0d3c1cf3426beb304205cb9303eebb532b3ef247
[openssl.git] / crypto / bio / bss_dgram.c
1 /* crypto/bio/bio_dgram.c */
2 /* 
3  * DTLS implementation written by Nagendra Modadugu
4  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
5  */
6 /* ====================================================================
7  * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer. 
15  *
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in
18  *    the documentation and/or other materials provided with the
19  *    distribution.
20  *
21  * 3. All advertising materials mentioning features or use of this
22  *    software must display the following acknowledgment:
23  *    "This product includes software developed by the OpenSSL Project
24  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25  *
26  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27  *    endorse or promote products derived from this software without
28  *    prior written permission. For written permission, please contact
29  *    openssl-core@OpenSSL.org.
30  *
31  * 5. Products derived from this software may not be called "OpenSSL"
32  *    nor may "OpenSSL" appear in their names without prior written
33  *    permission of the OpenSSL Project.
34  *
35  * 6. Redistributions of any form whatsoever must retain the following
36  *    acknowledgment:
37  *    "This product includes software developed by the OpenSSL Project
38  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39  *
40  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
44  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51  * OF THE POSSIBILITY OF SUCH DAMAGE.
52  * ====================================================================
53  *
54  * This product includes cryptographic software written by Eric Young
55  * (eay@cryptsoft.com).  This product includes software written by Tim
56  * Hudson (tjh@cryptsoft.com).
57  *
58  */
59
60
61 #include <stdio.h>
62 #include <errno.h>
63 #define USE_SOCKETS
64 #include "cryptlib.h"
65
66 #include <openssl/bio.h>
67 #ifndef OPENSSL_NO_DGRAM
68
69 #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
70 #include <sys/timeb.h>
71 #endif
72
73 #ifndef OPENSSL_NO_SCTP
74 #include <netinet/sctp.h>
75 #include <fcntl.h>
76 #define OPENSSL_SCTP_DATA_CHUNK_TYPE            0x00
77 #define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
78 #endif
79
80 #if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
81 #define IP_MTU      14 /* linux is lame */
82 #endif
83
84 #if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
85 /* Standard definition causes type-punning problems. */
86 #undef IN6_IS_ADDR_V4MAPPED
87 #define s6_addr32 __u6_addr.__u6_addr32
88 #define IN6_IS_ADDR_V4MAPPED(a)               \
89         (((a)->s6_addr32[0] == 0) &&          \
90          ((a)->s6_addr32[1] == 0) &&          \
91          ((a)->s6_addr32[2] == htonl(0x0000ffff)))
92 #endif
93
94 #ifdef WATT32
95 #define sock_write SockWrite  /* Watt-32 uses same names */
96 #define sock_read  SockRead
97 #define sock_puts  SockPuts
98 #endif
99
100 static int dgram_write(BIO *h, const char *buf, int num);
101 static int dgram_read(BIO *h, char *buf, int size);
102 static int dgram_puts(BIO *h, const char *str);
103 static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
104 static int dgram_new(BIO *h);
105 static int dgram_free(BIO *data);
106 static int dgram_clear(BIO *bio);
107
108 #ifndef OPENSSL_NO_SCTP
109 static int dgram_sctp_write(BIO *h, const char *buf, int num);
110 static int dgram_sctp_read(BIO *h, char *buf, int size);
111 static int dgram_sctp_puts(BIO *h, const char *str);
112 static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
113 static int dgram_sctp_new(BIO *h);
114 static int dgram_sctp_free(BIO *data);
115 #ifdef SCTP_AUTHENTICATION_EVENT
116 static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp);
117 #endif
118 #endif
119
120 static int BIO_dgram_should_retry(int s);
121
122 static void get_current_time(struct timeval *t);
123
124 static BIO_METHOD methods_dgramp=
125         {
126         BIO_TYPE_DGRAM,
127         "datagram socket",
128         dgram_write,
129         dgram_read,
130         dgram_puts,
131         NULL, /* dgram_gets, */
132         dgram_ctrl,
133         dgram_new,
134         dgram_free,
135         NULL,
136         };
137
138 #ifndef OPENSSL_NO_SCTP
139 static BIO_METHOD methods_dgramp_sctp=
140         {
141         BIO_TYPE_DGRAM_SCTP,
142         "datagram sctp socket",
143         dgram_sctp_write,
144         dgram_sctp_read,
145         dgram_sctp_puts,
146         NULL, /* dgram_gets, */
147         dgram_sctp_ctrl,
148         dgram_sctp_new,
149         dgram_sctp_free,
150         NULL,
151         };
152 #endif
153
154 typedef struct bio_dgram_data_st
155         {
156         union {
157                 struct sockaddr sa;
158                 struct sockaddr_in sa_in;
159 #if OPENSSL_USE_IPV6
160                 struct sockaddr_in6 sa_in6;
161 #endif
162         } peer;
163         unsigned int connected;
164         unsigned int _errno;
165         unsigned int mtu;
166         struct timeval next_timeout;
167         struct timeval socket_timeout;
168         } bio_dgram_data;
169
170 #ifndef OPENSSL_NO_SCTP
171 typedef struct bio_dgram_sctp_save_message_st
172         {
173         BIO *bio;
174         char *data;
175         int length;
176         } bio_dgram_sctp_save_message;
177
178 typedef struct bio_dgram_sctp_data_st
179         {
180         union {
181                 struct sockaddr sa;
182                 struct sockaddr_in sa_in;
183 #if OPENSSL_USE_IPV6
184                 struct sockaddr_in6 sa_in6;
185 #endif
186         } peer;
187         unsigned int connected;
188         unsigned int _errno;
189         unsigned int mtu;
190         struct bio_dgram_sctp_sndinfo sndinfo;
191         struct bio_dgram_sctp_rcvinfo rcvinfo;
192         struct bio_dgram_sctp_prinfo prinfo;
193         void (*handle_notifications)(BIO *bio, void *context, void *buf);
194         void* notification_context;
195         int in_handshake;
196         int ccs_rcvd;
197         int ccs_sent;
198         int save_shutdown;
199         int peer_auth_tested;
200         bio_dgram_sctp_save_message saved_message;
201         } bio_dgram_sctp_data;
202 #endif
203
204 BIO_METHOD *BIO_s_datagram(void)
205         {
206         return(&methods_dgramp);
207         }
208
209 BIO *BIO_new_dgram(int fd, int close_flag)
210         {
211         BIO *ret;
212
213         ret=BIO_new(BIO_s_datagram());
214         if (ret == NULL) return(NULL);
215         BIO_set_fd(ret,fd,close_flag);
216         return(ret);
217         }
218
219 static int dgram_new(BIO *bi)
220         {
221         bio_dgram_data *data = NULL;
222
223         bi->init=0;
224         bi->num=0;
225         data = OPENSSL_malloc(sizeof(bio_dgram_data));
226         if (data == NULL)
227                 return 0;
228         memset(data, 0x00, sizeof(bio_dgram_data));
229     bi->ptr = data;
230
231         bi->flags=0;
232         return(1);
233         }
234
235 static int dgram_free(BIO *a)
236         {
237         bio_dgram_data *data;
238
239         if (a == NULL) return(0);
240         if ( ! dgram_clear(a))
241                 return 0;
242
243         data = (bio_dgram_data *)a->ptr;
244         if(data != NULL) OPENSSL_free(data);
245
246         return(1);
247         }
248
249 static int dgram_clear(BIO *a)
250         {
251         if (a == NULL) return(0);
252         if (a->shutdown)
253                 {
254                 if (a->init)
255                         {
256                         SHUTDOWN2(a->num);
257                         }
258                 a->init=0;
259                 a->flags=0;
260                 }
261         return(1);
262         }
263
264 static void dgram_adjust_rcv_timeout(BIO *b)
265         {
266 #if defined(SO_RCVTIMEO)
267         bio_dgram_data *data = (bio_dgram_data *)b->ptr;
268         union { size_t s; int i; } sz = {0};
269
270         /* Is a timer active? */
271         if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
272                 {
273                 struct timeval timenow, timeleft;
274
275                 /* Read current socket timeout */
276 #ifdef OPENSSL_SYS_WINDOWS
277                 int timeout;
278
279                 sz.i = sizeof(timeout);
280                 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
281                                            (void*)&timeout, &sz) < 0)
282                         { perror("getsockopt"); }
283                 else
284                         {
285                         data->socket_timeout.tv_sec = timeout / 1000;
286                         data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
287                         }
288 #else
289                 sz.i = sizeof(data->socket_timeout);
290                 if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, 
291                                                 &(data->socket_timeout), (void *)&sz) < 0)
292                         { perror("getsockopt"); }
293                 else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
294                         OPENSSL_assert(sz.s<=sizeof(data->socket_timeout));
295 #endif
296
297                 /* Get current time */
298                 get_current_time(&timenow);
299
300                 /* Calculate time left until timer expires */
301                 memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
302                 timeleft.tv_sec -= timenow.tv_sec;
303                 timeleft.tv_usec -= timenow.tv_usec;
304                 if (timeleft.tv_usec < 0)
305                         {
306                         timeleft.tv_sec--;
307                         timeleft.tv_usec += 1000000;
308                         }
309
310                 if (timeleft.tv_sec < 0)
311                         {
312                         timeleft.tv_sec = 0;
313                         timeleft.tv_usec = 1;
314                         }
315
316                 /* Adjust socket timeout if next handhake message timer
317                  * will expire earlier.
318                  */
319                 if ((data->socket_timeout.tv_sec == 0 && data->socket_timeout.tv_usec == 0) ||
320                         (data->socket_timeout.tv_sec > timeleft.tv_sec) ||
321                         (data->socket_timeout.tv_sec == timeleft.tv_sec &&
322                          data->socket_timeout.tv_usec >= timeleft.tv_usec))
323                         {
324 #ifdef OPENSSL_SYS_WINDOWS
325                         timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
326                         if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
327                                                    (void*)&timeout, sizeof(timeout)) < 0)
328                                 { perror("setsockopt"); }
329 #else
330                         if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
331                                                         sizeof(struct timeval)) < 0)
332                                 { perror("setsockopt"); }
333 #endif
334                         }
335                 }
336 #endif
337         }
338
339 static void dgram_reset_rcv_timeout(BIO *b)
340         {
341 #if defined(SO_RCVTIMEO)
342         bio_dgram_data *data = (bio_dgram_data *)b->ptr;
343
344         /* Is a timer active? */
345         if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
346                 {
347 #ifdef OPENSSL_SYS_WINDOWS
348                 int timeout = data->socket_timeout.tv_sec * 1000 +
349                                           data->socket_timeout.tv_usec / 1000;
350                 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
351                                            (void*)&timeout, sizeof(timeout)) < 0)
352                         { perror("setsockopt"); }
353 #else
354                 if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
355                                                 sizeof(struct timeval)) < 0)
356                         { perror("setsockopt"); }
357 #endif
358                 }
359 #endif
360         }
361
362 static int dgram_read(BIO *b, char *out, int outl)
363         {
364         int ret=0;
365         bio_dgram_data *data = (bio_dgram_data *)b->ptr;
366
367         struct  {
368         /*
369          * See commentary in b_sock.c. <appro>
370          */
371         union   { size_t s; int i; } len;
372         union   {
373                 struct sockaddr sa;
374                 struct sockaddr_in sa_in;
375 #if OPENSSL_USE_IPV6
376                 struct sockaddr_in6 sa_in6;
377 #endif
378                 } peer;
379         } sa;
380
381         sa.len.s=0;
382         sa.len.i=sizeof(sa.peer);
383
384         if (out != NULL)
385                 {
386                 clear_socket_error();
387                 memset(&sa.peer, 0x00, sizeof(sa.peer));
388                 dgram_adjust_rcv_timeout(b);
389                 ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
390                 if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
391                         {
392                         OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
393                         sa.len.i = (int)sa.len.s;
394                         }
395
396                 if ( ! data->connected  && ret >= 0)
397                         BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
398
399                 BIO_clear_retry_flags(b);
400                 if (ret < 0)
401                         {
402                         if (BIO_dgram_should_retry(ret))
403                                 {
404                                 BIO_set_retry_read(b);
405                                 data->_errno = get_last_socket_error();
406                                 }
407                         }
408
409                 dgram_reset_rcv_timeout(b);
410                 }
411         return(ret);
412         }
413
414 static int dgram_write(BIO *b, const char *in, int inl)
415         {
416         int ret;
417         bio_dgram_data *data = (bio_dgram_data *)b->ptr;
418         clear_socket_error();
419
420         if ( data->connected )
421                 ret=writesocket(b->num,in,inl);
422         else
423                 {
424                 int peerlen = sizeof(data->peer);
425
426                 if (data->peer.sa.sa_family == AF_INET)
427                         peerlen = sizeof(data->peer.sa_in);
428 #if OPENSSL_USE_IPV6
429                 else if (data->peer.sa.sa_family == AF_INET6)
430                         peerlen = sizeof(data->peer.sa_in6);
431 #endif
432 #if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
433                 ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
434 #else
435                 ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
436 #endif
437                 }
438
439         BIO_clear_retry_flags(b);
440         if (ret <= 0)
441                 {
442                 if (BIO_dgram_should_retry(ret))
443                         {
444                         BIO_set_retry_write(b);  
445                         data->_errno = get_last_socket_error();
446
447 #if 0 /* higher layers are responsible for querying MTU, if necessary */
448                         if ( data->_errno == EMSGSIZE)
449                                 /* retrieve the new MTU */
450                                 BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
451 #endif
452                         }
453                 }
454         return(ret);
455         }
456
457 static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
458         {
459         long ret=1;
460         int *ip;
461         struct sockaddr *to = NULL;
462         bio_dgram_data *data = NULL;
463         int sockopt_val = 0;
464 #if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
465         socklen_t sockopt_len;  /* assume that system supporting IP_MTU is
466                                  * modern enough to define socklen_t */
467         socklen_t addr_len;
468         union   {
469                 struct sockaddr sa;
470                 struct sockaddr_in s4;
471 #if OPENSSL_USE_IPV6
472                 struct sockaddr_in6 s6;
473 #endif
474                 } addr;
475 #endif
476
477         data = (bio_dgram_data *)b->ptr;
478
479         switch (cmd)
480                 {
481         case BIO_CTRL_RESET:
482                 num=0;
483         case BIO_C_FILE_SEEK:
484                 ret=0;
485                 break;
486         case BIO_C_FILE_TELL:
487         case BIO_CTRL_INFO:
488                 ret=0;
489                 break;
490         case BIO_C_SET_FD:
491                 dgram_clear(b);
492                 b->num= *((int *)ptr);
493                 b->shutdown=(int)num;
494                 b->init=1;
495                 break;
496         case BIO_C_GET_FD:
497                 if (b->init)
498                         {
499                         ip=(int *)ptr;
500                         if (ip != NULL) *ip=b->num;
501                         ret=b->num;
502                         }
503                 else
504                         ret= -1;
505                 break;
506         case BIO_CTRL_GET_CLOSE:
507                 ret=b->shutdown;
508                 break;
509         case BIO_CTRL_SET_CLOSE:
510                 b->shutdown=(int)num;
511                 break;
512         case BIO_CTRL_PENDING:
513         case BIO_CTRL_WPENDING:
514                 ret=0;
515                 break;
516         case BIO_CTRL_DUP:
517         case BIO_CTRL_FLUSH:
518                 ret=1;
519                 break;
520         case BIO_CTRL_DGRAM_CONNECT:
521                 to = (struct sockaddr *)ptr;
522 #if 0
523                 if (connect(b->num, to, sizeof(struct sockaddr)) < 0)
524                         { perror("connect"); ret = 0; }
525                 else
526                         {
527 #endif
528                         switch (to->sa_family)
529                                 {
530                                 case AF_INET:
531                                         memcpy(&data->peer,to,sizeof(data->peer.sa_in));
532                                         break;
533 #if OPENSSL_USE_IPV6
534                                 case AF_INET6:
535                                         memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
536                                         break;
537 #endif
538                                 default:
539                                         memcpy(&data->peer,to,sizeof(data->peer.sa));
540                                         break;
541                                 }
542 #if 0
543                         }
544 #endif
545                 break;
546                 /* (Linux)kernel sets DF bit on outgoing IP packets */
547         case BIO_CTRL_DGRAM_MTU_DISCOVER:
548 #if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
549                 addr_len = (socklen_t)sizeof(addr);
550                 memset((void *)&addr, 0, sizeof(addr));
551                 if (getsockname(b->num, &addr.sa, &addr_len) < 0)
552                         {
553                         ret = 0;
554                         break;
555                         }
556                 switch (addr.sa.sa_family)
557                         {
558                 case AF_INET:
559                         sockopt_val = IP_PMTUDISC_DO;
560                         if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
561                                 &sockopt_val, sizeof(sockopt_val))) < 0)
562                                 perror("setsockopt");
563                         break;
564 #if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
565                 case AF_INET6:
566                         sockopt_val = IPV6_PMTUDISC_DO;
567                         if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
568                                 &sockopt_val, sizeof(sockopt_val))) < 0)
569                                 perror("setsockopt");
570                         break;
571 #endif
572                 default:
573                         ret = -1;
574                         break;
575                         }
576                 ret = -1;
577 #else
578                 break;
579 #endif
580         case BIO_CTRL_DGRAM_QUERY_MTU:
581 #if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
582                 addr_len = (socklen_t)sizeof(addr);
583                 memset((void *)&addr, 0, sizeof(addr));
584                 if (getsockname(b->num, &addr.sa, &addr_len) < 0)
585                         {
586                         ret = 0;
587                         break;
588                         }
589                 sockopt_len = sizeof(sockopt_val);
590                 switch (addr.sa.sa_family)
591                         {
592                 case AF_INET:
593                         if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
594                                 &sockopt_len)) < 0 || sockopt_val < 0)
595                                 {
596                                 ret = 0;
597                                 }
598                         else
599                                 {
600                                 /* we assume that the transport protocol is UDP and no
601                                  * IP options are used.
602                                  */
603                                 data->mtu = sockopt_val - 8 - 20;
604                                 ret = data->mtu;
605                                 }
606                         break;
607 #if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
608                 case AF_INET6:
609                         if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val,
610                                 &sockopt_len)) < 0 || sockopt_val < 0)
611                                 {
612                                 ret = 0;
613                                 }
614                         else
615                                 {
616                                 /* we assume that the transport protocol is UDP and no
617                                  * IPV6 options are used.
618                                  */
619                                 data->mtu = sockopt_val - 8 - 40;
620                                 ret = data->mtu;
621                                 }
622                         break;
623 #endif
624                 default:
625                         ret = 0;
626                         break;
627                         }
628 #else
629                 ret = 0;
630 #endif
631                 break;
632         case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
633                 switch (data->peer.sa.sa_family)
634                         {
635                         case AF_INET:
636                                 ret = 576 - 20 - 8;
637                                 break;
638 #if OPENSSL_USE_IPV6
639                         case AF_INET6:
640 #ifdef IN6_IS_ADDR_V4MAPPED
641                                 if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
642                                         ret = 576 - 20 - 8;
643                                 else
644 #endif
645                                         ret = 1280 - 40 - 8;
646                                 break;
647 #endif
648                         default:
649                                 ret = 576 - 20 - 8;
650                                 break;
651                         }
652                 break;
653         case BIO_CTRL_DGRAM_GET_MTU:
654                 return data->mtu;
655                 break;
656         case BIO_CTRL_DGRAM_SET_MTU:
657                 data->mtu = num;
658                 ret = num;
659                 break;
660         case BIO_CTRL_DGRAM_SET_CONNECTED:
661                 to = (struct sockaddr *)ptr;
662
663                 if ( to != NULL)
664                         {
665                         data->connected = 1;
666                         switch (to->sa_family)
667                                 {
668                                 case AF_INET:
669                                         memcpy(&data->peer,to,sizeof(data->peer.sa_in));
670                                         break;
671 #if OPENSSL_USE_IPV6
672                                 case AF_INET6:
673                                         memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
674                                         break;
675 #endif
676                                 default:
677                                         memcpy(&data->peer,to,sizeof(data->peer.sa));
678                                         break;
679                                 }
680                         }
681                 else
682                         {
683                         data->connected = 0;
684                         memset(&(data->peer), 0x00, sizeof(data->peer));
685                         }
686                 break;
687         case BIO_CTRL_DGRAM_GET_PEER:
688                 switch (data->peer.sa.sa_family)
689                         {
690                         case AF_INET:
691                                 ret=sizeof(data->peer.sa_in);
692                                 break;
693 #if OPENSSL_USE_IPV6
694                         case AF_INET6:
695                                 ret=sizeof(data->peer.sa_in6);
696                                 break;
697 #endif
698                         default:
699                                 ret=sizeof(data->peer.sa);
700                                 break;
701                         }
702                 if (num==0 || num>ret)
703                         num=ret;
704                 memcpy(ptr,&data->peer,(ret=num));
705                 break;
706         case BIO_CTRL_DGRAM_SET_PEER:
707                 to = (struct sockaddr *) ptr;
708                 switch (to->sa_family)
709                         {
710                         case AF_INET:
711                                 memcpy(&data->peer,to,sizeof(data->peer.sa_in));
712                                 break;
713 #if OPENSSL_USE_IPV6
714                         case AF_INET6:
715                                 memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
716                                 break;
717 #endif
718                         default:
719                                 memcpy(&data->peer,to,sizeof(data->peer.sa));
720                                 break;
721                         }
722                 break;
723         case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
724                 memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
725                 break;
726 #if defined(SO_RCVTIMEO)
727         case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
728 #ifdef OPENSSL_SYS_WINDOWS
729                 {
730                 struct timeval *tv = (struct timeval *)ptr;
731                 int timeout = tv->tv_sec * 1000 + tv->tv_usec/1000;
732                 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
733                         (void*)&timeout, sizeof(timeout)) < 0)
734                         { perror("setsockopt"); ret = -1; }
735                 }
736 #else
737                 if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
738                         sizeof(struct timeval)) < 0)
739                         { perror("setsockopt"); ret = -1; }
740 #endif
741                 break;
742         case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
743                 {
744                 union { size_t s; int i; } sz = {0};
745 #ifdef OPENSSL_SYS_WINDOWS
746                 int timeout;
747                 struct timeval *tv = (struct timeval *)ptr;
748
749                 sz.i = sizeof(timeout);
750                 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
751                         (void*)&timeout, &sz) < 0)
752                         { perror("getsockopt"); ret = -1; }
753                 else
754                         {
755                         tv->tv_sec = timeout / 1000;
756                         tv->tv_usec = (timeout % 1000) * 1000;
757                         ret = sizeof(*tv);
758                         }
759 #else
760                 sz.i = sizeof(struct timeval);
761                 if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, 
762                         ptr, (void *)&sz) < 0)
763                         { perror("getsockopt"); ret = -1; }
764                 else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
765                         {
766                         OPENSSL_assert(sz.s<=sizeof(struct timeval));
767                         ret = (int)sz.s;
768                         }
769                 else
770                         ret = sz.i;
771 #endif
772                 }
773                 break;
774 #endif
775 #if defined(SO_SNDTIMEO)
776         case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
777 #ifdef OPENSSL_SYS_WINDOWS
778                 {
779                 struct timeval *tv = (struct timeval *)ptr;
780                 int timeout = tv->tv_sec * 1000 + tv->tv_usec/1000;
781                 if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
782                         (void*)&timeout, sizeof(timeout)) < 0)
783                         { perror("setsockopt"); ret = -1; }
784                 }
785 #else
786                 if ( setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
787                         sizeof(struct timeval)) < 0)
788                         { perror("setsockopt"); ret = -1; }
789 #endif
790                 break;
791         case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
792                 {
793                 union { size_t s; int i; } sz = {0};
794 #ifdef OPENSSL_SYS_WINDOWS
795                 int timeout;
796                 struct timeval *tv = (struct timeval *)ptr;
797
798                 sz.i = sizeof(timeout);
799                 if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
800                         (void*)&timeout, &sz) < 0)
801                         { perror("getsockopt"); ret = -1; }
802                 else
803                         {
804                         tv->tv_sec = timeout / 1000;
805                         tv->tv_usec = (timeout % 1000) * 1000;
806                         ret = sizeof(*tv);
807                         }
808                 }
809 #else
810                 sz.i = sizeof(struct timeval);
811                 if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, 
812                         ptr, (void *)&sz) < 0)
813                         { perror("getsockopt"); ret = -1; }
814                 else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
815                         {
816                         OPENSSL_assert(sz.s<=sizeof(struct timeval));
817                         ret = (int)sz.s;
818                         }
819                 else
820                         ret = sz.i;
821 #endif
822                 }
823                 break;
824 #endif
825         case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
826                 /* fall-through */
827         case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
828 #ifdef OPENSSL_SYS_WINDOWS
829                 if ( data->_errno == WSAETIMEDOUT)
830 #else
831                 if ( data->_errno == EAGAIN)
832 #endif
833                         {
834                         ret = 1;
835                         data->_errno = 0;
836                         }
837                 else
838                         ret = 0;
839                 break;
840 #ifdef EMSGSIZE
841         case BIO_CTRL_DGRAM_MTU_EXCEEDED:
842                 if ( data->_errno == EMSGSIZE)
843                         {
844                         ret = 1;
845                         data->_errno = 0;
846                         }
847                 else
848                         ret = 0;
849                 break;
850 #endif
851         case BIO_CTRL_DGRAM_SET_DONT_FRAG:
852                 sockopt_val = num ? 1 : 0;
853
854                 switch (data->peer.sa.sa_family)
855                         {
856                         case AF_INET:
857 #if defined(IP_DONTFRAG)
858                                 if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
859                                         &sockopt_val, sizeof(sockopt_val))) < 0)
860                                         { perror("setsockopt"); ret = -1; }
861 #elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTUDISCOVER)
862                                 if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
863                                     (ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
864                                         &sockopt_val, sizeof(sockopt_val))) < 0)
865                                         { perror("setsockopt"); ret = -1; }
866 #elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
867                                 if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
868                                         (const char *)&sockopt_val, sizeof(sockopt_val))) < 0)
869                                         { perror("setsockopt"); ret = -1; }
870 #else
871                                 ret = -1;
872 #endif
873                                 break;
874 #if OPENSSL_USE_IPV6 
875                         case AF_INET6:
876 #if defined(IPV6_DONTFRAG)
877                                 if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
878                                         &sockopt_val, sizeof(sockopt_val))) < 0)
879                                         { perror("setsockopt"); ret = -1; }
880 #elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
881                                 if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
882                                     (ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
883                                         &sockopt_val, sizeof(sockopt_val))) < 0)
884                                         { perror("setsockopt"); ret = -1; }
885 #else
886                                 ret = -1;
887 #endif
888                                 break;
889 #endif
890                         default:
891                                 ret = -1;
892                                 break;
893                         }
894                 break;
895         default:
896                 ret=0;
897                 break;
898                 }
899         return(ret);
900         }
901
902 static int dgram_puts(BIO *bp, const char *str)
903         {
904         int n,ret;
905
906         n=strlen(str);
907         ret=dgram_write(bp,str,n);
908         return(ret);
909         }
910
911 #ifndef OPENSSL_NO_SCTP
912 BIO_METHOD *BIO_s_datagram_sctp(void)
913         {
914         return(&methods_dgramp_sctp);
915         }
916
917 BIO *BIO_new_dgram_sctp(int fd, int close_flag)
918         {
919         BIO *bio;
920         int ret, optval = 20000;
921         int auth_data = 0, auth_forward = 0;
922         unsigned char *p;
923         struct sctp_authchunk auth;
924         struct sctp_authchunks *authchunks;
925         socklen_t sockopt_len;
926 #ifdef SCTP_AUTHENTICATION_EVENT
927 #ifdef SCTP_EVENT
928         struct sctp_event event;
929 #else
930         struct sctp_event_subscribe event;
931 #endif
932 #endif
933
934         bio=BIO_new(BIO_s_datagram_sctp());
935         if (bio == NULL) return(NULL);
936         BIO_set_fd(bio,fd,close_flag);
937
938         /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
939         auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
940         ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
941         OPENSSL_assert(ret >= 0);
942         auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
943         ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
944         OPENSSL_assert(ret >= 0);
945
946         /* Test if activation was successful. When using accept(),
947          * SCTP-AUTH has to be activated for the listening socket
948          * already, otherwise the connected socket won't use it. */
949         sockopt_len = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
950         authchunks = OPENSSL_malloc(sockopt_len);
951         memset(authchunks, 0, sizeof(sockopt_len));
952         ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
953         OPENSSL_assert(ret >= 0);
954         
955         for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
956              p < (unsigned char*) authchunks + sockopt_len;
957              p += sizeof(uint8_t))
958                 {
959                 if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
960                 if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
961                 }
962                 
963         OPENSSL_free(authchunks);
964
965         OPENSSL_assert(auth_data);
966         OPENSSL_assert(auth_forward);
967
968 #ifdef SCTP_AUTHENTICATION_EVENT
969 #ifdef SCTP_EVENT
970         memset(&event, 0, sizeof(struct sctp_event));
971         event.se_assoc_id = 0;
972         event.se_type = SCTP_AUTHENTICATION_EVENT;
973         event.se_on = 1;
974         ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
975         OPENSSL_assert(ret >= 0);
976 #else
977         sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
978         ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
979         OPENSSL_assert(ret >= 0);
980
981         event.sctp_authentication_event = 1;
982
983         ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
984         OPENSSL_assert(ret >= 0);
985 #endif
986 #endif
987
988         /* Disable partial delivery by setting the min size
989          * larger than the max record size of 2^14 + 2048 + 13
990          */
991         ret = setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval, sizeof(optval));
992         OPENSSL_assert(ret >= 0);
993
994         return(bio);
995         }
996
997 int BIO_dgram_is_sctp(BIO *bio)
998         {
999         return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
1000         }
1001
1002 static int dgram_sctp_new(BIO *bi)
1003         {
1004         bio_dgram_sctp_data *data = NULL;
1005
1006         bi->init=0;
1007         bi->num=0;
1008         data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
1009         if (data == NULL)
1010                 return 0;
1011         memset(data, 0x00, sizeof(bio_dgram_sctp_data));
1012 #ifdef SCTP_PR_SCTP_NONE
1013         data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
1014 #endif
1015     bi->ptr = data;
1016
1017         bi->flags=0;
1018         return(1);
1019         }
1020
1021 static int dgram_sctp_free(BIO *a)
1022         {
1023         bio_dgram_sctp_data *data;
1024
1025         if (a == NULL) return(0);
1026         if ( ! dgram_clear(a))
1027                 return 0;
1028
1029         data = (bio_dgram_sctp_data *)a->ptr;
1030         if(data != NULL) OPENSSL_free(data);
1031
1032         return(1);
1033         }
1034
1035 #ifdef SCTP_AUTHENTICATION_EVENT
1036 void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
1037         {
1038         int ret;
1039         struct sctp_authkey_event* authkeyevent = &snp->sn_auth_event;
1040
1041         if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY)
1042                 {
1043                 struct sctp_authkeyid authkeyid;
1044
1045                 /* delete key */
1046                 authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
1047                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
1048                       &authkeyid, sizeof(struct sctp_authkeyid));
1049                 }
1050         }
1051 #endif
1052
1053 static int dgram_sctp_read(BIO *b, char *out, int outl)
1054         {
1055         int ret = 0, n = 0, i, optval;
1056         socklen_t optlen;
1057         bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
1058         union sctp_notification *snp;
1059         struct msghdr msg;
1060         struct iovec iov;
1061         struct cmsghdr *cmsg;
1062         char cmsgbuf[512];
1063
1064         if (out != NULL)
1065                 {
1066                 clear_socket_error();
1067
1068                 do
1069                         {
1070                         memset(&data->rcvinfo, 0x00, sizeof(struct bio_dgram_sctp_rcvinfo));
1071                         iov.iov_base = out;
1072                         iov.iov_len = outl;
1073                         msg.msg_name = NULL;
1074                         msg.msg_namelen = 0;
1075                         msg.msg_iov = &iov;
1076                         msg.msg_iovlen = 1;
1077                         msg.msg_control = cmsgbuf;
1078                         msg.msg_controllen = 512;
1079                         msg.msg_flags = 0;
1080                         n = recvmsg(b->num, &msg, 0);
1081
1082                         if (msg.msg_controllen > 0)
1083                                 {
1084                                 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
1085                                         {
1086                                         if (cmsg->cmsg_level != IPPROTO_SCTP)
1087                                                 continue;
1088 #ifdef SCTP_RCVINFO
1089                                         if (cmsg->cmsg_type == SCTP_RCVINFO)
1090                                                 {
1091                                                 struct sctp_rcvinfo *rcvinfo;
1092
1093                                                 rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
1094                                                 data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
1095                                                 data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
1096                                                 data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
1097                                                 data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
1098                                                 data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
1099                                                 data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
1100                                                 data->rcvinfo.rcv_context = rcvinfo->rcv_context;
1101                                                 }
1102 #endif
1103 #ifdef SCTP_SNDRCV
1104                                         if (cmsg->cmsg_type == SCTP_SNDRCV)
1105                                                 {
1106                                                 struct sctp_sndrcvinfo *sndrcvinfo;
1107
1108                                                 sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
1109                                                 data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
1110                                                 data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
1111                                                 data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
1112                                                 data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
1113                                                 data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
1114                                                 data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
1115                                                 data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
1116                                                 }
1117 #endif
1118                                         }
1119                                 }
1120
1121                         if (n <= 0)
1122                                 {
1123                                 if (n < 0)
1124                                         ret = n;
1125                                 break;
1126                                 }
1127
1128                         if (msg.msg_flags & MSG_NOTIFICATION)
1129                                 {
1130                                 snp = (union sctp_notification*) out;
1131                                 if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT)
1132                                         {
1133 #ifdef SCTP_EVENT
1134                                         struct sctp_event event;
1135 #else
1136                                         struct sctp_event_subscribe event;
1137                                         socklen_t eventsize;
1138 #endif
1139                                         /* If a message has been delayed until the socket
1140                                          * is dry, it can be sent now.
1141                                          */
1142                                         if (data->saved_message.length > 0)
1143                                                 {
1144                                                 dgram_sctp_write(data->saved_message.bio, data->saved_message.data,
1145                                                                  data->saved_message.length);
1146                                                 OPENSSL_free(data->saved_message.data);
1147                                                 data->saved_message.length = 0;
1148                                                 }
1149
1150                                         /* disable sender dry event */
1151 #ifdef SCTP_EVENT
1152                                         memset(&event, 0, sizeof(struct sctp_event));
1153                                         event.se_assoc_id = 0;
1154                                         event.se_type = SCTP_SENDER_DRY_EVENT;
1155                                         event.se_on = 0;
1156                                         i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
1157                                         OPENSSL_assert(i >= 0);
1158 #else
1159                                         eventsize = sizeof(struct sctp_event_subscribe);
1160                                         i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
1161                                         OPENSSL_assert(i >= 0);
1162
1163                                         event.sctp_sender_dry_event = 0;
1164
1165                                         i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
1166                                         OPENSSL_assert(i >= 0);
1167 #endif
1168                                         }
1169
1170 #ifdef SCTP_AUTHENTICATION_EVENT
1171                                 if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1172                                         dgram_sctp_handle_auth_free_key_event(b, snp);
1173 #endif
1174
1175                                 if (data->handle_notifications != NULL)
1176                                         data->handle_notifications(b, data->notification_context, (void*) out);
1177
1178                                 memset(out, 0, outl);
1179                                 }
1180                         else
1181                                 ret += n;
1182                         }
1183                 while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR) && (ret < outl));
1184
1185                 if (ret > 0 && !(msg.msg_flags & MSG_EOR))
1186                         {
1187                         /* Partial message read, this should never happen! */
1188
1189                         /* The buffer was too small, this means the peer sent
1190                          * a message that was larger than allowed. */
1191                         if (ret == outl)
1192                                 return -1;
1193
1194                         /* Test if socket buffer can handle max record
1195                          * size (2^14 + 2048 + 13)
1196                          */
1197                         optlen = (socklen_t) sizeof(int);
1198                         ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
1199                         OPENSSL_assert(ret >= 0);
1200                         OPENSSL_assert(optval >= 18445);
1201
1202                         /* Test if SCTP doesn't partially deliver below
1203                          * max record size (2^14 + 2048 + 13)
1204                          */
1205                         optlen = (socklen_t) sizeof(int);
1206                         ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
1207                                          &optval, &optlen);
1208                         OPENSSL_assert(ret >= 0);
1209                         OPENSSL_assert(optval >= 18445);
1210
1211                         /* Partially delivered notification??? Probably a bug.... */
1212                         OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
1213
1214                         /* Everything seems ok till now, so it's most likely
1215                          * a message dropped by PR-SCTP.
1216                          */
1217                         memset(out, 0, outl);
1218                         BIO_set_retry_read(b);
1219                         return -1;
1220                         }
1221
1222                 BIO_clear_retry_flags(b);
1223                 if (ret < 0)
1224                         {
1225                         if (BIO_dgram_should_retry(ret))
1226                                 {
1227                                 BIO_set_retry_read(b);
1228                                 data->_errno = get_last_socket_error();
1229                                 }
1230                         }
1231
1232                 /* Test if peer uses SCTP-AUTH before continuing */
1233                 if (!data->peer_auth_tested)
1234                         {
1235                         int ii, auth_data = 0, auth_forward = 0;
1236                         unsigned char *p;
1237                         struct sctp_authchunks *authchunks;
1238
1239                         optlen = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
1240                         authchunks = OPENSSL_malloc(optlen);
1241                         memset(authchunks, 0, sizeof(optlen));
1242                         ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
1243                         OPENSSL_assert(ii >= 0);
1244
1245                         for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
1246                                  p < (unsigned char*) authchunks + optlen;
1247                                  p += sizeof(uint8_t))
1248                                 {
1249                                 if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
1250                                 if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
1251                                 }
1252
1253                         OPENSSL_free(authchunks);
1254
1255                         if (!auth_data || !auth_forward)
1256                                 {
1257                                 BIOerr(BIO_F_DGRAM_SCTP_READ,BIO_R_CONNECT_ERROR);
1258                                 return -1;
1259                                 }
1260
1261                         data->peer_auth_tested = 1;
1262                         }
1263                 }
1264         return(ret);
1265         }
1266
1267 static int dgram_sctp_write(BIO *b, const char *in, int inl)
1268         {
1269         int ret;
1270         bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
1271         struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
1272         struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
1273         struct bio_dgram_sctp_sndinfo handshake_sinfo;
1274         struct iovec iov[1];
1275         struct msghdr msg;
1276         struct cmsghdr *cmsg;
1277 #if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
1278         char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) + CMSG_SPACE(sizeof(struct sctp_prinfo))];
1279         struct sctp_sndinfo *sndinfo;
1280         struct sctp_prinfo *prinfo;
1281 #else
1282         char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
1283         struct sctp_sndrcvinfo *sndrcvinfo;
1284 #endif
1285
1286         clear_socket_error();
1287
1288         /* If we're send anything else than application data,
1289          * disable all user parameters and flags.
1290          */
1291         if (in[0] != 23) {
1292                 memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
1293 #ifdef SCTP_SACK_IMMEDIATELY
1294                 handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
1295 #endif
1296                 sinfo = &handshake_sinfo;
1297         }
1298
1299         /* If we have to send a shutdown alert message and the
1300          * socket is not dry yet, we have to save it and send it
1301          * as soon as the socket gets dry.
1302          */
1303         if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b))
1304         {
1305                 data->saved_message.bio = b;
1306                 data->saved_message.length = inl;
1307                 data->saved_message.data = OPENSSL_malloc(inl);
1308                 memcpy(data->saved_message.data, in, inl);
1309                 return inl;
1310         }
1311
1312         iov[0].iov_base = (char *)in;
1313         iov[0].iov_len = inl;
1314         msg.msg_name = NULL;
1315         msg.msg_namelen = 0;
1316         msg.msg_iov = iov;
1317         msg.msg_iovlen = 1;
1318         msg.msg_control = (caddr_t)cmsgbuf;
1319         msg.msg_controllen = 0;
1320         msg.msg_flags = 0;
1321 #if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
1322         cmsg = (struct cmsghdr *)cmsgbuf;
1323         cmsg->cmsg_level = IPPROTO_SCTP;
1324         cmsg->cmsg_type = SCTP_SNDINFO;
1325         cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
1326         sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
1327         memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
1328         sndinfo->snd_sid = sinfo->snd_sid;
1329         sndinfo->snd_flags = sinfo->snd_flags;
1330         sndinfo->snd_ppid = sinfo->snd_ppid;
1331         sndinfo->snd_context = sinfo->snd_context;
1332         msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
1333
1334         cmsg = (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
1335         cmsg->cmsg_level = IPPROTO_SCTP;
1336         cmsg->cmsg_type = SCTP_PRINFO;
1337         cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
1338         prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
1339         memset(prinfo, 0, sizeof(struct sctp_prinfo));
1340         prinfo->pr_policy = pinfo->pr_policy;
1341         prinfo->pr_value = pinfo->pr_value;
1342         msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
1343 #else
1344         cmsg = (struct cmsghdr *)cmsgbuf;
1345         cmsg->cmsg_level = IPPROTO_SCTP;
1346         cmsg->cmsg_type = SCTP_SNDRCV;
1347         cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
1348         sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
1349         memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
1350         sndrcvinfo->sinfo_stream = sinfo->snd_sid;
1351         sndrcvinfo->sinfo_flags = sinfo->snd_flags;
1352 #ifdef __FreeBSD__
1353         sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
1354 #endif
1355         sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
1356         sndrcvinfo->sinfo_context = sinfo->snd_context;
1357         sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
1358         msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
1359 #endif
1360
1361         ret = sendmsg(b->num, &msg, 0);
1362
1363         BIO_clear_retry_flags(b);
1364         if (ret <= 0)
1365                 {
1366                 if (BIO_dgram_should_retry(ret))
1367                         {
1368                         BIO_set_retry_write(b);  
1369                         data->_errno = get_last_socket_error();
1370                         }
1371                 }
1372         return(ret);
1373         }
1374
1375 static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
1376         {
1377         long ret=1;
1378         bio_dgram_sctp_data *data = NULL;
1379         socklen_t sockopt_len = 0;
1380         struct sctp_authkeyid authkeyid;
1381         struct sctp_authkey *authkey;
1382
1383         data = (bio_dgram_sctp_data *)b->ptr;
1384
1385         switch (cmd)
1386                 {
1387         case BIO_CTRL_DGRAM_QUERY_MTU:
1388                 /* Set to maximum (2^14)
1389                  * and ignore user input to enable transport
1390                  * protocol fragmentation.
1391                  * Returns always 2^14.
1392                  */
1393                 data->mtu = 16384;
1394                 ret = data->mtu;
1395                 break;
1396         case BIO_CTRL_DGRAM_SET_MTU:
1397                 /* Set to maximum (2^14)
1398                  * and ignore input to enable transport
1399                  * protocol fragmentation.
1400                  * Returns always 2^14.
1401                  */
1402                 data->mtu = 16384;
1403                 ret = data->mtu;
1404                 break;
1405         case BIO_CTRL_DGRAM_SET_CONNECTED:
1406         case BIO_CTRL_DGRAM_CONNECT:
1407                 /* Returns always -1. */
1408                 ret = -1;
1409                 break;
1410         case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
1411                 /* SCTP doesn't need the DTLS timer
1412                  * Returns always 1.
1413                  */
1414                 break;
1415         case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
1416                 if (num > 0)
1417                         data->in_handshake = 1;
1418                 else
1419                         data->in_handshake = 0;
1420
1421                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY, &data->in_handshake, sizeof(int));
1422                 break;
1423         case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
1424                 /* New shared key for SCTP AUTH.
1425                  * Returns 0 on success, -1 otherwise.
1426                  */
1427
1428                 /* Get active key */
1429                 sockopt_len = sizeof(struct sctp_authkeyid);
1430                 ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
1431                 if (ret < 0) break;
1432
1433                 /* Add new key */
1434                 sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
1435                 authkey = OPENSSL_malloc(sockopt_len);
1436                 memset(authkey, 0x00, sockopt_len);
1437                 authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
1438 #ifndef __FreeBSD__
1439                 /* This field is missing in FreeBSD 8.2 and earlier,
1440                  * and FreeBSD 8.3 and higher work without it.
1441                  */
1442                 authkey->sca_keylength = 64;
1443 #endif
1444                 memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
1445
1446                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len);
1447                 if (ret < 0) break;
1448
1449                 /* Reset active key */
1450                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
1451                       &authkeyid, sizeof(struct sctp_authkeyid));
1452                 if (ret < 0) break;
1453
1454                 break;
1455         case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
1456                 /* Returns 0 on success, -1 otherwise. */
1457
1458                 /* Get active key */
1459                 sockopt_len = sizeof(struct sctp_authkeyid);
1460                 ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
1461                 if (ret < 0) break;
1462
1463                 /* Set active key */
1464                 authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
1465                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
1466                       &authkeyid, sizeof(struct sctp_authkeyid));
1467                 if (ret < 0) break;
1468
1469                 /* CCS has been sent, so remember that and fall through
1470                  * to check if we need to deactivate an old key
1471                  */
1472                 data->ccs_sent = 1;
1473
1474         case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
1475                 /* Returns 0 on success, -1 otherwise. */
1476
1477                 /* Has this command really been called or is this just a fall-through? */
1478                 if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
1479                         data->ccs_rcvd = 1;
1480
1481                 /* CSS has been both, received and sent, so deactivate an old key */
1482                 if (data->ccs_rcvd == 1 && data->ccs_sent == 1)
1483                         {
1484                         /* Get active key */
1485                         sockopt_len = sizeof(struct sctp_authkeyid);
1486                         ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
1487                         if (ret < 0) break;
1488
1489                         /* Deactivate key or delete second last key if
1490                          * SCTP_AUTHENTICATION_EVENT is not available.
1491                          */
1492                         authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
1493 #ifdef SCTP_AUTH_DEACTIVATE_KEY
1494                         sockopt_len = sizeof(struct sctp_authkeyid);
1495                         ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
1496                               &authkeyid, sockopt_len);
1497                         if (ret < 0) break;
1498 #endif
1499 #ifndef SCTP_AUTHENTICATION_EVENT
1500                         if (authkeyid.scact_keynumber > 0)
1501                                 {
1502                                 authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
1503                                 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
1504                                           &authkeyid, sizeof(struct sctp_authkeyid));
1505                                 if (ret < 0) break;
1506                                 }
1507 #endif
1508
1509                         data->ccs_rcvd = 0;
1510                         data->ccs_sent = 0;
1511                         }
1512                 break;
1513         case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
1514                 /* Returns the size of the copied struct. */
1515                 if (num > (long) sizeof(struct bio_dgram_sctp_sndinfo))
1516                         num = sizeof(struct bio_dgram_sctp_sndinfo);
1517
1518                 memcpy(ptr, &(data->sndinfo), num);
1519                 ret = num;
1520                 break;
1521         case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
1522                 /* Returns the size of the copied struct. */
1523                 if (num > (long) sizeof(struct bio_dgram_sctp_sndinfo))
1524                         num = sizeof(struct bio_dgram_sctp_sndinfo);
1525
1526                 memcpy(&(data->sndinfo), ptr, num);
1527                 break;
1528         case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
1529                 /* Returns the size of the copied struct. */
1530                 if (num > (long) sizeof(struct bio_dgram_sctp_rcvinfo))
1531                         num = sizeof(struct bio_dgram_sctp_rcvinfo);
1532
1533                 memcpy(ptr, &data->rcvinfo, num);
1534
1535                 ret = num;
1536                 break;
1537         case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
1538                 /* Returns the size of the copied struct. */
1539                 if (num > (long) sizeof(struct bio_dgram_sctp_rcvinfo))
1540                         num = sizeof(struct bio_dgram_sctp_rcvinfo);
1541
1542                 memcpy(&(data->rcvinfo), ptr, num);
1543                 break;
1544         case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
1545                 /* Returns the size of the copied struct. */
1546                 if (num > (long) sizeof(struct bio_dgram_sctp_prinfo))
1547                         num = sizeof(struct bio_dgram_sctp_prinfo);
1548
1549                 memcpy(ptr, &(data->prinfo), num);
1550                 ret = num;
1551                 break;
1552         case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
1553                 /* Returns the size of the copied struct. */
1554                 if (num > (long) sizeof(struct bio_dgram_sctp_prinfo))
1555                         num = sizeof(struct bio_dgram_sctp_prinfo);
1556
1557                 memcpy(&(data->prinfo), ptr, num);
1558                 break;
1559         case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
1560                 /* Returns always 1. */
1561                 if (num > 0)
1562                         data->save_shutdown = 1;
1563                 else
1564                         data->save_shutdown = 0;
1565                 break;
1566
1567         default:
1568                 /* Pass to default ctrl function to
1569                  * process SCTP unspecific commands
1570                  */
1571                 ret=dgram_ctrl(b, cmd, num, ptr);
1572                 break;
1573                 }
1574         return(ret);
1575         }
1576
1577 int BIO_dgram_sctp_notification_cb(BIO *b,
1578                                    void (*handle_notifications)(BIO *bio, void *context, void *buf),
1579                                    void *context)
1580         {
1581         bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
1582
1583         if (handle_notifications != NULL)
1584                 {
1585                 data->handle_notifications = handle_notifications;
1586                 data->notification_context = context;
1587                 }
1588         else
1589                 return -1;
1590
1591         return 0;
1592         }
1593
1594 int BIO_dgram_sctp_wait_for_dry(BIO *b)
1595 {
1596         int is_dry = 0;
1597         int n, sockflags, ret;
1598         union sctp_notification snp;
1599         struct msghdr msg;
1600         struct iovec iov;
1601 #ifdef SCTP_EVENT
1602         struct sctp_event event;
1603 #else
1604         struct sctp_event_subscribe event;
1605         socklen_t eventsize;
1606 #endif
1607         bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
1608
1609         /* set sender dry event */
1610 #ifdef SCTP_EVENT
1611         memset(&event, 0, sizeof(struct sctp_event));
1612         event.se_assoc_id = 0;
1613         event.se_type = SCTP_SENDER_DRY_EVENT;
1614         event.se_on = 1;
1615         ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
1616 #else
1617         eventsize = sizeof(struct sctp_event_subscribe);
1618         ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
1619         if (ret < 0)
1620                 return -1;
1621         
1622         event.sctp_sender_dry_event = 1;
1623         
1624         ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
1625 #endif
1626         if (ret < 0)
1627                 return -1;
1628
1629         /* peek for notification */
1630         memset(&snp, 0x00, sizeof(union sctp_notification));
1631         iov.iov_base = (char *)&snp;
1632         iov.iov_len = sizeof(union sctp_notification);
1633         msg.msg_name = NULL;
1634         msg.msg_namelen = 0;
1635         msg.msg_iov = &iov;
1636         msg.msg_iovlen = 1;
1637         msg.msg_control = NULL;
1638         msg.msg_controllen = 0;
1639         msg.msg_flags = 0;
1640
1641         n = recvmsg(b->num, &msg, MSG_PEEK);
1642         if (n <= 0)
1643                 {
1644                 if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
1645                         return -1;
1646                 else
1647                         return 0;
1648                 }
1649
1650         /* if we find a notification, process it and try again if necessary */
1651         while (msg.msg_flags & MSG_NOTIFICATION)
1652                 {
1653                 memset(&snp, 0x00, sizeof(union sctp_notification));
1654                 iov.iov_base = (char *)&snp;
1655                 iov.iov_len = sizeof(union sctp_notification);
1656                 msg.msg_name = NULL;
1657                 msg.msg_namelen = 0;
1658                 msg.msg_iov = &iov;
1659                 msg.msg_iovlen = 1;
1660                 msg.msg_control = NULL;
1661                 msg.msg_controllen = 0;
1662                 msg.msg_flags = 0;
1663
1664                 n = recvmsg(b->num, &msg, 0);
1665                 if (n <= 0)
1666                         {
1667                         if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
1668                                 return -1;
1669                         else
1670                                 return is_dry;
1671                         }
1672                 
1673                 if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT)
1674                         {
1675                         is_dry = 1;
1676
1677                         /* disable sender dry event */
1678 #ifdef SCTP_EVENT
1679                         memset(&event, 0, sizeof(struct sctp_event));
1680                         event.se_assoc_id = 0;
1681                         event.se_type = SCTP_SENDER_DRY_EVENT;
1682                         event.se_on = 0;
1683                         ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
1684 #else
1685                         eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
1686                         ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
1687                         if (ret < 0)
1688                                 return -1;
1689
1690                         event.sctp_sender_dry_event = 0;
1691
1692                         ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
1693 #endif
1694                         if (ret < 0)
1695                                 return -1;
1696                         }
1697
1698 #ifdef SCTP_AUTHENTICATION_EVENT
1699                 if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1700                         dgram_sctp_handle_auth_free_key_event(b, &snp);
1701 #endif
1702
1703                 if (data->handle_notifications != NULL)
1704                         data->handle_notifications(b, data->notification_context, (void*) &snp);
1705
1706                 /* found notification, peek again */
1707                 memset(&snp, 0x00, sizeof(union sctp_notification));
1708                 iov.iov_base = (char *)&snp;
1709                 iov.iov_len = sizeof(union sctp_notification);
1710                 msg.msg_name = NULL;
1711                 msg.msg_namelen = 0;
1712                 msg.msg_iov = &iov;
1713                 msg.msg_iovlen = 1;
1714                 msg.msg_control = NULL;
1715                 msg.msg_controllen = 0;
1716                 msg.msg_flags = 0;
1717
1718                 /* if we have seen the dry already, don't wait */
1719                 if (is_dry)
1720                         {
1721                         sockflags = fcntl(b->num, F_GETFL, 0);
1722                         fcntl(b->num, F_SETFL, O_NONBLOCK);
1723                         }
1724
1725                 n = recvmsg(b->num, &msg, MSG_PEEK);
1726
1727                 if (is_dry)
1728                         {
1729                         fcntl(b->num, F_SETFL, sockflags);
1730                         }
1731
1732                 if (n <= 0)
1733                         {
1734                         if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
1735                                 return -1;
1736                         else
1737                                 return is_dry;
1738                         }
1739                 }
1740
1741         /* read anything else */
1742         return is_dry;
1743 }
1744
1745 int BIO_dgram_sctp_msg_waiting(BIO *b)
1746         {
1747         int n, sockflags;
1748         union sctp_notification snp;
1749         struct msghdr msg;
1750         struct iovec iov;
1751         bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
1752
1753         /* Check if there are any messages waiting to be read */
1754         do
1755                 {
1756                 memset(&snp, 0x00, sizeof(union sctp_notification));
1757                 iov.iov_base = (char *)&snp;
1758                 iov.iov_len = sizeof(union sctp_notification);
1759                 msg.msg_name = NULL;
1760                 msg.msg_namelen = 0;
1761                 msg.msg_iov = &iov;
1762                 msg.msg_iovlen = 1;
1763                 msg.msg_control = NULL;
1764                 msg.msg_controllen = 0;
1765                 msg.msg_flags = 0;
1766
1767                 sockflags = fcntl(b->num, F_GETFL, 0);
1768                 fcntl(b->num, F_SETFL, O_NONBLOCK);
1769                 n = recvmsg(b->num, &msg, MSG_PEEK);
1770                 fcntl(b->num, F_SETFL, sockflags);
1771
1772                 /* if notification, process and try again */
1773                 if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION))
1774                         {
1775 #ifdef SCTP_AUTHENTICATION_EVENT
1776                         if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1777                                 dgram_sctp_handle_auth_free_key_event(b, &snp);
1778 #endif
1779
1780                         memset(&snp, 0x00, sizeof(union sctp_notification));
1781                         iov.iov_base = (char *)&snp;
1782                         iov.iov_len = sizeof(union sctp_notification);
1783                         msg.msg_name = NULL;
1784                         msg.msg_namelen = 0;
1785                         msg.msg_iov = &iov;
1786                         msg.msg_iovlen = 1;
1787                         msg.msg_control = NULL;
1788                         msg.msg_controllen = 0;
1789                         msg.msg_flags = 0;
1790                         n = recvmsg(b->num, &msg, 0);
1791
1792                         if (data->handle_notifications != NULL)
1793                                 data->handle_notifications(b, data->notification_context, (void*) &snp);
1794                         }
1795
1796                 } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
1797
1798         /* Return 1 if there is a message to be read, return 0 otherwise. */
1799         if (n > 0)
1800                 return 1;
1801         else
1802                 return 0;
1803         }
1804
1805 static int dgram_sctp_puts(BIO *bp, const char *str)
1806         {
1807         int n,ret;
1808
1809         n=strlen(str);
1810         ret=dgram_sctp_write(bp,str,n);
1811         return(ret);
1812         }
1813 #endif
1814
1815 static int BIO_dgram_should_retry(int i)
1816         {
1817         int err;
1818
1819         if ((i == 0) || (i == -1))
1820                 {
1821                 err=get_last_socket_error();
1822
1823 #if defined(OPENSSL_SYS_WINDOWS)
1824         /* If the socket return value (i) is -1
1825          * and err is unexpectedly 0 at this point,
1826          * the error code was overwritten by
1827          * another system call before this error
1828          * handling is called.
1829          */
1830 #endif
1831
1832                 return(BIO_dgram_non_fatal_error(err));
1833                 }
1834         return(0);
1835         }
1836
1837 int BIO_dgram_non_fatal_error(int err)
1838         {
1839         switch (err)
1840                 {
1841 #if defined(OPENSSL_SYS_WINDOWS)
1842 # if defined(WSAEWOULDBLOCK)
1843         case WSAEWOULDBLOCK:
1844 # endif
1845
1846 # if 0 /* This appears to always be an error */
1847 #  if defined(WSAENOTCONN)
1848         case WSAENOTCONN:
1849 #  endif
1850 # endif
1851 #endif
1852
1853 #ifdef EWOULDBLOCK
1854 # ifdef WSAEWOULDBLOCK
1855 #  if WSAEWOULDBLOCK != EWOULDBLOCK
1856         case EWOULDBLOCK:
1857 #  endif
1858 # else
1859         case EWOULDBLOCK:
1860 # endif
1861 #endif
1862
1863 #ifdef EINTR
1864         case EINTR:
1865 #endif
1866
1867 #ifdef EAGAIN
1868 #if EWOULDBLOCK != EAGAIN
1869         case EAGAIN:
1870 # endif
1871 #endif
1872
1873 #ifdef EPROTO
1874         case EPROTO:
1875 #endif
1876
1877 #ifdef EINPROGRESS
1878         case EINPROGRESS:
1879 #endif
1880
1881 #ifdef EALREADY
1882         case EALREADY:
1883 #endif
1884
1885                 return(1);
1886                 /* break; */
1887         default:
1888                 break;
1889                 }
1890         return(0);
1891         }
1892
1893 static void get_current_time(struct timeval *t)
1894         {
1895 #ifdef OPENSSL_SYS_WIN32
1896         struct _timeb tb;
1897         _ftime(&tb);
1898         t->tv_sec = (long)tb.time;
1899         t->tv_usec = (long)tb.millitm * 1000;
1900 #elif defined(OPENSSL_SYS_VMS)
1901         struct timeb tb;
1902         ftime(&tb);
1903         t->tv_sec = (long)tb.time;
1904         t->tv_usec = (long)tb.millitm * 1000;
1905 #else
1906         gettimeofday(t, NULL);
1907 #endif
1908         }
1909
1910 #endif