1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
62 #if defined(NETWARE_CLIB)
63 # include <sys/ioctl.h>
66 #ifndef OPENSSL_NO_SOCK
67 # include <openssl/dso.h>
68 # define SOCKET_PROTOCOL IPPROTO_TCP
70 # define MAX_LISTEN SO_MAXCONN
71 # elif defined(SOMAXCONN)
72 # define MAX_LISTEN SOMAXCONN
74 # define MAX_LISTEN 32
76 # if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
77 static int wsa_init_done = 0;
81 * WSAAPI specifier is required to make indirect calls to run-time
82 * linked WinSock 2 functions used in this module, to be specific
83 * [get|free]addrinfo and getnameinfo. This is because WinSock uses
84 * uses non-C calling convention, __stdcall vs. __cdecl, on x86
85 * Windows. On non-WinSock platforms WSAAPI needs to be void.
92 * We are currently using deprecated functions here, and GCC warns
93 * us about them, but since we know, we don't want to hear it.
95 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
97 # if OPENSSL_API_COMPAT < 0x10100000L
98 static int get_ip(const char *str, unsigned char *ip);
99 int BIO_get_host_ip(const char *str, unsigned char *ip)
108 BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_INVALID_IP_ADDRESS);
113 * At this point, we have something that is most probably correct in some
114 * way, so let's init the socket.
116 if (BIO_sock_init() != 1)
117 return 0; /* don't generate another error code here */
120 * If the string actually contained an IP address, we need not do
126 /* do a gethostbyname */
127 CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
129 he = BIO_gethostbyname(str);
131 BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
135 if (he->h_addrtype != AF_INET) {
136 BIOerr(BIO_F_BIO_GET_HOST_IP,
137 BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
140 for (i = 0; i < 4; i++)
141 ip[i] = he->h_addr_list[0][i];
146 CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
148 ERR_add_error_data(2, "host=", str);
154 int BIO_get_port(const char *str, unsigned short *port_ptr)
160 BIOerr(BIO_F_BIO_GET_PORT, BIO_R_NO_PORT_DEFINED);
165 *port_ptr = (unsigned short)i;
167 CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
169 * Note: under VMS with SOCKETSHR, it seems like the first parameter
170 * is 'char *', instead of 'const char *'
172 # ifndef CONST_STRICT
173 s = getservbyname((char *)str, "tcp");
175 s = getservbyname(str, "tcp");
178 *port_ptr = ntohs((unsigned short)s->s_port);
179 CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
181 if (strcmp(str, "http") == 0)
183 else if (strcmp(str, "telnet") == 0)
185 else if (strcmp(str, "socks") == 0)
187 else if (strcmp(str, "https") == 0)
189 else if (strcmp(str, "ssl") == 0)
191 else if (strcmp(str, "ftp") == 0)
193 else if (strcmp(str, "gopher") == 0)
196 SYSerr(SYS_F_GETSERVBYNAME, get_last_socket_error());
197 ERR_add_error_data(3, "service='", str, "'");
206 int BIO_sock_error(int sock)
214 /* heuristic way to adapt for platforms that expect 64-bit optlen */
215 size.s = 0, size.i = sizeof(j);
217 * Note: under Windows the third parameter is of type (char *) whereas
218 * under other systems it is (void *) if you don't have a cast it will
219 * choke the compiler: if you do have a cast then you can either go for
220 * (char *) or (void *).
222 i = getsockopt(sock, SOL_SOCKET, SO_ERROR, (void *)&j, (void *)&size);
229 # if OPENSSL_API_COMPAT < 0x10100000L
230 struct hostent *BIO_gethostbyname(const char *name)
233 * Caching gethostbyname() results forever is wrong, so we have to let
234 * the true gethostbyname() worry about this
236 # if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__))
237 return gethostbyname((char *)name);
239 return gethostbyname(name);
244 int BIO_sock_init(void)
246 # ifdef OPENSSL_SYS_WINDOWS
247 static struct WSAData wsa_state;
249 if (!wsa_init_done) {
253 memset(&wsa_state, 0, sizeof(wsa_state));
255 * Not making wsa_state available to the rest of the code is formally
256 * wrong. But the structures we use are [beleived to be] invariable
257 * among Winsock DLLs, while API availability is [expected to be]
258 * probed at run-time with DSO_global_lookup.
260 if (WSAStartup(0x0202, &wsa_state) != 0) {
261 err = WSAGetLastError();
262 SYSerr(SYS_F_WSASTARTUP, err);
263 BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
267 # endif /* OPENSSL_SYS_WINDOWS */
269 extern int _watt_do_exit;
270 _watt_do_exit = 0; /* don't make sock_init() call exit() */
275 # if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
280 if (!wsa_init_done) {
282 wVerReq = MAKEWORD(2, 0);
283 err = WSAStartup(wVerReq, &wsaData);
285 SYSerr(SYS_F_WSASTARTUP, err);
286 BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
295 void BIO_sock_cleanup(void)
297 # ifdef OPENSSL_SYS_WINDOWS
302 # elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
310 # if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
312 int BIO_socket_ioctl(int fd, long type, void *arg)
317 i = ioctlsocket(fd, type, (char *)arg);
319 # if defined(OPENSSL_SYS_VMS)
322 * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
323 * observe that all the consumers pass in an "unsigned long *",
324 * so we arrange a local copy with a short pointer, and use
327 # if __INITIAL_POINTER_SIZE == 64
329 # pragma pointer_size save
330 # pragma pointer_size 32
331 unsigned long arg_32;
332 unsigned long *arg_32p;
333 # pragma pointer_size restore
335 arg_32 = *((unsigned long *)arg);
336 # else /* __INITIAL_POINTER_SIZE == 64 */
338 # endif /* __INITIAL_POINTER_SIZE == 64 [else] */
339 # else /* defined(OPENSSL_SYS_VMS) */
341 # endif /* defined(OPENSSL_SYS_VMS) [else] */
343 i = ioctlsocket(fd, type, ARG);
344 # endif /* __DJGPP__ */
346 SYSerr(SYS_F_IOCTLSOCKET, get_last_socket_error());
349 # endif /* __VMS_VER */
351 # if OPENSSL_API_COMPAT < 0x10100000L
353 * The reason I have implemented this instead of using sscanf is because
354 * Visual C 1.52c gives an unresolved external when linking a DLL :-(
356 static int get_ip(const char *str, unsigned char ip[4])
359 int num = 0, c, ok = 0;
361 tmp[0] = tmp[1] = tmp[2] = tmp[3] = 0;
365 if ((c >= '0') && (c <= '9')) {
367 tmp[num] = tmp[num] * 10 + c - '0';
370 } else if (c == '.') {
377 } else if (c == '\0' && (num == 3) && ok)
389 int BIO_get_accept_socket(char *host, int bind_mode)
394 struct sockaddr_in sa_in;
395 # if OPENSSL_USE_IPV6
396 struct sockaddr_in6 sa_in6;
399 int s = (int)INVALID_SOCKET, cs, addrlen;
402 char *str = NULL, *e;
407 if (BIO_sock_init() != 1)
408 return ((int)INVALID_SOCKET);
410 if ((str = OPENSSL_strdup(host)) == NULL)
411 return ((int)INVALID_SOCKET);
415 for (e = str; *e; e++) {
418 } else if (*e == '/') {
424 *p++ = '\0'; /* points at last ':', '::port' is special
433 int (WSAAPI *f) (const char *, const char *,
434 const struct addrinfo *, struct addrinfo **);
440 void (WSAAPI *f) (struct addrinfo *);
444 struct addrinfo *res, hint;
446 if (p_getaddrinfo.p == NULL) {
447 if ((p_getaddrinfo.p = DSO_global_lookup("getaddrinfo")) == NULL
448 || (p_freeaddrinfo.p =
449 DSO_global_lookup("freeaddrinfo")) == NULL)
450 p_getaddrinfo.p = (void *)-1;
452 if (p_getaddrinfo.p == (void *)-1)
456 * '::port' enforces IPv6 wildcard listener. Some OSes, e.g. Solaris,
457 * default to IPv6 without any hint. Also note that commonly IPv6
458 * wildchard socket can service IPv4 connections just as well...
460 memset(&hint, 0, sizeof(hint));
461 hint.ai_flags = AI_PASSIVE;
463 if (strchr(h, ':')) {
466 # if OPENSSL_USE_IPV6
467 hint.ai_family = AF_INET6;
471 } else if (h[0] == '*' && h[1] == '\0') {
472 hint.ai_family = AF_INET;
477 if ((*p_getaddrinfo.f) (h, p, &hint, &res))
480 addrlen = res->ai_addrlen <= sizeof(server) ?
481 res->ai_addrlen : sizeof(server);
482 memcpy(&server, res->ai_addr, addrlen);
484 (*p_freeaddrinfo.f) (res);
489 if (!BIO_get_port(p, &port))
492 memset(&server, 0, sizeof(server));
493 server.sa_in.sin_family = AF_INET;
494 server.sa_in.sin_port = htons(port);
495 addrlen = sizeof(server.sa_in);
497 if (h == NULL || strcmp(h, "*") == 0)
498 server.sa_in.sin_addr.s_addr = INADDR_ANY;
500 if (!BIO_get_host_ip(h, &(ip[0])))
503 ((unsigned long)ip[0] << 24L) |
504 ((unsigned long)ip[1] << 16L) |
505 ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
506 server.sa_in.sin_addr.s_addr = htonl(l);
510 s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
511 if (s == (int)INVALID_SOCKET) {
512 SYSerr(SYS_F_SOCKET, get_last_socket_error());
513 ERR_add_error_data(3, "port='", host, "'");
514 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET);
518 if (bind_mode == BIO_BIND_REUSEADDR) {
521 ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&i, sizeof(i));
522 bind_mode = BIO_BIND_NORMAL;
525 if (bind(s, &server.sa, addrlen) == -1) {
527 err_num = get_last_socket_error();
528 if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
529 # ifdef OPENSSL_SYS_WINDOWS
531 * Some versions of Windows define EADDRINUSE to a dummy value.
533 (err_num == WSAEADDRINUSE))
535 (err_num == EADDRINUSE))
539 if (h == NULL || strcmp(h, "*") == 0) {
540 # if OPENSSL_USE_IPV6
541 if (client.sa.sa_family == AF_INET6) {
542 memset(&client.sa_in6.sin6_addr, 0,
543 sizeof(client.sa_in6.sin6_addr));
544 client.sa_in6.sin6_addr.s6_addr[15] = 1;
547 if (client.sa.sa_family == AF_INET) {
548 client.sa_in.sin_addr.s_addr = htonl(0x7F000001);
552 cs = socket(client.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
553 if (cs != (int)INVALID_SOCKET) {
555 ii = connect(cs, &client.sa, addrlen);
557 if (ii == (int)INVALID_SOCKET) {
558 bind_mode = BIO_BIND_REUSEADDR;
567 SYSerr(SYS_F_BIND, err_num);
568 ERR_add_error_data(3, "port='", host, "'");
569 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_BIND_SOCKET);
572 if (listen(s, MAX_LISTEN) == -1) {
573 SYSerr(SYS_F_BIND, get_last_socket_error());
574 ERR_add_error_data(3, "port='", host, "'");
575 BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_LISTEN_SOCKET);
581 if ((ret == 0) && (s != (int)INVALID_SOCKET)) {
583 s = (int)INVALID_SOCKET;
588 int BIO_accept(int sock, char **addr)
590 int ret = (int)INVALID_SOCKET;
597 * As for following union. Trouble is that there are platforms
598 * that have socklen_t and there are platforms that don't, on
599 * some platforms socklen_t is int and on some size_t. So what
600 * one can do? One can cook #ifdef spaghetti, which is nothing
601 * but masochistic. Or one can do union between int and size_t.
602 * One naturally does it primarily for 64-bit platforms where
603 * sizeof(int) != sizeof(size_t). But would it work? Note that
604 * if size_t member is initialized to 0, then later int member
605 * assignment naturally does the job on little-endian platforms
606 * regardless accept's expectations! What about big-endians?
607 * If accept expects int*, then it works, and if size_t*, then
608 * length value would appear as unreasonably large. But this
609 * won't prevent it from filling in the address structure. The
610 * trouble of course would be if accept returns more data than
611 * actual buffer can accomodate and overwrite stack... That's
612 * where early OPENSSL_assert comes into picture. Besides, the
613 * only 64-bit big-endian platform found so far that expects
614 * size_t* is HP-UX, where stack grows towards higher address.
623 struct sockaddr_in sa_in;
624 # if OPENSSL_USE_IPV6
625 struct sockaddr_in6 sa_in6;
631 sa.len.i = sizeof(sa.from);
632 memset(&sa.from, 0, sizeof(sa.from));
633 ret = accept(sock, &sa.from.sa, (void *)&sa.len);
634 if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
635 OPENSSL_assert(sa.len.s <= sizeof(sa.from));
636 sa.len.i = (int)sa.len.s;
637 /* use sa.len.i from this point */
639 if (ret == (int)INVALID_SOCKET) {
640 if (BIO_sock_should_retry(ret))
642 SYSerr(SYS_F_ACCEPT, get_last_socket_error());
643 BIOerr(BIO_F_BIO_ACCEPT, BIO_R_ACCEPT_ERROR);
652 char h[NI_MAXHOST], s[NI_MAXSERV];
656 int (WSAAPI *f) (const struct sockaddr *, size_t /* socklen_t */ ,
657 char *, size_t, char *, size_t, int);
662 * 2nd argument to getnameinfo is specified to be socklen_t.
663 * Unfortunately there is a number of environments where socklen_t is
664 * not defined. As it's passed by value, it's safe to pass it as
668 if (p_getnameinfo.p == NULL) {
669 if ((p_getnameinfo.p = DSO_global_lookup("getnameinfo")) == NULL)
670 p_getnameinfo.p = (void *)-1;
672 if (p_getnameinfo.p == (void *)-1)
675 if ((*p_getnameinfo.f) (&sa.from.sa, sa.len.i, h, sizeof(h), s,
676 sizeof(s), NI_NUMERICHOST | NI_NUMERICSERV))
678 nl = strlen(h) + strlen(s) + 2;
682 p = OPENSSL_realloc(p, nl);
684 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
688 BIO_snprintf(*addr, nl, "%s:%s", h, s);
692 if (sa.from.sa.sa_family != AF_INET)
694 l = ntohl(sa.from.sa_in.sin_addr.s_addr);
695 port = ntohs(sa.from.sa_in.sin_port);
697 if ((p = OPENSSL_malloc(24)) == NULL) {
698 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
703 BIO_snprintf(*addr, 24, "%d.%d.%d.%d:%d",
704 (unsigned char)(l >> 24L) & 0xff,
705 (unsigned char)(l >> 16L) & 0xff,
706 (unsigned char)(l >> 8L) & 0xff,
707 (unsigned char)(l) & 0xff, port);
713 int BIO_set_tcp_ndelay(int s, int on)
716 # if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
727 ret = setsockopt(s, opt, TCP_NODELAY, (char *)&on, sizeof(on));
732 int BIO_socket_nbio(int s, int mode)
739 ret = BIO_socket_ioctl(s, FIONBIO, &l);
744 int BIO_sock_info(int sock,
745 enum BIO_sock_info_type type, union BIO_sock_info_u *info)
748 case BIO_SOCK_INFO_ADDRESS:
752 addr_len = sizeof(*info->addr);
753 ret = getsockname(sock, BIO_ADDR_sockaddr_noconst(info->addr),
756 SYSerr(SYS_F_GETSOCKNAME, get_last_socket_error());
757 BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_GETSOCKNAME_ERROR);
760 if (addr_len > sizeof(*info->addr)) {
761 BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS);
767 BIOerr(BIO_F_BIO_SOCK_INFO, BIO_R_UNKNOWN_INFO_TYPE);