ssl/bio_ssl.orig.c

   1 /* ssl/bio_ssl.c */
   2 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include <string.h>
  61 #include <errno.h>
  62 #include "bio.h"
  63 #include "err.h"
  64 #include "ssl.h"
  65
  66 #ifndef NOPROTO
  67 static int ssl_write(BIO *h,char *buf,int num);
  68 static int ssl_read(BIO *h,char *buf,int size);
  69 static int ssl_puts(BIO *h,char *str);
  70 static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2);
  71 static int ssl_new(BIO *h);
  72 static int ssl_free(BIO *data);
  73 #else
  74 static int ssl_write();
  75 static int ssl_read();
  76 static int ssl_puts();
  77 static long ssl_ctrl();
  78 static int ssl_new();
  79 static int ssl_free();
  80 #endif
  81
  82 static BIO_METHOD methods_sslp=
  83         {
  84         BIO_TYPE_SSL,"ssl",
  85         ssl_write,
  86         ssl_read,
  87         ssl_puts,
  88         NULL, /* ssl_gets, */
  89         ssl_ctrl,
  90         ssl_new,
  91         ssl_free,
  92         };
  93
  94 BIO_METHOD *BIO_f_ssl()
  95         {
  96         return(&methods_sslp);
  97         }
  98
  99 static int ssl_new(bi)
 100 BIO *bi;
 101         {
 102         bi->init=0;
 103         bi->ptr=NULL;   /* The SSL structure */
 104         bi->flags=0;
 105         return(1);
 106         }
 107
 108 static int ssl_free(a)
 109 BIO *a;
 110         {
 111         if (a == NULL) return(0);
 112         if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr);
 113         if (a->shutdown)
 114                 {
 115                 if (a->init) SSL_free((SSL *)a->ptr);
 116                 a->init=0;
 117                 a->flags=0;
 118                 a->ptr=NULL;
 119                 }
 120         return(1);
 121         }
 122
 123 static int ssl_read(b,out,outl)
 124 BIO *b;
 125 char *out;
 126 int outl;
 127         {
 128         int ret=1,dr,dw;
 129         int inflags,outflags;
 130         SSL *ssl;
 131         int retry_reason=0;
 132
 133         if (out == NULL) return(0);
 134         ssl=(SSL *)b->ptr;
 135
 136         inflags=outflags=b->flags;
 137
 138         dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
 139         dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
 140
 141         outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
 142                 BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
 143                 BIO_FLAGS_PROTOCOL_DELAYED_READ);
 144
 145         if (!SSL_is_init_finished(ssl))
 146                 {
 147                 ret=SSL_do_handshake(ssl);
 148 #if 0
 149                 if (ret > 0)
 150                         {
 151                         outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
 152                                 BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 153                         ret= -1;
 154                         goto end;
 155                         }
 156 #endif
 157                 }
 158         if (ret > 0)
 159                 ret=SSL_read(ssl,out,outl);
 160
 161         switch (SSL_get_error(ssl,ret))
 162                 {
 163         case SSL_ERROR_NONE:
 164                 if (ret <= 0) break;
 165                 if (dw)
 166                         outflags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
 167                 break;
 168         case SSL_ERROR_WANT_READ:
 169                 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
 170                         BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 171                 break;
 172         case SSL_ERROR_WANT_WRITE:
 173                 outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
 174                         BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 175                 break;
 176         case SSL_ERROR_WANT_X509_LOOKUP:
 177                 outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
 178                         BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 179                 retry_reason=BIO_RR_SSL_X509_LOOKUP;
 180                 break;
 181         case SSL_ERROR_WANT_CONNECT:
 182                 outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
 183                         BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 184                 retry_reason=BIO_RR_CONNECT;
 185                 break;
 186         case SSL_ERROR_SYSCALL:
 187         case SSL_ERROR_SSL:
 188         case SSL_ERROR_ZERO_RETURN:
 189         default:
 190                 break;
 191                 }
 192
 193         b->retry_reason=retry_reason;
 194         b->flags=outflags;
 195         return(ret);
 196         }
 197
 198 static int ssl_write(b,out,outl)
 199 BIO *b;
 200 char *out;
 201 int outl;
 202         {
 203         int ret,dr,dw;
 204         int inflags,outflags,retry_reason=0;
 205         SSL *ssl;
 206
 207         if (out == NULL) return(0);
 208         ssl=(SSL *)b->ptr;
 209
 210         inflags=outflags=b->flags;
 211
 212         dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
 213         dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
 214
 215         outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
 216                 BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
 217                 BIO_FLAGS_PROTOCOL_DELAYED_READ);
 218
 219         ret=SSL_do_handshake(ssl);
 220         if (ret > 0)
 221                 ret=SSL_write(ssl,out,outl);
 222
 223         switch (SSL_get_error(ssl,ret))
 224                 {
 225         case SSL_ERROR_NONE:
 226                 if (ret <= 0) break;
 227                 if (dr)
 228                         outflags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
 229                 break;
 230         case SSL_ERROR_WANT_WRITE:
 231                 outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
 232                         BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
 233                 break;
 234         case SSL_ERROR_WANT_READ:
 235                 outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
 236                         BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
 237                 break;
 238         case SSL_ERROR_WANT_X509_LOOKUP:
 239                 outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
 240                         BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
 241                 retry_reason=BIO_RR_SSL_X509_LOOKUP;
 242                 break;
 243         case SSL_ERROR_WANT_CONNECT:
 244                 outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
 245                         BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
 246                 retry_reason=BIO_RR_CONNECT;
 247         case SSL_ERROR_SYSCALL:
 248         case SSL_ERROR_SSL:
 249         default:
 250                 break;
 251                 }
 252
 253         b->retry_reason=retry_reason;
 254         b->flags=outflags;
 255         return(ret);
 256         }
 257
 258 static long ssl_ctrl(b,cmd,num,ptr)
 259 BIO *b;
 260 int cmd;
 261 long num;
 262 char *ptr;
 263         {
 264         SSL **sslp,*ssl;
 265         BIO *dbio,*bio;
 266         long ret=1;
 267
 268         ssl=(SSL *)b->ptr;
 269         switch (cmd)
 270                 {
 271         case BIO_CTRL_RESET:
 272                 SSL_shutdown(ssl);
 273
 274                 if (ssl->handshake_func == ssl->method->ssl_connect)
 275                         SSL_set_connect_state(ssl);
 276                 else if (ssl->handshake_func == ssl->method->ssl_accept)
 277                         SSL_set_accept_state(ssl);
 278
 279                 SSL_clear(ssl);
 280
 281                 if (b->next_bio != NULL)
 282                         ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
 283                 else if (ssl->rbio != NULL)
 284                         ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
 285                 else
 286                         ret=1;
 287                 break;
 288         case BIO_CTRL_EOF:
 289         case BIO_CTRL_INFO:
 290                 ret=0;
 291                 break;
 292         case BIO_C_SSL_MODE:
 293                 if (num) /* client mode */
 294                         SSL_set_connect_state(ssl);
 295                 else
 296                         SSL_set_accept_state(ssl);
 297                 break;
 298         case BIO_C_SET_SSL:
 299                 ssl_free(b);
 300                 b->shutdown=(int)num;
 301                 b->ptr=ptr;
 302                 ssl=(SSL *)ptr;
 303                 bio=SSL_get_rbio(ssl);
 304                 if (bio != NULL)
 305                         {
 306                         if (b->next_bio != NULL)
 307                                 BIO_push(bio,b->next_bio);
 308                         b->next_bio=bio;
 309                         }
 310                 b->init=1;
 311                 break;
 312         case BIO_C_GET_SSL:
 313                 if (ptr != NULL)
 314                         {
 315                         sslp=(SSL **)ptr;
 316                         *sslp=ssl;
 317                         }
 318                 break;
 319         case BIO_CTRL_GET_CLOSE:
 320                 ret=b->shutdown;
 321                 break;
 322         case BIO_CTRL_SET_CLOSE:
 323                 b->shutdown=(int)num;
 324                 break;
 325         case BIO_CTRL_WPENDING:
 326                 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
 327                 break;
 328         case BIO_CTRL_PENDING:
 329                 ret=SSL_pending(ssl);
 330                 if (ret == 0)
 331                         ret=BIO_pending(ssl->rbio);
 332                 break;
 333         case BIO_CTRL_FLUSH:
 334                 BIO_clear_retry_flags(b);
 335                 ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
 336                 BIO_copy_next_retry(b);
 337                 break;
 338         case BIO_CTRL_PUSH:
 339                 if (b->next_bio != NULL)
 340                         {
 341                         SSL_set_bio(ssl,b->next_bio,b->next_bio);
 342                         b->next_bio->references++;
 343                         }
 344                 break;
 345         case BIO_CTRL_POP:
 346                 /* ugly bit of a hack */
 347                 if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
 348                         {
 349                         BIO_free_all(ssl->wbio);
 350                         }
 351                 ssl->wbio=NULL;
 352                 ssl->rbio=NULL;
 353                 break;
 354         case BIO_C_DO_STATE_MACHINE:
 355                 BIO_clear_retry_flags(b);
 356
 357                 b->retry_reason=0;
 358                 ret=(int)SSL_do_handshake(ssl);
 359
 360                 switch (SSL_get_error(ssl,ret))
 361                         {
 362                 case SSL_ERROR_WANT_READ:
 363                         BIO_set_flags(b,
 364                                 BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
 365                         break;
 366                 case SSL_ERROR_WANT_WRITE:
 367                         BIO_set_flags(b,
 368                                 BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
 369                         break;
 370                 case SSL_ERROR_WANT_CONNECT:
 371                         BIO_set_flags(b,
 372                                 BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
 373                         b->retry_reason=b->next_bio->retry_reason;
 374                         break;
 375                 default:
 376                         break;
 377                         }
 378                 break;
 379         case BIO_CTRL_DUP:
 380                 dbio=(BIO *)ptr;
 381                 if (dbio->ptr != NULL)
 382                         SSL_free((SSL *)dbio->ptr);
 383                 dbio->ptr=(char *)SSL_dup(ssl);
 384                 ret=(dbio->ptr != NULL);
 385                 break;
 386         default:
 387                 return(0);
 388                 break;
 389                 }
 390         return(ret);
 391         }
 392
 393 static int ssl_puts(bp,str)
 394 BIO *bp;
 395 char *str;
 396         {
 397         int n,ret;
 398
 399         n=strlen(str);
 400         ret=BIO_write(bp,str,n);
 401         return(ret);
 402         }
 403
 404 BIO *BIO_new_ssl(ctx,client)
 405 SSL_CTX *ctx;
 406 int client;
 407         {
 408         BIO *ret;
 409         SSL *ssl;
 410
 411         if ((ret=BIO_new(BIO_f_ssl())) == NULL)
 412                 return(NULL);
 413         if ((ssl=SSL_new(ctx)) == NULL)
 414                 {
 415                 BIO_free(ret);
 416                 return(NULL);
 417                 }
 418         if (client)
 419                 SSL_set_connect_state(ssl);
 420         else
 421                 SSL_set_accept_state(ssl);
 422
 423         BIO_set_ssl(ret,ssl,BIO_CLOSE);
 424         return(ret);
 425         }
 426
 427 int BIO_ssl_copy_session_id(t,f)
 428 BIO *t,*f;
 429         {
 430         t=BIO_find_type(t,BIO_TYPE_SSL);
 431         f=BIO_find_type(f,BIO_TYPE_SSL);
 432         if ((t == NULL) || (f == NULL))
 433                 return(0);
 434         if ((t->ptr == NULL) || (f->ptr == NULL))
 435                 return(0);
 436         SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr);
 437         return(1);
 438         }
 439
 440