bss_dgram.c 61 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085
  1. /*
  2. * DTLS implementation written by Nagendra Modadugu
  3. * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * openssl-core@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include <stdio.h>
  59. #include <errno.h>
  60. #define USE_SOCKETS
  61. #include "internal/cryptlib.h"
  62. #include <openssl/bio.h>
  63. #ifndef OPENSSL_NO_DGRAM
  64. # if !(defined(_WIN32) || defined(OPENSSL_SYS_VMS))
  65. # include <sys/time.h>
  66. # endif
  67. # if defined(OPENSSL_SYS_VMS)
  68. # include <sys/timeb.h>
  69. # endif
  70. # ifndef OPENSSL_NO_SCTP
  71. # include <netinet/sctp.h>
  72. # include <fcntl.h>
  73. # define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
  74. # define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
  75. # endif
  76. # if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
  77. # define IP_MTU 14 /* linux is lame */
  78. # endif
  79. # if OPENSSL_USE_IPV6 && !defined(IPPROTO_IPV6)
  80. # define IPPROTO_IPV6 41 /* windows is lame */
  81. # endif
  82. # if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
  83. /* Standard definition causes type-punning problems. */
  84. # undef IN6_IS_ADDR_V4MAPPED
  85. # define s6_addr32 __u6_addr.__u6_addr32
  86. # define IN6_IS_ADDR_V4MAPPED(a) \
  87. (((a)->s6_addr32[0] == 0) && \
  88. ((a)->s6_addr32[1] == 0) && \
  89. ((a)->s6_addr32[2] == htonl(0x0000ffff)))
  90. # endif
  91. # ifdef WATT32
  92. # define sock_write SockWrite /* Watt-32 uses same names */
  93. # define sock_read SockRead
  94. # define sock_puts SockPuts
  95. # endif
  96. static int dgram_write(BIO *h, const char *buf, int num);
  97. static int dgram_read(BIO *h, char *buf, int size);
  98. static int dgram_puts(BIO *h, const char *str);
  99. static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
  100. static int dgram_new(BIO *h);
  101. static int dgram_free(BIO *data);
  102. static int dgram_clear(BIO *bio);
  103. # ifndef OPENSSL_NO_SCTP
  104. static int dgram_sctp_write(BIO *h, const char *buf, int num);
  105. static int dgram_sctp_read(BIO *h, char *buf, int size);
  106. static int dgram_sctp_puts(BIO *h, const char *str);
  107. static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
  108. static int dgram_sctp_new(BIO *h);
  109. static int dgram_sctp_free(BIO *data);
  110. # ifdef SCTP_AUTHENTICATION_EVENT
  111. static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
  112. *snp);
  113. # endif
  114. # endif
  115. static int BIO_dgram_should_retry(int s);
  116. static void get_current_time(struct timeval *t);
  117. static BIO_METHOD methods_dgramp = {
  118. BIO_TYPE_DGRAM,
  119. "datagram socket",
  120. dgram_write,
  121. dgram_read,
  122. dgram_puts,
  123. NULL, /* dgram_gets, */
  124. dgram_ctrl,
  125. dgram_new,
  126. dgram_free,
  127. NULL,
  128. };
  129. # ifndef OPENSSL_NO_SCTP
  130. static BIO_METHOD methods_dgramp_sctp = {
  131. BIO_TYPE_DGRAM_SCTP,
  132. "datagram sctp socket",
  133. dgram_sctp_write,
  134. dgram_sctp_read,
  135. dgram_sctp_puts,
  136. NULL, /* dgram_gets, */
  137. dgram_sctp_ctrl,
  138. dgram_sctp_new,
  139. dgram_sctp_free,
  140. NULL,
  141. };
  142. # endif
  143. typedef struct bio_dgram_data_st {
  144. union {
  145. struct sockaddr sa;
  146. struct sockaddr_in sa_in;
  147. # if OPENSSL_USE_IPV6
  148. struct sockaddr_in6 sa_in6;
  149. # endif
  150. } peer;
  151. unsigned int connected;
  152. unsigned int _errno;
  153. unsigned int mtu;
  154. struct timeval next_timeout;
  155. struct timeval socket_timeout;
  156. unsigned int peekmode;
  157. } bio_dgram_data;
  158. # ifndef OPENSSL_NO_SCTP
  159. typedef struct bio_dgram_sctp_save_message_st {
  160. BIO *bio;
  161. char *data;
  162. int length;
  163. } bio_dgram_sctp_save_message;
  164. typedef struct bio_dgram_sctp_data_st {
  165. union {
  166. struct sockaddr sa;
  167. struct sockaddr_in sa_in;
  168. # if OPENSSL_USE_IPV6
  169. struct sockaddr_in6 sa_in6;
  170. # endif
  171. } peer;
  172. unsigned int connected;
  173. unsigned int _errno;
  174. unsigned int mtu;
  175. struct bio_dgram_sctp_sndinfo sndinfo;
  176. struct bio_dgram_sctp_rcvinfo rcvinfo;
  177. struct bio_dgram_sctp_prinfo prinfo;
  178. void (*handle_notifications) (BIO *bio, void *context, void *buf);
  179. void *notification_context;
  180. int in_handshake;
  181. int ccs_rcvd;
  182. int ccs_sent;
  183. int save_shutdown;
  184. int peer_auth_tested;
  185. bio_dgram_sctp_save_message saved_message;
  186. } bio_dgram_sctp_data;
  187. # endif
  188. BIO_METHOD *BIO_s_datagram(void)
  189. {
  190. return (&methods_dgramp);
  191. }
  192. BIO *BIO_new_dgram(int fd, int close_flag)
  193. {
  194. BIO *ret;
  195. ret = BIO_new(BIO_s_datagram());
  196. if (ret == NULL)
  197. return (NULL);
  198. BIO_set_fd(ret, fd, close_flag);
  199. return (ret);
  200. }
  201. static int dgram_new(BIO *bi)
  202. {
  203. bio_dgram_data *data = OPENSSL_zalloc(sizeof(*data));
  204. if (data == NULL)
  205. return 0;
  206. bi->ptr = data;
  207. return (1);
  208. }
  209. static int dgram_free(BIO *a)
  210. {
  211. bio_dgram_data *data;
  212. if (a == NULL)
  213. return (0);
  214. if (!dgram_clear(a))
  215. return 0;
  216. data = (bio_dgram_data *)a->ptr;
  217. OPENSSL_free(data);
  218. return (1);
  219. }
  220. static int dgram_clear(BIO *a)
  221. {
  222. if (a == NULL)
  223. return (0);
  224. if (a->shutdown) {
  225. if (a->init) {
  226. SHUTDOWN2(a->num);
  227. }
  228. a->init = 0;
  229. a->flags = 0;
  230. }
  231. return (1);
  232. }
  233. static void dgram_adjust_rcv_timeout(BIO *b)
  234. {
  235. # if defined(SO_RCVTIMEO)
  236. bio_dgram_data *data = (bio_dgram_data *)b->ptr;
  237. union {
  238. size_t s;
  239. int i;
  240. } sz = {
  241. 0
  242. };
  243. /* Is a timer active? */
  244. if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
  245. struct timeval timenow, timeleft;
  246. /* Read current socket timeout */
  247. # ifdef OPENSSL_SYS_WINDOWS
  248. int timeout;
  249. sz.i = sizeof(timeout);
  250. if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  251. (void *)&timeout, &sz.i) < 0) {
  252. perror("getsockopt");
  253. } else {
  254. data->socket_timeout.tv_sec = timeout / 1000;
  255. data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
  256. }
  257. # else
  258. sz.i = sizeof(data->socket_timeout);
  259. if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  260. &(data->socket_timeout), (void *)&sz) < 0) {
  261. perror("getsockopt");
  262. } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
  263. OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
  264. # endif
  265. /* Get current time */
  266. get_current_time(&timenow);
  267. /* Calculate time left until timer expires */
  268. memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
  269. if (timeleft.tv_usec < timenow.tv_usec) {
  270. timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
  271. timeleft.tv_sec--;
  272. } else {
  273. timeleft.tv_usec -= timenow.tv_usec;
  274. }
  275. if (timeleft.tv_sec < timenow.tv_sec) {
  276. timeleft.tv_sec = 0;
  277. timeleft.tv_usec = 1;
  278. } else {
  279. timeleft.tv_sec -= timenow.tv_sec;
  280. }
  281. /*
  282. * Adjust socket timeout if next handhake message timer will expire
  283. * earlier.
  284. */
  285. if ((data->socket_timeout.tv_sec == 0
  286. && data->socket_timeout.tv_usec == 0)
  287. || (data->socket_timeout.tv_sec > timeleft.tv_sec)
  288. || (data->socket_timeout.tv_sec == timeleft.tv_sec
  289. && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
  290. # ifdef OPENSSL_SYS_WINDOWS
  291. timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
  292. if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  293. (void *)&timeout, sizeof(timeout)) < 0) {
  294. perror("setsockopt");
  295. }
  296. # else
  297. if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
  298. sizeof(struct timeval)) < 0) {
  299. perror("setsockopt");
  300. }
  301. # endif
  302. }
  303. }
  304. # endif
  305. }
  306. static void dgram_reset_rcv_timeout(BIO *b)
  307. {
  308. # if defined(SO_RCVTIMEO)
  309. bio_dgram_data *data = (bio_dgram_data *)b->ptr;
  310. /* Is a timer active? */
  311. if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
  312. # ifdef OPENSSL_SYS_WINDOWS
  313. int timeout = data->socket_timeout.tv_sec * 1000 +
  314. data->socket_timeout.tv_usec / 1000;
  315. if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  316. (void *)&timeout, sizeof(timeout)) < 0) {
  317. perror("setsockopt");
  318. }
  319. # else
  320. if (setsockopt
  321. (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
  322. sizeof(struct timeval)) < 0) {
  323. perror("setsockopt");
  324. }
  325. # endif
  326. }
  327. # endif
  328. }
  329. static int dgram_read(BIO *b, char *out, int outl)
  330. {
  331. int ret = 0;
  332. bio_dgram_data *data = (bio_dgram_data *)b->ptr;
  333. int flags = 0;
  334. struct {
  335. /*
  336. * See commentary in b_sock.c. <appro>
  337. */
  338. union {
  339. size_t s;
  340. int i;
  341. } len;
  342. union {
  343. struct sockaddr sa;
  344. struct sockaddr_in sa_in;
  345. # if OPENSSL_USE_IPV6
  346. struct sockaddr_in6 sa_in6;
  347. # endif
  348. } peer;
  349. } sa;
  350. sa.len.s = 0;
  351. sa.len.i = sizeof(sa.peer);
  352. if (out != NULL) {
  353. clear_socket_error();
  354. memset(&sa.peer, 0, sizeof(sa.peer));
  355. dgram_adjust_rcv_timeout(b);
  356. if (data->peekmode)
  357. flags = MSG_PEEK;
  358. ret = recvfrom(b->num, out, outl, flags, &sa.peer.sa, (void *)&sa.len);
  359. if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
  360. OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
  361. sa.len.i = (int)sa.len.s;
  362. }
  363. if (!data->connected && ret >= 0)
  364. BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
  365. BIO_clear_retry_flags(b);
  366. if (ret < 0) {
  367. if (BIO_dgram_should_retry(ret)) {
  368. BIO_set_retry_read(b);
  369. data->_errno = get_last_socket_error();
  370. }
  371. }
  372. dgram_reset_rcv_timeout(b);
  373. }
  374. return (ret);
  375. }
  376. static int dgram_write(BIO *b, const char *in, int inl)
  377. {
  378. int ret;
  379. bio_dgram_data *data = (bio_dgram_data *)b->ptr;
  380. clear_socket_error();
  381. if (data->connected)
  382. ret = writesocket(b->num, in, inl);
  383. else {
  384. int peerlen = sizeof(data->peer);
  385. if (data->peer.sa.sa_family == AF_INET)
  386. peerlen = sizeof(data->peer.sa_in);
  387. # if OPENSSL_USE_IPV6
  388. else if (data->peer.sa.sa_family == AF_INET6)
  389. peerlen = sizeof(data->peer.sa_in6);
  390. # endif
  391. # if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
  392. ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
  393. # else
  394. ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
  395. # endif
  396. }
  397. BIO_clear_retry_flags(b);
  398. if (ret <= 0) {
  399. if (BIO_dgram_should_retry(ret)) {
  400. BIO_set_retry_write(b);
  401. data->_errno = get_last_socket_error();
  402. }
  403. }
  404. return (ret);
  405. }
  406. static long dgram_get_mtu_overhead(bio_dgram_data *data)
  407. {
  408. long ret;
  409. switch (data->peer.sa.sa_family) {
  410. case AF_INET:
  411. /*
  412. * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
  413. */
  414. ret = 28;
  415. break;
  416. # if OPENSSL_USE_IPV6
  417. case AF_INET6:
  418. # ifdef IN6_IS_ADDR_V4MAPPED
  419. if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
  420. /*
  421. * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
  422. */
  423. ret = 28;
  424. else
  425. # endif
  426. /*
  427. * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
  428. */
  429. ret = 48;
  430. break;
  431. # endif
  432. default:
  433. /* We don't know. Go with the historical default */
  434. ret = 28;
  435. break;
  436. }
  437. return ret;
  438. }
  439. static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
  440. {
  441. long ret = 1;
  442. int *ip;
  443. struct sockaddr *to = NULL;
  444. bio_dgram_data *data = NULL;
  445. int sockopt_val = 0;
  446. # if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
  447. socklen_t sockopt_len; /* assume that system supporting IP_MTU is
  448. * modern enough to define socklen_t */
  449. socklen_t addr_len;
  450. union {
  451. struct sockaddr sa;
  452. struct sockaddr_in s4;
  453. # if OPENSSL_USE_IPV6
  454. struct sockaddr_in6 s6;
  455. # endif
  456. } addr;
  457. # endif
  458. data = (bio_dgram_data *)b->ptr;
  459. switch (cmd) {
  460. case BIO_CTRL_RESET:
  461. num = 0;
  462. ret = 0;
  463. break;
  464. case BIO_CTRL_INFO:
  465. ret = 0;
  466. break;
  467. case BIO_C_SET_FD:
  468. dgram_clear(b);
  469. b->num = *((int *)ptr);
  470. b->shutdown = (int)num;
  471. b->init = 1;
  472. break;
  473. case BIO_C_GET_FD:
  474. if (b->init) {
  475. ip = (int *)ptr;
  476. if (ip != NULL)
  477. *ip = b->num;
  478. ret = b->num;
  479. } else
  480. ret = -1;
  481. break;
  482. case BIO_CTRL_GET_CLOSE:
  483. ret = b->shutdown;
  484. break;
  485. case BIO_CTRL_SET_CLOSE:
  486. b->shutdown = (int)num;
  487. break;
  488. case BIO_CTRL_PENDING:
  489. case BIO_CTRL_WPENDING:
  490. ret = 0;
  491. break;
  492. case BIO_CTRL_DUP:
  493. case BIO_CTRL_FLUSH:
  494. ret = 1;
  495. break;
  496. case BIO_CTRL_DGRAM_CONNECT:
  497. to = (struct sockaddr *)ptr;
  498. switch (to->sa_family) {
  499. case AF_INET:
  500. memcpy(&data->peer, to, sizeof(data->peer.sa_in));
  501. break;
  502. # if OPENSSL_USE_IPV6
  503. case AF_INET6:
  504. memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
  505. break;
  506. # endif
  507. default:
  508. memcpy(&data->peer, to, sizeof(data->peer.sa));
  509. break;
  510. }
  511. break;
  512. /* (Linux)kernel sets DF bit on outgoing IP packets */
  513. case BIO_CTRL_DGRAM_MTU_DISCOVER:
  514. # if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
  515. addr_len = (socklen_t) sizeof(addr);
  516. memset(&addr, 0, sizeof(addr));
  517. if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
  518. ret = 0;
  519. break;
  520. }
  521. switch (addr.sa.sa_family) {
  522. case AF_INET:
  523. sockopt_val = IP_PMTUDISC_DO;
  524. if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
  525. &sockopt_val, sizeof(sockopt_val))) < 0)
  526. perror("setsockopt");
  527. break;
  528. # if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
  529. case AF_INET6:
  530. sockopt_val = IPV6_PMTUDISC_DO;
  531. if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
  532. &sockopt_val, sizeof(sockopt_val))) < 0)
  533. perror("setsockopt");
  534. break;
  535. # endif
  536. default:
  537. ret = -1;
  538. break;
  539. }
  540. # else
  541. ret = -1;
  542. # endif
  543. break;
  544. case BIO_CTRL_DGRAM_QUERY_MTU:
  545. # if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
  546. addr_len = (socklen_t) sizeof(addr);
  547. memset(&addr, 0, sizeof(addr));
  548. if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
  549. ret = 0;
  550. break;
  551. }
  552. sockopt_len = sizeof(sockopt_val);
  553. switch (addr.sa.sa_family) {
  554. case AF_INET:
  555. if ((ret =
  556. getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
  557. &sockopt_len)) < 0 || sockopt_val < 0) {
  558. ret = 0;
  559. } else {
  560. /*
  561. * we assume that the transport protocol is UDP and no IP
  562. * options are used.
  563. */
  564. data->mtu = sockopt_val - 8 - 20;
  565. ret = data->mtu;
  566. }
  567. break;
  568. # if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
  569. case AF_INET6:
  570. if ((ret =
  571. getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
  572. (void *)&sockopt_val, &sockopt_len)) < 0
  573. || sockopt_val < 0) {
  574. ret = 0;
  575. } else {
  576. /*
  577. * we assume that the transport protocol is UDP and no IPV6
  578. * options are used.
  579. */
  580. data->mtu = sockopt_val - 8 - 40;
  581. ret = data->mtu;
  582. }
  583. break;
  584. # endif
  585. default:
  586. ret = 0;
  587. break;
  588. }
  589. # else
  590. ret = 0;
  591. # endif
  592. break;
  593. case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
  594. ret = -dgram_get_mtu_overhead(data);
  595. switch (data->peer.sa.sa_family) {
  596. case AF_INET:
  597. ret += 576;
  598. break;
  599. # if OPENSSL_USE_IPV6
  600. case AF_INET6:
  601. # ifdef IN6_IS_ADDR_V4MAPPED
  602. if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
  603. ret += 576;
  604. else
  605. # endif
  606. ret += 1280;
  607. break;
  608. # endif
  609. default:
  610. ret += 576;
  611. break;
  612. }
  613. break;
  614. case BIO_CTRL_DGRAM_GET_MTU:
  615. return data->mtu;
  616. case BIO_CTRL_DGRAM_SET_MTU:
  617. data->mtu = num;
  618. ret = num;
  619. break;
  620. case BIO_CTRL_DGRAM_SET_CONNECTED:
  621. to = (struct sockaddr *)ptr;
  622. if (to != NULL) {
  623. data->connected = 1;
  624. switch (to->sa_family) {
  625. case AF_INET:
  626. memcpy(&data->peer, to, sizeof(data->peer.sa_in));
  627. break;
  628. # if OPENSSL_USE_IPV6
  629. case AF_INET6:
  630. memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
  631. break;
  632. # endif
  633. default:
  634. memcpy(&data->peer, to, sizeof(data->peer.sa));
  635. break;
  636. }
  637. } else {
  638. data->connected = 0;
  639. memset(&data->peer, 0, sizeof(data->peer));
  640. }
  641. break;
  642. case BIO_CTRL_DGRAM_GET_PEER:
  643. switch (data->peer.sa.sa_family) {
  644. case AF_INET:
  645. ret = sizeof(data->peer.sa_in);
  646. break;
  647. # if OPENSSL_USE_IPV6
  648. case AF_INET6:
  649. ret = sizeof(data->peer.sa_in6);
  650. break;
  651. # endif
  652. default:
  653. ret = sizeof(data->peer.sa);
  654. break;
  655. }
  656. if (num == 0 || num > ret)
  657. num = ret;
  658. memcpy(ptr, &data->peer, (ret = num));
  659. break;
  660. case BIO_CTRL_DGRAM_SET_PEER:
  661. to = (struct sockaddr *)ptr;
  662. switch (to->sa_family) {
  663. case AF_INET:
  664. memcpy(&data->peer, to, sizeof(data->peer.sa_in));
  665. break;
  666. # if OPENSSL_USE_IPV6
  667. case AF_INET6:
  668. memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
  669. break;
  670. # endif
  671. default:
  672. memcpy(&data->peer, to, sizeof(data->peer.sa));
  673. break;
  674. }
  675. break;
  676. case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
  677. memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
  678. break;
  679. # if defined(SO_RCVTIMEO)
  680. case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
  681. # ifdef OPENSSL_SYS_WINDOWS
  682. {
  683. struct timeval *tv = (struct timeval *)ptr;
  684. int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
  685. if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  686. (void *)&timeout, sizeof(timeout)) < 0) {
  687. perror("setsockopt");
  688. ret = -1;
  689. }
  690. }
  691. # else
  692. if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
  693. sizeof(struct timeval)) < 0) {
  694. perror("setsockopt");
  695. ret = -1;
  696. }
  697. # endif
  698. break;
  699. case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
  700. {
  701. union {
  702. size_t s;
  703. int i;
  704. } sz = {
  705. 0
  706. };
  707. # ifdef OPENSSL_SYS_WINDOWS
  708. int timeout;
  709. struct timeval *tv = (struct timeval *)ptr;
  710. sz.i = sizeof(timeout);
  711. if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  712. (void *)&timeout, &sz.i) < 0) {
  713. perror("getsockopt");
  714. ret = -1;
  715. } else {
  716. tv->tv_sec = timeout / 1000;
  717. tv->tv_usec = (timeout % 1000) * 1000;
  718. ret = sizeof(*tv);
  719. }
  720. # else
  721. sz.i = sizeof(struct timeval);
  722. if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
  723. ptr, (void *)&sz) < 0) {
  724. perror("getsockopt");
  725. ret = -1;
  726. } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
  727. OPENSSL_assert(sz.s <= sizeof(struct timeval));
  728. ret = (int)sz.s;
  729. } else
  730. ret = sz.i;
  731. # endif
  732. }
  733. break;
  734. # endif
  735. # if defined(SO_SNDTIMEO)
  736. case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
  737. # ifdef OPENSSL_SYS_WINDOWS
  738. {
  739. struct timeval *tv = (struct timeval *)ptr;
  740. int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
  741. if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
  742. (void *)&timeout, sizeof(timeout)) < 0) {
  743. perror("setsockopt");
  744. ret = -1;
  745. }
  746. }
  747. # else
  748. if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
  749. sizeof(struct timeval)) < 0) {
  750. perror("setsockopt");
  751. ret = -1;
  752. }
  753. # endif
  754. break;
  755. case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
  756. {
  757. union {
  758. size_t s;
  759. int i;
  760. } sz = {
  761. 0
  762. };
  763. # ifdef OPENSSL_SYS_WINDOWS
  764. int timeout;
  765. struct timeval *tv = (struct timeval *)ptr;
  766. sz.i = sizeof(timeout);
  767. if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
  768. (void *)&timeout, &sz.i) < 0) {
  769. perror("getsockopt");
  770. ret = -1;
  771. } else {
  772. tv->tv_sec = timeout / 1000;
  773. tv->tv_usec = (timeout % 1000) * 1000;
  774. ret = sizeof(*tv);
  775. }
  776. # else
  777. sz.i = sizeof(struct timeval);
  778. if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
  779. ptr, (void *)&sz) < 0) {
  780. perror("getsockopt");
  781. ret = -1;
  782. } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
  783. OPENSSL_assert(sz.s <= sizeof(struct timeval));
  784. ret = (int)sz.s;
  785. } else
  786. ret = sz.i;
  787. # endif
  788. }
  789. break;
  790. # endif
  791. case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
  792. /* fall-through */
  793. case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
  794. # ifdef OPENSSL_SYS_WINDOWS
  795. if (data->_errno == WSAETIMEDOUT)
  796. # else
  797. if (data->_errno == EAGAIN)
  798. # endif
  799. {
  800. ret = 1;
  801. data->_errno = 0;
  802. } else
  803. ret = 0;
  804. break;
  805. # ifdef EMSGSIZE
  806. case BIO_CTRL_DGRAM_MTU_EXCEEDED:
  807. if (data->_errno == EMSGSIZE) {
  808. ret = 1;
  809. data->_errno = 0;
  810. } else
  811. ret = 0;
  812. break;
  813. # endif
  814. case BIO_CTRL_DGRAM_SET_DONT_FRAG:
  815. sockopt_val = num ? 1 : 0;
  816. switch (data->peer.sa.sa_family) {
  817. case AF_INET:
  818. # if defined(IP_DONTFRAG)
  819. if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
  820. &sockopt_val, sizeof(sockopt_val))) < 0) {
  821. perror("setsockopt");
  822. ret = -1;
  823. }
  824. # elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined (IP_PMTUDISC_PROBE)
  825. if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
  826. (ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
  827. &sockopt_val, sizeof(sockopt_val))) < 0) {
  828. perror("setsockopt");
  829. ret = -1;
  830. }
  831. # elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
  832. if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
  833. (const char *)&sockopt_val,
  834. sizeof(sockopt_val))) < 0) {
  835. perror("setsockopt");
  836. ret = -1;
  837. }
  838. # else
  839. ret = -1;
  840. # endif
  841. break;
  842. # if OPENSSL_USE_IPV6
  843. case AF_INET6:
  844. # if defined(IPV6_DONTFRAG)
  845. if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
  846. (const void *)&sockopt_val,
  847. sizeof(sockopt_val))) < 0) {
  848. perror("setsockopt");
  849. ret = -1;
  850. }
  851. # elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
  852. if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
  853. (ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
  854. &sockopt_val, sizeof(sockopt_val))) < 0) {
  855. perror("setsockopt");
  856. ret = -1;
  857. }
  858. # else
  859. ret = -1;
  860. # endif
  861. break;
  862. # endif
  863. default:
  864. ret = -1;
  865. break;
  866. }
  867. break;
  868. case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
  869. ret = dgram_get_mtu_overhead(data);
  870. break;
  871. case BIO_CTRL_DGRAM_SET_PEEK_MODE:
  872. data->peekmode = (unsigned int)num;
  873. break;
  874. default:
  875. ret = 0;
  876. break;
  877. }
  878. return (ret);
  879. }
  880. static int dgram_puts(BIO *bp, const char *str)
  881. {
  882. int n, ret;
  883. n = strlen(str);
  884. ret = dgram_write(bp, str, n);
  885. return (ret);
  886. }
  887. # ifndef OPENSSL_NO_SCTP
  888. BIO_METHOD *BIO_s_datagram_sctp(void)
  889. {
  890. return (&methods_dgramp_sctp);
  891. }
  892. BIO *BIO_new_dgram_sctp(int fd, int close_flag)
  893. {
  894. BIO *bio;
  895. int ret, optval = 20000;
  896. int auth_data = 0, auth_forward = 0;
  897. unsigned char *p;
  898. struct sctp_authchunk auth;
  899. struct sctp_authchunks *authchunks;
  900. socklen_t sockopt_len;
  901. # ifdef SCTP_AUTHENTICATION_EVENT
  902. # ifdef SCTP_EVENT
  903. struct sctp_event event;
  904. # else
  905. struct sctp_event_subscribe event;
  906. # endif
  907. # endif
  908. bio = BIO_new(BIO_s_datagram_sctp());
  909. if (bio == NULL)
  910. return (NULL);
  911. BIO_set_fd(bio, fd, close_flag);
  912. /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
  913. auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
  914. ret =
  915. setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
  916. sizeof(struct sctp_authchunk));
  917. if (ret < 0) {
  918. BIO_vfree(bio);
  919. return (NULL);
  920. }
  921. auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
  922. ret =
  923. setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
  924. sizeof(struct sctp_authchunk));
  925. if (ret < 0) {
  926. BIO_vfree(bio);
  927. return (NULL);
  928. }
  929. /*
  930. * Test if activation was successful. When using accept(), SCTP-AUTH has
  931. * to be activated for the listening socket already, otherwise the
  932. * connected socket won't use it.
  933. */
  934. sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
  935. authchunks = OPENSSL_zalloc(sockopt_len);
  936. if (authchunks == NULL) {
  937. BIO_vfree(bio);
  938. return (NULL);
  939. }
  940. ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
  941. &sockopt_len);
  942. if (ret < 0) {
  943. OPENSSL_free(authchunks);
  944. BIO_vfree(bio);
  945. return (NULL);
  946. }
  947. for (p = (unsigned char *)authchunks->gauth_chunks;
  948. p < (unsigned char *)authchunks + sockopt_len;
  949. p += sizeof(uint8_t)) {
  950. if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
  951. auth_data = 1;
  952. if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
  953. auth_forward = 1;
  954. }
  955. OPENSSL_free(authchunks);
  956. OPENSSL_assert(auth_data);
  957. OPENSSL_assert(auth_forward);
  958. # ifdef SCTP_AUTHENTICATION_EVENT
  959. # ifdef SCTP_EVENT
  960. memset(&event, 0, sizeof(event));
  961. event.se_assoc_id = 0;
  962. event.se_type = SCTP_AUTHENTICATION_EVENT;
  963. event.se_on = 1;
  964. ret =
  965. setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
  966. sizeof(struct sctp_event));
  967. if (ret < 0) {
  968. BIO_vfree(bio);
  969. return (NULL);
  970. }
  971. # else
  972. sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
  973. ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
  974. if (ret < 0) {
  975. BIO_vfree(bio);
  976. return (NULL);
  977. }
  978. event.sctp_authentication_event = 1;
  979. ret =
  980. setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
  981. sizeof(struct sctp_event_subscribe));
  982. if (ret < 0) {
  983. BIO_vfree(bio);
  984. return (NULL);
  985. }
  986. # endif
  987. # endif
  988. /*
  989. * Disable partial delivery by setting the min size larger than the max
  990. * record size of 2^14 + 2048 + 13
  991. */
  992. ret =
  993. setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
  994. sizeof(optval));
  995. if (ret < 0) {
  996. BIO_vfree(bio);
  997. return (NULL);
  998. }
  999. return (bio);
  1000. }
  1001. int BIO_dgram_is_sctp(BIO *bio)
  1002. {
  1003. return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
  1004. }
  1005. static int dgram_sctp_new(BIO *bi)
  1006. {
  1007. bio_dgram_sctp_data *data = NULL;
  1008. bi->init = 0;
  1009. bi->num = 0;
  1010. data = OPENSSL_zalloc(sizeof(*data));
  1011. if (data == NULL)
  1012. return 0;
  1013. # ifdef SCTP_PR_SCTP_NONE
  1014. data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
  1015. # endif
  1016. bi->ptr = data;
  1017. bi->flags = 0;
  1018. return (1);
  1019. }
  1020. static int dgram_sctp_free(BIO *a)
  1021. {
  1022. bio_dgram_sctp_data *data;
  1023. if (a == NULL)
  1024. return (0);
  1025. if (!dgram_clear(a))
  1026. return 0;
  1027. data = (bio_dgram_sctp_data *) a->ptr;
  1028. if (data != NULL) {
  1029. OPENSSL_free(data->saved_message.data);
  1030. OPENSSL_free(data);
  1031. }
  1032. return (1);
  1033. }
  1034. # ifdef SCTP_AUTHENTICATION_EVENT
  1035. void dgram_sctp_handle_auth_free_key_event(BIO *b,
  1036. union sctp_notification *snp)
  1037. {
  1038. int ret;
  1039. struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
  1040. if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
  1041. struct sctp_authkeyid authkeyid;
  1042. /* delete key */
  1043. authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
  1044. ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
  1045. &authkeyid, sizeof(struct sctp_authkeyid));
  1046. }
  1047. }
  1048. # endif
  1049. static int dgram_sctp_read(BIO *b, char *out, int outl)
  1050. {
  1051. int ret = 0, n = 0, i, optval;
  1052. socklen_t optlen;
  1053. bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
  1054. union sctp_notification *snp;
  1055. struct msghdr msg;
  1056. struct iovec iov;
  1057. struct cmsghdr *cmsg;
  1058. char cmsgbuf[512];
  1059. if (out != NULL) {
  1060. clear_socket_error();
  1061. do {
  1062. memset(&data->rcvinfo, 0, sizeof(data->rcvinfo));
  1063. iov.iov_base = out;
  1064. iov.iov_len = outl;
  1065. msg.msg_name = NULL;
  1066. msg.msg_namelen = 0;
  1067. msg.msg_iov = &iov;
  1068. msg.msg_iovlen = 1;
  1069. msg.msg_control = cmsgbuf;
  1070. msg.msg_controllen = 512;
  1071. msg.msg_flags = 0;
  1072. n = recvmsg(b->num, &msg, 0);
  1073. if (n <= 0) {
  1074. if (n < 0)
  1075. ret = n;
  1076. break;
  1077. }
  1078. if (msg.msg_controllen > 0) {
  1079. for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
  1080. cmsg = CMSG_NXTHDR(&msg, cmsg)) {
  1081. if (cmsg->cmsg_level != IPPROTO_SCTP)
  1082. continue;
  1083. # ifdef SCTP_RCVINFO
  1084. if (cmsg->cmsg_type == SCTP_RCVINFO) {
  1085. struct sctp_rcvinfo *rcvinfo;
  1086. rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
  1087. data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
  1088. data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
  1089. data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
  1090. data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
  1091. data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
  1092. data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
  1093. data->rcvinfo.rcv_context = rcvinfo->rcv_context;
  1094. }
  1095. # endif
  1096. # ifdef SCTP_SNDRCV
  1097. if (cmsg->cmsg_type == SCTP_SNDRCV) {
  1098. struct sctp_sndrcvinfo *sndrcvinfo;
  1099. sndrcvinfo =
  1100. (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
  1101. data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
  1102. data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
  1103. data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
  1104. data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
  1105. data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
  1106. data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
  1107. data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
  1108. }
  1109. # endif
  1110. }
  1111. }
  1112. if (msg.msg_flags & MSG_NOTIFICATION) {
  1113. snp = (union sctp_notification *)out;
  1114. if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
  1115. # ifdef SCTP_EVENT
  1116. struct sctp_event event;
  1117. # else
  1118. struct sctp_event_subscribe event;
  1119. socklen_t eventsize;
  1120. # endif
  1121. /*
  1122. * If a message has been delayed until the socket is dry,
  1123. * it can be sent now.
  1124. */
  1125. if (data->saved_message.length > 0) {
  1126. i = dgram_sctp_write(data->saved_message.bio,
  1127. data->saved_message.data,
  1128. data->saved_message.length);
  1129. if (i < 0) {
  1130. ret = i;
  1131. break;
  1132. }
  1133. OPENSSL_free(data->saved_message.data);
  1134. data->saved_message.data = NULL;
  1135. data->saved_message.length = 0;
  1136. }
  1137. /* disable sender dry event */
  1138. # ifdef SCTP_EVENT
  1139. memset(&event, 0, sizeof(event));
  1140. event.se_assoc_id = 0;
  1141. event.se_type = SCTP_SENDER_DRY_EVENT;
  1142. event.se_on = 0;
  1143. i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
  1144. sizeof(struct sctp_event));
  1145. if (i < 0) {
  1146. ret = i;
  1147. break;
  1148. }
  1149. # else
  1150. eventsize = sizeof(struct sctp_event_subscribe);
  1151. i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
  1152. &eventsize);
  1153. if (i < 0) {
  1154. ret = i;
  1155. break;
  1156. }
  1157. event.sctp_sender_dry_event = 0;
  1158. i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
  1159. sizeof(struct sctp_event_subscribe));
  1160. if (i < 0) {
  1161. ret = i;
  1162. break;
  1163. }
  1164. # endif
  1165. }
  1166. # ifdef SCTP_AUTHENTICATION_EVENT
  1167. if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
  1168. dgram_sctp_handle_auth_free_key_event(b, snp);
  1169. # endif
  1170. if (data->handle_notifications != NULL)
  1171. data->handle_notifications(b, data->notification_context,
  1172. (void *)out);
  1173. memset(out, 0, outl);
  1174. } else
  1175. ret += n;
  1176. }
  1177. while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
  1178. && (ret < outl));
  1179. if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
  1180. /* Partial message read, this should never happen! */
  1181. /*
  1182. * The buffer was too small, this means the peer sent a message
  1183. * that was larger than allowed.
  1184. */
  1185. if (ret == outl)
  1186. return -1;
  1187. /*
  1188. * Test if socket buffer can handle max record size (2^14 + 2048
  1189. * + 13)
  1190. */
  1191. optlen = (socklen_t) sizeof(int);
  1192. ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
  1193. if (ret >= 0)
  1194. OPENSSL_assert(optval >= 18445);
  1195. /*
  1196. * Test if SCTP doesn't partially deliver below max record size
  1197. * (2^14 + 2048 + 13)
  1198. */
  1199. optlen = (socklen_t) sizeof(int);
  1200. ret =
  1201. getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
  1202. &optval, &optlen);
  1203. if (ret >= 0)
  1204. OPENSSL_assert(optval >= 18445);
  1205. /*
  1206. * Partially delivered notification??? Probably a bug....
  1207. */
  1208. OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
  1209. /*
  1210. * Everything seems ok till now, so it's most likely a message
  1211. * dropped by PR-SCTP.
  1212. */
  1213. memset(out, 0, outl);
  1214. BIO_set_retry_read(b);
  1215. return -1;
  1216. }
  1217. BIO_clear_retry_flags(b);
  1218. if (ret < 0) {
  1219. if (BIO_dgram_should_retry(ret)) {
  1220. BIO_set_retry_read(b);
  1221. data->_errno = get_last_socket_error();
  1222. }
  1223. }
  1224. /* Test if peer uses SCTP-AUTH before continuing */
  1225. if (!data->peer_auth_tested) {
  1226. int ii, auth_data = 0, auth_forward = 0;
  1227. unsigned char *p;
  1228. struct sctp_authchunks *authchunks;
  1229. optlen =
  1230. (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
  1231. authchunks = OPENSSL_malloc(optlen);
  1232. if (authchunks == NULL) {
  1233. BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
  1234. return -1;
  1235. }
  1236. memset(authchunks, 0, optlen);
  1237. ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
  1238. authchunks, &optlen);
  1239. if (ii >= 0)
  1240. for (p = (unsigned char *)authchunks->gauth_chunks;
  1241. p < (unsigned char *)authchunks + optlen;
  1242. p += sizeof(uint8_t)) {
  1243. if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
  1244. auth_data = 1;
  1245. if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
  1246. auth_forward = 1;
  1247. }
  1248. OPENSSL_free(authchunks);
  1249. if (!auth_data || !auth_forward) {
  1250. BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
  1251. return -1;
  1252. }
  1253. data->peer_auth_tested = 1;
  1254. }
  1255. }
  1256. return (ret);
  1257. }
  1258. /*
  1259. * dgram_sctp_write - send message on SCTP socket
  1260. * @b: BIO to write to
  1261. * @in: data to send
  1262. * @inl: amount of bytes in @in to send
  1263. *
  1264. * Returns -1 on error or the sent amount of bytes on success
  1265. */
  1266. static int dgram_sctp_write(BIO *b, const char *in, int inl)
  1267. {
  1268. int ret;
  1269. bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
  1270. struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
  1271. struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
  1272. struct bio_dgram_sctp_sndinfo handshake_sinfo;
  1273. struct iovec iov[1];
  1274. struct msghdr msg;
  1275. struct cmsghdr *cmsg;
  1276. # if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
  1277. char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
  1278. CMSG_SPACE(sizeof(struct sctp_prinfo))];
  1279. struct sctp_sndinfo *sndinfo;
  1280. struct sctp_prinfo *prinfo;
  1281. # else
  1282. char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
  1283. struct sctp_sndrcvinfo *sndrcvinfo;
  1284. # endif
  1285. clear_socket_error();
  1286. /*
  1287. * If we're send anything else than application data, disable all user
  1288. * parameters and flags.
  1289. */
  1290. if (in[0] != 23) {
  1291. memset(&handshake_sinfo, 0, sizeof(handshake_sinfo));
  1292. # ifdef SCTP_SACK_IMMEDIATELY
  1293. handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
  1294. # endif
  1295. sinfo = &handshake_sinfo;
  1296. }
  1297. /*
  1298. * If we have to send a shutdown alert message and the socket is not dry
  1299. * yet, we have to save it and send it as soon as the socket gets dry.
  1300. */
  1301. if (data->save_shutdown) {
  1302. ret = BIO_dgram_sctp_wait_for_dry(b);
  1303. if (ret < 0) {
  1304. return -1;
  1305. }
  1306. if (ret == 0) {
  1307. char *tmp;
  1308. data->saved_message.bio = b;
  1309. if ((tmp = OPENSSL_malloc(inl)) == NULL) {
  1310. BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
  1311. return -1;
  1312. }
  1313. OPENSSL_free(data->saved_message.data);
  1314. data->saved_message.data = tmp;
  1315. memcpy(data->saved_message.data, in, inl);
  1316. data->saved_message.length = inl;
  1317. return inl;
  1318. }
  1319. }
  1320. iov[0].iov_base = (char *)in;
  1321. iov[0].iov_len = inl;
  1322. msg.msg_name = NULL;
  1323. msg.msg_namelen = 0;
  1324. msg.msg_iov = iov;
  1325. msg.msg_iovlen = 1;
  1326. msg.msg_control = (caddr_t) cmsgbuf;
  1327. msg.msg_controllen = 0;
  1328. msg.msg_flags = 0;
  1329. # if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
  1330. cmsg = (struct cmsghdr *)cmsgbuf;
  1331. cmsg->cmsg_level = IPPROTO_SCTP;
  1332. cmsg->cmsg_type = SCTP_SNDINFO;
  1333. cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
  1334. sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
  1335. memset(sndinfo, 0, sizeof(*sndinfo));
  1336. sndinfo->snd_sid = sinfo->snd_sid;
  1337. sndinfo->snd_flags = sinfo->snd_flags;
  1338. sndinfo->snd_ppid = sinfo->snd_ppid;
  1339. sndinfo->snd_context = sinfo->snd_context;
  1340. msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
  1341. cmsg =
  1342. (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
  1343. cmsg->cmsg_level = IPPROTO_SCTP;
  1344. cmsg->cmsg_type = SCTP_PRINFO;
  1345. cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
  1346. prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
  1347. memset(prinfo, 0, sizeof(*prinfo));
  1348. prinfo->pr_policy = pinfo->pr_policy;
  1349. prinfo->pr_value = pinfo->pr_value;
  1350. msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
  1351. # else
  1352. cmsg = (struct cmsghdr *)cmsgbuf;
  1353. cmsg->cmsg_level = IPPROTO_SCTP;
  1354. cmsg->cmsg_type = SCTP_SNDRCV;
  1355. cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
  1356. sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
  1357. memset(sndrcvinfo, 0, sizeof(*sndrcvinfo));
  1358. sndrcvinfo->sinfo_stream = sinfo->snd_sid;
  1359. sndrcvinfo->sinfo_flags = sinfo->snd_flags;
  1360. # ifdef __FreeBSD__
  1361. sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
  1362. # endif
  1363. sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
  1364. sndrcvinfo->sinfo_context = sinfo->snd_context;
  1365. sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
  1366. msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
  1367. # endif
  1368. ret = sendmsg(b->num, &msg, 0);
  1369. BIO_clear_retry_flags(b);
  1370. if (ret <= 0) {
  1371. if (BIO_dgram_should_retry(ret)) {
  1372. BIO_set_retry_write(b);
  1373. data->_errno = get_last_socket_error();
  1374. }
  1375. }
  1376. return (ret);
  1377. }
  1378. static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
  1379. {
  1380. long ret = 1;
  1381. bio_dgram_sctp_data *data = NULL;
  1382. socklen_t sockopt_len = 0;
  1383. struct sctp_authkeyid authkeyid;
  1384. struct sctp_authkey *authkey = NULL;
  1385. data = (bio_dgram_sctp_data *) b->ptr;
  1386. switch (cmd) {
  1387. case BIO_CTRL_DGRAM_QUERY_MTU:
  1388. /*
  1389. * Set to maximum (2^14) and ignore user input to enable transport
  1390. * protocol fragmentation. Returns always 2^14.
  1391. */
  1392. data->mtu = 16384;
  1393. ret = data->mtu;
  1394. break;
  1395. case BIO_CTRL_DGRAM_SET_MTU:
  1396. /*
  1397. * Set to maximum (2^14) and ignore input to enable transport
  1398. * protocol fragmentation. Returns always 2^14.
  1399. */
  1400. data->mtu = 16384;
  1401. ret = data->mtu;
  1402. break;
  1403. case BIO_CTRL_DGRAM_SET_CONNECTED:
  1404. case BIO_CTRL_DGRAM_CONNECT:
  1405. /* Returns always -1. */
  1406. ret = -1;
  1407. break;
  1408. case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
  1409. /*
  1410. * SCTP doesn't need the DTLS timer Returns always 1.
  1411. */
  1412. break;
  1413. case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
  1414. /*
  1415. * We allow transport protocol fragmentation so this is irrelevant
  1416. */
  1417. ret = 0;
  1418. break;
  1419. case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
  1420. if (num > 0)
  1421. data->in_handshake = 1;
  1422. else
  1423. data->in_handshake = 0;
  1424. ret =
  1425. setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
  1426. &data->in_handshake, sizeof(int));
  1427. break;
  1428. case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
  1429. /*
  1430. * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
  1431. */
  1432. /* Get active key */
  1433. sockopt_len = sizeof(struct sctp_authkeyid);
  1434. ret =
  1435. getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
  1436. &sockopt_len);
  1437. if (ret < 0)
  1438. break;
  1439. /* Add new key */
  1440. sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
  1441. authkey = OPENSSL_malloc(sockopt_len);
  1442. if (authkey == NULL) {
  1443. ret = -1;
  1444. break;
  1445. }
  1446. memset(authkey, 0, sockopt_len);
  1447. authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
  1448. # ifndef __FreeBSD__
  1449. /*
  1450. * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
  1451. * and higher work without it.
  1452. */
  1453. authkey->sca_keylength = 64;
  1454. # endif
  1455. memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
  1456. ret =
  1457. setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
  1458. sockopt_len);
  1459. OPENSSL_free(authkey);
  1460. authkey = NULL;
  1461. if (ret < 0)
  1462. break;
  1463. /* Reset active key */
  1464. ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
  1465. &authkeyid, sizeof(struct sctp_authkeyid));
  1466. if (ret < 0)
  1467. break;
  1468. break;
  1469. case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
  1470. /* Returns 0 on success, -1 otherwise. */
  1471. /* Get active key */
  1472. sockopt_len = sizeof(struct sctp_authkeyid);
  1473. ret =
  1474. getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
  1475. &sockopt_len);
  1476. if (ret < 0)
  1477. break;
  1478. /* Set active key */
  1479. authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
  1480. ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
  1481. &authkeyid, sizeof(struct sctp_authkeyid));
  1482. if (ret < 0)
  1483. break;
  1484. /*
  1485. * CCS has been sent, so remember that and fall through to check if
  1486. * we need to deactivate an old key
  1487. */
  1488. data->ccs_sent = 1;
  1489. case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
  1490. /* Returns 0 on success, -1 otherwise. */
  1491. /*
  1492. * Has this command really been called or is this just a
  1493. * fall-through?
  1494. */
  1495. if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
  1496. data->ccs_rcvd = 1;
  1497. /*
  1498. * CSS has been both, received and sent, so deactivate an old key
  1499. */
  1500. if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
  1501. /* Get active key */
  1502. sockopt_len = sizeof(struct sctp_authkeyid);
  1503. ret =
  1504. getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
  1505. &authkeyid, &sockopt_len);
  1506. if (ret < 0)
  1507. break;
  1508. /*
  1509. * Deactivate key or delete second last key if
  1510. * SCTP_AUTHENTICATION_EVENT is not available.
  1511. */
  1512. authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
  1513. # ifdef SCTP_AUTH_DEACTIVATE_KEY
  1514. sockopt_len = sizeof(struct sctp_authkeyid);
  1515. ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
  1516. &authkeyid, sockopt_len);
  1517. if (ret < 0)
  1518. break;
  1519. # endif
  1520. # ifndef SCTP_AUTHENTICATION_EVENT
  1521. if (authkeyid.scact_keynumber > 0) {
  1522. authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
  1523. ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
  1524. &authkeyid, sizeof(struct sctp_authkeyid));
  1525. if (ret < 0)
  1526. break;
  1527. }
  1528. # endif
  1529. data->ccs_rcvd = 0;
  1530. data->ccs_sent = 0;
  1531. }
  1532. break;
  1533. case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
  1534. /* Returns the size of the copied struct. */
  1535. if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
  1536. num = sizeof(struct bio_dgram_sctp_sndinfo);
  1537. memcpy(ptr, &(data->sndinfo), num);
  1538. ret = num;
  1539. break;
  1540. case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
  1541. /* Returns the size of the copied struct. */
  1542. if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
  1543. num = sizeof(struct bio_dgram_sctp_sndinfo);
  1544. memcpy(&(data->sndinfo), ptr, num);
  1545. break;
  1546. case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
  1547. /* Returns the size of the copied struct. */
  1548. if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
  1549. num = sizeof(struct bio_dgram_sctp_rcvinfo);
  1550. memcpy(ptr, &data->rcvinfo, num);
  1551. ret = num;
  1552. break;
  1553. case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
  1554. /* Returns the size of the copied struct. */
  1555. if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
  1556. num = sizeof(struct bio_dgram_sctp_rcvinfo);
  1557. memcpy(&(data->rcvinfo), ptr, num);
  1558. break;
  1559. case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
  1560. /* Returns the size of the copied struct. */
  1561. if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
  1562. num = sizeof(struct bio_dgram_sctp_prinfo);
  1563. memcpy(ptr, &(data->prinfo), num);
  1564. ret = num;
  1565. break;
  1566. case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
  1567. /* Returns the size of the copied struct. */
  1568. if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
  1569. num = sizeof(struct bio_dgram_sctp_prinfo);
  1570. memcpy(&(data->prinfo), ptr, num);
  1571. break;
  1572. case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
  1573. /* Returns always 1. */
  1574. if (num > 0)
  1575. data->save_shutdown = 1;
  1576. else
  1577. data->save_shutdown = 0;
  1578. break;
  1579. default:
  1580. /*
  1581. * Pass to default ctrl function to process SCTP unspecific commands
  1582. */
  1583. ret = dgram_ctrl(b, cmd, num, ptr);
  1584. break;
  1585. }
  1586. return (ret);
  1587. }
  1588. int BIO_dgram_sctp_notification_cb(BIO *b,
  1589. void (*handle_notifications) (BIO *bio,
  1590. void
  1591. *context,
  1592. void *buf),
  1593. void *context)
  1594. {
  1595. bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
  1596. if (handle_notifications != NULL) {
  1597. data->handle_notifications = handle_notifications;
  1598. data->notification_context = context;
  1599. } else
  1600. return -1;
  1601. return 0;
  1602. }
  1603. /*
  1604. * BIO_dgram_sctp_wait_for_dry - Wait for SCTP SENDER_DRY event
  1605. * @b: The BIO to check for the dry event
  1606. *
  1607. * Wait until the peer confirms all packets have been received, and so that
  1608. * our kernel doesn't have anything to send anymore. This is only received by
  1609. * the peer's kernel, not the application.
  1610. *
  1611. * Returns:
  1612. * -1 on error
  1613. * 0 when not dry yet
  1614. * 1 when dry
  1615. */
  1616. int BIO_dgram_sctp_wait_for_dry(BIO *b)
  1617. {
  1618. int is_dry = 0;
  1619. int sockflags = 0;
  1620. int n, ret;
  1621. union sctp_notification snp;
  1622. struct msghdr msg;
  1623. struct iovec iov;
  1624. # ifdef SCTP_EVENT
  1625. struct sctp_event event;
  1626. # else
  1627. struct sctp_event_subscribe event;
  1628. socklen_t eventsize;
  1629. # endif
  1630. bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
  1631. /* set sender dry event */
  1632. # ifdef SCTP_EVENT
  1633. memset(&event, 0, sizeof(event));
  1634. event.se_assoc_id = 0;
  1635. event.se_type = SCTP_SENDER_DRY_EVENT;
  1636. event.se_on = 1;
  1637. ret =
  1638. setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
  1639. sizeof(struct sctp_event));
  1640. # else
  1641. eventsize = sizeof(struct sctp_event_subscribe);
  1642. ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
  1643. if (ret < 0)
  1644. return -1;
  1645. event.sctp_sender_dry_event = 1;
  1646. ret =
  1647. setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
  1648. sizeof(struct sctp_event_subscribe));
  1649. # endif
  1650. if (ret < 0)
  1651. return -1;
  1652. /* peek for notification */
  1653. memset(&snp, 0, sizeof(snp));
  1654. iov.iov_base = (char *)&snp;
  1655. iov.iov_len = sizeof(union sctp_notification);
  1656. msg.msg_name = NULL;
  1657. msg.msg_namelen = 0;
  1658. msg.msg_iov = &iov;
  1659. msg.msg_iovlen = 1;
  1660. msg.msg_control = NULL;
  1661. msg.msg_controllen = 0;
  1662. msg.msg_flags = 0;
  1663. n = recvmsg(b->num, &msg, MSG_PEEK);
  1664. if (n <= 0) {
  1665. if ((n < 0) && (get_last_socket_error() != EAGAIN)
  1666. && (get_last_socket_error() != EWOULDBLOCK))
  1667. return -1;
  1668. else
  1669. return 0;
  1670. }
  1671. /* if we find a notification, process it and try again if necessary */
  1672. while (msg.msg_flags & MSG_NOTIFICATION) {
  1673. memset(&snp, 0, sizeof(snp));
  1674. iov.iov_base = (char *)&snp;
  1675. iov.iov_len = sizeof(union sctp_notification);
  1676. msg.msg_name = NULL;
  1677. msg.msg_namelen = 0;
  1678. msg.msg_iov = &iov;
  1679. msg.msg_iovlen = 1;
  1680. msg.msg_control = NULL;
  1681. msg.msg_controllen = 0;
  1682. msg.msg_flags = 0;
  1683. n = recvmsg(b->num, &msg, 0);
  1684. if (n <= 0) {
  1685. if ((n < 0) && (get_last_socket_error() != EAGAIN)
  1686. && (get_last_socket_error() != EWOULDBLOCK))
  1687. return -1;
  1688. else
  1689. return is_dry;
  1690. }
  1691. if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
  1692. is_dry = 1;
  1693. /* disable sender dry event */
  1694. # ifdef SCTP_EVENT
  1695. memset(&event, 0, sizeof(event));
  1696. event.se_assoc_id = 0;
  1697. event.se_type = SCTP_SENDER_DRY_EVENT;
  1698. event.se_on = 0;
  1699. ret =
  1700. setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
  1701. sizeof(struct sctp_event));
  1702. # else
  1703. eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
  1704. ret =
  1705. getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
  1706. &eventsize);
  1707. if (ret < 0)
  1708. return -1;
  1709. event.sctp_sender_dry_event = 0;
  1710. ret =
  1711. setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
  1712. sizeof(struct sctp_event_subscribe));
  1713. # endif
  1714. if (ret < 0)
  1715. return -1;
  1716. }
  1717. # ifdef SCTP_AUTHENTICATION_EVENT
  1718. if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
  1719. dgram_sctp_handle_auth_free_key_event(b, &snp);
  1720. # endif
  1721. if (data->handle_notifications != NULL)
  1722. data->handle_notifications(b, data->notification_context,
  1723. (void *)&snp);
  1724. /* found notification, peek again */
  1725. memset(&snp, 0, sizeof(snp));
  1726. iov.iov_base = (char *)&snp;
  1727. iov.iov_len = sizeof(union sctp_notification);
  1728. msg.msg_name = NULL;
  1729. msg.msg_namelen = 0;
  1730. msg.msg_iov = &iov;
  1731. msg.msg_iovlen = 1;
  1732. msg.msg_control = NULL;
  1733. msg.msg_controllen = 0;
  1734. msg.msg_flags = 0;
  1735. /* if we have seen the dry already, don't wait */
  1736. if (is_dry) {
  1737. sockflags = fcntl(b->num, F_GETFL, 0);
  1738. fcntl(b->num, F_SETFL, O_NONBLOCK);
  1739. }
  1740. n = recvmsg(b->num, &msg, MSG_PEEK);
  1741. if (is_dry) {
  1742. fcntl(b->num, F_SETFL, sockflags);
  1743. }
  1744. if (n <= 0) {
  1745. if ((n < 0) && (get_last_socket_error() != EAGAIN)
  1746. && (get_last_socket_error() != EWOULDBLOCK))
  1747. return -1;
  1748. else
  1749. return is_dry;
  1750. }
  1751. }
  1752. /* read anything else */
  1753. return is_dry;
  1754. }
  1755. int BIO_dgram_sctp_msg_waiting(BIO *b)
  1756. {
  1757. int n, sockflags;
  1758. union sctp_notification snp;
  1759. struct msghdr msg;
  1760. struct iovec iov;
  1761. bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
  1762. /* Check if there are any messages waiting to be read */
  1763. do {
  1764. memset(&snp, 0, sizeof(snp));
  1765. iov.iov_base = (char *)&snp;
  1766. iov.iov_len = sizeof(union sctp_notification);
  1767. msg.msg_name = NULL;
  1768. msg.msg_namelen = 0;
  1769. msg.msg_iov = &iov;
  1770. msg.msg_iovlen = 1;
  1771. msg.msg_control = NULL;
  1772. msg.msg_controllen = 0;
  1773. msg.msg_flags = 0;
  1774. sockflags = fcntl(b->num, F_GETFL, 0);
  1775. fcntl(b->num, F_SETFL, O_NONBLOCK);
  1776. n = recvmsg(b->num, &msg, MSG_PEEK);
  1777. fcntl(b->num, F_SETFL, sockflags);
  1778. /* if notification, process and try again */
  1779. if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
  1780. # ifdef SCTP_AUTHENTICATION_EVENT
  1781. if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
  1782. dgram_sctp_handle_auth_free_key_event(b, &snp);
  1783. # endif
  1784. memset(&snp, 0, sizeof(snp));
  1785. iov.iov_base = (char *)&snp;
  1786. iov.iov_len = sizeof(union sctp_notification);
  1787. msg.msg_name = NULL;
  1788. msg.msg_namelen = 0;
  1789. msg.msg_iov = &iov;
  1790. msg.msg_iovlen = 1;
  1791. msg.msg_control = NULL;
  1792. msg.msg_controllen = 0;
  1793. msg.msg_flags = 0;
  1794. n = recvmsg(b->num, &msg, 0);
  1795. if (data->handle_notifications != NULL)
  1796. data->handle_notifications(b, data->notification_context,
  1797. (void *)&snp);
  1798. }
  1799. } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
  1800. /* Return 1 if there is a message to be read, return 0 otherwise. */
  1801. if (n > 0)
  1802. return 1;
  1803. else
  1804. return 0;
  1805. }
  1806. static int dgram_sctp_puts(BIO *bp, const char *str)
  1807. {
  1808. int n, ret;
  1809. n = strlen(str);
  1810. ret = dgram_sctp_write(bp, str, n);
  1811. return (ret);
  1812. }
  1813. # endif
  1814. static int BIO_dgram_should_retry(int i)
  1815. {
  1816. int err;
  1817. if ((i == 0) || (i == -1)) {
  1818. err = get_last_socket_error();
  1819. # if defined(OPENSSL_SYS_WINDOWS)
  1820. /*
  1821. * If the socket return value (i) is -1 and err is unexpectedly 0 at
  1822. * this point, the error code was overwritten by another system call
  1823. * before this error handling is called.
  1824. */
  1825. # endif
  1826. return (BIO_dgram_non_fatal_error(err));
  1827. }
  1828. return (0);
  1829. }
  1830. int BIO_dgram_non_fatal_error(int err)
  1831. {
  1832. switch (err) {
  1833. # if defined(OPENSSL_SYS_WINDOWS)
  1834. # if defined(WSAEWOULDBLOCK)
  1835. case WSAEWOULDBLOCK:
  1836. # endif
  1837. # endif
  1838. # ifdef EWOULDBLOCK
  1839. # ifdef WSAEWOULDBLOCK
  1840. # if WSAEWOULDBLOCK != EWOULDBLOCK
  1841. case EWOULDBLOCK:
  1842. # endif
  1843. # else
  1844. case EWOULDBLOCK:
  1845. # endif
  1846. # endif
  1847. # ifdef EINTR
  1848. case EINTR:
  1849. # endif
  1850. # ifdef EAGAIN
  1851. # if EWOULDBLOCK != EAGAIN
  1852. case EAGAIN:
  1853. # endif
  1854. # endif
  1855. # ifdef EPROTO
  1856. case EPROTO:
  1857. # endif
  1858. # ifdef EINPROGRESS
  1859. case EINPROGRESS:
  1860. # endif
  1861. # ifdef EALREADY
  1862. case EALREADY:
  1863. # endif
  1864. return (1);
  1865. /* break; */
  1866. default:
  1867. break;
  1868. }
  1869. return (0);
  1870. }
  1871. static void get_current_time(struct timeval *t)
  1872. {
  1873. # if defined(_WIN32)
  1874. SYSTEMTIME st;
  1875. union {
  1876. unsigned __int64 ul;
  1877. FILETIME ft;
  1878. } now;
  1879. GetSystemTime(&st);
  1880. SystemTimeToFileTime(&st, &now.ft);
  1881. # ifdef __MINGW32__
  1882. now.ul -= 116444736000000000ULL;
  1883. # else
  1884. now.ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
  1885. # endif
  1886. t->tv_sec = (long)(now.ul / 10000000);
  1887. t->tv_usec = ((int)(now.ul % 10000000)) / 10;
  1888. # elif defined(OPENSSL_SYS_VMS)
  1889. struct timeb tb;
  1890. ftime(&tb);
  1891. t->tv_sec = (long)tb.time;
  1892. t->tv_usec = (long)tb.millitm * 1000;
  1893. # else
  1894. gettimeofday(t, NULL);
  1895. # endif
  1896. }
  1897. #endif