Context Navigation

gnutls_io.c @ bd2b48b

Visit:

asynciodebian/masterproxy-ticket

Last change on this file since bd2b48b was bd2b48b, checked in by Fiona Klute <fiona.klute@…>, 3 years ago

Immediately retry on EINTR or EAGAIN for blocking receive

Proxy TLS connections failed with EAGAIN in tests while trying to read
the response header if the server sent a large ticket, presumably
because records had to wait for the ticket to be passed. This fixes
the issue.

Property mode set to 100644

File size: 30.9 KB

Rev	Line
[104e881]	1	/*
[fcb122d]	2	* Copyright 2004-2005 Paul Querna
[e183628]	3	* Copyright 2008 Nikos Mavrogiannopoulos
	4	* Copyright 2011 Dash Shendy
[3c123cd]	5	* Copyright 2015-2017 Fiona Klute
[7e2b223]	6	*
	7	* Licensed under the Apache License, Version 2.0 (the "License");
	8	* you may not use this file except in compliance with the License.
	9	* You may obtain a copy of the License at
	10	*
	11	* http://www.apache.org/licenses/LICENSE-2.0
	12	*
	13	* Unless required by applicable law or agreed to in writing, software
	14	* distributed under the License is distributed on an "AS IS" BASIS,
	15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	16	* See the License for the specific language governing permissions and
	17	* limitations under the License.
	18	*/
	19
	20	#include "mod_gnutls.h"
	21
[55dc3f0]	22	#ifdef APLOG_USE_MODULE
	23	APLOG_USE_MODULE(gnutls);
	24	#endif
	25
[ac3f500]	26	#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
	27	#include <inttypes.h>
	28	#endif
	29
[7e2b223]	30	/**
[104e881]	31	* @file
[671b64f]	32	* Describe how the GnuTLS Filter system works here
[dae0aec]	33	* - Basicly the same as what mod_ssl does with OpenSSL.
	34	*
[7e2b223]	35	*/
	36
[dae0aec]	37	#define HTTP_ON_HTTPS_PORT \
	38	"GET /" CRLF
[7e2b223]	39
[dae0aec]	40	#define HTTP_ON_HTTPS_PORT_BUCKET(alloc) \
	41	apr_bucket_immortal_create(HTTP_ON_HTTPS_PORT, \
	42	sizeof(HTTP_ON_HTTPS_PORT) - 1, \
	43	alloc)
[7e2b223]	44
[265eafc]	45	#define IS_PROXY_STR(c) \
	46	((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "")
	47
[02a6a18]	48	/**
[08b821a]	49	* Convert `APR_EINTR` or `APR_EAGAIN` to the matching errno. Needed
	50	* to pass the status on to GnuTLS from the pull and push functions.
[02a6a18]	51	*/
	52	#define EAI_APR_TO_RAW(s) (APR_STATUS_IS_EAGAIN(s) ? EAGAIN : EINTR)
	53
	54
	55
[dae0aec]	56	static apr_status_t gnutls_io_filter_error(ap_filter_t * f,
[e183628]	57	apr_bucket_brigade * bb,
	58	apr_status_t status) {
	59	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
	60	apr_bucket *bucket;
	61
	62	switch (status) {
[4fefa39]	63	case HTTP_BAD_REQUEST:
	64	/* log the situation */
[7511bfa]	65	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c,
	66	"GnuTLS handshake failed: HTTP spoken on HTTPS port; "
	67	"trying to send HTML error page");
[4fefa39]	68	ctxt->status = -1;
	69
	70	/* fake the request line */
	71	bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);
	72	break;
	73
	74	default:
	75	return status;
[e183628]	76	}
	77
	78	APR_BRIGADE_INSERT_TAIL(bb, bucket);
	79	bucket = apr_bucket_eos_create(f->c->bucket_alloc);
	80	APR_BRIGADE_INSERT_TAIL(bb, bucket);
	81
	82	return APR_SUCCESS;
[dae0aec]	83	}
[7e2b223]	84
[e183628]	85	static int char_buffer_read(mgs_char_buffer_t * buffer, char *in, int inl) {
	86	if (!buffer->length) {
	87	return 0;
	88	}
	89
	90	if (buffer->length > inl) {
	91	/* we have have enough to fill the caller's buffer */
	92	memmove(in, buffer->value, inl);
	93	buffer->value += inl;
	94	buffer->length -= inl;
	95	} else {
	96	/* swallow remainder of the buffer */
	97	memmove(in, buffer->value, buffer->length);
	98	inl = buffer->length;
	99	buffer->value = NULL;
	100	buffer->length = 0;
	101	}
	102
	103	return inl;
[dae0aec]	104	}
	105
[e183628]	106	static int char_buffer_write(mgs_char_buffer_t * buffer, char *in, int inl) {
	107	buffer->value = in;
	108	buffer->length = inl;
	109	return inl;
[7e2b223]	110	}
	111
	112	/**
	113	* From mod_ssl / ssl_engine_io.c
	114	* This function will read from a brigade and discard the read buckets as it
	115	* proceeds. It will read at most *len bytes.
	116	*/
	117	static apr_status_t brigade_consume(apr_bucket_brigade * bb,
[e183628]	118	apr_read_type_e block,
	119	char c, apr_size_t len) {
	120	apr_size_t actual = 0;
	121	apr_status_t status = APR_SUCCESS;
	122
	123	while (!APR_BRIGADE_EMPTY(bb)) {
	124	apr_bucket *b = APR_BRIGADE_FIRST(bb);
	125	const char *str;
	126	apr_size_t str_len;
	127	apr_size_t consume;
	128
	129	/* Justin points out this is an http-ism that might
	130	* not fit if brigade_consume is added to APR. Perhaps
	131	* apr_bucket_read(eos_bucket) should return APR_EOF?
	132	* Then this becomes mainline instead of a one-off.
	133	*/
	134	if (APR_BUCKET_IS_EOS(b)) {
	135	status = APR_EOF;
	136	break;
	137	}
	138
	139	/* The reason I'm not offering brigade_consume yet
	140	* across to apr-util is that the following call
	141	* illustrates how borked that API really is. For
	142	* this sort of case (caller provided buffer) it
	143	* would be much more trivial for apr_bucket_consume
	144	* to do all the work that follows, based on the
	145	* particular characteristics of the bucket we are
	146	* consuming here.
	147	*/
	148	status = apr_bucket_read(b, &str, &str_len, block);
	149
	150	if (status != APR_SUCCESS) {
	151	if (APR_STATUS_IS_EOF(status)) {
	152	/* This stream bucket was consumed */
	153	apr_bucket_delete(b);
	154	continue;
	155	}
	156	break;
	157	}
	158
	159	if (str_len > 0) {
	160	/* Do not block once some data has been consumed */
	161	block = APR_NONBLOCK_READ;
	162
	163	/* Assure we don't overflow. */
	164	consume =
	165	(str_len + actual >
	166	len) ? len - actual : str_len;
	167
	168	memcpy(c, str, consume);
	169
	170	c += consume;
	171	actual += consume;
	172
	173	if (consume >= b->length) {
	174	/* This physical bucket was consumed */
	175	apr_bucket_delete(b);
	176	} else {
	177	/* Only part of this physical bucket was consumed */
	178	b->start += consume;
	179	b->length -= consume;
	180	}
	181	} else if (b->length == 0) {
	182	apr_bucket_delete(b);
	183	}
[7e2b223]	184
[e183628]	185	/* This could probably be actual == *len, but be safe from stray
	186	* photons. */
	187	if (actual >= *len) {
	188	break;
	189	}
	190	}
	191
	192	*len = actual;
	193	return status;
	194	}
[7e2b223]	195
[c301152]	196	static apr_status_t gnutls_io_input_read(mgs_handle_t * ctxt,
[398d1a0]	197	char buf, apr_size_t len)
	198	{
[e183628]	199	apr_size_t wanted = *len;
	200	apr_size_t bytes = 0;
	201	int rc;
	202
	203	*len = 0;
	204
	205	/* If we have something leftover from last time, try that first. */
	206	if ((bytes = char_buffer_read(&ctxt->input_cbuf, buf, wanted))) {
	207	*len = bytes;
	208	if (ctxt->input_mode == AP_MODE_SPECULATIVE) {
	209	/* We want to rollback this read. */
	210	if (ctxt->input_cbuf.length > 0) {
	211	ctxt->input_cbuf.value -= bytes;
	212	ctxt->input_cbuf.length += bytes;
	213	} else {
	214	char_buffer_write(&ctxt->input_cbuf, buf,
	215	(int) bytes);
	216	}
	217	return APR_SUCCESS;
	218	}
	219	/* This could probably be *len == wanted, but be safe from stray
	220	* photons.
	221	*/
	222	if (*len >= wanted) {
	223	return APR_SUCCESS;
	224	}
	225	if (ctxt->input_mode == AP_MODE_GETLINE) {
	226	if (memchr(buf, APR_ASCII_LF, *len)) {
	227	return APR_SUCCESS;
	228	}
	229	} else {
	230	/* Down to a nonblock pattern as we have some data already
	231	*/
	232	ctxt->input_block = APR_NONBLOCK_READ;
	233	}
	234	}
	235
	236	if (ctxt->session == NULL) {
[398d1a0]	237	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
	238	"%s: GnuTLS session is NULL!", __func__);
[e183628]	239	return APR_EGENERAL;
	240	}
	241
[f5a36ee]	242	while (1)
	243	{
[bd2b48b]	244	/* Note: The pull function sets ctxt->input_rc */
[f5a36ee]	245	rc = gnutls_record_recv(ctxt->session, buf + bytes, wanted - bytes);
[e183628]	246
	247	if (rc > 0) {
	248	*len += rc;
	249	if (ctxt->input_mode == AP_MODE_SPECULATIVE) {
	250	/* We want to rollback this read. */
	251	char_buffer_write(&ctxt->input_cbuf, buf,
	252	rc);
	253	}
	254	return ctxt->input_rc;
	255	} else if (rc == 0) {
[bd2b48b]	256	/* EOF, return code depends on whether we still have data
	257	* to return. */
	258	if (*len > 0) {
	259	ctxt->input_rc = APR_SUCCESS;
[e183628]	260	} else {
[bd2b48b]	261	ctxt->input_rc = APR_EOF;
[e183628]	262	}
[bd2b48b]	263	break;
[e183628]	264	} else { /* (rc < 0) */
	265
[bd2b48b]	266	if (rc == GNUTLS_E_INTERRUPTED \|\| rc == GNUTLS_E_AGAIN)
	267	{
	268	ap_log_cerror(APLOG_MARK, APLOG_TRACE2, ctxt->input_rc, ctxt->c,
	269	"%s: looping recv after '%s' (%d)",
	270	__func__, gnutls_strerror(rc), rc);
	271	/* For a blocking read: Loop and try again immediately. */
	272	if (ctxt->input_block != APR_NONBLOCK_READ)
	273	continue;
	274	} else if (rc == GNUTLS_E_REHANDSHAKE) {
[e183628]	275	/* A client has asked for a new Hankshake. Currently, we don't do it */
[398d1a0]	276	ap_log_cerror(APLOG_MARK, APLOG_INFO,
[e183628]	277	ctxt->input_rc,
[398d1a0]	278	ctxt->c,
[e183628]	279	"GnuTLS: Error reading data. Client Requested a New Handshake."
	280	" (%d) '%s'", rc,
	281	gnutls_strerror(rc));
	282	} else if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED) {
	283	rc = gnutls_alert_get(ctxt->session);
[398d1a0]	284	ap_log_cerror(APLOG_MARK, APLOG_INFO,
[e183628]	285	ctxt->input_rc,
[398d1a0]	286	ctxt->c,
[e183628]	287	"GnuTLS: Warning Alert From Client: "
	288	" (%d) '%s'", rc,
	289	gnutls_alert_get_name(rc));
	290	} else if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED) {
	291	rc = gnutls_alert_get(ctxt->session);
[398d1a0]	292	ap_log_cerror(APLOG_MARK, APLOG_INFO,
[e183628]	293	ctxt->input_rc,
[398d1a0]	294	ctxt->c,
[e183628]	295	"GnuTLS: Fatal Alert From Client: "
	296	"(%d) '%s'", rc,
	297	gnutls_alert_get_name(rc));
	298	ctxt->input_rc = APR_EGENERAL;
	299	break;
	300	} else {
	301	/* Some Other Error. Report it. Die. */
	302	if (gnutls_error_is_fatal(rc)) {
[398d1a0]	303	ap_log_cerror(APLOG_MARK,
[e183628]	304	APLOG_INFO,
	305	ctxt->input_rc,
[398d1a0]	306	ctxt->c,
[e183628]	307	"GnuTLS: Error reading data. (%d) '%s'",
	308	rc,
	309	gnutls_strerror(rc));
	310	} else if (*len > 0) {
	311	ctxt->input_rc = APR_SUCCESS;
	312	break;
	313	}
	314	}
	315
	316	if (ctxt->input_rc == APR_SUCCESS) {
[4261999]	317	ap_log_cerror(APLOG_MARK, APLOG_INFO, ctxt->input_rc, ctxt->c,
	318	"%s: GnuTLS error: %s (%d)",
	319	__func__, gnutls_strerror(rc), rc);
[e183628]	320	ctxt->input_rc = APR_EGENERAL;
	321	}
	322	break;
	323	}
	324	}
	325	return ctxt->input_rc;
[dae0aec]	326	}
	327
[c301152]	328	static apr_status_t gnutls_io_input_getline(mgs_handle_t * ctxt,
[e183628]	329	char buf, apr_size_t len) {
	330	const char *pos = NULL;
	331	apr_status_t status;
	332	apr_size_t tmplen = len, buflen = len, offset = 0;
[dae0aec]	333
[e183628]	334	*len = 0;
[dae0aec]	335
[e183628]	336	while (tmplen > 0) {
	337	status = gnutls_io_input_read(ctxt, buf + offset, &tmplen);
[dae0aec]	338
[e183628]	339	if (status != APR_SUCCESS) {
	340	return status;
	341	}
[dae0aec]	342
[e183628]	343	*len += tmplen;
[dae0aec]	344
[e183628]	345	if ((pos = memchr(buf, APR_ASCII_LF, *len))) {
	346	break;
	347	}
[dae0aec]	348
[e183628]	349	offset += tmplen;
	350	tmplen = buflen - offset;
	351	}
[dae0aec]	352
[e183628]	353	if (pos) {
	354	char *value;
	355	int length;
	356	apr_size_t bytes = pos - buf;
[dae0aec]	357
[e183628]	358	bytes += 1;
	359	value = buf + bytes;
	360	length = *len - bytes;
[dae0aec]	361
[e183628]	362	char_buffer_write(&ctxt->input_cbuf, value, length);
[dae0aec]	363
[e183628]	364	*len = bytes;
	365	}
[dae0aec]	366
[e183628]	367	return APR_SUCCESS;
[dae0aec]	368	}
	369
[0106b25]	370	#define HANDSHAKE_MAX_TRIES 1024
[e183628]	371
	372	static int gnutls_do_handshake(mgs_handle_t * ctxt) {
	373	int ret;
	374	int errcode;
	375	int maxtries = HANDSHAKE_MAX_TRIES;
	376
	377	if (ctxt->status != 0 \|\| ctxt->session == NULL) {
	378	return -1;
	379	}
	380
[265159d]	381	/* Enable SNI for proxy connections */
	382	if (ctxt->is_proxy == GNUTLS_ENABLED_TRUE)
	383	{
	384	/* Get peer hostname from note left by mod_proxy */
	385	const char *peer_hostname =
	386	apr_table_get(ctxt->c->notes, PROXY_SNI_NOTE);
	387	/* Used only as target for apr_ipsubnet_create() */
	388	apr_ipsubnet_t *probe;
	389	/* Check if the note is present (!= NULL) and NOT an IP
	390	* address */
	391	if ((peer_hostname) != NULL
	392	&& (apr_ipsubnet_create(&probe, peer_hostname, NULL, ctxt->c->pool)
	393	!= APR_SUCCESS))
	394	{
	395	ret = gnutls_server_name_set(ctxt->session, GNUTLS_NAME_DNS,
	396	peer_hostname, strlen(peer_hostname));
	397	if (ret != GNUTLS_E_SUCCESS)
	398	ap_log_cerror(APLOG_MARK, APLOG_ERR, ret, ctxt->c,
	399	"Could not set SNI '%s' for proxy connection: "
	400	"%s (%d)",
	401	peer_hostname, gnutls_strerror(ret), ret);
	402	}
	403	}
	404
[e183628]	405	tryagain:
	406	do {
	407	ret = gnutls_handshake(ctxt->session);
	408	maxtries--;
	409	} while ((ret == GNUTLS_E_INTERRUPTED \|\| ret == GNUTLS_E_AGAIN)
	410	&& maxtries > 0);
	411
	412	if (maxtries < 1) {
	413	ctxt->status = -1;
	414	ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c,
	415	"GnuTLS: Handshake Failed. Hit Maximum Attempts");
	416	if (ctxt->session) {
	417	gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
	418	gnutls_error_to_alert
	419	(GNUTLS_E_INTERNAL_ERROR, NULL));
	420	gnutls_deinit(ctxt->session);
	421	}
	422	ctxt->session = NULL;
	423	return -1;
	424	}
	425
	426	if (ret < 0) {
	427	if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED
	428	\|\| ret == GNUTLS_E_FATAL_ALERT_RECEIVED) {
	429	errcode = gnutls_alert_get(ctxt->session);
[7511bfa]	430	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
	431	"GnuTLS: Handshake Alert (%d) '%s'.",
	432	errcode, gnutls_alert_get_name(errcode));
[e183628]	433	}
	434
	435	if (!gnutls_error_is_fatal(ret)) {
[7511bfa]	436	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
	437	"GnuTLS: Non-Fatal Handshake Error: (%d) '%s'",
	438	ret, gnutls_strerror(ret));
[e183628]	439	goto tryagain;
	440	}
	441	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
	442	"GnuTLS: Handshake Failed (%d) '%s'", ret,
	443	gnutls_strerror(ret));
	444	ctxt->status = -1;
	445	if (ctxt->session) {
	446	gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
	447	gnutls_error_to_alert(ret,
	448	NULL));
	449	gnutls_deinit(ctxt->session);
	450	}
	451	ctxt->session = NULL;
	452	return ret;
	453	} else {
	454	/* all done with the handshake */
	455	ctxt->status = 1;
[cebb74a]	456	if (gnutls_session_is_resumed(ctxt->session))
	457	{
	458	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
	459	"%s: TLS session resumed.", __func__);
[e183628]	460	}
[73f6f12]	461	return GNUTLS_E_SUCCESS;
[e183628]	462	}
[31645b2]	463	}
	464
[e183628]	465	int mgs_rehandshake(mgs_handle_t * ctxt) {
	466	int rv;
[e02dd8c]	467
[e183628]	468	if (ctxt->session == NULL)
	469	return -1;
[e02dd8c]	470
[e183628]	471	rv = gnutls_rehandshake(ctxt->session);
[e02dd8c]	472
[e183628]	473	if (rv != 0) {
	474	/* the client did not want to rehandshake. goodbye */
[7511bfa]	475	ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, ctxt->c,
	476	"GnuTLS: Client Refused Rehandshake request.");
[e183628]	477	return -1;
	478	}
[e02dd8c]	479
[e183628]	480	ctxt->status = 0;
[e02dd8c]	481
[e183628]	482	rv = gnutls_do_handshake(ctxt);
[e02dd8c]	483
[e183628]	484	return rv;
[dae0aec]	485	}
	486
[401a0de]	487
	488
	489	/**
	490	* Close the TLS session associated with the given connection
	491	* structure and free its resources
[08b821a]	492	*
	493	* @param ctxt the mod_gnutls session context
	494	*
	495	* @return a GnuTLS status code, hopefully `GNUTLS_E_SUCCESS`
[401a0de]	496	*/
	497	static int mgs_bye(mgs_handle_t* ctxt)
	498	{
	499	int ret = GNUTLS_E_SUCCESS;
	500	/* End Of Connection */
	501	if (ctxt->session != NULL)
	502	{
	503	/* Try A Clean Shutdown */
	504	do {
	505	ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR);
	506	} while (ret == GNUTLS_E_INTERRUPTED \|\| ret == GNUTLS_E_AGAIN);
	507	if (ret != GNUTLS_E_SUCCESS)
[2ceb836]	508	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, ctxt->c,
[401a0de]	509	"%s: Error while closing TLS %sconnection: "
	510	"'%s' (%d)",
	511	__func__, IS_PROXY_STR(ctxt),
	512	gnutls_strerror(ret), (int) ret);
	513	else
[2ceb836]	514	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
[401a0de]	515	"%s: TLS %sconnection closed.",
	516	__func__, IS_PROXY_STR(ctxt));
	517	/* De-Initialize Session */
	518	gnutls_deinit(ctxt->session);
	519	ctxt->session = NULL;
	520	}
	521	return ret;
	522	}
	523
	524
	525
[e02dd8c]	526	apr_status_t mgs_filter_input(ap_filter_t * f,
[e183628]	527	apr_bucket_brigade * bb,
	528	ap_input_mode_t mode,
[265eafc]	529	apr_read_type_e block, apr_off_t readbytes)
	530	{
[e183628]	531	apr_status_t status = APR_SUCCESS;
	532	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
	533	apr_size_t len = sizeof (ctxt->input_buffer);
	534
	535	if (f->c->aborted) {
	536	apr_bucket *bucket =
	537	apr_bucket_eos_create(f->c->bucket_alloc);
	538	APR_BRIGADE_INSERT_TAIL(bb, bucket);
[265eafc]	539	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
	540	"%s: %sconnection aborted",
	541	__func__, IS_PROXY_STR(ctxt));
[e183628]	542	return APR_ECONNABORTED;
	543	}
	544
	545	if (ctxt->status == 0) {
[73f6f12]	546	int ret = gnutls_do_handshake(ctxt);
	547	if (ret == GNUTLS_E_SUCCESS)
	548	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
	549	"%s: TLS %sconnection opened.",
	550	__func__, IS_PROXY_STR(ctxt));
[e183628]	551	}
	552
[72b669e]	553	if (ctxt->status < 0)
	554	{
	555	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c,
	556	"%s: %sconnection failed, cannot provide data!",
	557	__func__, IS_PROXY_STR(ctxt));
	558	apr_bucket *bucket =
	559	apr_bucket_eos_create(f->c->bucket_alloc);
	560	APR_BRIGADE_INSERT_TAIL(bb, bucket);
	561	return APR_ECONNABORTED;
[e183628]	562	}
	563
	564	/* XXX: we don't currently support anything other than these modes. */
	565	if (mode != AP_MODE_READBYTES && mode != AP_MODE_GETLINE &&
	566	mode != AP_MODE_SPECULATIVE && mode != AP_MODE_INIT) {
	567	return APR_ENOTIMPL;
	568	}
	569
	570	ctxt->input_mode = mode;
	571	ctxt->input_block = block;
	572
	573	if (ctxt->input_mode == AP_MODE_READBYTES \|\|
	574	ctxt->input_mode == AP_MODE_SPECULATIVE) {
[fd82e59]	575	if (readbytes < 0) {
	576	/* you're asking us to speculatively read a negative number of bytes! */
	577	return APR_ENOTIMPL;
	578	}
[b2e6406]	579	/* 'readbytes' and 'len' are of different integer types, which
	580	* might have different lengths. Read sizes should be too
	581	* small for 32 or 64 bit to matter, but we have to make
	582	* sure. */
[ac3f500]	583	#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
	584	if ((apr_size_t) readbytes < len)
	585	{
	586	/* If readbytes is negative the function fails in the
	587	* check above, but the compiler doesn't get that. */
	588	if (__builtin_expect(imaxabs(readbytes) > SIZE_MAX, 0))
	589	{
	590	ap_log_cerror(APLOG_MARK, APLOG_CRIT, APR_EINVAL, ctxt->c,
	591	"%s: prevented buffer length overflow",
	592	__func__);
	593	return APR_EINVAL;
	594	}
	595	len = (apr_size_t) readbytes;
	596	}
	597	#else
[b2e6406]	598	if ((apr_size_t) readbytes < len
	599	&& __builtin_add_overflow(readbytes, 0, &len))
	600	{
	601	ap_log_cerror(APLOG_MARK, APLOG_CRIT, APR_EINVAL, ctxt->c,
	602	"%s: prevented buffer length overflow",
	603	__func__);
	604	return APR_EINVAL;
[e183628]	605	}
[ac3f500]	606	#endif
[e183628]	607	status =
	608	gnutls_io_input_read(ctxt, ctxt->input_buffer, &len);
	609	} else if (ctxt->input_mode == AP_MODE_GETLINE) {
	610	status =
	611	gnutls_io_input_getline(ctxt, ctxt->input_buffer,
	612	&len);
	613	} else {
	614	/* We have no idea what you are talking about, so return an error. */
	615	return APR_ENOTIMPL;
	616	}
	617
[f5a36ee]	618	if (status != APR_SUCCESS)
	619	{
	620	/* no data for nonblocking read, return APR_EAGAIN */
[73b0bf0]	621	if ((block == APR_NONBLOCK_READ) && APR_STATUS_IS_EINTR(status))
[f5a36ee]	622	return APR_EAGAIN;
	623
[401a0de]	624	/* Close TLS session and free resources on EOF,
	625	* gnutls_io_filter_error will add an EOS bucket */
[73b0bf0]	626	if (APR_STATUS_IS_EOF(status))
[401a0de]	627	mgs_bye(ctxt);
	628
[e183628]	629	return gnutls_io_filter_error(f, bb, status);
	630	}
	631
	632	/* Create a transient bucket out of the decrypted data. */
	633	if (len > 0) {
	634	apr_bucket *bucket =
	635	apr_bucket_transient_create(ctxt->input_buffer, len,
	636	f->c->bucket_alloc);
	637	APR_BRIGADE_INSERT_TAIL(bb, bucket);
	638	}
	639
	640	return status;
[dae0aec]	641	}
	642
[08b821a]	643	/**
	644	* Try to flush the output bucket brigade.
	645	*
	646	* @param ctxt the mod_gnutls session context
	647	*
	648	* @return `1` on success, `-1` on failure.
	649	*/
[e183628]	650	static ssize_t write_flush(mgs_handle_t * ctxt) {
	651	apr_bucket *e;
	652
	653	if (!(ctxt->output_blen \|\| ctxt->output_length)) {
	654	ctxt->output_rc = APR_SUCCESS;
	655	return 1;
	656	}
	657
	658	if (ctxt->output_blen) {
	659	e = apr_bucket_transient_create(ctxt->output_buffer,
	660	ctxt->output_blen,
	661	ctxt->output_bb->
	662	bucket_alloc);
	663	/* we filled this buffer first so add it to the
	664	* * head of the brigade
	665	* */
	666	APR_BRIGADE_INSERT_HEAD(ctxt->output_bb, e);
	667	ctxt->output_blen = 0;
	668	}
	669
	670	ctxt->output_length = 0;
	671	e = apr_bucket_flush_create(ctxt->output_bb->bucket_alloc);
	672	APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, e);
	673
	674	ctxt->output_rc = ap_pass_brigade(ctxt->output_filter->next,
	675	ctxt->output_bb);
	676	/* clear the brigade to be ready for next time */
	677	apr_brigade_cleanup(ctxt->output_bb);
	678
	679	return (ctxt->output_rc == APR_SUCCESS) ? 1 : -1;
[485d28e]	680	}
	681
[e183628]	682	apr_status_t mgs_filter_output(ap_filter_t * f, apr_bucket_brigade * bb) {
[fd82e59]	683	int ret;
[e183628]	684	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
	685	apr_status_t status = APR_SUCCESS;
	686	apr_read_type_e rblock = APR_NONBLOCK_READ;
[671b64f]	687
[e183628]	688	if (f->c->aborted) {
	689	apr_brigade_cleanup(bb);
	690	return APR_ECONNABORTED;
	691	}
	692
	693	if (ctxt->status == 0) {
[73f6f12]	694	ret = gnutls_do_handshake(ctxt);
	695	if (ret == GNUTLS_E_SUCCESS)
	696	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
	697	"%s: TLS %sconnection opened.",
	698	__func__, IS_PROXY_STR(ctxt));
[e183628]	699	}
	700
[72b669e]	701	if (ctxt->status < 0)
	702	{
	703	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c,
	704	"%s: %sconnection failed, refusing to send.",
	705	__func__, IS_PROXY_STR(ctxt));
	706	if (ctxt->is_proxy)
	707	{
	708	/* If mod_proxy receives an error while trying to send its
	709	* request it sends an "invalid request" error to the
	710	* client. By pretending we could send the request
	711	* mod_proxy continues its processing and sends a proper
	712	* "proxy error" message when there's no response to read. */
	713	apr_bucket *bucket = apr_bucket_eos_create(f->c->bucket_alloc);
	714	APR_BRIGADE_INSERT_TAIL(bb, bucket);
	715	return APR_SUCCESS;
	716	}
	717	else
	718	return APR_ECONNABORTED;
[e183628]	719	}
	720
	721	while (!APR_BRIGADE_EMPTY(bb)) {
	722	apr_bucket *bucket = APR_BRIGADE_FIRST(bb);
	723
	724	if (APR_BUCKET_IS_EOS(bucket)) {
	725	return ap_pass_brigade(f->next, bb);
[671b64f]	726	} else if (APR_BUCKET_IS_FLUSH(bucket)) {
[e183628]	727	/* Try Flush */
	728	if (write_flush(ctxt) < 0) {
	729	/* Flush Error */
	730	return ctxt->output_rc;
	731	}
	732	/* cleanup! */
[671b64f]	733	apr_bucket_delete(bucket);
[e183628]	734	} else if (AP_BUCKET_IS_EOC(bucket)) {
[401a0de]	735	/* End Of Connection, close TLS session and free
	736	* resources */
	737	mgs_bye(ctxt);
[9a9bc1e]	738	/* cleanup! */
[671b64f]	739	apr_bucket_delete(bucket);
[e183628]	740	/* Pass next brigade! */
	741	return ap_pass_brigade(f->next, bb);
	742	} else {
	743	/* filter output */
	744	const char *data;
	745	apr_size_t len;
	746
[9a9bc1e]	747	status = apr_bucket_read(bucket, &data, &len, rblock);
[e183628]	748
	749	if (APR_STATUS_IS_EAGAIN(status)) {
	750	/* No data available so Flush! */
	751	if (write_flush(ctxt) < 0) {
	752	return ctxt->output_rc;
	753	}
	754	/* Try again with a blocking read. */
	755	rblock = APR_BLOCK_READ;
	756	continue;
	757	}
	758
	759	rblock = APR_NONBLOCK_READ;
	760
	761	if (!APR_STATUS_IS_EOF(status)
	762	&& (status != APR_SUCCESS)) {
	763	return status;
	764	}
	765
	766	if (len > 0) {
	767
	768	if (ctxt->session == NULL) {
	769	ret = GNUTLS_E_INVALID_REQUEST;
[b4a875b]	770	} else {
[e183628]	771	do {
	772	ret =
	773	gnutls_record_send
	774	(ctxt->session, data,
	775	len);
	776	} while (ret == GNUTLS_E_INTERRUPTED
	777	\|\| ret == GNUTLS_E_AGAIN);
	778	}
	779
	780	if (ret < 0) {
	781	/* error sending output */
[7511bfa]	782	ap_log_cerror(APLOG_MARK, APLOG_INFO, ctxt->output_rc,
	783	ctxt->c,
	784	"GnuTLS: Error writing data. (%d) '%s'",
	785	ret, gnutls_strerror(ret));
[e183628]	786	if (ctxt->output_rc == APR_SUCCESS) {
	787	ctxt->output_rc =
	788	APR_EGENERAL;
	789	return ctxt->output_rc;
	790	}
[fd82e59]	791	} else if ((apr_size_t)(ret) != len) {
	792	/* we know the above cast is OK because len > 0 and ret >= 0 */
[671b64f]	793	/* Not able to send the entire bucket,
[e183628]	794	split it and send it again. */
	795	apr_bucket_split(bucket, ret);
	796	}
	797	}
	798
	799	apr_bucket_delete(bucket);
	800	}
	801	}
	802
	803	return status;
[dae0aec]	804	}
	805
[02a6a18]	806	/**
	807	* Pull function for GnuTLS
[a9fa300]	808	*
[08b821a]	809	* Generic errnos used for `gnutls_transport_set_errno()`:
	810	* * `EAGAIN`: no data available at the moment, try again (maybe later)
	811	* * `EINTR`: read was interrupted, try again
	812	* * `EIO`: Unknown I/O error
	813	* * `ECONNABORTED`: Input BB does not exist (`NULL`)
	814	*
	815	* The reason we are not using `APR_TO_OS_ERROR` to map `apr_status_t`
	816	* to errnos is this warning [in the APR documentation][apr-warn]:
	817	*
	818	* > If the statcode was not created by apr_get_os_error or
	819	* > APR_FROM_OS_ERROR, the results are undefined.
	820	*
	821	* We cannot know if this applies to any error we might encounter.
[a9fa300]	822	*
[08b821a]	823	* @param ptr GnuTLS session data pointer (the mod_gnutls context
	824	* structure)
	825	*
	826	* @param buffer buffer for the read data
	827	*
	828	* @param len maximum number of bytes to read (must fit into the
	829	* buffer)
	830	*
	831	* @return The number of bytes read (may be zero on EOF), or `-1` on
	832	* error. Note that some errors may warrant another try (see above).
	833	*
	834	* [apr-warn]: https://apr.apache.org/docs/apr/1.4/group__apr__errno.html#ga2385cae04b04afbdcb65f1a45c4d8506 "Apache Portable Runtime: Error Codes"
[02a6a18]	835	*/
[c301152]	836	ssize_t mgs_transport_read(gnutls_transport_ptr_t ptr,
[02a6a18]	837	void *buffer, size_t len)
	838	{
[e183628]	839	mgs_handle_t *ctxt = ptr;
	840	apr_status_t rc;
	841	apr_size_t in = len;
	842	apr_read_type_e block = ctxt->input_block;
	843
	844	ctxt->input_rc = APR_SUCCESS;
	845
	846	/* If Len = 0, we don't do anything. */
[19f2719]	847	if (!len \|\| buffer == NULL)
	848	{
[e183628]	849	return 0;
	850	}
[19f2719]	851	/* Input bucket brigade is missing, EOF */
	852	if (!ctxt->input_bb)
	853	{
[e183628]	854	ctxt->input_rc = APR_EOF;
[a9fa300]	855	gnutls_transport_set_errno(ctxt->session, ECONNABORTED);
[e183628]	856	return -1;
	857	}
	858
[19f2719]	859	if (APR_BRIGADE_EMPTY(ctxt->input_bb))
	860	{
[e183628]	861	rc = ap_get_brigade(ctxt->input_filter->next,
[19f2719]	862	ctxt->input_bb, AP_MODE_READBYTES,
	863	ctxt->input_block, in);
[e183628]	864
	865	/* Not a problem, there was simply no data ready yet.
	866	*/
	867	if (APR_STATUS_IS_EAGAIN(rc) \|\| APR_STATUS_IS_EINTR(rc)
[02a6a18]	868	\|\| (rc == APR_SUCCESS
	869	&& APR_BRIGADE_EMPTY(ctxt->input_bb)))
	870	{
[bd2b48b]	871	/* Turning APR_SUCCESS into APR_EINTR isn't ideal, but
	872	* it's the best matching error code for "didn't get data,
	873	* but read didn't permanently fail either." */
	874	ctxt->input_rc = (rc != APR_SUCCESS ? rc : APR_EINTR);
	875	gnutls_transport_set_errno(ctxt->session,
	876	EAI_APR_TO_RAW(ctxt->input_rc));
	877	return -1;
[e183628]	878	}
[e02dd8c]	879
[19f2719]	880	if (rc != APR_SUCCESS)
	881	{
[e183628]	882	/* Unexpected errors discard the brigade */
	883	apr_brigade_cleanup(ctxt->input_bb);
	884	ctxt->input_bb = NULL;
[a9fa300]	885	gnutls_transport_set_errno(ctxt->session, EIO);
[e183628]	886	return -1;
	887	}
	888	}
	889
[19f2719]	890	ctxt->input_rc = brigade_consume(ctxt->input_bb, block, buffer, &len);
[e183628]	891
[19f2719]	892	if (ctxt->input_rc == APR_SUCCESS)
	893	{
[e183628]	894	return (ssize_t) len;
	895	}
	896
	897	if (APR_STATUS_IS_EAGAIN(ctxt->input_rc)
[02a6a18]	898	\|\| APR_STATUS_IS_EINTR(ctxt->input_rc))
	899	{
	900	if (len == 0)
	901	{
[6868585]	902	gnutls_transport_set_errno(ctxt->session,
	903	EAI_APR_TO_RAW(ctxt->input_rc));
[e183628]	904	return -1;
[60cf11c]	905	}
[e183628]	906
	907	return (ssize_t) len;
	908	}
	909
	910	/* Unexpected errors and APR_EOF clean out the brigade.
[19f2719]	911	* Subsequent calls will return APR_EOF. */
[e183628]	912	apr_brigade_cleanup(ctxt->input_bb);
	913	ctxt->input_bb = NULL;
	914
[19f2719]	915	if (APR_STATUS_IS_EOF(ctxt->input_rc) && len)
	916	{
	917	/* Some data has been received before EOF, return it. */
[e183628]	918	return (ssize_t) len;
	919	}
	920
[a9fa300]	921	gnutls_transport_set_errno(ctxt->session, EIO);
[e183628]	922	return -1;
[dae0aec]	923	}
	924
[a9fa300]	925	/**
	926	* Push function for GnuTLS
	927	*
[08b821a]	928	* `gnutls_transport_set_errno()` will be called with `EAGAIN` or
	929	* `EINTR` on recoverable errors, or `EIO` in case of unexpected
	930	* errors. See the description of mgs_transport_read() for details on
	931	* possible error codes.
	932	*
	933	* @param ptr GnuTLS session data pointer (the mod_gnutls context
	934	* structure)
	935	*
	936	* @param buffer buffer containing the data to send
	937	*
	938	* @param len length of the data
	939	* buffer)
	940	*
	941	* @return The number of written bytes, or `-1` on error. Note that
	942	* some errors may warrant another try (see above).
[a9fa300]	943	*/
[c301152]	944	ssize_t mgs_transport_write(gnutls_transport_ptr_t ptr,
[19f2719]	945	const void *buffer, size_t len)
	946	{
[e183628]	947	mgs_handle_t *ctxt = ptr;
	948
	949	/* pass along the encrypted data
	950	* need to flush since we're using SSL's malloc-ed buffer
	951	* which will be overwritten once we leave here
	952	*/
	953	apr_bucket *bucket = apr_bucket_transient_create(buffer, len,
	954	ctxt->output_bb->
	955	bucket_alloc);
	956	ctxt->output_length += len;
	957	APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, bucket);
	958
[be41ee4]	959	if (write_flush(ctxt) < 0)
	960	{
	961	/* We encountered an error. APR_EINTR or APR_EAGAIN can be
	962	* handled, treat everything else as a generic I/O error. */
	963	int err = EIO;
	964	if (APR_STATUS_IS_EAGAIN(ctxt->output_rc)
	965	\|\| APR_STATUS_IS_EINTR(ctxt->output_rc))
	966	err = EAI_APR_TO_RAW(ctxt->output_rc);
	967
	968	gnutls_transport_set_errno(ctxt->session, err);
[e183628]	969	return -1;
	970	}
	971	return len;
[7e2b223]	972	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: mod_gnutls/src/gnutls_io.c @ bd2b48b

Download in other formats: