2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include "bio_local.h"
14 #include "internal/ktls.h"
16 #ifndef OPENSSL_NO_SOCK
18 typedef struct bio_connect_st {
24 # ifndef OPENSSL_NO_KTLS
25 unsigned char record_type;
28 BIO_ADDRINFO *addr_first;
29 const BIO_ADDRINFO *addr_iter;
31 * int socket; this will be kept in bio->num so that it is compatible
32 * with the bss_sock bio
35 * called when the connection is initially made callback(BIO,state,ret);
36 * The callback should return 'ret'. state is for compatibility with the
39 BIO_info_cb *info_callback;
42 static int conn_write(BIO *h, const char *buf, int num);
43 static int conn_read(BIO *h, char *buf, int size);
44 static int conn_puts(BIO *h, const char *str);
45 static int conn_gets(BIO *h, char *buf, int size);
46 static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
47 static int conn_new(BIO *h);
48 static int conn_free(BIO *data);
49 static long conn_callback_ctrl(BIO *h, int cmd, BIO_info_cb *);
51 static int conn_state(BIO *b, BIO_CONNECT *c);
52 static void conn_close_socket(BIO *data);
53 BIO_CONNECT *BIO_CONNECT_new(void);
54 void BIO_CONNECT_free(BIO_CONNECT *a);
56 #define BIO_CONN_S_BEFORE 1
57 #define BIO_CONN_S_GET_ADDR 2
58 #define BIO_CONN_S_CREATE_SOCKET 3
59 #define BIO_CONN_S_CONNECT 4
60 #define BIO_CONN_S_OK 5
61 #define BIO_CONN_S_BLOCKED_CONNECT 6
62 #define BIO_CONN_S_CONNECT_ERROR 7
64 static const BIO_METHOD methods_connectp = {
79 static int conn_state(BIO *b, BIO_CONNECT *c)
82 BIO_info_cb *cb = NULL;
84 if (c->info_callback != NULL)
85 cb = c->info_callback;
89 case BIO_CONN_S_BEFORE:
90 if (c->param_hostname == NULL && c->param_service == NULL) {
91 ERR_raise_data(ERR_LIB_BIO,
92 BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED,
93 "hostname=%s service=%s",
94 c->param_hostname, c->param_service);
97 c->state = BIO_CONN_S_GET_ADDR;
100 case BIO_CONN_S_GET_ADDR:
102 int family = AF_UNSPEC;
103 switch (c->connect_family) {
104 case BIO_FAMILY_IPV6:
105 if (1) { /* This is a trick we use to avoid bit rot.
106 * at least the "else" part will always be
113 ERR_raise(ERR_LIB_BIO, BIO_R_UNAVAILABLE_IP_FAMILY);
117 case BIO_FAMILY_IPV4:
120 case BIO_FAMILY_IPANY:
124 ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_IP_FAMILY);
127 if (BIO_lookup(c->param_hostname, c->param_service,
129 family, SOCK_STREAM, &c->addr_first) == 0)
132 if (c->addr_first == NULL) {
133 ERR_raise(ERR_LIB_BIO, BIO_R_LOOKUP_RETURNED_NOTHING);
136 c->addr_iter = c->addr_first;
137 c->state = BIO_CONN_S_CREATE_SOCKET;
140 case BIO_CONN_S_CREATE_SOCKET:
141 ret = BIO_socket(BIO_ADDRINFO_family(c->addr_iter),
142 BIO_ADDRINFO_socktype(c->addr_iter),
143 BIO_ADDRINFO_protocol(c->addr_iter), 0);
144 if (ret == (int)INVALID_SOCKET) {
145 ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
146 "calling socket(%s, %s)",
147 c->param_hostname, c->param_service);
148 ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET);
152 c->state = BIO_CONN_S_CONNECT;
155 case BIO_CONN_S_CONNECT:
156 BIO_clear_retry_flags(b);
158 ret = BIO_connect(b->num, BIO_ADDRINFO_address(c->addr_iter),
159 BIO_SOCK_KEEPALIVE | c->connect_mode);
162 if (BIO_sock_should_retry(ret)) {
163 BIO_set_retry_special(b);
164 c->state = BIO_CONN_S_BLOCKED_CONNECT;
165 b->retry_reason = BIO_RR_CONNECT;
167 } else if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter))
170 * if there are more addresses to try, do that first
172 BIO_closesocket(b->num);
173 c->state = BIO_CONN_S_CREATE_SOCKET;
177 ERR_clear_last_mark();
178 ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
179 "calling connect(%s, %s)",
180 c->param_hostname, c->param_service);
181 c->state = BIO_CONN_S_CONNECT_ERROR;
186 ERR_clear_last_mark();
187 c->state = BIO_CONN_S_OK;
191 case BIO_CONN_S_BLOCKED_CONNECT:
192 i = BIO_sock_error(b->num);
194 BIO_clear_retry_flags(b);
195 if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
197 * if there are more addresses to try, do that first
199 BIO_closesocket(b->num);
200 c->state = BIO_CONN_S_CREATE_SOCKET;
203 ERR_raise_data(ERR_LIB_SYS, i,
204 "calling connect(%s, %s)",
205 c->param_hostname, c->param_service);
206 ERR_raise(ERR_LIB_BIO, BIO_R_NBIO_CONNECT_ERROR);
210 c->state = BIO_CONN_S_OK;
213 case BIO_CONN_S_CONNECT_ERROR:
214 ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
227 if ((ret = cb((BIO *)b, c->state, ret)) == 0)
232 /* Loop does not exit */
235 ret = cb((BIO *)b, c->state, ret);
240 BIO_CONNECT *BIO_CONNECT_new(void)
244 if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
245 ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE);
248 ret->state = BIO_CONN_S_BEFORE;
249 ret->connect_family = BIO_FAMILY_IPANY;
253 void BIO_CONNECT_free(BIO_CONNECT *a)
257 OPENSSL_free(a->param_hostname);
258 OPENSSL_free(a->param_service);
259 BIO_ADDRINFO_free(a->addr_first);
263 const BIO_METHOD *BIO_s_connect(void)
265 return &methods_connectp;
268 static int conn_new(BIO *bi)
271 bi->num = (int)INVALID_SOCKET;
273 if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
279 static void conn_close_socket(BIO *bio)
283 c = (BIO_CONNECT *)bio->ptr;
284 if (bio->num != (int)INVALID_SOCKET) {
285 /* Only do a shutdown if things were established */
286 if (c->state == BIO_CONN_S_OK)
287 shutdown(bio->num, 2);
288 BIO_closesocket(bio->num);
289 bio->num = (int)INVALID_SOCKET;
293 static int conn_free(BIO *a)
299 data = (BIO_CONNECT *)a->ptr;
302 conn_close_socket(a);
303 BIO_CONNECT_free(data);
311 static int conn_read(BIO *b, char *out, int outl)
316 data = (BIO_CONNECT *)b->ptr;
317 if (data->state != BIO_CONN_S_OK) {
318 ret = conn_state(b, data);
324 clear_socket_error();
325 # ifndef OPENSSL_NO_KTLS
326 if (BIO_get_ktls_recv(b))
327 ret = ktls_read_record(b->num, out, outl);
330 ret = readsocket(b->num, out, outl);
331 BIO_clear_retry_flags(b);
333 if (BIO_sock_should_retry(ret))
334 BIO_set_retry_read(b);
336 b->flags |= BIO_FLAGS_IN_EOF;
342 static int conn_write(BIO *b, const char *in, int inl)
347 data = (BIO_CONNECT *)b->ptr;
348 if (data->state != BIO_CONN_S_OK) {
349 ret = conn_state(b, data);
354 clear_socket_error();
355 # ifndef OPENSSL_NO_KTLS
356 if (BIO_should_ktls_ctrl_msg_flag(b)) {
357 ret = ktls_send_ctrl_message(b->num, data->record_type, in, inl);
360 BIO_clear_ktls_ctrl_msg_flag(b);
364 ret = writesocket(b->num, in, inl);
365 BIO_clear_retry_flags(b);
367 if (BIO_sock_should_retry(ret))
368 BIO_set_retry_write(b);
373 static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
377 const char **pptr = NULL;
380 # ifndef OPENSSL_NO_KTLS
381 ktls_crypto_info_t *crypto_info;
384 data = (BIO_CONNECT *)b->ptr;
389 data->state = BIO_CONN_S_BEFORE;
390 conn_close_socket(b);
391 BIO_ADDRINFO_free(data->addr_first);
392 data->addr_first = NULL;
395 case BIO_C_DO_STATE_MACHINE:
396 /* use this one to start the connection */
397 if (data->state != BIO_CONN_S_OK)
398 ret = (long)conn_state(b, data);
402 case BIO_C_GET_CONNECT:
404 pptr = (const char **)ptr;
406 *pptr = data->param_hostname;
407 } else if (num == 1) {
408 *pptr = data->param_service;
409 } else if (num == 2) {
410 *pptr = (const char *)BIO_ADDRINFO_address(data->addr_iter);
411 } else if (num == 3) {
412 switch (BIO_ADDRINFO_family(data->addr_iter)) {
415 ret = BIO_FAMILY_IPV6;
419 ret = BIO_FAMILY_IPV4;
422 ret = data->connect_family;
435 case BIO_C_SET_CONNECT:
438 if (num == 0) { /* BIO_set_conn_hostname */
439 char *hold_service = data->param_service;
440 /* We affect the hostname regardless. However, the input
441 * string might contain a host:service spec, so we must
442 * parse it, which might or might not affect the service
445 OPENSSL_free(data->param_hostname);
446 data->param_hostname = NULL;
447 ret = BIO_parse_hostserv(ptr,
448 &data->param_hostname,
449 &data->param_service,
450 BIO_PARSE_PRIO_HOST);
451 if (hold_service != data->param_service)
452 OPENSSL_free(hold_service);
453 } else if (num == 1) { /* BIO_set_conn_port */
454 OPENSSL_free(data->param_service);
455 if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
457 } else if (num == 2) { /* BIO_set_conn_address */
458 const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
459 char *host = BIO_ADDR_hostname_string(addr, 1);
460 char *service = BIO_ADDR_service_string(addr, 1);
462 ret = host != NULL && service != NULL;
464 OPENSSL_free(data->param_hostname);
465 data->param_hostname = host;
466 OPENSSL_free(data->param_service);
467 data->param_service = service;
468 BIO_ADDRINFO_free(data->addr_first);
469 data->addr_first = NULL;
470 data->addr_iter = NULL;
473 OPENSSL_free(service);
475 } else if (num == 3) { /* BIO_set_conn_ip_family */
476 data->connect_family = *(int *)ptr;
484 data->connect_mode |= BIO_SOCK_NONBLOCK;
486 data->connect_mode &= ~BIO_SOCK_NONBLOCK;
488 case BIO_C_SET_CONNECT_MODE:
489 data->connect_mode = (int)num;
500 case BIO_CTRL_GET_CLOSE:
503 case BIO_CTRL_SET_CLOSE:
504 b->shutdown = (int)num;
506 case BIO_CTRL_PENDING:
507 case BIO_CTRL_WPENDING:
515 if (data->param_hostname)
516 BIO_set_conn_hostname(dbio, data->param_hostname);
517 if (data->param_service)
518 BIO_set_conn_port(dbio, data->param_service);
519 BIO_set_conn_ip_family(dbio, data->connect_family);
520 BIO_set_conn_mode(dbio, data->connect_mode);
522 * FIXME: the cast of the function seems unlikely to be a good
525 (void)BIO_set_info_callback(dbio, data->info_callback);
528 case BIO_CTRL_SET_CALLBACK:
529 ret = 0; /* use callback ctrl */
531 case BIO_CTRL_GET_CALLBACK:
535 fptr = (BIO_info_cb **)ptr;
536 *fptr = data->info_callback;
540 ret = (b->flags & BIO_FLAGS_IN_EOF) != 0;
542 # ifndef OPENSSL_NO_KTLS
543 case BIO_CTRL_SET_KTLS:
544 crypto_info = (ktls_crypto_info_t *)ptr;
545 ret = ktls_start(b->num, crypto_info, num);
547 BIO_set_ktls_flag(b, num);
549 case BIO_CTRL_GET_KTLS_SEND:
550 return BIO_should_ktls_flag(b, 1) != 0;
551 case BIO_CTRL_GET_KTLS_RECV:
552 return BIO_should_ktls_flag(b, 0) != 0;
553 case BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG:
554 BIO_set_ktls_ctrl_msg_flag(b);
555 data->record_type = num;
558 case BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG:
559 BIO_clear_ktls_ctrl_msg_flag(b);
570 static long conn_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
575 data = (BIO_CONNECT *)b->ptr;
578 case BIO_CTRL_SET_CALLBACK:
580 data->info_callback = fp;
590 static int conn_puts(BIO *bp, const char *str)
595 ret = conn_write(bp, str, n);
599 int conn_gets(BIO *bio, char *buf, int size)
606 ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER);
610 ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_ARGUMENT);
615 if (bio == NULL || bio->ptr == NULL) {
616 ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER);
619 data = (BIO_CONNECT *)bio->ptr;
620 if (data->state != BIO_CONN_S_OK) {
621 ret = conn_state(bio, data);
626 clear_socket_error();
628 # ifndef OPENSSL_NO_KTLS
629 if (BIO_get_ktls_recv(bio))
630 ret = ktls_read_record(bio->num, ptr, 1);
633 ret = readsocket(bio->num, ptr, 1);
634 BIO_clear_retry_flags(bio);
636 if (BIO_sock_should_retry(ret))
637 BIO_set_retry_read(bio);
639 bio->flags |= BIO_FLAGS_IN_EOF;
646 return ret > 0 || (bio->flags & BIO_FLAGS_IN_EOF) != 0 ? ptr - buf : ret;
649 BIO *BIO_new_connect(const char *str)
653 ret = BIO_new(BIO_s_connect());
656 if (BIO_set_conn_hostname(ret, str))