b_sock2.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342
  1. /*
  2. * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <errno.h>
  12. #include "bio_local.h"
  13. #include "internal/ktls.h"
  14. #include <openssl/err.h>
  15. #ifndef OPENSSL_NO_SOCK
  16. # ifdef SO_MAXCONN
  17. # define MAX_LISTEN SO_MAXCONN
  18. # elif defined(SOMAXCONN)
  19. # define MAX_LISTEN SOMAXCONN
  20. # else
  21. # define MAX_LISTEN 32
  22. # endif
  23. /*-
  24. * BIO_socket - create a socket
  25. * @domain: the socket domain (AF_INET, AF_INET6, AF_UNIX, ...)
  26. * @socktype: the socket type (SOCK_STEAM, SOCK_DGRAM)
  27. * @protocol: the protocol to use (IPPROTO_TCP, IPPROTO_UDP)
  28. * @options: BIO socket options (currently unused)
  29. *
  30. * Creates a socket. This should be called before calling any
  31. * of BIO_connect and BIO_listen.
  32. *
  33. * Returns the file descriptor on success or INVALID_SOCKET on failure. On
  34. * failure errno is set, and a status is added to the OpenSSL error stack.
  35. */
  36. int BIO_socket(int domain, int socktype, int protocol, int options)
  37. {
  38. int sock = -1;
  39. if (BIO_sock_init() != 1)
  40. return INVALID_SOCKET;
  41. sock = socket(domain, socktype, protocol);
  42. if (sock == -1) {
  43. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  44. "calling socket()");
  45. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET);
  46. return INVALID_SOCKET;
  47. }
  48. # ifndef OPENSSL_NO_KTLS
  49. {
  50. /*
  51. * The new socket is created successfully regardless of ktls_enable.
  52. * ktls_enable doesn't change any functionality of the socket, except
  53. * changing the setsockopt to enable the processing of ktls_start.
  54. * Thus, it is not a problem to call it for non-TLS sockets.
  55. */
  56. ktls_enable(sock);
  57. }
  58. # endif
  59. return sock;
  60. }
  61. /*-
  62. * BIO_connect - connect to an address
  63. * @sock: the socket to connect with
  64. * @addr: the address to connect to
  65. * @options: BIO socket options
  66. *
  67. * Connects to the address using the given socket and options.
  68. *
  69. * Options can be a combination of the following:
  70. * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
  71. * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
  72. * - BIO_SOCK_NODELAY: don't delay small messages.
  73. *
  74. * options holds BIO socket options that can be used
  75. * You should call this for every address returned by BIO_lookup
  76. * until the connection is successful.
  77. *
  78. * Returns 1 on success or 0 on failure. On failure errno is set
  79. * and an error status is added to the OpenSSL error stack.
  80. */
  81. int BIO_connect(int sock, const BIO_ADDR *addr, int options)
  82. {
  83. const int on = 1;
  84. if (sock == -1) {
  85. ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
  86. return 0;
  87. }
  88. if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
  89. return 0;
  90. if (options & BIO_SOCK_KEEPALIVE) {
  91. if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
  92. (const void *)&on, sizeof(on)) != 0) {
  93. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  94. "calling setsockopt()");
  95. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE);
  96. return 0;
  97. }
  98. }
  99. if (options & BIO_SOCK_NODELAY) {
  100. if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
  101. (const void *)&on, sizeof(on)) != 0) {
  102. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  103. "calling setsockopt()");
  104. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY);
  105. return 0;
  106. }
  107. }
  108. if (connect(sock, BIO_ADDR_sockaddr(addr),
  109. BIO_ADDR_sockaddr_size(addr)) == -1) {
  110. if (!BIO_sock_should_retry(-1)) {
  111. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  112. "calling connect()");
  113. ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
  114. }
  115. return 0;
  116. }
  117. return 1;
  118. }
  119. /*-
  120. * BIO_bind - bind socket to address
  121. * @sock: the socket to set
  122. * @addr: local address to bind to
  123. * @options: BIO socket options
  124. *
  125. * Binds to the address using the given socket and options.
  126. *
  127. * Options can be a combination of the following:
  128. * - BIO_SOCK_REUSEADDR: Try to reuse the address and port combination
  129. * for a recently closed port.
  130. *
  131. * When restarting the program it could be that the port is still in use. If
  132. * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway.
  133. * It's recommended that you use this.
  134. */
  135. int BIO_bind(int sock, const BIO_ADDR *addr, int options)
  136. {
  137. # ifndef OPENSSL_SYS_WINDOWS
  138. int on = 1;
  139. # endif
  140. if (sock == -1) {
  141. ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
  142. return 0;
  143. }
  144. # ifndef OPENSSL_SYS_WINDOWS
  145. /*
  146. * SO_REUSEADDR has different behavior on Windows than on
  147. * other operating systems, don't set it there.
  148. */
  149. if (options & BIO_SOCK_REUSEADDR) {
  150. if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
  151. (const void *)&on, sizeof(on)) != 0) {
  152. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  153. "calling setsockopt()");
  154. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_REUSEADDR);
  155. return 0;
  156. }
  157. }
  158. # endif
  159. if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) {
  160. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error() /* may be 0 */,
  161. "calling bind()");
  162. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET);
  163. return 0;
  164. }
  165. return 1;
  166. }
  167. /*-
  168. * BIO_listen - Creates a listen socket
  169. * @sock: the socket to listen with
  170. * @addr: local address to bind to
  171. * @options: BIO socket options
  172. *
  173. * Binds to the address using the given socket and options, then
  174. * starts listening for incoming connections.
  175. *
  176. * Options can be a combination of the following:
  177. * - BIO_SOCK_KEEPALIVE: enable regularly sending keep-alive messages.
  178. * - BIO_SOCK_NONBLOCK: Make the socket non-blocking.
  179. * - BIO_SOCK_NODELAY: don't delay small messages.
  180. * - BIO_SOCK_REUSEADDR: Try to reuse the address and port combination
  181. * for a recently closed port.
  182. * - BIO_SOCK_V6_ONLY: When creating an IPv6 socket, make it listen only
  183. * for IPv6 addresses and not IPv4 addresses mapped to IPv6.
  184. *
  185. * It's recommended that you set up both an IPv6 and IPv4 listen socket, and
  186. * then check both for new clients that connect to it. You want to set up
  187. * the socket as non-blocking in that case since else it could hang.
  188. *
  189. * Not all operating systems support IPv4 addresses on an IPv6 socket, and for
  190. * others it's an option. If you pass the BIO_LISTEN_V6_ONLY it will try to
  191. * create the IPv6 sockets to only listen for IPv6 connection.
  192. *
  193. * It could be that the first BIO_listen() call will listen to all the IPv6
  194. * and IPv4 addresses and that then trying to bind to the IPv4 address will
  195. * fail. We can't tell the difference between already listening ourself to
  196. * it and someone else listening to it when failing and errno is EADDRINUSE, so
  197. * it's recommended to not give an error in that case if the first call was
  198. * successful.
  199. *
  200. * When restarting the program it could be that the port is still in use. If
  201. * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway.
  202. * It's recommended that you use this.
  203. */
  204. int BIO_listen(int sock, const BIO_ADDR *addr, int options)
  205. {
  206. int on = 1;
  207. int socktype;
  208. socklen_t socktype_len = sizeof(socktype);
  209. if (sock == -1) {
  210. ERR_raise(ERR_LIB_BIO, BIO_R_INVALID_SOCKET);
  211. return 0;
  212. }
  213. if (getsockopt(sock, SOL_SOCKET, SO_TYPE,
  214. (void *)&socktype, &socktype_len) != 0
  215. || socktype_len != sizeof(socktype)) {
  216. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  217. "calling getsockopt()");
  218. ERR_raise(ERR_LIB_BIO, BIO_R_GETTING_SOCKTYPE);
  219. return 0;
  220. }
  221. if (!BIO_socket_nbio(sock, (options & BIO_SOCK_NONBLOCK) != 0))
  222. return 0;
  223. if (options & BIO_SOCK_KEEPALIVE) {
  224. if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
  225. (const void *)&on, sizeof(on)) != 0) {
  226. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  227. "calling setsockopt()");
  228. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_KEEPALIVE);
  229. return 0;
  230. }
  231. }
  232. if (options & BIO_SOCK_NODELAY) {
  233. if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
  234. (const void *)&on, sizeof(on)) != 0) {
  235. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  236. "calling setsockopt()");
  237. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_NODELAY);
  238. return 0;
  239. }
  240. }
  241. /* On OpenBSD it is always ipv6 only with ipv6 sockets thus read-only */
  242. # if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
  243. if (BIO_ADDR_family(addr) == AF_INET6) {
  244. /*
  245. * Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.
  246. * Therefore we always have to use setsockopt here.
  247. */
  248. on = options & BIO_SOCK_V6_ONLY ? 1 : 0;
  249. if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
  250. (const void *)&on, sizeof(on)) != 0) {
  251. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  252. "calling setsockopt()");
  253. ERR_raise(ERR_LIB_BIO, BIO_R_LISTEN_V6_ONLY);
  254. return 0;
  255. }
  256. }
  257. # endif
  258. if (!BIO_bind(sock, addr, options))
  259. return 0;
  260. if (socktype != SOCK_DGRAM && listen(sock, MAX_LISTEN) == -1) {
  261. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  262. "calling listen()");
  263. ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_LISTEN_SOCKET);
  264. return 0;
  265. }
  266. return 1;
  267. }
  268. /*-
  269. * BIO_accept_ex - Accept new incoming connections
  270. * @sock: the listening socket
  271. * @addr: the BIO_ADDR to store the peer address in
  272. * @options: BIO socket options, applied on the accepted socket.
  273. *
  274. */
  275. int BIO_accept_ex(int accept_sock, BIO_ADDR *addr_, int options)
  276. {
  277. socklen_t len;
  278. int accepted_sock;
  279. BIO_ADDR locaddr;
  280. BIO_ADDR *addr = addr_ == NULL ? &locaddr : addr_;
  281. len = sizeof(*addr);
  282. accepted_sock = accept(accept_sock,
  283. BIO_ADDR_sockaddr_noconst(addr), &len);
  284. if (accepted_sock == -1) {
  285. if (!BIO_sock_should_retry(accepted_sock)) {
  286. ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
  287. "calling accept()");
  288. ERR_raise(ERR_LIB_BIO, BIO_R_ACCEPT_ERROR);
  289. }
  290. return INVALID_SOCKET;
  291. }
  292. if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0)) {
  293. closesocket(accepted_sock);
  294. return INVALID_SOCKET;
  295. }
  296. return accepted_sock;
  297. }
  298. /*-
  299. * BIO_closesocket - Close a socket
  300. * @sock: the socket to close
  301. */
  302. int BIO_closesocket(int sock)
  303. {
  304. if (closesocket(sock) < 0)
  305. return 0;
  306. return 1;
  307. }
  308. #endif