crypto/bio/bss_conn.c

   1 /*
   2  * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include <errno.h>
  12
  13 #include "bio_local.h"
  14 #include "internal/ktls.h"
  15
  16 #ifndef OPENSSL_NO_SOCK
  17
  18 typedef struct bio_connect_st {
  19     int state;
  20     int connect_family;
  21     char *param_hostname;
  22     char *param_service;
  23     int connect_mode;
  24 # ifndef OPENSSL_NO_KTLS
  25     unsigned char record_type;
  26 # endif
  27
  28     BIO_ADDRINFO *addr_first;
  29     const BIO_ADDRINFO *addr_iter;
  30     /*
  31      * int socket; this will be kept in bio->num so that it is compatible
  32      * with the bss_sock bio
  33      */
  34     /*
  35      * called when the connection is initially made callback(BIO,state,ret);
  36      * The callback should return 'ret'.  state is for compatibility with the
  37      * ssl info_callback
  38      */
  39     BIO_info_cb *info_callback;
  40 } BIO_CONNECT;
  41
  42 static int conn_write(BIO *h, const char *buf, int num);
  43 static int conn_read(BIO *h, char *buf, int size);
  44 static int conn_puts(BIO *h, const char *str);
  45 static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
  46 static int conn_new(BIO *h);
  47 static int conn_free(BIO *data);
  48 static long conn_callback_ctrl(BIO *h, int cmd, BIO_info_cb *);
  49
  50 static int conn_state(BIO *b, BIO_CONNECT *c);
  51 static void conn_close_socket(BIO *data);
  52 BIO_CONNECT *BIO_CONNECT_new(void);
  53 void BIO_CONNECT_free(BIO_CONNECT *a);
  54
  55 #define BIO_CONN_S_BEFORE                1
  56 #define BIO_CONN_S_GET_ADDR              2
  57 #define BIO_CONN_S_CREATE_SOCKET         3
  58 #define BIO_CONN_S_CONNECT               4
  59 #define BIO_CONN_S_OK                    5
  60 #define BIO_CONN_S_BLOCKED_CONNECT       6
  61 #define BIO_CONN_S_CONNECT_ERROR         7
  62
  63 static const BIO_METHOD methods_connectp = {
  64     BIO_TYPE_CONNECT,
  65     "socket connect",
  66     /* TODO: Convert to new style write function */
  67     bwrite_conv,
  68     conn_write,
  69     /* TODO: Convert to new style read function */
  70     bread_conv,
  71     conn_read,
  72     conn_puts,
  73     NULL,                       /* conn_gets, */
  74     conn_ctrl,
  75     conn_new,
  76     conn_free,
  77     conn_callback_ctrl,
  78 };
  79
  80 static int conn_state(BIO *b, BIO_CONNECT *c)
  81 {
  82     int ret = -1, i;
  83     BIO_info_cb *cb = NULL;
  84
  85     if (c->info_callback != NULL)
  86         cb = c->info_callback;
  87
  88     for (;;) {
  89         switch (c->state) {
  90         case BIO_CONN_S_BEFORE:
  91             if (c->param_hostname == NULL && c->param_service == NULL) {
  92                 ERR_raise_data(ERR_LIB_BIO,
  93                                BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED,
  94                                "hostname=%s service=%s",
  95                                c->param_hostname, c->param_service);
  96                 goto exit_loop;
  97             }
  98             c->state = BIO_CONN_S_GET_ADDR;
  99             break;
 100
 101         case BIO_CONN_S_GET_ADDR:
 102             {
 103                 int family = AF_UNSPEC;
 104                 switch (c->connect_family) {
 105                 case BIO_FAMILY_IPV6:
 106                     if (1) { /* This is a trick we use to avoid bit rot.
 107                               * at least the "else" part will always be
 108                               * compiled.
 109                               */
 110 #ifdef AF_INET6
 111                         family = AF_INET6;
 112                     } else {
 113 #endif
 114                         ERR_raise(ERR_LIB_BIO, BIO_R_UNAVAILABLE_IP_FAMILY);
 115                         goto exit_loop;
 116                     }
 117                     break;
 118                 case BIO_FAMILY_IPV4:
 119                     family = AF_INET;
 120                     break;
 121                 case BIO_FAMILY_IPANY:
 122                     family = AF_UNSPEC;
 123                     break;
 124                 default:
 125                     ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_IP_FAMILY);
 126                     goto exit_loop;
 127                 }
 128                 if (BIO_lookup(c->param_hostname, c->param_service,
 129                                BIO_LOOKUP_CLIENT,
 130                                family, SOCK_STREAM, &c->addr_first) == 0)
 131                     goto exit_loop;
 132             }
 133             if (c->addr_first == NULL) {
 134                 ERR_raise(ERR_LIB_BIO, BIO_R_LOOKUP_RETURNED_NOTHING);
 135                 goto exit_loop;
 136             }
 137             c->addr_iter = c->addr_first;
 138             c->state = BIO_CONN_S_CREATE_SOCKET;
 139             break;
 140
 141         case BIO_CONN_S_CREATE_SOCKET:
 142             ret = BIO_socket(BIO_ADDRINFO_family(c->addr_iter),
 143                              BIO_ADDRINFO_socktype(c->addr_iter),
 144                              BIO_ADDRINFO_protocol(c->addr_iter), 0);
 145             if (ret == (int)INVALID_SOCKET) {
 146                 ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
 147                                "calling socket(%s, %s)",
 148                                c->param_hostname, c->param_service);
 149                 ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET);
 150                 goto exit_loop;
 151             }
 152             b->num = ret;
 153             c->state = BIO_CONN_S_CONNECT;
 154             break;
 155
 156         case BIO_CONN_S_CONNECT:
 157             BIO_clear_retry_flags(b);
 158             ERR_set_mark();
 159             ret = BIO_connect(b->num, BIO_ADDRINFO_address(c->addr_iter),
 160                               BIO_SOCK_KEEPALIVE | c->connect_mode);
 161             b->retry_reason = 0;
 162             if (ret == 0) {
 163                 if (BIO_sock_should_retry(ret)) {
 164                     BIO_set_retry_special(b);
 165                     c->state = BIO_CONN_S_BLOCKED_CONNECT;
 166                     b->retry_reason = BIO_RR_CONNECT;
 167                     ERR_pop_to_mark();
 168                 } else if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter))
 169                            != NULL) {
 170                     /*
 171                      * if there are more addresses to try, do that first
 172                      */
 173                     BIO_closesocket(b->num);
 174                     c->state = BIO_CONN_S_CREATE_SOCKET;
 175                     ERR_pop_to_mark();
 176                     break;
 177                 } else {
 178                     ERR_clear_last_mark();
 179                     ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
 180                                    "calling connect(%s, %s)",
 181                                     c->param_hostname, c->param_service);
 182                     c->state = BIO_CONN_S_CONNECT_ERROR;
 183                     break;
 184                 }
 185                 goto exit_loop;
 186             } else {
 187                 ERR_clear_last_mark();
 188                 c->state = BIO_CONN_S_OK;
 189             }
 190             break;
 191
 192         case BIO_CONN_S_BLOCKED_CONNECT:
 193             i = BIO_sock_error(b->num);
 194             if (i != 0) {
 195                 BIO_clear_retry_flags(b);
 196                 if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
 197                     /*
 198                      * if there are more addresses to try, do that first
 199                      */
 200                     BIO_closesocket(b->num);
 201                     c->state = BIO_CONN_S_CREATE_SOCKET;
 202                     break;
 203                 }
 204                 ERR_raise_data(ERR_LIB_SYS, i,
 205                                "calling connect(%s, %s)",
 206                                 c->param_hostname, c->param_service);
 207                 ERR_raise(ERR_LIB_BIO, BIO_R_NBIO_CONNECT_ERROR);
 208                 ret = 0;
 209                 goto exit_loop;
 210             } else
 211                 c->state = BIO_CONN_S_OK;
 212             break;
 213
 214         case BIO_CONN_S_CONNECT_ERROR:
 215             ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
 216             ret = 0;
 217             goto exit_loop;
 218
 219         case BIO_CONN_S_OK:
 220             ret = 1;
 221             goto exit_loop;
 222         default:
 223             /* abort(); */
 224             goto exit_loop;
 225         }
 226
 227         if (cb != NULL) {
 228             if ((ret = cb((BIO *)b, c->state, ret)) == 0)
 229                 goto end;
 230         }
 231     }
 232
 233     /* Loop does not exit */
 234  exit_loop:
 235     if (cb != NULL)
 236         ret = cb((BIO *)b, c->state, ret);
 237  end:
 238     return ret;
 239 }
 240
 241 BIO_CONNECT *BIO_CONNECT_new(void)
 242 {
 243     BIO_CONNECT *ret;
 244
 245     if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
 246         ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE);
 247         return NULL;
 248     }
 249     ret->state = BIO_CONN_S_BEFORE;
 250     ret->connect_family = BIO_FAMILY_IPANY;
 251     return ret;
 252 }
 253
 254 void BIO_CONNECT_free(BIO_CONNECT *a)
 255 {
 256     if (a == NULL)
 257         return;
 258     OPENSSL_free(a->param_hostname);
 259     OPENSSL_free(a->param_service);
 260     BIO_ADDRINFO_free(a->addr_first);
 261     OPENSSL_free(a);
 262 }
 263
 264 const BIO_METHOD *BIO_s_connect(void)
 265 {
 266     return &methods_connectp;
 267 }
 268
 269 static int conn_new(BIO *bi)
 270 {
 271     bi->init = 0;
 272     bi->num = (int)INVALID_SOCKET;
 273     bi->flags = 0;
 274     if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
 275         return 0;
 276     else
 277         return 1;
 278 }
 279
 280 static void conn_close_socket(BIO *bio)
 281 {
 282     BIO_CONNECT *c;
 283
 284     c = (BIO_CONNECT *)bio->ptr;
 285     if (bio->num != (int)INVALID_SOCKET) {
 286         /* Only do a shutdown if things were established */
 287         if (c->state == BIO_CONN_S_OK)
 288             shutdown(bio->num, 2);
 289         BIO_closesocket(bio->num);
 290         bio->num = (int)INVALID_SOCKET;
 291     }
 292 }
 293
 294 static int conn_free(BIO *a)
 295 {
 296     BIO_CONNECT *data;
 297
 298     if (a == NULL)
 299         return 0;
 300     data = (BIO_CONNECT *)a->ptr;
 301
 302     if (a->shutdown) {
 303         conn_close_socket(a);
 304         BIO_CONNECT_free(data);
 305         a->ptr = NULL;
 306         a->flags = 0;
 307         a->init = 0;
 308     }
 309     return 1;
 310 }
 311
 312 static int conn_read(BIO *b, char *out, int outl)
 313 {
 314     int ret = 0;
 315     BIO_CONNECT *data;
 316
 317     data = (BIO_CONNECT *)b->ptr;
 318     if (data->state != BIO_CONN_S_OK) {
 319         ret = conn_state(b, data);
 320         if (ret <= 0)
 321             return ret;
 322     }
 323
 324     if (out != NULL) {
 325         clear_socket_error();
 326 # ifndef OPENSSL_NO_KTLS
 327         if (BIO_get_ktls_recv(b))
 328             ret = ktls_read_record(b->num, out, outl);
 329         else
 330 # endif
 331             ret = readsocket(b->num, out, outl);
 332         BIO_clear_retry_flags(b);
 333         if (ret <= 0) {
 334             if (BIO_sock_should_retry(ret))
 335                 BIO_set_retry_read(b);
 336             else if (ret == 0)
 337                 b->flags |= BIO_FLAGS_IN_EOF;
 338         }
 339     }
 340     return ret;
 341 }
 342
 343 static int conn_write(BIO *b, const char *in, int inl)
 344 {
 345     int ret;
 346     BIO_CONNECT *data;
 347
 348     data = (BIO_CONNECT *)b->ptr;
 349     if (data->state != BIO_CONN_S_OK) {
 350         ret = conn_state(b, data);
 351         if (ret <= 0)
 352             return ret;
 353     }
 354
 355     clear_socket_error();
 356 # ifndef OPENSSL_NO_KTLS
 357     if (BIO_should_ktls_ctrl_msg_flag(b)) {
 358         ret = ktls_send_ctrl_message(b->num, data->record_type, in, inl);
 359         if (ret >= 0) {
 360             ret = inl;
 361             BIO_clear_ktls_ctrl_msg_flag(b);
 362         }
 363     } else
 364 # endif
 365         ret = writesocket(b->num, in, inl);
 366     BIO_clear_retry_flags(b);
 367     if (ret <= 0) {
 368         if (BIO_sock_should_retry(ret))
 369             BIO_set_retry_write(b);
 370     }
 371     return ret;
 372 }
 373
 374 static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 375 {
 376     BIO *dbio;
 377     int *ip;
 378     const char **pptr = NULL;
 379     long ret = 1;
 380     BIO_CONNECT *data;
 381 # ifndef OPENSSL_NO_KTLS
 382     ktls_crypto_info_t *crypto_info;
 383 # endif
 384
 385     data = (BIO_CONNECT *)b->ptr;
 386
 387     switch (cmd) {
 388     case BIO_CTRL_RESET:
 389         ret = 0;
 390         data->state = BIO_CONN_S_BEFORE;
 391         conn_close_socket(b);
 392         BIO_ADDRINFO_free(data->addr_first);
 393         data->addr_first = NULL;
 394         b->flags = 0;
 395         break;
 396     case BIO_C_DO_STATE_MACHINE:
 397         /* use this one to start the connection */
 398         if (data->state != BIO_CONN_S_OK)
 399             ret = (long)conn_state(b, data);
 400         else
 401             ret = 1;
 402         break;
 403     case BIO_C_GET_CONNECT:
 404         if (ptr != NULL) {
 405             pptr = (const char **)ptr;
 406             if (num == 0) {
 407                 *pptr = data->param_hostname;
 408             } else if (num == 1) {
 409                 *pptr = data->param_service;
 410             } else if (num == 2) {
 411                 *pptr = (const char *)BIO_ADDRINFO_address(data->addr_iter);
 412             } else if (num == 3) {
 413                 switch (BIO_ADDRINFO_family(data->addr_iter)) {
 414 # ifdef AF_INET6
 415                 case AF_INET6:
 416                     ret = BIO_FAMILY_IPV6;
 417                     break;
 418 # endif
 419                 case AF_INET:
 420                     ret = BIO_FAMILY_IPV4;
 421                     break;
 422                 case 0:
 423                     ret = data->connect_family;
 424                     break;
 425                 default:
 426                     ret = -1;
 427                     break;
 428                 }
 429             } else {
 430                 ret = 0;
 431             }
 432         } else {
 433             ret = 0;
 434         }
 435         break;
 436     case BIO_C_SET_CONNECT:
 437         if (ptr != NULL) {
 438             b->init = 1;
 439             if (num == 0) { /* BIO_set_conn_hostname */
 440                 char *hold_service = data->param_service;
 441                 /* We affect the hostname regardless.  However, the input
 442                  * string might contain a host:service spec, so we must
 443                  * parse it, which might or might not affect the service
 444                  */
 445
 446                 OPENSSL_free(data->param_hostname);
 447                 data->param_hostname = NULL;
 448                 ret = BIO_parse_hostserv(ptr,
 449                                          &data->param_hostname,
 450                                          &data->param_service,
 451                                          BIO_PARSE_PRIO_HOST);
 452                 if (hold_service != data->param_service)
 453                     OPENSSL_free(hold_service);
 454             } else if (num == 1) { /* BIO_set_conn_port */
 455                 OPENSSL_free(data->param_service);
 456                 if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
 457                     ret = 0;
 458             } else if (num == 2) { /* BIO_set_conn_address */
 459                 const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
 460                 char *host = BIO_ADDR_hostname_string(addr, 1);
 461                 char *service = BIO_ADDR_service_string(addr, 1);
 462
 463                 ret = host != NULL && service != NULL;
 464                 if (ret) {
 465                     OPENSSL_free(data->param_hostname);
 466                     data->param_hostname = host;
 467                     OPENSSL_free(data->param_service);
 468                     data->param_service = service;
 469                     BIO_ADDRINFO_free(data->addr_first);
 470                     data->addr_first = NULL;
 471                     data->addr_iter = NULL;
 472                 } else {
 473                     OPENSSL_free(host);
 474                     OPENSSL_free(service);
 475                 }
 476             } else if (num == 3) { /* BIO_set_conn_ip_family */
 477                 data->connect_family = *(int *)ptr;
 478             } else {
 479                 ret = 0;
 480             }
 481         }
 482         break;
 483     case BIO_C_SET_NBIO:
 484         if (num != 0)
 485             data->connect_mode |= BIO_SOCK_NONBLOCK;
 486         else
 487             data->connect_mode &= ~BIO_SOCK_NONBLOCK;
 488         break;
 489     case BIO_C_SET_CONNECT_MODE:
 490         data->connect_mode = (int)num;
 491         break;
 492     case BIO_C_GET_FD:
 493         if (b->init) {
 494             ip = (int *)ptr;
 495             if (ip != NULL)
 496                 *ip = b->num;
 497             ret = b->num;
 498         } else
 499             ret = -1;
 500         break;
 501     case BIO_CTRL_GET_CLOSE:
 502         ret = b->shutdown;
 503         break;
 504     case BIO_CTRL_SET_CLOSE:
 505         b->shutdown = (int)num;
 506         break;
 507     case BIO_CTRL_PENDING:
 508     case BIO_CTRL_WPENDING:
 509         ret = 0;
 510         break;
 511     case BIO_CTRL_FLUSH:
 512         break;
 513     case BIO_CTRL_DUP:
 514         {
 515             dbio = (BIO *)ptr;
 516             if (data->param_hostname)
 517                 BIO_set_conn_hostname(dbio, data->param_hostname);
 518             if (data->param_service)
 519                 BIO_set_conn_port(dbio, data->param_service);
 520             BIO_set_conn_ip_family(dbio, data->connect_family);
 521             BIO_set_conn_mode(dbio, data->connect_mode);
 522             /*
 523              * FIXME: the cast of the function seems unlikely to be a good
 524              * idea
 525              */
 526             (void)BIO_set_info_callback(dbio, data->info_callback);
 527         }
 528         break;
 529     case BIO_CTRL_SET_CALLBACK:
 530         ret = 0; /* use callback ctrl */
 531         break;
 532     case BIO_CTRL_GET_CALLBACK:
 533         {
 534             BIO_info_cb **fptr;
 535
 536             fptr = (BIO_info_cb **)ptr;
 537             *fptr = data->info_callback;
 538         }
 539         break;
 540     case BIO_CTRL_EOF:
 541         ret = (b->flags & BIO_FLAGS_IN_EOF) != 0;
 542         break;
 543 # ifndef OPENSSL_NO_KTLS
 544     case BIO_CTRL_SET_KTLS:
 545         crypto_info = (ktls_crypto_info_t *)ptr;
 546         ret = ktls_start(b->num, crypto_info, num);
 547         if (ret)
 548             BIO_set_ktls_flag(b, num);
 549         break;
 550     case BIO_CTRL_GET_KTLS_SEND:
 551         return BIO_should_ktls_flag(b, 1) != 0;
 552     case BIO_CTRL_GET_KTLS_RECV:
 553         return BIO_should_ktls_flag(b, 0) != 0;
 554     case BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG:
 555         BIO_set_ktls_ctrl_msg_flag(b);
 556         data->record_type = num;
 557         ret = 0;
 558         break;
 559     case BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG:
 560         BIO_clear_ktls_ctrl_msg_flag(b);
 561         ret = 0;
 562         break;
 563 # endif
 564     default:
 565         ret = 0;
 566         break;
 567     }
 568     return ret;
 569 }
 570
 571 static long conn_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
 572 {
 573     long ret = 1;
 574     BIO_CONNECT *data;
 575
 576     data = (BIO_CONNECT *)b->ptr;
 577
 578     switch (cmd) {
 579     case BIO_CTRL_SET_CALLBACK:
 580         {
 581             data->info_callback = fp;
 582         }
 583         break;
 584     default:
 585         ret = 0;
 586         break;
 587     }
 588     return ret;
 589 }
 590
 591 static int conn_puts(BIO *bp, const char *str)
 592 {
 593     int n, ret;
 594
 595     n = strlen(str);
 596     ret = conn_write(bp, str, n);
 597     return ret;
 598 }
 599
 600 BIO *BIO_new_connect(const char *str)
 601 {
 602     BIO *ret;
 603
 604     ret = BIO_new(BIO_s_connect());
 605     if (ret == NULL)
 606         return NULL;
 607     if (BIO_set_conn_hostname(ret, str))
 608         return ret;
 609     BIO_free(ret);
 610     return NULL;
 611 }
 612
 613 #endif