2 * Copyright (c) 2009-2010 Niels Provos and Nick Mathewson
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. The name of the author may not be used to endorse or promote products
13 * derived from this software without specific prior written permission.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 #include <sys/types.h>
29 #include "event2/event-config.h"
31 #ifdef _EVENT_HAVE_SYS_TIME_H
39 #ifdef _EVENT_HAVE_STDARG_H
42 #ifdef _EVENT_HAVE_UNISTD_H
50 #include "event2/bufferevent.h"
51 #include "event2/bufferevent_struct.h"
52 #include "event2/bufferevent_ssl.h"
53 #include "event2/buffer.h"
54 #include "event2/event.h"
56 #include "mm-internal.h"
57 #include "bufferevent-internal.h"
58 #include "log-internal.h"
60 #include <openssl/bio.h>
61 #include <openssl/ssl.h>
62 #include <openssl/err.h>
65 * Define an OpenSSL bio that targets a bufferevent.
68 /* --------------------
69 A BIO is an OpenSSL abstraction that handles reading and writing data. The
70 library will happily speak SSL over anything that implements a BIO
73 Here we define a BIO implementation that directs its output to a
74 bufferevent. We'll want to use this only when none of OpenSSL's built-in
75 IO mechanisms work for us.
76 -------------------- */
78 /* every BIO type needs its own integer type value. */
79 #define BIO_TYPE_LIBEVENT 57
80 /* ???? Arguably, we should set BIO_TYPE_FILTER or BIO_TYPE_SOURCE_SINK on
88 printf("Error was %d\n", val
);
90 while ((err
= ERR_get_error()))x
{
91 const char *msg
= (const char*)ERR_reason_error_string(err
);
92 const char *lib
= (const char*)ERR_lib_error_string(err
);
93 const char *func
= (const char*)ERR_func_error_string(err
);
95 printf("%s in %s %s\n", msg
, lib
, func
);
99 #define print_err(v) ((void)0)
102 /* Called to initialize a new BIO */
104 bio_bufferevent_new(BIO
*b
)
108 b
->ptr
= NULL
; /* We'll be putting the bufferevent in this field.*/
113 /* Called to uninitialize the BIO. */
115 bio_bufferevent_free(BIO
*b
)
120 if (b
->init
&& b
->ptr
)
121 bufferevent_free(b
->ptr
);
129 /* Called to extract data from the BIO. */
131 bio_bufferevent_read(BIO
*b
, char *out
, int outlen
)
134 struct evbuffer
*input
;
136 BIO_clear_retry_flags(b
);
143 input
= bufferevent_get_input(b
->ptr
);
144 if (evbuffer_get_length(input
) == 0) {
145 /* If there's no data to read, say so. */
146 BIO_set_retry_read(b
);
149 r
= evbuffer_remove(input
, out
, outlen
);
155 /* Called to write data info the BIO */
157 bio_bufferevent_write(BIO
*b
, const char *in
, int inlen
)
159 struct bufferevent
*bufev
= b
->ptr
;
160 struct evbuffer
*output
;
163 BIO_clear_retry_flags(b
);
168 output
= bufferevent_get_output(bufev
);
169 outlen
= evbuffer_get_length(output
);
171 /* Copy only as much data onto the output buffer as can fit under the
172 * high-water mark. */
173 if (bufev
->wm_write
.high
&& bufev
->wm_write
.high
>= (outlen
+inlen
)) {
174 if (bufev
->wm_write
.high
>= outlen
) {
175 /* If no data can fit, we'll need to retry later. */
176 BIO_set_retry_write(b
);
179 inlen
= bufev
->wm_write
.high
- outlen
;
182 EVUTIL_ASSERT(inlen
> 0);
183 evbuffer_add(output
, in
, inlen
);
187 /* Called to handle various requests */
189 bio_bufferevent_ctrl(BIO
*b
, int cmd
, long num
, void *ptr
)
191 struct bufferevent
*bufev
= b
->ptr
;
195 case BIO_CTRL_GET_CLOSE
:
198 case BIO_CTRL_SET_CLOSE
:
199 b
->shutdown
= (int)num
;
201 case BIO_CTRL_PENDING
:
202 ret
= evbuffer_get_length(bufferevent_get_input(bufev
)) != 0;
204 case BIO_CTRL_WPENDING
:
205 ret
= evbuffer_get_length(bufferevent_get_output(bufev
)) != 0;
207 /* XXXX These two are given a special-case treatment because
208 * of cargo-cultism. I should come up with a better reason. */
220 /* Called to write a string to the BIO */
222 bio_bufferevent_puts(BIO
*b
, const char *s
)
224 return bio_bufferevent_write(b
, s
, strlen(s
));
227 /* Method table for the bufferevent BIO */
228 static BIO_METHOD methods_bufferevent
= {
229 BIO_TYPE_LIBEVENT
, "bufferevent",
230 bio_bufferevent_write
,
231 bio_bufferevent_read
,
232 bio_bufferevent_puts
,
233 NULL
/* bio_bufferevent_gets */,
234 bio_bufferevent_ctrl
,
236 bio_bufferevent_free
,
237 NULL
/* callback_ctrl */,
240 /* Return the method table for the bufferevents BIO */
242 BIO_s_bufferevent(void)
244 return &methods_bufferevent
;
247 /* Create a new BIO to wrap communication around a bufferevent. If close_flag
248 * is true, the bufferevent will be freed when the BIO is closed. */
250 BIO_new_bufferevent(struct bufferevent
*bufferevent
, int close_flag
)
255 if (!(result
= BIO_new(BIO_s_bufferevent())))
258 result
->ptr
= bufferevent
;
259 result
->shutdown
= close_flag
? 1 : 0;
263 /* --------------------
264 Now, here's the OpenSSL-based implementation of bufferevent.
266 The implementation comes in two flavors: one that connects its SSL object
267 to an underlying bufferevent using a BIO_bufferevent, and one that has the
268 SSL object connect to a socket directly. The latter should generally be
269 faster, except on Windows, where your best bet is using a
272 (OpenSSL supports many other BIO types, too. But we can't use any unless
273 we have a good way to get notified when they become readable/writable.)
274 -------------------- */
276 struct bio_data_counts
{
277 unsigned long n_written
;
278 unsigned long n_read
;
281 struct bufferevent_openssl
{
282 /* Shared fields with common bufferevent implementation code.
283 If we were set up with an underlying bufferevent, we use the
284 events here as timers only. If we have an SSL, then we use
285 the events as socket events.
287 struct bufferevent_private bev
;
288 /* An underlying bufferevent that we're directing our output to.
289 If it's NULL, then we're connected to an fd, not an evbuffer. */
290 struct bufferevent
*underlying
;
291 /* The SSL object doing our encryption. */
294 /* A callback that's invoked when data arrives on our outbuf so we
295 know to write data to the SSL. */
296 struct evbuffer_cb_entry
*outbuf_cb
;
298 /* A count of how much data the bios have read/written total. Used
299 for rate-limiting. */
300 struct bio_data_counts counts
;
302 /* If this value is greater than 0, then the last SSL_write blocked,
303 * and we need to try it again with this many bytes. */
304 ev_ssize_t last_write
;
307 ev_uint32_t errors
[NUM_ERRORS
];
309 /* When we next get available space, we should say "read" instead of
310 "write". This can happen if there's a renegotiation during a read
312 unsigned read_blocked_on_write
: 1;
313 /* When we next get data, we should say "write" instead of "read". */
314 unsigned write_blocked_on_read
: 1;
316 unsigned allow_dirty_shutdown
: 1;
318 unsigned fd_is_set
: 1;
320 unsigned n_errors
: 2;
322 /* Are we currently connecting, accepting, or doing IO? */
326 static int be_openssl_enable(struct bufferevent
*, short);
327 static int be_openssl_disable(struct bufferevent
*, short);
328 static void be_openssl_destruct(struct bufferevent
*);
329 static int be_openssl_adj_timeouts(struct bufferevent
*);
330 static int be_openssl_flush(struct bufferevent
*bufev
,
331 short iotype
, enum bufferevent_flush_mode mode
);
332 static int be_openssl_ctrl(struct bufferevent
*, enum bufferevent_ctrl_op
, union bufferevent_ctrl_data
*);
334 const struct bufferevent_ops bufferevent_ops_openssl
= {
336 evutil_offsetof(struct bufferevent_openssl
, bev
.bev
),
340 be_openssl_adj_timeouts
,
345 /* Given a bufferevent, return a pointer to the bufferevent_openssl that
346 * contains it, if any. */
347 static inline struct bufferevent_openssl
*
348 upcast(struct bufferevent
*bev
)
350 struct bufferevent_openssl
*bev_o
;
351 if (bev
->be_ops
!= &bufferevent_ops_openssl
)
353 bev_o
= (void*)( ((char*)bev
) -
354 evutil_offsetof(struct bufferevent_openssl
, bev
.bev
));
355 EVUTIL_ASSERT(bev_o
->bev
.bev
.be_ops
== &bufferevent_ops_openssl
);
360 put_error(struct bufferevent_openssl
*bev_ssl
, unsigned long err
)
362 if (bev_ssl
->n_errors
== NUM_ERRORS
)
364 /* The error type according to openssl is "unsigned long", but
365 openssl never uses more than 32 bits of it. It _can't_ use more
366 than 32 bits of it, since it needs to report errors on systems
367 where long is only 32 bits.
369 bev_ssl
->errors
[bev_ssl
->n_errors
++] = (ev_uint32_t
) err
;
372 /* Have the base communications channel (either the underlying bufferevent or
373 * ev_read and ev_write) start reading. Take the read-blocked-on-write flag
376 start_reading(struct bufferevent_openssl
*bev_ssl
)
378 if (bev_ssl
->underlying
) {
379 bufferevent_unsuspend_read(bev_ssl
->underlying
,
380 BEV_SUSPEND_FILT_READ
);
383 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
385 r
= _bufferevent_add_event(&bev
->ev_read
, &bev
->timeout_read
);
386 if (r
== 0 && bev_ssl
->read_blocked_on_write
)
387 r
= _bufferevent_add_event(&bev
->ev_write
,
388 &bev
->timeout_write
);
393 /* Have the base communications channel (either the underlying bufferevent or
394 * ev_read and ev_write) start writing. Take the write-blocked-on-read flag
397 start_writing(struct bufferevent_openssl
*bev_ssl
)
400 if (bev_ssl
->underlying
) {
403 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
404 r
= _bufferevent_add_event(&bev
->ev_write
, &bev
->timeout_write
);
405 if (!r
&& bev_ssl
->write_blocked_on_read
)
406 r
= _bufferevent_add_event(&bev
->ev_read
,
413 stop_reading(struct bufferevent_openssl
*bev_ssl
)
415 if (bev_ssl
->write_blocked_on_read
)
417 if (bev_ssl
->underlying
) {
418 bufferevent_suspend_read(bev_ssl
->underlying
,
419 BEV_SUSPEND_FILT_READ
);
421 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
422 event_del(&bev
->ev_read
);
427 stop_writing(struct bufferevent_openssl
*bev_ssl
)
429 if (bev_ssl
->read_blocked_on_write
)
431 if (bev_ssl
->underlying
) {
434 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
435 event_del(&bev
->ev_write
);
440 set_rbow(struct bufferevent_openssl
*bev_ssl
)
442 if (!bev_ssl
->underlying
)
443 stop_reading(bev_ssl
);
444 bev_ssl
->read_blocked_on_write
= 1;
445 return start_writing(bev_ssl
);
449 set_wbor(struct bufferevent_openssl
*bev_ssl
)
451 if (!bev_ssl
->underlying
)
452 stop_writing(bev_ssl
);
453 bev_ssl
->write_blocked_on_read
= 1;
454 return start_reading(bev_ssl
);
458 clear_rbow(struct bufferevent_openssl
*bev_ssl
)
460 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
462 bev_ssl
->read_blocked_on_write
= 0;
463 if (!(bev
->enabled
& EV_WRITE
))
464 stop_writing(bev_ssl
);
465 if (bev
->enabled
& EV_READ
)
466 r
= start_reading(bev_ssl
);
472 clear_wbor(struct bufferevent_openssl
*bev_ssl
)
474 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
476 bev_ssl
->write_blocked_on_read
= 0;
477 if (!(bev
->enabled
& EV_READ
))
478 stop_reading(bev_ssl
);
479 if (bev
->enabled
& EV_WRITE
)
480 r
= start_writing(bev_ssl
);
485 conn_closed(struct bufferevent_openssl
*bev_ssl
, int errcode
, int ret
)
487 int event
= BEV_EVENT_ERROR
;
488 int dirty_shutdown
= 0;
492 case SSL_ERROR_ZERO_RETURN
:
493 /* Possibly a clean shutdown. */
494 if (SSL_get_shutdown(bev_ssl
->ssl
) & SSL_RECEIVED_SHUTDOWN
)
495 event
= BEV_EVENT_EOF
;
499 case SSL_ERROR_SYSCALL
:
500 /* IO error; possibly a dirty shutdown. */
501 if (ret
== 0 && ERR_peek_error() == 0)
505 /* Protocol error. */
507 case SSL_ERROR_WANT_X509_LOOKUP
:
508 /* XXXX handle this. */
511 case SSL_ERROR_WANT_READ
:
512 case SSL_ERROR_WANT_WRITE
:
513 case SSL_ERROR_WANT_CONNECT
:
514 case SSL_ERROR_WANT_ACCEPT
:
516 /* should be impossible; treat as normal error. */
517 event_warnx("BUG: Unexpected OpenSSL error code %d", errcode
);
521 while ((err
= ERR_get_error())) {
522 put_error(bev_ssl
, err
);
525 if (dirty_shutdown
&& bev_ssl
->allow_dirty_shutdown
)
526 event
= BEV_EVENT_EOF
;
528 stop_reading(bev_ssl
);
529 stop_writing(bev_ssl
);
531 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
, event
);
535 init_bio_counts(struct bufferevent_openssl
*bev_ssl
)
537 bev_ssl
->counts
.n_written
=
538 BIO_number_written(SSL_get_wbio(bev_ssl
->ssl
));
539 bev_ssl
->counts
.n_read
=
540 BIO_number_read(SSL_get_rbio(bev_ssl
->ssl
));
544 decrement_buckets(struct bufferevent_openssl
*bev_ssl
)
546 unsigned long num_w
= BIO_number_written(SSL_get_wbio(bev_ssl
->ssl
));
547 unsigned long num_r
= BIO_number_read(SSL_get_rbio(bev_ssl
->ssl
));
548 /* These next two subtractions can wrap around. That's okay. */
549 unsigned long w
= num_w
- bev_ssl
->counts
.n_written
;
550 unsigned long r
= num_r
- bev_ssl
->counts
.n_read
;
552 _bufferevent_decrement_write_buckets(&bev_ssl
->bev
, w
);
554 _bufferevent_decrement_read_buckets(&bev_ssl
->bev
, r
);
555 bev_ssl
->counts
.n_written
= num_w
;
556 bev_ssl
->counts
.n_read
= num_r
;
559 /* returns -1 on internal error, 0 on stall, 1 on progress */
561 do_read(struct bufferevent_openssl
*bev_ssl
, int n_to_read
)
564 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
565 struct evbuffer
*input
= bev
->input
;
566 int r
, n
, i
, n_used
= 0, blocked
= 0, atmost
;
567 struct evbuffer_iovec space
[2];
569 atmost
= _bufferevent_get_read_max(&bev_ssl
->bev
);
570 if (n_to_read
> atmost
)
573 n
= evbuffer_reserve_space(input
, n_to_read
, space
, 2);
577 for (i
=0; i
<n
; ++i
) {
578 if (bev_ssl
->bev
.read_suspended
)
580 r
= SSL_read(bev_ssl
->ssl
, space
[i
].iov_base
, space
[i
].iov_len
);
582 if (bev_ssl
->read_blocked_on_write
)
583 if (clear_rbow(bev_ssl
) < 0)
586 space
[i
].iov_len
= r
;
587 decrement_buckets(bev_ssl
);
589 int err
= SSL_get_error(bev_ssl
->ssl
, r
);
592 case SSL_ERROR_WANT_READ
:
593 /* Can't read until underlying has more data. */
594 if (bev_ssl
->read_blocked_on_write
)
595 if (clear_rbow(bev_ssl
) < 0)
598 case SSL_ERROR_WANT_WRITE
:
599 /* This read operation requires a write, and the
600 * underlying is full */
601 if (!bev_ssl
->read_blocked_on_write
)
602 if (set_rbow(bev_ssl
) < 0)
606 conn_closed(bev_ssl
, err
, r
);
610 break; /* out of the loop */
615 evbuffer_commit_space(input
, space
, n_used
);
616 if (bev_ssl
->underlying
)
617 BEV_RESET_GENERIC_READ_TIMEOUT(bev
);
619 if (evbuffer_get_length(input
) >= bev
->wm_read
.low
)
620 _bufferevent_run_readcb(bev
);
623 return blocked
? 0 : 1;
627 do_write(struct bufferevent_openssl
*bev_ssl
, int atmost
)
629 int i
, r
, n
, n_written
= 0, blocked
=0;
630 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
631 struct evbuffer
*output
= bev
->output
;
632 struct evbuffer_iovec space
[8];
634 if (bev_ssl
->last_write
> 0)
635 atmost
= bev_ssl
->last_write
;
637 atmost
= _bufferevent_get_write_max(&bev_ssl
->bev
);
639 n
= evbuffer_peek(output
, atmost
, NULL
, space
, 8);
645 for (i
=0; i
< n
; ++i
) {
646 if (bev_ssl
->bev
.write_suspended
)
649 /* SSL_write will (reasonably) return 0 if we tell it to
650 send 0 data. Skip this case so we don't interpret the
651 result as an error */
652 if (space
[i
].iov_len
== 0)
655 r
= SSL_write(bev_ssl
->ssl
, space
[i
].iov_base
,
658 if (bev_ssl
->write_blocked_on_read
)
659 if (clear_wbor(bev_ssl
) < 0)
662 bev_ssl
->last_write
= -1;
663 decrement_buckets(bev_ssl
);
665 int err
= SSL_get_error(bev_ssl
->ssl
, r
);
668 case SSL_ERROR_WANT_WRITE
:
669 /* Can't read until underlying has more data. */
670 if (bev_ssl
->write_blocked_on_read
)
671 if (clear_wbor(bev_ssl
) < 0)
673 bev_ssl
->last_write
= space
[i
].iov_len
;
675 case SSL_ERROR_WANT_READ
:
676 /* This read operation requires a write, and the
677 * underlying is full */
678 if (!bev_ssl
->write_blocked_on_read
)
679 if (set_wbor(bev_ssl
) < 0)
681 bev_ssl
->last_write
= space
[i
].iov_len
;
684 conn_closed(bev_ssl
, err
, r
);
685 bev_ssl
->last_write
= -1;
693 evbuffer_drain(output
, n_written
);
694 if (bev_ssl
->underlying
)
695 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev
);
697 if (evbuffer_get_length(output
) <= bev
->wm_write
.low
)
698 _bufferevent_run_writecb(bev
);
700 return blocked
? 0 : 1;
703 #define WRITE_FRAME 15000
705 #define READ_DEFAULT 4096
707 /* Things look readable. If write is blocked on read, write till it isn't.
708 * Read from the underlying buffer until we block or we hit our high-water
712 consider_reading(struct bufferevent_openssl
*bev_ssl
)
715 struct evbuffer
*input
= bev_ssl
->bev
.bev
.input
;
716 struct event_watermark
*wm
= &bev_ssl
->bev
.bev
.wm_read
;
718 while (bev_ssl
->write_blocked_on_read
) {
719 r
= do_write(bev_ssl
, WRITE_FRAME
);
723 if (bev_ssl
->write_blocked_on_read
)
725 while ((bev_ssl
->bev
.bev
.enabled
& EV_READ
) &&
726 (! bev_ssl
->bev
.read_suspended
) &&
727 (! wm
->high
|| evbuffer_get_length(input
) < wm
->high
)) {
729 wm
->high
? wm
->high
- evbuffer_get_length(input
)
731 r
= do_read(bev_ssl
, n_to_read
);
736 if (!bev_ssl
->underlying
) {
737 /* Should be redundant, but let's avoid busy-looping */
738 if (bev_ssl
->bev
.read_suspended
||
739 !(bev_ssl
->bev
.bev
.enabled
& EV_READ
)) {
740 event_del(&bev_ssl
->bev
.bev
.ev_read
);
746 consider_writing(struct bufferevent_openssl
*bev_ssl
)
749 struct evbuffer
*output
= bev_ssl
->bev
.bev
.output
;
750 struct evbuffer
*target
= NULL
;
751 struct event_watermark
*wm
= NULL
;
753 while (bev_ssl
->read_blocked_on_write
) {
754 r
= do_read(bev_ssl
, 1024); /* XXXX 1024 is a hack */
758 if (bev_ssl
->read_blocked_on_write
)
760 if (bev_ssl
->underlying
) {
761 target
= bev_ssl
->underlying
->output
;
762 wm
= &bev_ssl
->underlying
->wm_write
;
764 while ((bev_ssl
->bev
.bev
.enabled
& EV_WRITE
) &&
765 (! bev_ssl
->bev
.write_suspended
) &&
766 evbuffer_get_length(output
) &&
767 (!target
|| (! wm
->high
|| evbuffer_get_length(target
) < wm
->high
))) {
770 n_to_write
= wm
->high
- evbuffer_get_length(target
);
772 n_to_write
= WRITE_FRAME
;
773 r
= do_write(bev_ssl
, n_to_write
);
778 if (!bev_ssl
->underlying
) {
779 if (evbuffer_get_length(output
) == 0) {
780 event_del(&bev_ssl
->bev
.bev
.ev_write
);
781 } else if (bev_ssl
->bev
.write_suspended
||
782 !(bev_ssl
->bev
.bev
.enabled
& EV_WRITE
)) {
783 /* Should be redundant, but let's avoid busy-looping */
784 event_del(&bev_ssl
->bev
.bev
.ev_write
);
790 be_openssl_readcb(struct bufferevent
*bev_base
, void *ctx
)
792 struct bufferevent_openssl
*bev_ssl
= ctx
;
793 consider_reading(bev_ssl
);
797 be_openssl_writecb(struct bufferevent
*bev_base
, void *ctx
)
799 struct bufferevent_openssl
*bev_ssl
= ctx
;
800 consider_writing(bev_ssl
);
804 be_openssl_eventcb(struct bufferevent
*bev_base
, short what
, void *ctx
)
806 struct bufferevent_openssl
*bev_ssl
= ctx
;
809 if (what
& BEV_EVENT_EOF
) {
810 if (bev_ssl
->allow_dirty_shutdown
)
811 event
= BEV_EVENT_EOF
;
813 event
= BEV_EVENT_ERROR
;
814 } else if (what
& BEV_EVENT_TIMEOUT
) {
815 /* We sure didn't set this. Propagate it to the user. */
817 } else if (what
& BEV_EVENT_CONNECTED
) {
818 /* Ignore it. We're saying SSL_connect() already, which will
822 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
, event
);
826 be_openssl_readeventcb(evutil_socket_t fd
, short what
, void *ptr
)
828 struct bufferevent_openssl
*bev_ssl
= ptr
;
829 _bufferevent_incref_and_lock(&bev_ssl
->bev
.bev
);
830 if (what
& EV_TIMEOUT
) {
831 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
,
832 BEV_EVENT_TIMEOUT
|BEV_EVENT_READING
);
834 consider_reading(bev_ssl
);
835 _bufferevent_decref_and_unlock(&bev_ssl
->bev
.bev
);
839 be_openssl_writeeventcb(evutil_socket_t fd
, short what
, void *ptr
)
841 struct bufferevent_openssl
*bev_ssl
= ptr
;
842 _bufferevent_incref_and_lock(&bev_ssl
->bev
.bev
);
843 if (what
& EV_TIMEOUT
) {
844 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
,
845 BEV_EVENT_TIMEOUT
|BEV_EVENT_WRITING
);
847 consider_writing(bev_ssl
);
848 _bufferevent_decref_and_unlock(&bev_ssl
->bev
.bev
);
852 set_open_callbacks(struct bufferevent_openssl
*bev_ssl
, evutil_socket_t fd
)
854 if (bev_ssl
->underlying
) {
855 bufferevent_setcb(bev_ssl
->underlying
,
856 be_openssl_readcb
, be_openssl_writecb
, be_openssl_eventcb
,
860 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
861 int rpending
=0, wpending
=0, r1
=0, r2
=0;
862 if (fd
< 0 && bev_ssl
->fd_is_set
)
863 fd
= event_get_fd(&bev
->ev_read
);
864 if (bev_ssl
->fd_is_set
) {
865 rpending
= event_pending(&bev
->ev_read
, EV_READ
, NULL
);
866 wpending
= event_pending(&bev
->ev_write
, EV_WRITE
, NULL
);
867 event_del(&bev
->ev_read
);
868 event_del(&bev
->ev_write
);
870 event_assign(&bev
->ev_read
, bev
->ev_base
, fd
,
871 EV_READ
|EV_PERSIST
, be_openssl_readeventcb
, bev_ssl
);
872 event_assign(&bev
->ev_write
, bev
->ev_base
, fd
,
873 EV_WRITE
|EV_PERSIST
, be_openssl_writeeventcb
, bev_ssl
);
875 r1
= _bufferevent_add_event(&bev
->ev_read
, &bev
->timeout_read
);
877 r2
= _bufferevent_add_event(&bev
->ev_write
, &bev
->timeout_write
);
879 bev_ssl
->fd_is_set
= 1;
881 return (r1
<0 || r2
<0) ? -1 : 0;
886 do_handshake(struct bufferevent_openssl
*bev_ssl
)
890 switch (bev_ssl
->state
) {
892 case BUFFEREVENT_SSL_OPEN
:
895 case BUFFEREVENT_SSL_CONNECTING
:
896 case BUFFEREVENT_SSL_ACCEPTING
:
897 r
= SSL_do_handshake(bev_ssl
->ssl
);
900 decrement_buckets(bev_ssl
);
904 bev_ssl
->state
= BUFFEREVENT_SSL_OPEN
;
905 set_open_callbacks(bev_ssl
, -1); /* XXXX handle failure */
906 /* Call do_read and do_write as needed */
907 bufferevent_enable(&bev_ssl
->bev
.bev
, bev_ssl
->bev
.bev
.enabled
);
908 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
,
909 BEV_EVENT_CONNECTED
);
912 int err
= SSL_get_error(bev_ssl
->ssl
, r
);
915 case SSL_ERROR_WANT_WRITE
:
916 if (!bev_ssl
->underlying
) {
917 stop_reading(bev_ssl
);
918 return start_writing(bev_ssl
);
921 case SSL_ERROR_WANT_READ
:
922 if (!bev_ssl
->underlying
) {
923 stop_writing(bev_ssl
);
924 return start_reading(bev_ssl
);
928 conn_closed(bev_ssl
, err
, r
);
935 be_openssl_handshakecb(struct bufferevent
*bev_base
, void *ctx
)
937 struct bufferevent_openssl
*bev_ssl
= ctx
;
938 do_handshake(bev_ssl
);/* XXX handle failure */
942 be_openssl_handshakeeventcb(evutil_socket_t fd
, short what
, void *ptr
)
944 struct bufferevent_openssl
*bev_ssl
= ptr
;
946 _bufferevent_incref_and_lock(&bev_ssl
->bev
.bev
);
947 if (what
& EV_TIMEOUT
) {
948 _bufferevent_run_eventcb(&bev_ssl
->bev
.bev
, BEV_EVENT_TIMEOUT
);
950 do_handshake(bev_ssl
);/* XXX handle failure */
951 _bufferevent_decref_and_unlock(&bev_ssl
->bev
.bev
);
955 set_handshake_callbacks(struct bufferevent_openssl
*bev_ssl
, evutil_socket_t fd
)
957 if (bev_ssl
->underlying
) {
958 bufferevent_setcb(bev_ssl
->underlying
,
959 be_openssl_handshakecb
, be_openssl_handshakecb
,
962 return do_handshake(bev_ssl
);
964 struct bufferevent
*bev
= &bev_ssl
->bev
.bev
;
966 if (fd
< 0 && bev_ssl
->fd_is_set
)
967 fd
= event_get_fd(&bev
->ev_read
);
968 if (bev_ssl
->fd_is_set
) {
969 event_del(&bev
->ev_read
);
970 event_del(&bev
->ev_write
);
972 event_assign(&bev
->ev_read
, bev
->ev_base
, fd
,
973 EV_READ
|EV_PERSIST
, be_openssl_handshakeeventcb
, bev_ssl
);
974 event_assign(&bev
->ev_write
, bev
->ev_base
, fd
,
975 EV_WRITE
|EV_PERSIST
, be_openssl_handshakeeventcb
, bev_ssl
);
977 r1
= _bufferevent_add_event(&bev
->ev_read
, &bev
->timeout_read
);
978 r2
= _bufferevent_add_event(&bev
->ev_write
, &bev
->timeout_write
);
979 bev_ssl
->fd_is_set
= 1;
981 return (r1
<0 || r2
<0) ? -1 : 0;
986 bufferevent_ssl_renegotiate(struct bufferevent
*bev
)
988 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
991 if (SSL_renegotiate(bev_ssl
->ssl
) < 0)
993 bev_ssl
->state
= BUFFEREVENT_SSL_CONNECTING
;
994 if (set_handshake_callbacks(bev_ssl
, -1) < 0)
996 if (!bev_ssl
->underlying
)
997 return do_handshake(bev_ssl
);
1002 be_openssl_outbuf_cb(struct evbuffer
*buf
,
1003 const struct evbuffer_cb_info
*cbinfo
, void *arg
)
1005 struct bufferevent_openssl
*bev_ssl
= arg
;
1007 /* XXX need to hold a reference here. */
1009 if (cbinfo
->n_added
&& bev_ssl
->state
== BUFFEREVENT_SSL_OPEN
) {
1010 if (cbinfo
->orig_size
== 0)
1011 r
= _bufferevent_add_event(&bev_ssl
->bev
.bev
.ev_write
,
1012 &bev_ssl
->bev
.bev
.timeout_write
);
1013 consider_writing(bev_ssl
);
1015 /* XXX Handle r < 0 */
1021 be_openssl_enable(struct bufferevent
*bev
, short events
)
1023 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
1026 if (bev_ssl
->state
!= BUFFEREVENT_SSL_OPEN
)
1029 if (events
& EV_READ
)
1030 r1
= start_reading(bev_ssl
);
1031 if (events
& EV_WRITE
)
1032 r2
= start_writing(bev_ssl
);
1034 if (bev_ssl
->underlying
) {
1035 if (events
& EV_READ
)
1036 BEV_RESET_GENERIC_READ_TIMEOUT(bev
);
1037 if (events
& EV_WRITE
)
1038 BEV_RESET_GENERIC_WRITE_TIMEOUT(bev
);
1040 if (events
& EV_READ
)
1041 consider_reading(bev_ssl
);
1042 if (events
& EV_WRITE
)
1043 consider_writing(bev_ssl
);
1045 return (r1
< 0 || r2
< 0) ? -1 : 0;
1049 be_openssl_disable(struct bufferevent
*bev
, short events
)
1051 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
1052 if (bev_ssl
->state
!= BUFFEREVENT_SSL_OPEN
)
1055 if (events
& EV_READ
)
1056 stop_reading(bev_ssl
);
1057 if (events
& EV_WRITE
)
1058 stop_writing(bev_ssl
);
1060 if (bev_ssl
->underlying
) {
1061 if (events
& EV_READ
)
1062 BEV_DEL_GENERIC_READ_TIMEOUT(bev
);
1063 if (events
& EV_WRITE
)
1064 BEV_DEL_GENERIC_WRITE_TIMEOUT(bev
);
1070 be_openssl_destruct(struct bufferevent
*bev
)
1072 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
1074 if (bev_ssl
->underlying
) {
1075 _bufferevent_del_generic_timeout_cbs(bev
);
1077 event_del(&bev
->ev_read
);
1078 event_del(&bev
->ev_write
);
1081 if (bev_ssl
->bev
.options
& BEV_OPT_CLOSE_ON_FREE
) {
1082 if (bev_ssl
->underlying
) {
1083 if (BEV_UPCAST(bev_ssl
->underlying
)->refcnt
< 2) {
1084 event_warnx("BEV_OPT_CLOSE_ON_FREE set on an "
1085 "bufferevent with too few references");
1087 bufferevent_free(bev_ssl
->underlying
);
1088 bev_ssl
->underlying
= NULL
;
1091 evutil_socket_t fd
= -1;
1092 BIO
*bio
= SSL_get_wbio(bev_ssl
->ssl
);
1094 fd
= BIO_get_fd(bio
, NULL
);
1096 evutil_closesocket(fd
);
1098 SSL_free(bev_ssl
->ssl
);
1100 if (bev_ssl
->underlying
) {
1101 if (bev_ssl
->underlying
->errorcb
== be_openssl_eventcb
)
1102 bufferevent_setcb(bev_ssl
->underlying
,
1103 NULL
,NULL
,NULL
,NULL
);
1104 bufferevent_unsuspend_read(bev_ssl
->underlying
,
1105 BEV_SUSPEND_FILT_READ
);
1111 be_openssl_adj_timeouts(struct bufferevent
*bev
)
1113 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
1115 if (bev_ssl
->underlying
)
1116 return _bufferevent_generic_adj_timeouts(bev
);
1119 if (event_pending(&bev
->ev_read
, EV_READ
, NULL
))
1120 r1
= _bufferevent_add_event(&bev
->ev_read
, &bev
->timeout_read
);
1121 if (event_pending(&bev
->ev_write
, EV_WRITE
, NULL
))
1122 r2
= _bufferevent_add_event(&bev
->ev_write
, &bev
->timeout_write
);
1123 return (r1
<0 || r2
<0) ? -1 : 0;
1128 be_openssl_flush(struct bufferevent
*bufev
,
1129 short iotype
, enum bufferevent_flush_mode mode
)
1131 /* XXXX Implement this. */
1136 be_openssl_ctrl(struct bufferevent
*bev
,
1137 enum bufferevent_ctrl_op op
, union bufferevent_ctrl_data
*data
)
1139 struct bufferevent_openssl
*bev_ssl
= upcast(bev
);
1141 case BEV_CTRL_SET_FD
:
1142 if (bev_ssl
->underlying
)
1146 bio
= BIO_new_socket(data
->fd
, 0);
1147 SSL_set_bio(bev_ssl
->ssl
, bio
, bio
);
1148 bev_ssl
->fd_is_set
= 1;
1150 if (bev_ssl
->state
== BUFFEREVENT_SSL_OPEN
)
1151 return set_open_callbacks(bev_ssl
, data
->fd
);
1153 return set_handshake_callbacks(bev_ssl
, data
->fd
);
1155 case BEV_CTRL_GET_FD
:
1156 if (bev_ssl
->underlying
)
1158 if (!bev_ssl
->fd_is_set
)
1160 data
->fd
= event_get_fd(&bev
->ev_read
);
1162 case BEV_CTRL_GET_UNDERLYING
:
1163 if (!bev_ssl
->underlying
)
1165 data
->ptr
= bev_ssl
->underlying
;
1173 bufferevent_openssl_get_ssl(struct bufferevent
*bufev
)
1175 struct bufferevent_openssl
*bev_ssl
= upcast(bufev
);
1178 return bev_ssl
->ssl
;
1181 static struct bufferevent
*
1182 bufferevent_openssl_new_impl(struct event_base
*base
,
1183 struct bufferevent
*underlying
,
1186 enum bufferevent_ssl_state state
,
1189 struct bufferevent_openssl
*bev_ssl
= NULL
;
1190 struct bufferevent_private
*bev_p
= NULL
;
1191 int tmp_options
= options
& ~BEV_OPT_THREADSAFE
;
1193 if (underlying
!= NULL
&& fd
>= 0)
1194 return NULL
; /* Only one can be set. */
1196 if (!(bev_ssl
= mm_calloc(1, sizeof(struct bufferevent_openssl
))))
1199 bev_p
= &bev_ssl
->bev
;
1201 if (bufferevent_init_common(bev_p
, base
,
1202 &bufferevent_ops_openssl
, tmp_options
) < 0)
1205 /* Don't explode if we decide to realloc a chunk we're writing from in
1206 * the output buffer. */
1207 SSL_set_mode(ssl
, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
);
1209 bev_ssl
->underlying
= underlying
;
1212 bev_ssl
->outbuf_cb
= evbuffer_add_cb(bev_p
->bev
.output
,
1213 be_openssl_outbuf_cb
, bev_ssl
);
1215 if (options
& BEV_OPT_THREADSAFE
)
1216 bufferevent_enable_locking(&bev_ssl
->bev
.bev
, NULL
);
1219 _bufferevent_init_generic_timeout_cbs(&bev_ssl
->bev
.bev
);
1220 bufferevent_incref(underlying
);
1223 bev_ssl
->state
= state
;
1224 bev_ssl
->last_write
= -1;
1226 init_bio_counts(bev_ssl
);
1229 case BUFFEREVENT_SSL_ACCEPTING
:
1230 SSL_set_accept_state(bev_ssl
->ssl
);
1231 if (set_handshake_callbacks(bev_ssl
, fd
) < 0)
1234 case BUFFEREVENT_SSL_CONNECTING
:
1235 SSL_set_connect_state(bev_ssl
->ssl
);
1236 if (set_handshake_callbacks(bev_ssl
, fd
) < 0)
1239 case BUFFEREVENT_SSL_OPEN
:
1240 if (set_open_callbacks(bev_ssl
, fd
) < 0)
1248 bufferevent_enable(underlying
, EV_READ
|EV_WRITE
);
1249 if (state
== BUFFEREVENT_SSL_OPEN
)
1250 bufferevent_suspend_read(underlying
,
1251 BEV_SUSPEND_FILT_READ
);
1253 bev_ssl
->bev
.bev
.enabled
= EV_READ
|EV_WRITE
;
1254 if (bev_ssl
->fd_is_set
) {
1255 if (state
!= BUFFEREVENT_SSL_OPEN
)
1256 if (event_add(&bev_ssl
->bev
.bev
.ev_read
, NULL
) < 0)
1258 if (event_add(&bev_ssl
->bev
.bev
.ev_write
, NULL
) < 0)
1263 return &bev_ssl
->bev
.bev
;
1266 bufferevent_free(&bev_ssl
->bev
.bev
);
1270 struct bufferevent
*
1271 bufferevent_openssl_filter_new(struct event_base
*base
,
1272 struct bufferevent
*underlying
,
1274 enum bufferevent_ssl_state state
,
1277 /* We don't tell the BIO to close the bufferevent; we do it ourselves
1278 * on be_openssl_destruct */
1279 int close_flag
= 0; /* options & BEV_OPT_CLOSE_ON_FREE; */
1283 if (!(bio
= BIO_new_bufferevent(underlying
, close_flag
)))
1286 SSL_set_bio(ssl
, bio
, bio
);
1288 return bufferevent_openssl_new_impl(
1289 base
, underlying
, -1, ssl
, state
, options
);
1292 struct bufferevent
*
1293 bufferevent_openssl_socket_new(struct event_base
*base
,
1296 enum bufferevent_ssl_state state
,
1299 /* Does the SSL already have an fd? */
1300 BIO
*bio
= SSL_get_wbio(ssl
);
1304 have_fd
= BIO_get_fd(bio
, NULL
);
1307 /* The SSL is already configured with an fd. */
1309 /* We should learn the fd from the SSL. */
1310 fd
= (evutil_socket_t
) have_fd
;
1311 } else if (have_fd
== (long)fd
) {
1312 /* We already know the fd from the SSL; do nothing */
1314 /* We specified an fd different from that of the SSL.
1315 This is probably an error on our part. Fail. */
1318 (void) BIO_set_close(bio
, 0);
1320 /* The SSL isn't configured with a BIO with an fd. */
1322 /* ... and we have an fd we want to use. */
1323 bio
= BIO_new_socket(fd
, 0);
1324 SSL_set_bio(ssl
, bio
, bio
);
1326 /* Leave the fd unset. */
1330 return bufferevent_openssl_new_impl(
1331 base
, NULL
, fd
, ssl
, state
, options
);
1335 bufferevent_get_openssl_error(struct bufferevent
*bev
)
1337 unsigned long err
= 0;
1338 struct bufferevent_openssl
*bev_ssl
;
1340 bev_ssl
= upcast(bev
);
1341 if (bev_ssl
&& bev_ssl
->n_errors
) {
1342 err
= bev_ssl
->errors
[--bev_ssl
->n_errors
];