err: 558 BIO_free(ret); 559 return (NULL); 560 } 561 562 int 563 BIO_ssl_copy_session_id(BIO *t, BIO *f) 564 { 565 t = BIO_find_type(t, BIO_TYPE_SSL); 566 f = BIO_find_type(f, BIO_TYPE_SSL); 567 if ((t == NULL) || (f == NULL)) 568 return (0); 569 if ((((BIO_SSL *)t->ptr)->ssl == NULL) || 570 (((BIO_SSL *)f->ptr)->ssl == NULL)) 571 return (0); 572 if (!SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, 573 ((BIO_SSL *)f->ptr)->ssl)) 574 return (0); 575 return (1); 576 } 577 578 void 579 BIO_ssl_shutdown(BIO *b) 580 { 581 SSL *s; 582 583 while (b != NULL) { 584 if (b->method->type == BIO_TYPE_SSL) { 585 s = ((BIO_SSL *)b->ptr)->ssl; 586 SSL_shutdown(s); 587 break; 588 } 589 b = b->next_bio; 590 } 591 } 592