Context Navigation

gnutls_io.c @ 5ab2868

Visit:

debian/masterproxy-ticket

Last change on this file since 5ab2868 was 5ab2868, checked in by Fiona Klute <fiona.klute@…>, 2 years ago

Remove unused server variable

The mgs_srvconf_rec.non_ssl_request variable was never read and only
set when receiving a non-TLS request.

Property mode set to 100644

File size: 30.2 KB

Line
1	/*
2	* Copyright 2004-2005 Paul Querna
3	* Copyright 2008 Nikos Mavrogiannopoulos
4	* Copyright 2011 Dash Shendy
5	* Copyright 2015-2017 Fiona Klute
6	*
7	* Licensed under the Apache License, Version 2.0 (the "License");
8	* you may not use this file except in compliance with the License.
9	* You may obtain a copy of the License at
10	*
11	* http://www.apache.org/licenses/LICENSE-2.0
12	*
13	* Unless required by applicable law or agreed to in writing, software
14	* distributed under the License is distributed on an "AS IS" BASIS,
15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16	* See the License for the specific language governing permissions and
17	* limitations under the License.
18	*/
19
20	#include "mod_gnutls.h"
21
22	#ifdef APLOG_USE_MODULE
23	APLOG_USE_MODULE(gnutls);
24	#endif
25
26	#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
27	#include <inttypes.h>
28	#endif
29
30	/**
31	* @file
32	* Describe how the GnuTLS Filter system works here
33	* - Basicly the same as what mod_ssl does with OpenSSL.
34	*
35	*/
36
37	#define HTTP_ON_HTTPS_PORT \
38	"GET /" CRLF
39
40	#define HTTP_ON_HTTPS_PORT_BUCKET(alloc) \
41	apr_bucket_immortal_create(HTTP_ON_HTTPS_PORT, \
42	sizeof(HTTP_ON_HTTPS_PORT) - 1, \
43	alloc)
44
45	#define IS_PROXY_STR(c) \
46	((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "")
47
48	/**
49	* Convert `APR_EINTR` or `APR_EAGAIN` to the matching errno. Needed
50	* to pass the status on to GnuTLS from the pull and push functions.
51	*/
52	#define EAI_APR_TO_RAW(s) (APR_STATUS_IS_EAGAIN(s) ? EAGAIN : EINTR)
53
54
55
56	static apr_status_t gnutls_io_filter_error(ap_filter_t * f,
57	apr_bucket_brigade * bb,
58	apr_status_t status) {
59	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
60	apr_bucket *bucket;
61
62	switch (status) {
63	case HTTP_BAD_REQUEST:
64	/* log the situation */
65	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c,
66	"GnuTLS handshake failed: HTTP spoken on HTTPS port; "
67	"trying to send HTML error page");
68	ctxt->status = -1;
69
70	/* fake the request line */
71	bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);
72	break;
73
74	default:
75	return status;
76	}
77
78	APR_BRIGADE_INSERT_TAIL(bb, bucket);
79	bucket = apr_bucket_eos_create(f->c->bucket_alloc);
80	APR_BRIGADE_INSERT_TAIL(bb, bucket);
81
82	return APR_SUCCESS;
83	}
84
85	static int char_buffer_read(mgs_char_buffer_t * buffer, char *in, int inl) {
86	if (!buffer->length) {
87	return 0;
88	}
89
90	if (buffer->length > inl) {
91	/* we have have enough to fill the caller's buffer */
92	memmove(in, buffer->value, inl);
93	buffer->value += inl;
94	buffer->length -= inl;
95	} else {
96	/* swallow remainder of the buffer */
97	memmove(in, buffer->value, buffer->length);
98	inl = buffer->length;
99	buffer->value = NULL;
100	buffer->length = 0;
101	}
102
103	return inl;
104	}
105
106	static int char_buffer_write(mgs_char_buffer_t * buffer, char *in, int inl) {
107	buffer->value = in;
108	buffer->length = inl;
109	return inl;
110	}
111
112	/**
113	* From mod_ssl / ssl_engine_io.c
114	* This function will read from a brigade and discard the read buckets as it
115	* proceeds. It will read at most *len bytes.
116	*/
117	static apr_status_t brigade_consume(apr_bucket_brigade * bb,
118	apr_read_type_e block,
119	char c, apr_size_t len) {
120	apr_size_t actual = 0;
121	apr_status_t status = APR_SUCCESS;
122
123	while (!APR_BRIGADE_EMPTY(bb)) {
124	apr_bucket *b = APR_BRIGADE_FIRST(bb);
125	const char *str;
126	apr_size_t str_len;
127	apr_size_t consume;
128
129	/* Justin points out this is an http-ism that might
130	* not fit if brigade_consume is added to APR. Perhaps
131	* apr_bucket_read(eos_bucket) should return APR_EOF?
132	* Then this becomes mainline instead of a one-off.
133	*/
134	if (APR_BUCKET_IS_EOS(b)) {
135	status = APR_EOF;
136	break;
137	}
138
139	/* The reason I'm not offering brigade_consume yet
140	* across to apr-util is that the following call
141	* illustrates how borked that API really is. For
142	* this sort of case (caller provided buffer) it
143	* would be much more trivial for apr_bucket_consume
144	* to do all the work that follows, based on the
145	* particular characteristics of the bucket we are
146	* consuming here.
147	*/
148	status = apr_bucket_read(b, &str, &str_len, block);
149
150	if (status != APR_SUCCESS) {
151	if (APR_STATUS_IS_EOF(status)) {
152	/* This stream bucket was consumed */
153	apr_bucket_delete(b);
154	continue;
155	}
156	break;
157	}
158
159	if (str_len > 0) {
160	/* Do not block once some data has been consumed */
161	block = APR_NONBLOCK_READ;
162
163	/* Assure we don't overflow. */
164	consume =
165	(str_len + actual >
166	len) ? len - actual : str_len;
167
168	memcpy(c, str, consume);
169
170	c += consume;
171	actual += consume;
172
173	if (consume >= b->length) {
174	/* This physical bucket was consumed */
175	apr_bucket_delete(b);
176	} else {
177	/* Only part of this physical bucket was consumed */
178	b->start += consume;
179	b->length -= consume;
180	}
181	} else if (b->length == 0) {
182	apr_bucket_delete(b);
183	}
184
185	/* This could probably be actual == *len, but be safe from stray
186	* photons. */
187	if (actual >= *len) {
188	break;
189	}
190	}
191
192	*len = actual;
193	return status;
194	}
195
196	static apr_status_t gnutls_io_input_read(mgs_handle_t * ctxt,
197	char buf, apr_size_t len)
198	{
199	apr_size_t wanted = *len;
200	apr_size_t bytes = 0;
201	int rc;
202
203	*len = 0;
204
205	/* If we have something leftover from last time, try that first. */
206	if ((bytes = char_buffer_read(&ctxt->input_cbuf, buf, wanted))) {
207	*len = bytes;
208	if (ctxt->input_mode == AP_MODE_SPECULATIVE) {
209	/* We want to rollback this read. */
210	if (ctxt->input_cbuf.length > 0) {
211	ctxt->input_cbuf.value -= bytes;
212	ctxt->input_cbuf.length += bytes;
213	} else {
214	char_buffer_write(&ctxt->input_cbuf, buf,
215	(int) bytes);
216	}
217	return APR_SUCCESS;
218	}
219	/* This could probably be *len == wanted, but be safe from stray
220	* photons.
221	*/
222	if (*len >= wanted) {
223	return APR_SUCCESS;
224	}
225	if (ctxt->input_mode == AP_MODE_GETLINE) {
226	if (memchr(buf, APR_ASCII_LF, *len)) {
227	return APR_SUCCESS;
228	}
229	} else {
230	/* Down to a nonblock pattern as we have some data already
231	*/
232	ctxt->input_block = APR_NONBLOCK_READ;
233	}
234	}
235
236	if (ctxt->session == NULL) {
237	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
238	"%s: GnuTLS session is NULL!", __func__);
239	return APR_EGENERAL;
240	}
241
242	while (1)
243	{
244	rc = gnutls_record_recv(ctxt->session, buf + bytes, wanted - bytes);
245
246	if (rc == GNUTLS_E_INTERRUPTED)
247	ctxt->input_rc = APR_EINTR;
248	else if (rc == GNUTLS_E_AGAIN)
249	ctxt->input_rc = APR_EAGAIN;
250
251	if (rc > 0) {
252	*len += rc;
253	if (ctxt->input_mode == AP_MODE_SPECULATIVE) {
254	/* We want to rollback this read. */
255	char_buffer_write(&ctxt->input_cbuf, buf,
256	rc);
257	}
258	return ctxt->input_rc;
259	} else if (rc == 0) {
260	/* If EAGAIN, we will loop given a blocking read,
261	* otherwise consider ourselves at EOF.
262	*/
263	if (APR_STATUS_IS_EAGAIN(ctxt->input_rc)
264	\|\| APR_STATUS_IS_EINTR(ctxt->input_rc)) {
265	/* Already read something, return APR_SUCCESS instead.
266	* On win32 in particular, but perhaps on other kernels,
267	* a blocking call isn't 'always' blocking.
268	*/
269	if (*len > 0) {
270	ctxt->input_rc = APR_SUCCESS;
271	break;
272	}
273	if (ctxt->input_block == APR_NONBLOCK_READ) {
274	break;
275	}
276	} else {
277	if (*len > 0) {
278	ctxt->input_rc = APR_SUCCESS;
279	} else {
280	ctxt->input_rc = APR_EOF;
281	}
282	break;
283	}
284	} else { /* (rc < 0) */
285
286	if (rc == GNUTLS_E_REHANDSHAKE) {
287	/* A client has asked for a new Hankshake. Currently, we don't do it */
288	ap_log_cerror(APLOG_MARK, APLOG_INFO,
289	ctxt->input_rc,
290	ctxt->c,
291	"GnuTLS: Error reading data. Client Requested a New Handshake."
292	" (%d) '%s'", rc,
293	gnutls_strerror(rc));
294	} else if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED) {
295	rc = gnutls_alert_get(ctxt->session);
296	ap_log_cerror(APLOG_MARK, APLOG_INFO,
297	ctxt->input_rc,
298	ctxt->c,
299	"GnuTLS: Warning Alert From Client: "
300	" (%d) '%s'", rc,
301	gnutls_alert_get_name(rc));
302	} else if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED) {
303	rc = gnutls_alert_get(ctxt->session);
304	ap_log_cerror(APLOG_MARK, APLOG_INFO,
305	ctxt->input_rc,
306	ctxt->c,
307	"GnuTLS: Fatal Alert From Client: "
308	"(%d) '%s'", rc,
309	gnutls_alert_get_name(rc));
310	ctxt->input_rc = APR_EGENERAL;
311	break;
312	} else {
313	/* Some Other Error. Report it. Die. */
314	if (gnutls_error_is_fatal(rc)) {
315	ap_log_cerror(APLOG_MARK,
316	APLOG_INFO,
317	ctxt->input_rc,
318	ctxt->c,
319	"GnuTLS: Error reading data. (%d) '%s'",
320	rc,
321	gnutls_strerror(rc));
322	} else if (*len > 0) {
323	ctxt->input_rc = APR_SUCCESS;
324	break;
325	}
326	}
327
328	if (ctxt->input_rc == APR_SUCCESS) {
329	ap_log_cerror(APLOG_MARK, APLOG_INFO, ctxt->input_rc, ctxt->c,
330	"%s: GnuTLS error: %s (%d)",
331	__func__, gnutls_strerror(rc), rc);
332	ctxt->input_rc = APR_EGENERAL;
333	}
334	break;
335	}
336	}
337	return ctxt->input_rc;
338	}
339
340	static apr_status_t gnutls_io_input_getline(mgs_handle_t * ctxt,
341	char buf, apr_size_t len) {
342	const char *pos = NULL;
343	apr_status_t status;
344	apr_size_t tmplen = len, buflen = len, offset = 0;
345
346	*len = 0;
347
348	while (tmplen > 0) {
349	status = gnutls_io_input_read(ctxt, buf + offset, &tmplen);
350
351	if (status != APR_SUCCESS) {
352	return status;
353	}
354
355	*len += tmplen;
356
357	if ((pos = memchr(buf, APR_ASCII_LF, *len))) {
358	break;
359	}
360
361	offset += tmplen;
362	tmplen = buflen - offset;
363	}
364
365	if (pos) {
366	char *value;
367	int length;
368	apr_size_t bytes = pos - buf;
369
370	bytes += 1;
371	value = buf + bytes;
372	length = *len - bytes;
373
374	char_buffer_write(&ctxt->input_cbuf, value, length);
375
376	*len = bytes;
377	}
378
379	return APR_SUCCESS;
380	}
381
382	#define HANDSHAKE_MAX_TRIES 1024
383
384	static int gnutls_do_handshake(mgs_handle_t * ctxt) {
385	int ret;
386	int errcode;
387	int maxtries = HANDSHAKE_MAX_TRIES;
388
389	if (ctxt->status != 0 \|\| ctxt->session == NULL) {
390	return -1;
391	}
392
393	/* Enable SNI for proxy connections */
394	if (ctxt->is_proxy == GNUTLS_ENABLED_TRUE)
395	{
396	/* Get peer hostname from note left by mod_proxy */
397	const char *peer_hostname =
398	apr_table_get(ctxt->c->notes, PROXY_SNI_NOTE);
399	/* Used only as target for apr_ipsubnet_create() */
400	apr_ipsubnet_t *probe;
401	/* Check if the note is present (!= NULL) and NOT an IP
402	* address */
403	if ((peer_hostname) != NULL
404	&& (apr_ipsubnet_create(&probe, peer_hostname, NULL, ctxt->c->pool)
405	!= APR_SUCCESS))
406	{
407	ret = gnutls_server_name_set(ctxt->session, GNUTLS_NAME_DNS,
408	peer_hostname, strlen(peer_hostname));
409	if (ret != GNUTLS_E_SUCCESS)
410	ap_log_cerror(APLOG_MARK, APLOG_ERR, ret, ctxt->c,
411	"Could not set SNI '%s' for proxy connection: "
412	"%s (%d)",
413	peer_hostname, gnutls_strerror(ret), ret);
414	}
415	}
416
417	tryagain:
418	do {
419	ret = gnutls_handshake(ctxt->session);
420	maxtries--;
421	} while ((ret == GNUTLS_E_INTERRUPTED \|\| ret == GNUTLS_E_AGAIN)
422	&& maxtries > 0);
423
424	if (maxtries < 1) {
425	ctxt->status = -1;
426	ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c,
427	"GnuTLS: Handshake Failed. Hit Maximum Attempts");
428	if (ctxt->session) {
429	gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
430	gnutls_error_to_alert
431	(GNUTLS_E_INTERNAL_ERROR, NULL));
432	gnutls_deinit(ctxt->session);
433	}
434	ctxt->session = NULL;
435	return -1;
436	}
437
438	if (ret < 0) {
439	if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED
440	\|\| ret == GNUTLS_E_FATAL_ALERT_RECEIVED) {
441	errcode = gnutls_alert_get(ctxt->session);
442	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
443	"GnuTLS: Handshake Alert (%d) '%s'.",
444	errcode, gnutls_alert_get_name(errcode));
445	}
446
447	if (!gnutls_error_is_fatal(ret)) {
448	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
449	"GnuTLS: Non-Fatal Handshake Error: (%d) '%s'",
450	ret, gnutls_strerror(ret));
451	goto tryagain;
452	}
453	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
454	"GnuTLS: Handshake Failed (%d) '%s'", ret,
455	gnutls_strerror(ret));
456	ctxt->status = -1;
457	if (ctxt->session) {
458	gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
459	gnutls_error_to_alert(ret,
460	NULL));
461	gnutls_deinit(ctxt->session);
462	}
463	ctxt->session = NULL;
464	return ret;
465	} else {
466	/* all done with the handshake */
467	ctxt->status = 1;
468	if (gnutls_session_is_resumed(ctxt->session))
469	{
470	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
471	"%s: TLS session resumed.", __func__);
472	}
473	return GNUTLS_E_SUCCESS;
474	}
475	}
476
477	int mgs_rehandshake(mgs_handle_t * ctxt) {
478	int rv;
479
480	if (ctxt->session == NULL)
481	return -1;
482
483	rv = gnutls_rehandshake(ctxt->session);
484
485	if (rv != 0) {
486	/* the client did not want to rehandshake. goodbye */
487	ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, ctxt->c,
488	"GnuTLS: Client Refused Rehandshake request.");
489	return -1;
490	}
491
492	ctxt->status = 0;
493
494	rv = gnutls_do_handshake(ctxt);
495
496	return rv;
497	}
498
499
500
501	/**
502	* Close the TLS session associated with the given connection
503	* structure and free its resources
504	*
505	* @param ctxt the mod_gnutls session context
506	*
507	* @return a GnuTLS status code, hopefully `GNUTLS_E_SUCCESS`
508	*/
509	static int mgs_bye(mgs_handle_t* ctxt)
510	{
511	int ret = GNUTLS_E_SUCCESS;
512	/* End Of Connection */
513	if (ctxt->session != NULL)
514	{
515	/* Try A Clean Shutdown */
516	do {
517	ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR);
518	} while (ret == GNUTLS_E_INTERRUPTED \|\| ret == GNUTLS_E_AGAIN);
519	if (ret != GNUTLS_E_SUCCESS)
520	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_EGENERAL, ctxt->c,
521	"%s: Error while closing TLS %sconnection: "
522	"'%s' (%d)",
523	__func__, IS_PROXY_STR(ctxt),
524	gnutls_strerror(ret), (int) ret);
525	else
526	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
527	"%s: TLS %sconnection closed.",
528	__func__, IS_PROXY_STR(ctxt));
529	/* De-Initialize Session */
530	gnutls_deinit(ctxt->session);
531	ctxt->session = NULL;
532	}
533	return ret;
534	}
535
536
537
538	apr_status_t mgs_filter_input(ap_filter_t * f,
539	apr_bucket_brigade * bb,
540	ap_input_mode_t mode,
541	apr_read_type_e block, apr_off_t readbytes)
542	{
543	apr_status_t status = APR_SUCCESS;
544	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
545	apr_size_t len = sizeof (ctxt->input_buffer);
546
547	if (f->c->aborted) {
548	apr_bucket *bucket =
549	apr_bucket_eos_create(f->c->bucket_alloc);
550	APR_BRIGADE_INSERT_TAIL(bb, bucket);
551	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
552	"%s: %sconnection aborted",
553	__func__, IS_PROXY_STR(ctxt));
554	return APR_ECONNABORTED;
555	}
556
557	if (ctxt->status == 0) {
558	int ret = gnutls_do_handshake(ctxt);
559	if (ret == GNUTLS_E_SUCCESS)
560	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
561	"%s: TLS %sconnection opened.",
562	__func__, IS_PROXY_STR(ctxt));
563	}
564
565	if (ctxt->status < 0) {
566	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
567	"%s %s: ap_get_brigade", __func__, IS_PROXY_STR(ctxt));
568	return ap_get_brigade(f->next, bb, mode, block, readbytes);
569	}
570
571	/* XXX: we don't currently support anything other than these modes. */
572	if (mode != AP_MODE_READBYTES && mode != AP_MODE_GETLINE &&
573	mode != AP_MODE_SPECULATIVE && mode != AP_MODE_INIT) {
574	return APR_ENOTIMPL;
575	}
576
577	ctxt->input_mode = mode;
578	ctxt->input_block = block;
579
580	if (ctxt->input_mode == AP_MODE_READBYTES \|\|
581	ctxt->input_mode == AP_MODE_SPECULATIVE) {
582	if (readbytes < 0) {
583	/* you're asking us to speculatively read a negative number of bytes! */
584	return APR_ENOTIMPL;
585	}
586	/* 'readbytes' and 'len' are of different integer types, which
587	* might have different lengths. Read sizes should be too
588	* small for 32 or 64 bit to matter, but we have to make
589	* sure. */
590	#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
591	if ((apr_size_t) readbytes < len)
592	{
593	/* If readbytes is negative the function fails in the
594	* check above, but the compiler doesn't get that. */
595	if (__builtin_expect(imaxabs(readbytes) > SIZE_MAX, 0))
596	{
597	ap_log_cerror(APLOG_MARK, APLOG_CRIT, APR_EINVAL, ctxt->c,
598	"%s: prevented buffer length overflow",
599	__func__);
600	return APR_EINVAL;
601	}
602	len = (apr_size_t) readbytes;
603	}
604	#else
605	if ((apr_size_t) readbytes < len
606	&& __builtin_add_overflow(readbytes, 0, &len))
607	{
608	ap_log_cerror(APLOG_MARK, APLOG_CRIT, APR_EINVAL, ctxt->c,
609	"%s: prevented buffer length overflow",
610	__func__);
611	return APR_EINVAL;
612	}
613	#endif
614	status =
615	gnutls_io_input_read(ctxt, ctxt->input_buffer, &len);
616	} else if (ctxt->input_mode == AP_MODE_GETLINE) {
617	status =
618	gnutls_io_input_getline(ctxt, ctxt->input_buffer,
619	&len);
620	} else {
621	/* We have no idea what you are talking about, so return an error. */
622	return APR_ENOTIMPL;
623	}
624
625	if (status != APR_SUCCESS)
626	{
627	/* no data for nonblocking read, return APR_EAGAIN */
628	if ((block == APR_NONBLOCK_READ) && APR_STATUS_IS_EINTR(status))
629	return APR_EAGAIN;
630
631	/* Close TLS session and free resources on EOF,
632	* gnutls_io_filter_error will add an EOS bucket */
633	if (APR_STATUS_IS_EOF(status))
634	mgs_bye(ctxt);
635
636	return gnutls_io_filter_error(f, bb, status);
637	}
638
639	/* Create a transient bucket out of the decrypted data. */
640	if (len > 0) {
641	apr_bucket *bucket =
642	apr_bucket_transient_create(ctxt->input_buffer, len,
643	f->c->bucket_alloc);
644	APR_BRIGADE_INSERT_TAIL(bb, bucket);
645	}
646
647	return status;
648	}
649
650	/**
651	* Try to flush the output bucket brigade.
652	*
653	* @param ctxt the mod_gnutls session context
654	*
655	* @return `1` on success, `-1` on failure.
656	*/
657	static ssize_t write_flush(mgs_handle_t * ctxt) {
658	apr_bucket *e;
659
660	if (!(ctxt->output_blen \|\| ctxt->output_length)) {
661	ctxt->output_rc = APR_SUCCESS;
662	return 1;
663	}
664
665	if (ctxt->output_blen) {
666	e = apr_bucket_transient_create(ctxt->output_buffer,
667	ctxt->output_blen,
668	ctxt->output_bb->
669	bucket_alloc);
670	/* we filled this buffer first so add it to the
671	* * head of the brigade
672	* */
673	APR_BRIGADE_INSERT_HEAD(ctxt->output_bb, e);
674	ctxt->output_blen = 0;
675	}
676
677	ctxt->output_length = 0;
678	e = apr_bucket_flush_create(ctxt->output_bb->bucket_alloc);
679	APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, e);
680
681	ctxt->output_rc = ap_pass_brigade(ctxt->output_filter->next,
682	ctxt->output_bb);
683	/* clear the brigade to be ready for next time */
684	apr_brigade_cleanup(ctxt->output_bb);
685
686	return (ctxt->output_rc == APR_SUCCESS) ? 1 : -1;
687	}
688
689	apr_status_t mgs_filter_output(ap_filter_t * f, apr_bucket_brigade * bb) {
690	int ret;
691	mgs_handle_t ctxt = (mgs_handle_t ) f->ctx;
692	apr_status_t status = APR_SUCCESS;
693	apr_read_type_e rblock = APR_NONBLOCK_READ;
694
695	if (f->c->aborted) {
696	apr_brigade_cleanup(bb);
697	return APR_ECONNABORTED;
698	}
699
700	if (ctxt->status == 0) {
701	ret = gnutls_do_handshake(ctxt);
702	if (ret == GNUTLS_E_SUCCESS)
703	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, ctxt->c,
704	"%s: TLS %sconnection opened.",
705	__func__, IS_PROXY_STR(ctxt));
706	}
707
708	if (ctxt->status < 0) {
709	return ap_pass_brigade(f->next, bb);
710	}
711
712	while (!APR_BRIGADE_EMPTY(bb)) {
713	apr_bucket *bucket = APR_BRIGADE_FIRST(bb);
714
715	if (APR_BUCKET_IS_EOS(bucket)) {
716	return ap_pass_brigade(f->next, bb);
717	} else if (APR_BUCKET_IS_FLUSH(bucket)) {
718	/* Try Flush */
719	if (write_flush(ctxt) < 0) {
720	/* Flush Error */
721	return ctxt->output_rc;
722	}
723	/* cleanup! */
724	apr_bucket_delete(bucket);
725	} else if (AP_BUCKET_IS_EOC(bucket)) {
726	/* End Of Connection, close TLS session and free
727	* resources */
728	mgs_bye(ctxt);
729	/* cleanup! */
730	apr_bucket_delete(bucket);
731	/* Pass next brigade! */
732	return ap_pass_brigade(f->next, bb);
733	} else {
734	/* filter output */
735	const char *data;
736	apr_size_t len;
737
738	status = apr_bucket_read(bucket, &data, &len, rblock);
739
740	if (APR_STATUS_IS_EAGAIN(status)) {
741	/* No data available so Flush! */
742	if (write_flush(ctxt) < 0) {
743	return ctxt->output_rc;
744	}
745	/* Try again with a blocking read. */
746	rblock = APR_BLOCK_READ;
747	continue;
748	}
749
750	rblock = APR_NONBLOCK_READ;
751
752	if (!APR_STATUS_IS_EOF(status)
753	&& (status != APR_SUCCESS)) {
754	return status;
755	}
756
757	if (len > 0) {
758
759	if (ctxt->session == NULL) {
760	ret = GNUTLS_E_INVALID_REQUEST;
761	} else {
762	do {
763	ret =
764	gnutls_record_send
765	(ctxt->session, data,
766	len);
767	} while (ret == GNUTLS_E_INTERRUPTED
768	\|\| ret == GNUTLS_E_AGAIN);
769	}
770
771	if (ret < 0) {
772	/* error sending output */
773	ap_log_cerror(APLOG_MARK, APLOG_INFO, ctxt->output_rc,
774	ctxt->c,
775	"GnuTLS: Error writing data. (%d) '%s'",
776	ret, gnutls_strerror(ret));
777	if (ctxt->output_rc == APR_SUCCESS) {
778	ctxt->output_rc =
779	APR_EGENERAL;
780	return ctxt->output_rc;
781	}
782	} else if ((apr_size_t)(ret) != len) {
783	/* we know the above cast is OK because len > 0 and ret >= 0 */
784	/* Not able to send the entire bucket,
785	split it and send it again. */
786	apr_bucket_split(bucket, ret);
787	}
788	}
789
790	apr_bucket_delete(bucket);
791	}
792	}
793
794	return status;
795	}
796
797	/**
798	* Pull function for GnuTLS
799	*
800	* Generic errnos used for `gnutls_transport_set_errno()`:
801	* * `EAGAIN`: no data available at the moment, try again (maybe later)
802	* * `EINTR`: read was interrupted, try again
803	* * `EIO`: Unknown I/O error
804	* * `ECONNABORTED`: Input BB does not exist (`NULL`)
805	*
806	* The reason we are not using `APR_TO_OS_ERROR` to map `apr_status_t`
807	* to errnos is this warning [in the APR documentation][apr-warn]:
808	*
809	* > If the statcode was not created by apr_get_os_error or
810	* > APR_FROM_OS_ERROR, the results are undefined.
811	*
812	* We cannot know if this applies to any error we might encounter.
813	*
814	* @param ptr GnuTLS session data pointer (the mod_gnutls context
815	* structure)
816	*
817	* @param buffer buffer for the read data
818	*
819	* @param len maximum number of bytes to read (must fit into the
820	* buffer)
821	*
822	* @return The number of bytes read (may be zero on EOF), or `-1` on
823	* error. Note that some errors may warrant another try (see above).
824	*
825	* [apr-warn]: https://apr.apache.org/docs/apr/1.4/group__apr__errno.html#ga2385cae04b04afbdcb65f1a45c4d8506 "Apache Portable Runtime: Error Codes"
826	*/
827	ssize_t mgs_transport_read(gnutls_transport_ptr_t ptr,
828	void *buffer, size_t len)
829	{
830	mgs_handle_t *ctxt = ptr;
831	apr_status_t rc;
832	apr_size_t in = len;
833	apr_read_type_e block = ctxt->input_block;
834
835	ctxt->input_rc = APR_SUCCESS;
836
837	/* If Len = 0, we don't do anything. */
838	if (!len \|\| buffer == NULL)
839	{
840	return 0;
841	}
842	/* Input bucket brigade is missing, EOF */
843	if (!ctxt->input_bb)
844	{
845	ctxt->input_rc = APR_EOF;
846	gnutls_transport_set_errno(ctxt->session, ECONNABORTED);
847	return -1;
848	}
849
850	if (APR_BRIGADE_EMPTY(ctxt->input_bb))
851	{
852	rc = ap_get_brigade(ctxt->input_filter->next,
853	ctxt->input_bb, AP_MODE_READBYTES,
854	ctxt->input_block, in);
855
856	/* Not a problem, there was simply no data ready yet.
857	*/
858	if (APR_STATUS_IS_EAGAIN(rc) \|\| APR_STATUS_IS_EINTR(rc)
859	\|\| (rc == APR_SUCCESS
860	&& APR_BRIGADE_EMPTY(ctxt->input_bb)))
861	{
862	if (APR_STATUS_IS_EOF(ctxt->input_rc))
863	{
864	return 0;
865	}
866	else
867	{
868	gnutls_transport_set_errno(ctxt->session,
869	EAI_APR_TO_RAW(ctxt->input_rc));
870	return -1;
871	}
872	}
873
874	if (rc != APR_SUCCESS)
875	{
876	/* Unexpected errors discard the brigade */
877	apr_brigade_cleanup(ctxt->input_bb);
878	ctxt->input_bb = NULL;
879	gnutls_transport_set_errno(ctxt->session, EIO);
880	return -1;
881	}
882	}
883
884	ctxt->input_rc = brigade_consume(ctxt->input_bb, block, buffer, &len);
885
886	if (ctxt->input_rc == APR_SUCCESS)
887	{
888	return (ssize_t) len;
889	}
890
891	if (APR_STATUS_IS_EAGAIN(ctxt->input_rc)
892	\|\| APR_STATUS_IS_EINTR(ctxt->input_rc))
893	{
894	if (len == 0)
895	{
896	gnutls_transport_set_errno(ctxt->session,
897	EAI_APR_TO_RAW(ctxt->input_rc));
898	return -1;
899	}
900
901	return (ssize_t) len;
902	}
903
904	/* Unexpected errors and APR_EOF clean out the brigade.
905	* Subsequent calls will return APR_EOF. */
906	apr_brigade_cleanup(ctxt->input_bb);
907	ctxt->input_bb = NULL;
908
909	if (APR_STATUS_IS_EOF(ctxt->input_rc) && len)
910	{
911	/* Some data has been received before EOF, return it. */
912	return (ssize_t) len;
913	}
914
915	gnutls_transport_set_errno(ctxt->session, EIO);
916	return -1;
917	}
918
919	/**
920	* Push function for GnuTLS
921	*
922	* `gnutls_transport_set_errno()` will be called with `EAGAIN` or
923	* `EINTR` on recoverable errors, or `EIO` in case of unexpected
924	* errors. See the description of mgs_transport_read() for details on
925	* possible error codes.
926	*
927	* @param ptr GnuTLS session data pointer (the mod_gnutls context
928	* structure)
929	*
930	* @param buffer buffer containing the data to send
931	*
932	* @param len length of the data
933	* buffer)
934	*
935	* @return The number of written bytes, or `-1` on error. Note that
936	* some errors may warrant another try (see above).
937	*/
938	ssize_t mgs_transport_write(gnutls_transport_ptr_t ptr,
939	const void *buffer, size_t len)
940	{
941	mgs_handle_t *ctxt = ptr;
942
943	/* pass along the encrypted data
944	* need to flush since we're using SSL's malloc-ed buffer
945	* which will be overwritten once we leave here
946	*/
947	apr_bucket *bucket = apr_bucket_transient_create(buffer, len,
948	ctxt->output_bb->
949	bucket_alloc);
950	ctxt->output_length += len;
951	APR_BRIGADE_INSERT_TAIL(ctxt->output_bb, bucket);
952
953	if (write_flush(ctxt) < 0)
954	{
955	/* We encountered an error. APR_EINTR or APR_EAGAIN can be
956	* handled, treat everything else as a generic I/O error. */
957	int err = EIO;
958	if (APR_STATUS_IS_EAGAIN(ctxt->output_rc)
959	\|\| APR_STATUS_IS_EINTR(ctxt->output_rc))
960	err = EAI_APR_TO_RAW(ctxt->output_rc);
961
962	gnutls_transport_set_errno(ctxt->session, err);
963	return -1;
964	}
965	return len;
966	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: mod_gnutls/src/gnutls_io.c @ 5ab2868

Download in other formats: