1 /*
2 * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * Special method for a BIO where the other endpoint is also a BIO of this
12 * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
13 * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
14 * library with I/O interfaces for which no specific BIO method is available.
15 * See ssl/ssltest.c for some hints on how this can be used.
16 */
17
18 #include "e_os.h"
19 #include <assert.h>
20 #include <limits.h>
21 #include <stdlib.h>
22 #include <string.h>
23
24 #include "bio_local.h"
25 #include <openssl/err.h>
26 #include <openssl/crypto.h>
27
28 static int bio_new(BIO *bio);
29 static int bio_free(BIO *bio);
30 static int bio_read(BIO *bio, char *buf, int size);
31 static int bio_write(BIO *bio, const char *buf, int num);
32 static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
33 static int bio_puts(BIO *bio, const char *str);
34
35 static int bio_make_pair(BIO *bio1, BIO *bio2);
36 static void bio_destroy_pair(BIO *bio);
37
38 static const BIO_METHOD methods_biop = {
39 BIO_TYPE_BIO,
40 "BIO pair",
41 /* TODO: Convert to new style write function */
42 bwrite_conv,
43 bio_write,
44 /* TODO: Convert to new style read function */
45 bread_conv,
46 bio_read,
47 bio_puts,
48 NULL /* no bio_gets */ ,
49 bio_ctrl,
50 bio_new,
51 bio_free,
52 NULL /* no bio_callback_ctrl */
53 };
54
BIO_s_bio(void)55 const BIO_METHOD *BIO_s_bio(void)
56 {
57 return &methods_biop;
58 }
59
60 struct bio_bio_st {
61 BIO *peer; /* NULL if buf == NULL. If peer != NULL, then
62 * peer->ptr is also a bio_bio_st, and its
63 * "peer" member points back to us. peer !=
64 * NULL iff init != 0 in the BIO. */
65 /* This is for what we write (i.e. reading uses peer's struct): */
66 int closed; /* valid iff peer != NULL */
67 size_t len; /* valid iff buf != NULL; 0 if peer == NULL */
68 size_t offset; /* valid iff buf != NULL; 0 if len == 0 */
69 size_t size;
70 char *buf; /* "size" elements (if != NULL) */
71 size_t request; /* valid iff peer != NULL; 0 if len != 0,
72 * otherwise set by peer to number of bytes
73 * it (unsuccessfully) tried to read, never
74 * more than buffer space (size-len)
75 * warrants. */
76 };
77
bio_new(BIO * bio)78 static int bio_new(BIO *bio)
79 {
80 struct bio_bio_st *b = OPENSSL_zalloc(sizeof(*b));
81
82 if (b == NULL)
83 return 0;
84
85 /* enough for one TLS record (just a default) */
86 b->size = 17 * 1024;
87
88 bio->ptr = b;
89 return 1;
90 }
91
bio_free(BIO * bio)92 static int bio_free(BIO *bio)
93 {
94 struct bio_bio_st *b;
95
96 if (bio == NULL)
97 return 0;
98 b = bio->ptr;
99
100 assert(b != NULL);
101
102 if (b->peer)
103 bio_destroy_pair(bio);
104
105 OPENSSL_free(b->buf);
106 OPENSSL_free(b);
107
108 return 1;
109 }
110
bio_read(BIO * bio,char * buf,int size_)111 static int bio_read(BIO *bio, char *buf, int size_)
112 {
113 size_t size = size_;
114 size_t rest;
115 struct bio_bio_st *b, *peer_b;
116
117 BIO_clear_retry_flags(bio);
118
119 if (!bio->init)
120 return 0;
121
122 b = bio->ptr;
123 assert(b != NULL);
124 assert(b->peer != NULL);
125 peer_b = b->peer->ptr;
126 assert(peer_b != NULL);
127 assert(peer_b->buf != NULL);
128
129 peer_b->request = 0; /* will be set in "retry_read" situation */
130
131 if (buf == NULL || size == 0)
132 return 0;
133
134 if (peer_b->len == 0) {
135 if (peer_b->closed)
136 return 0; /* writer has closed, and no data is left */
137 else {
138 BIO_set_retry_read(bio); /* buffer is empty */
139 if (size <= peer_b->size)
140 peer_b->request = size;
141 else
142 /*
143 * don't ask for more than the peer can deliver in one write
144 */
145 peer_b->request = peer_b->size;
146 return -1;
147 }
148 }
149
150 /* we can read */
151 if (peer_b->len < size)
152 size = peer_b->len;
153
154 /* now read "size" bytes */
155
156 rest = size;
157
158 assert(rest > 0);
159 do { /* one or two iterations */
160 size_t chunk;
161
162 assert(rest <= peer_b->len);
163 if (peer_b->offset + rest <= peer_b->size)
164 chunk = rest;
165 else
166 /* wrap around ring buffer */
167 chunk = peer_b->size - peer_b->offset;
168 assert(peer_b->offset + chunk <= peer_b->size);
169
170 memcpy(buf, peer_b->buf + peer_b->offset, chunk);
171
172 peer_b->len -= chunk;
173 if (peer_b->len) {
174 peer_b->offset += chunk;
175 assert(peer_b->offset <= peer_b->size);
176 if (peer_b->offset == peer_b->size)
177 peer_b->offset = 0;
178 buf += chunk;
179 } else {
180 /* buffer now empty, no need to advance "buf" */
181 assert(chunk == rest);
182 peer_b->offset = 0;
183 }
184 rest -= chunk;
185 }
186 while (rest);
187
188 return size;
189 }
190
191 /*-
192 * non-copying interface: provide pointer to available data in buffer
193 * bio_nread0: return number of available bytes
194 * bio_nread: also advance index
195 * (example usage: bio_nread0(), read from buffer, bio_nread()
196 * or just bio_nread(), read from buffer)
197 */
198 /*
199 * WARNING: The non-copying interface is largely untested as of yet and may
200 * contain bugs.
201 */
bio_nread0(BIO * bio,char ** buf)202 static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
203 {
204 struct bio_bio_st *b, *peer_b;
205 ossl_ssize_t num;
206
207 BIO_clear_retry_flags(bio);
208
209 if (!bio->init)
210 return 0;
211
212 b = bio->ptr;
213 assert(b != NULL);
214 assert(b->peer != NULL);
215 peer_b = b->peer->ptr;
216 assert(peer_b != NULL);
217 assert(peer_b->buf != NULL);
218
219 peer_b->request = 0;
220
221 if (peer_b->len == 0) {
222 char dummy;
223
224 /* avoid code duplication -- nothing available for reading */
225 return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
226 }
227
228 num = peer_b->len;
229 if (peer_b->size < peer_b->offset + num)
230 /* no ring buffer wrap-around for non-copying interface */
231 num = peer_b->size - peer_b->offset;
232 assert(num > 0);
233
234 if (buf != NULL)
235 *buf = peer_b->buf + peer_b->offset;
236 return num;
237 }
238
bio_nread(BIO * bio,char ** buf,size_t num_)239 static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
240 {
241 struct bio_bio_st *b, *peer_b;
242 ossl_ssize_t num, available;
243
244 if (num_ > OSSL_SSIZE_MAX)
245 num = OSSL_SSIZE_MAX;
246 else
247 num = (ossl_ssize_t) num_;
248
249 available = bio_nread0(bio, buf);
250 if (num > available)
251 num = available;
252 if (num <= 0)
253 return num;
254
255 b = bio->ptr;
256 peer_b = b->peer->ptr;
257
258 peer_b->len -= num;
259 if (peer_b->len) {
260 peer_b->offset += num;
261 assert(peer_b->offset <= peer_b->size);
262 if (peer_b->offset == peer_b->size)
263 peer_b->offset = 0;
264 } else
265 peer_b->offset = 0;
266
267 return num;
268 }
269
bio_write(BIO * bio,const char * buf,int num_)270 static int bio_write(BIO *bio, const char *buf, int num_)
271 {
272 size_t num = num_;
273 size_t rest;
274 struct bio_bio_st *b;
275
276 BIO_clear_retry_flags(bio);
277
278 if (!bio->init || buf == NULL || num == 0)
279 return 0;
280
281 b = bio->ptr;
282 assert(b != NULL);
283 assert(b->peer != NULL);
284 assert(b->buf != NULL);
285
286 b->request = 0;
287 if (b->closed) {
288 /* we already closed */
289 BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
290 return -1;
291 }
292
293 assert(b->len <= b->size);
294
295 if (b->len == b->size) {
296 BIO_set_retry_write(bio); /* buffer is full */
297 return -1;
298 }
299
300 /* we can write */
301 if (num > b->size - b->len)
302 num = b->size - b->len;
303
304 /* now write "num" bytes */
305
306 rest = num;
307
308 assert(rest > 0);
309 do { /* one or two iterations */
310 size_t write_offset;
311 size_t chunk;
312
313 assert(b->len + rest <= b->size);
314
315 write_offset = b->offset + b->len;
316 if (write_offset >= b->size)
317 write_offset -= b->size;
318 /* b->buf[write_offset] is the first byte we can write to. */
319
320 if (write_offset + rest <= b->size)
321 chunk = rest;
322 else
323 /* wrap around ring buffer */
324 chunk = b->size - write_offset;
325
326 memcpy(b->buf + write_offset, buf, chunk);
327
328 b->len += chunk;
329
330 assert(b->len <= b->size);
331
332 rest -= chunk;
333 buf += chunk;
334 }
335 while (rest);
336
337 return num;
338 }
339
340 /*-
341 * non-copying interface: provide pointer to region to write to
342 * bio_nwrite0: check how much space is available
343 * bio_nwrite: also increase length
344 * (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
345 * or just bio_nwrite(), write to buffer)
346 */
bio_nwrite0(BIO * bio,char ** buf)347 static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
348 {
349 struct bio_bio_st *b;
350 size_t num;
351 size_t write_offset;
352
353 BIO_clear_retry_flags(bio);
354
355 if (!bio->init)
356 return 0;
357
358 b = bio->ptr;
359 assert(b != NULL);
360 assert(b->peer != NULL);
361 assert(b->buf != NULL);
362
363 b->request = 0;
364 if (b->closed) {
365 BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
366 return -1;
367 }
368
369 assert(b->len <= b->size);
370
371 if (b->len == b->size) {
372 BIO_set_retry_write(bio);
373 return -1;
374 }
375
376 num = b->size - b->len;
377 write_offset = b->offset + b->len;
378 if (write_offset >= b->size)
379 write_offset -= b->size;
380 if (write_offset + num > b->size)
381 /*
382 * no ring buffer wrap-around for non-copying interface (to fulfil
383 * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
384 * to be called twice)
385 */
386 num = b->size - write_offset;
387
388 if (buf != NULL)
389 *buf = b->buf + write_offset;
390 assert(write_offset + num <= b->size);
391
392 return num;
393 }
394
bio_nwrite(BIO * bio,char ** buf,size_t num_)395 static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
396 {
397 struct bio_bio_st *b;
398 ossl_ssize_t num, space;
399
400 if (num_ > OSSL_SSIZE_MAX)
401 num = OSSL_SSIZE_MAX;
402 else
403 num = (ossl_ssize_t) num_;
404
405 space = bio_nwrite0(bio, buf);
406 if (num > space)
407 num = space;
408 if (num <= 0)
409 return num;
410 b = bio->ptr;
411 assert(b != NULL);
412 b->len += num;
413 assert(b->len <= b->size);
414
415 return num;
416 }
417
bio_ctrl(BIO * bio,int cmd,long num,void * ptr)418 static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
419 {
420 long ret;
421 struct bio_bio_st *b = bio->ptr;
422
423 assert(b != NULL);
424
425 switch (cmd) {
426 /* specific CTRL codes */
427
428 case BIO_C_SET_WRITE_BUF_SIZE:
429 if (b->peer) {
430 BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
431 ret = 0;
432 } else if (num == 0) {
433 BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
434 ret = 0;
435 } else {
436 size_t new_size = num;
437
438 if (b->size != new_size) {
439 OPENSSL_free(b->buf);
440 b->buf = NULL;
441 b->size = new_size;
442 }
443 ret = 1;
444 }
445 break;
446
447 case BIO_C_GET_WRITE_BUF_SIZE:
448 ret = (long)b->size;
449 break;
450
451 case BIO_C_MAKE_BIO_PAIR:
452 {
453 BIO *other_bio = ptr;
454
455 if (bio_make_pair(bio, other_bio))
456 ret = 1;
457 else
458 ret = 0;
459 }
460 break;
461
462 case BIO_C_DESTROY_BIO_PAIR:
463 /*
464 * Affects both BIOs in the pair -- call just once! Or let
465 * BIO_free(bio1); BIO_free(bio2); do the job.
466 */
467 bio_destroy_pair(bio);
468 ret = 1;
469 break;
470
471 case BIO_C_GET_WRITE_GUARANTEE:
472 /*
473 * How many bytes can the caller feed to the next write without
474 * having to keep any?
475 */
476 if (b->peer == NULL || b->closed)
477 ret = 0;
478 else
479 ret = (long)b->size - b->len;
480 break;
481
482 case BIO_C_GET_READ_REQUEST:
483 /*
484 * If the peer unsuccessfully tried to read, how many bytes were
485 * requested? (As with BIO_CTRL_PENDING, that number can usually be
486 * treated as boolean.)
487 */
488 ret = (long)b->request;
489 break;
490
491 case BIO_C_RESET_READ_REQUEST:
492 /*
493 * Reset request. (Can be useful after read attempts at the other
494 * side that are meant to be non-blocking, e.g. when probing SSL_read
495 * to see if any data is available.)
496 */
497 b->request = 0;
498 ret = 1;
499 break;
500
501 case BIO_C_SHUTDOWN_WR:
502 /* similar to shutdown(..., SHUT_WR) */
503 b->closed = 1;
504 ret = 1;
505 break;
506
507 case BIO_C_NREAD0:
508 /* prepare for non-copying read */
509 ret = (long)bio_nread0(bio, ptr);
510 break;
511
512 case BIO_C_NREAD:
513 /* non-copying read */
514 ret = (long)bio_nread(bio, ptr, (size_t)num);
515 break;
516
517 case BIO_C_NWRITE0:
518 /* prepare for non-copying write */
519 ret = (long)bio_nwrite0(bio, ptr);
520 break;
521
522 case BIO_C_NWRITE:
523 /* non-copying write */
524 ret = (long)bio_nwrite(bio, ptr, (size_t)num);
525 break;
526
527 /* standard CTRL codes follow */
528
529 case BIO_CTRL_RESET:
530 if (b->buf != NULL) {
531 b->len = 0;
532 b->offset = 0;
533 }
534 ret = 0;
535 break;
536
537 case BIO_CTRL_GET_CLOSE:
538 ret = bio->shutdown;
539 break;
540
541 case BIO_CTRL_SET_CLOSE:
542 bio->shutdown = (int)num;
543 ret = 1;
544 break;
545
546 case BIO_CTRL_PENDING:
547 if (b->peer != NULL) {
548 struct bio_bio_st *peer_b = b->peer->ptr;
549
550 ret = (long)peer_b->len;
551 } else
552 ret = 0;
553 break;
554
555 case BIO_CTRL_WPENDING:
556 if (b->buf != NULL)
557 ret = (long)b->len;
558 else
559 ret = 0;
560 break;
561
562 case BIO_CTRL_DUP:
563 /* See BIO_dup_chain for circumstances we have to expect. */
564 {
565 BIO *other_bio = ptr;
566 struct bio_bio_st *other_b;
567
568 assert(other_bio != NULL);
569 other_b = other_bio->ptr;
570 assert(other_b != NULL);
571
572 assert(other_b->buf == NULL); /* other_bio is always fresh */
573
574 other_b->size = b->size;
575 }
576
577 ret = 1;
578 break;
579
580 case BIO_CTRL_FLUSH:
581 ret = 1;
582 break;
583
584 case BIO_CTRL_EOF:
585 if (b->peer != NULL) {
586 struct bio_bio_st *peer_b = b->peer->ptr;
587
588 if (peer_b->len == 0 && peer_b->closed)
589 ret = 1;
590 else
591 ret = 0;
592 } else {
593 ret = 1;
594 }
595 break;
596
597 default:
598 ret = 0;
599 }
600 return ret;
601 }
602
bio_puts(BIO * bio,const char * str)603 static int bio_puts(BIO *bio, const char *str)
604 {
605 return bio_write(bio, str, strlen(str));
606 }
607
bio_make_pair(BIO * bio1,BIO * bio2)608 static int bio_make_pair(BIO *bio1, BIO *bio2)
609 {
610 struct bio_bio_st *b1, *b2;
611
612 assert(bio1 != NULL);
613 assert(bio2 != NULL);
614
615 b1 = bio1->ptr;
616 b2 = bio2->ptr;
617
618 if (b1->peer != NULL || b2->peer != NULL) {
619 BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
620 return 0;
621 }
622
623 if (b1->buf == NULL) {
624 b1->buf = OPENSSL_malloc(b1->size);
625 if (b1->buf == NULL) {
626 BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
627 return 0;
628 }
629 b1->len = 0;
630 b1->offset = 0;
631 }
632
633 if (b2->buf == NULL) {
634 b2->buf = OPENSSL_malloc(b2->size);
635 if (b2->buf == NULL) {
636 BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
637 return 0;
638 }
639 b2->len = 0;
640 b2->offset = 0;
641 }
642
643 b1->peer = bio2;
644 b1->closed = 0;
645 b1->request = 0;
646 b2->peer = bio1;
647 b2->closed = 0;
648 b2->request = 0;
649
650 bio1->init = 1;
651 bio2->init = 1;
652
653 return 1;
654 }
655
bio_destroy_pair(BIO * bio)656 static void bio_destroy_pair(BIO *bio)
657 {
658 struct bio_bio_st *b = bio->ptr;
659
660 if (b != NULL) {
661 BIO *peer_bio = b->peer;
662
663 if (peer_bio != NULL) {
664 struct bio_bio_st *peer_b = peer_bio->ptr;
665
666 assert(peer_b != NULL);
667 assert(peer_b->peer == bio);
668
669 peer_b->peer = NULL;
670 peer_bio->init = 0;
671 assert(peer_b->buf != NULL);
672 peer_b->len = 0;
673 peer_b->offset = 0;
674
675 b->peer = NULL;
676 bio->init = 0;
677 assert(b->buf != NULL);
678 b->len = 0;
679 b->offset = 0;
680 }
681 }
682 }
683
684 /* Exported convenience functions */
BIO_new_bio_pair(BIO ** bio1_p,size_t writebuf1,BIO ** bio2_p,size_t writebuf2)685 int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
686 BIO **bio2_p, size_t writebuf2)
687 {
688 BIO *bio1 = NULL, *bio2 = NULL;
689 long r;
690 int ret = 0;
691
692 bio1 = BIO_new(BIO_s_bio());
693 if (bio1 == NULL)
694 goto err;
695 bio2 = BIO_new(BIO_s_bio());
696 if (bio2 == NULL)
697 goto err;
698
699 if (writebuf1) {
700 r = BIO_set_write_buf_size(bio1, writebuf1);
701 if (!r)
702 goto err;
703 }
704 if (writebuf2) {
705 r = BIO_set_write_buf_size(bio2, writebuf2);
706 if (!r)
707 goto err;
708 }
709
710 r = BIO_make_bio_pair(bio1, bio2);
711 if (!r)
712 goto err;
713 ret = 1;
714
715 err:
716 if (ret == 0) {
717 BIO_free(bio1);
718 bio1 = NULL;
719 BIO_free(bio2);
720 bio2 = NULL;
721 }
722
723 *bio1_p = bio1;
724 *bio2_p = bio2;
725 return ret;
726 }
727
BIO_ctrl_get_write_guarantee(BIO * bio)728 size_t BIO_ctrl_get_write_guarantee(BIO *bio)
729 {
730 return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
731 }
732
BIO_ctrl_get_read_request(BIO * bio)733 size_t BIO_ctrl_get_read_request(BIO *bio)
734 {
735 return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
736 }
737
BIO_ctrl_reset_read_request(BIO * bio)738 int BIO_ctrl_reset_read_request(BIO *bio)
739 {
740 return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
741 }
742
743 /*
744 * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
745 * (conceivably some other BIOs could allow non-copying reads and writes
746 * too.)
747 */
BIO_nread0(BIO * bio,char ** buf)748 int BIO_nread0(BIO *bio, char **buf)
749 {
750 long ret;
751
752 if (!bio->init) {
753 BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
754 return -2;
755 }
756
757 ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
758 if (ret > INT_MAX)
759 return INT_MAX;
760 else
761 return (int)ret;
762 }
763
BIO_nread(BIO * bio,char ** buf,int num)764 int BIO_nread(BIO *bio, char **buf, int num)
765 {
766 int ret;
767
768 if (!bio->init) {
769 BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
770 return -2;
771 }
772
773 ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
774 if (ret > 0)
775 bio->num_read += ret;
776 return ret;
777 }
778
BIO_nwrite0(BIO * bio,char ** buf)779 int BIO_nwrite0(BIO *bio, char **buf)
780 {
781 long ret;
782
783 if (!bio->init) {
784 BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
785 return -2;
786 }
787
788 ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
789 if (ret > INT_MAX)
790 return INT_MAX;
791 else
792 return (int)ret;
793 }
794
BIO_nwrite(BIO * bio,char ** buf,int num)795 int BIO_nwrite(BIO *bio, char **buf, int num)
796 {
797 int ret;
798
799 if (!bio->init) {
800 BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
801 return -2;
802 }
803
804 ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
805 if (ret > 0)
806 bio->num_write += ret;
807 return ret;
808 }
809