X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fbio%2Fbss_dgram.c;h=b14d03666a10b17c4eaac520ec34db5a2c5556e4;hp=089a95209646e4b5b368a64b17b493841847e5de;hb=14097b6a9263a40615a5c4cbf3fe808b1a14ffde;hpb=03a1c85062b44d9d9aa0ab5808c4f93b3516071c diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index 089a952096..b14d03666a 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -1,76 +1,21 @@ -/* crypto/bio/bio_dgram.c */ /* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include #include -#define USE_SOCKETS -#include "internal/cryptlib.h" -#include +#include "bio_lcl.h" #ifndef OPENSSL_NO_DGRAM -# if !(defined(_WIN32) || defined(OPENSSL_SYS_VMS)) +# if !defined(_WIN32) # include # endif -# if defined(OPENSSL_SYS_VMS) -# include -# endif # ifndef OPENSSL_NO_SCTP # include @@ -97,12 +42,6 @@ ((a)->s6_addr32[2] == htonl(0x0000ffff))) # endif -# ifdef WATT32 -# define sock_write SockWrite /* Watt-32 uses same names */ -# define sock_read SockRead -# define sock_puts SockPuts -# endif - static int dgram_write(BIO *h, const char *buf, int num); static int dgram_read(BIO *h, char *buf, int size); static int dgram_puts(BIO *h, const char *str); @@ -128,10 +67,14 @@ static int BIO_dgram_should_retry(int s); static void get_current_time(struct timeval *t); -static BIO_METHOD methods_dgramp = { +static const BIO_METHOD methods_dgramp = { BIO_TYPE_DGRAM, "datagram socket", + /* TODO: Convert to new style write function */ + bwrite_conv, dgram_write, + /* TODO: Convert to new style read function */ + bread_conv, dgram_read, dgram_puts, NULL, /* dgram_gets, */ @@ -142,10 +85,14 @@ static BIO_METHOD methods_dgramp = { }; # ifndef OPENSSL_NO_SCTP -static BIO_METHOD methods_dgramp_sctp = { +static const BIO_METHOD methods_dgramp_sctp = { BIO_TYPE_DGRAM_SCTP, "datagram sctp socket", + /* TODO: Convert to new style write function */ + bwrite_conv, dgram_sctp_write, + /* TODO: Convert to new style write function */ + bread_conv, dgram_sctp_read, dgram_sctp_puts, NULL, /* dgram_gets, */ @@ -157,18 +104,13 @@ static BIO_METHOD methods_dgramp_sctp = { # endif typedef struct bio_dgram_data_st { - union { - struct sockaddr sa; - struct sockaddr_in sa_in; -# if OPENSSL_USE_IPV6 - struct sockaddr_in6 sa_in6; -# endif - } peer; + BIO_ADDR peer; unsigned int connected; unsigned int _errno; unsigned int mtu; struct timeval next_timeout; struct timeval socket_timeout; + unsigned int peekmode; } bio_dgram_data; # ifndef OPENSSL_NO_SCTP @@ -179,13 +121,7 @@ typedef struct bio_dgram_sctp_save_message_st { } bio_dgram_sctp_save_message; typedef struct bio_dgram_sctp_data_st { - union { - struct sockaddr sa; - struct sockaddr_in sa_in; -# if OPENSSL_USE_IPV6 - struct sockaddr_in6 sa_in6; -# endif - } peer; + BIO_ADDR peer; unsigned int connected; unsigned int _errno; unsigned int mtu; @@ -203,7 +139,7 @@ typedef struct bio_dgram_sctp_data_st { } bio_dgram_sctp_data; # endif -BIO_METHOD *BIO_s_datagram(void) +const BIO_METHOD *BIO_s_datagram(void) { return (&methods_dgramp); } @@ -221,17 +157,11 @@ BIO *BIO_new_dgram(int fd, int close_flag) static int dgram_new(BIO *bi) { - bio_dgram_data *data = NULL; + bio_dgram_data *data = OPENSSL_zalloc(sizeof(*data)); - bi->init = 0; - bi->num = 0; - data = OPENSSL_malloc(sizeof(*data)); if (data == NULL) return 0; - memset(data, 0, sizeof(*data)); bi->ptr = data; - - bi->flags = 0; return (1); } @@ -256,7 +186,7 @@ static int dgram_clear(BIO *a) return (0); if (a->shutdown) { if (a->init) { - SHUTDOWN2(a->num); + BIO_closesocket(a->num); } a->init = 0; a->flags = 0; @@ -319,7 +249,7 @@ static void dgram_adjust_rcv_timeout(BIO *b) } /* - * Adjust socket timeout if next handhake message timer will expire + * Adjust socket timeout if next handshake message timer will expire * earlier. */ if ((data->socket_timeout.tv_sec == 0 @@ -373,39 +303,22 @@ static int dgram_read(BIO *b, char *out, int outl) { int ret = 0; bio_dgram_data *data = (bio_dgram_data *)b->ptr; + int flags = 0; - struct { - /* - * See commentary in b_sock.c. - */ - union { - size_t s; - int i; - } len; - union { - struct sockaddr sa; - struct sockaddr_in sa_in; -# if OPENSSL_USE_IPV6 - struct sockaddr_in6 sa_in6; -# endif - } peer; - } sa; - - sa.len.s = 0; - sa.len.i = sizeof(sa.peer); + BIO_ADDR peer; + socklen_t len = sizeof(peer); if (out != NULL) { clear_socket_error(); - memset(&sa.peer, 0, sizeof(sa.peer)); + memset(&peer, 0, sizeof(peer)); dgram_adjust_rcv_timeout(b); - ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len); - if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) { - OPENSSL_assert(sa.len.s <= sizeof(sa.peer)); - sa.len.i = (int)sa.len.s; - } + if (data->peekmode) + flags = MSG_PEEK; + ret = recvfrom(b->num, out, outl, flags, + BIO_ADDR_sockaddr_noconst(&peer), &len); if (!data->connected && ret >= 0) - BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer); + BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer); BIO_clear_retry_flags(b); if (ret < 0) { @@ -429,18 +342,14 @@ static int dgram_write(BIO *b, const char *in, int inl) if (data->connected) ret = writesocket(b->num, in, inl); else { - int peerlen = sizeof(data->peer); + int peerlen = BIO_ADDR_sockaddr_size(&data->peer); - if (data->peer.sa.sa_family == AF_INET) - peerlen = sizeof(data->peer.sa_in); -# if OPENSSL_USE_IPV6 - else if (data->peer.sa.sa_family == AF_INET6) - peerlen = sizeof(data->peer.sa_in6); -# endif # if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK) - ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen); + ret = sendto(b->num, (char *)in, inl, 0, + BIO_ADDR_sockaddr(&data->peer), peerlen); # else - ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen); + ret = sendto(b->num, in, inl, 0, + BIO_ADDR_sockaddr(&data->peer), peerlen); # endif } @@ -458,27 +367,31 @@ static long dgram_get_mtu_overhead(bio_dgram_data *data) { long ret; - switch (data->peer.sa.sa_family) { + switch (BIO_ADDR_family(&data->peer)) { case AF_INET: /* * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP */ ret = 28; break; -# if OPENSSL_USE_IPV6 +# ifdef AF_INET6 case AF_INET6: + { # ifdef IN6_IS_ADDR_V4MAPPED - if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr)) - /* - * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP - */ - ret = 28; - else + struct in6_addr tmp_addr; + if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL) + && IN6_IS_ADDR_V4MAPPED(&tmp_addr)) + /* + * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP + */ + ret = 28; + else # endif /* * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP */ ret = 48; + } break; # endif default: @@ -493,20 +406,14 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) { long ret = 1; int *ip; - struct sockaddr *to = NULL; bio_dgram_data *data = NULL; int sockopt_val = 0; + int d_errno; # if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU)) socklen_t sockopt_len; /* assume that system supporting IP_MTU is * modern enough to define socklen_t */ socklen_t addr_len; - union { - struct sockaddr sa; - struct sockaddr_in s4; -# if OPENSSL_USE_IPV6 - struct sockaddr_in6 s6; -# endif - } addr; + BIO_ADDR addr; # endif data = (bio_dgram_data *)b->ptr; @@ -514,10 +421,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) switch (cmd) { case BIO_CTRL_RESET: num = 0; - case BIO_C_FILE_SEEK: ret = 0; break; - case BIO_C_FILE_TELL: case BIO_CTRL_INFO: ret = 0; break; @@ -551,20 +456,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) ret = 1; break; case BIO_CTRL_DGRAM_CONNECT: - to = (struct sockaddr *)ptr; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; -# if OPENSSL_USE_IPV6 - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; -# endif - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } + BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr)); break; /* (Linux)kernel sets DF bit on outgoing IP packets */ case BIO_CTRL_DGRAM_MTU_DISCOVER: @@ -649,18 +541,22 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_CTRL_DGRAM_GET_FALLBACK_MTU: ret = -dgram_get_mtu_overhead(data); - switch (data->peer.sa.sa_family) { + switch (BIO_ADDR_family(&data->peer)) { case AF_INET: ret += 576; break; # if OPENSSL_USE_IPV6 case AF_INET6: + { # ifdef IN6_IS_ADDR_V4MAPPED - if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr)) - ret += 576; - else + struct in6_addr tmp_addr; + if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL) + && IN6_IS_ADDR_V4MAPPED(&tmp_addr)) + ret += 576; + else # endif - ret += 1280; + ret += 1280; + } break; # endif default: @@ -675,61 +571,24 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) ret = num; break; case BIO_CTRL_DGRAM_SET_CONNECTED: - to = (struct sockaddr *)ptr; - - if (to != NULL) { + if (ptr != NULL) { data->connected = 1; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; -# if OPENSSL_USE_IPV6 - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; -# endif - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } + BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr)); } else { data->connected = 0; memset(&data->peer, 0, sizeof(data->peer)); } break; case BIO_CTRL_DGRAM_GET_PEER: - switch (data->peer.sa.sa_family) { - case AF_INET: - ret = sizeof(data->peer.sa_in); - break; -# if OPENSSL_USE_IPV6 - case AF_INET6: - ret = sizeof(data->peer.sa_in6); - break; -# endif - default: - ret = sizeof(data->peer.sa); - break; - } + ret = BIO_ADDR_sockaddr_size(&data->peer); + /* FIXME: if num < ret, we will only return part of an address. + That should bee an error, no? */ if (num == 0 || num > ret) num = ret; memcpy(ptr, &data->peer, (ret = num)); break; case BIO_CTRL_DGRAM_SET_PEER: - to = (struct sockaddr *)ptr; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; -# if OPENSSL_USE_IPV6 - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; -# endif - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } + BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr)); break; case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT: memcpy(&(data->next_timeout), ptr, sizeof(struct timeval)); @@ -852,11 +711,11 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) /* fall-through */ case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP: # ifdef OPENSSL_SYS_WINDOWS - if (data->_errno == WSAETIMEDOUT) + d_errno = (data->_errno == WSAETIMEDOUT); # else - if (data->_errno == EAGAIN) + d_errno = (data->_errno == EAGAIN); # endif - { + if (d_errno) { ret = 1; data->_errno = 0; } else @@ -929,6 +788,9 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD: ret = dgram_get_mtu_overhead(data); break; + case BIO_CTRL_DGRAM_SET_PEEK_MODE: + data->peekmode = (unsigned int)num; + break; default: ret = 0; break; @@ -946,7 +808,7 @@ static int dgram_puts(BIO *bp, const char *str) } # ifndef OPENSSL_NO_SCTP -BIO_METHOD *BIO_s_datagram_sctp(void) +const BIO_METHOD *BIO_s_datagram_sctp(void) { return (&methods_dgramp_sctp); } @@ -997,16 +859,13 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag) * connected socket won't use it. */ sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); - authchunks = OPENSSL_malloc(sockopt_len); - if (!authchunks) { + authchunks = OPENSSL_zalloc(sockopt_len); + if (authchunks == NULL) { BIO_vfree(bio); return (NULL); } - memset(authchunks, 0, sockopt_len); - ret = - getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, + ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len); - if (ret < 0) { OPENSSL_free(authchunks); BIO_vfree(bio); @@ -1086,10 +945,9 @@ static int dgram_sctp_new(BIO *bi) bi->init = 0; bi->num = 0; - data = OPENSSL_malloc(sizeof(*data)); + data = OPENSSL_zalloc(sizeof(*data)); if (data == NULL) return 0; - memset(data, 0, sizeof(*data)); # ifdef SCTP_PR_SCTP_NONE data->prinfo.pr_policy = SCTP_PR_SCTP_NONE; # endif @@ -1219,9 +1077,13 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) * it can be sent now. */ if (data->saved_message.length > 0) { - dgram_sctp_write(data->saved_message.bio, + i = dgram_sctp_write(data->saved_message.bio, data->saved_message.data, data->saved_message.length); + if (i < 0) { + ret = i; + break; + } OPENSSL_free(data->saved_message.data); data->saved_message.data = NULL; data->saved_message.length = 0; @@ -1335,7 +1197,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) optlen = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); authchunks = OPENSSL_malloc(optlen); - if (!authchunks) { + if (authchunks == NULL) { BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE); return -1; } @@ -1366,6 +1228,14 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) return (ret); } +/* + * dgram_sctp_write - send message on SCTP socket + * @b: BIO to write to + * @in: data to send + * @inl: amount of bytes in @in to send + * + * Returns -1 on error or the sent amount of bytes on success + */ static int dgram_sctp_write(BIO *b, const char *in, int inl) { int ret; @@ -1755,7 +1625,8 @@ int BIO_dgram_sctp_notification_cb(BIO *b, int BIO_dgram_sctp_wait_for_dry(BIO *b) { int is_dry = 0; - int n, sockflags, ret; + int sockflags = 0; + int n, ret; union sctp_notification snp; struct msghdr msg; struct iovec iov; @@ -2065,11 +1936,6 @@ static void get_current_time(struct timeval *t) # endif t->tv_sec = (long)(now.ul / 10000000); t->tv_usec = ((int)(now.ul % 10000000)) / 10; -# elif defined(OPENSSL_SYS_VMS) - struct timeb tb; - ftime(&tb); - t->tv_sec = (long)tb.time; - t->tv_usec = (long)tb.millitm * 1000; # else gettimeofday(t, NULL); # endif