2005-02-20 14:27:00 +00:00
|
|
|
#include "network_backends.h"
|
|
|
|
|
|
|
|
|
|
#ifdef USE_OPENSSL
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <sys/time.h>
|
|
|
|
|
#include <sys/resource.h>
|
|
|
|
|
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <netinet/tcp.h>
|
|
|
|
|
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <netdb.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdlib.h>
|
2005-08-22 10:43:26 +00:00
|
|
|
#include <assert.h>
|
2005-02-20 14:27:00 +00:00
|
|
|
|
|
|
|
|
#include "network.h"
|
|
|
|
|
#include "fdevent.h"
|
|
|
|
|
#include "log.h"
|
2005-08-08 08:22:06 +00:00
|
|
|
#include "stat_cache.h"
|
2005-02-20 14:27:00 +00:00
|
|
|
|
2006-10-04 13:26:23 +00:00
|
|
|
# include <openssl/ssl.h>
|
|
|
|
|
# include <openssl/err.h>
|
2005-02-20 14:27:00 +00:00
|
|
|
|
2005-09-26 08:52:37 +00:00
|
|
|
int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq) {
|
2005-02-20 14:27:00 +00:00
|
|
|
int ssl_r;
|
|
|
|
|
chunk *c;
|
|
|
|
|
size_t chunks_written = 0;
|
2005-08-22 10:43:26 +00:00
|
|
|
|
|
|
|
|
/* this is a 64k sendbuffer
|
|
|
|
|
*
|
2006-10-04 13:26:23 +00:00
|
|
|
* it has to stay at the same location all the time to satisfy the needs
|
2005-08-22 10:43:26 +00:00
|
|
|
* of SSL_write to pass the SAME parameter in case of a _WANT_WRITE
|
|
|
|
|
*
|
|
|
|
|
* the buffer is allocated once, is NOT realloced and is NOT freed at shutdown
|
|
|
|
|
* -> we expect a 64k block to 'leak' in valgrind
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* In reality we would like to use mmap() but we don't have a guarantee that
|
|
|
|
|
* we get the same mmap() address for each call. On openbsd the mmap() address
|
|
|
|
|
* even randomized.
|
2006-10-04 13:26:23 +00:00
|
|
|
* That means either we keep the mmap() open or we do a read() into a
|
|
|
|
|
* constant buffer
|
2005-08-22 10:43:26 +00:00
|
|
|
* */
|
|
|
|
|
#define LOCAL_SEND_BUFSIZE (64 * 1024)
|
|
|
|
|
static char *local_send_buffer = NULL;
|
|
|
|
|
|
2005-10-31 08:44:54 +00:00
|
|
|
/* the remote side closed the connection before without shutdown request
|
2006-10-04 13:26:23 +00:00
|
|
|
* - IE
|
2005-10-31 08:44:54 +00:00
|
|
|
* - wget
|
|
|
|
|
* if keep-alive is disabled */
|
|
|
|
|
|
|
|
|
|
if (con->keep_alive == 0) {
|
|
|
|
|
SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
for(c = cq->first; c; c = c->next) {
|
|
|
|
|
int chunk_finished = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
switch(c->type) {
|
|
|
|
|
case MEM_CHUNK: {
|
|
|
|
|
char * offset;
|
|
|
|
|
size_t toSend;
|
|
|
|
|
ssize_t r;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-09-01 09:51:51 +00:00
|
|
|
if (c->mem->used == 0 || c->mem->used == 1) {
|
2005-02-20 14:27:00 +00:00
|
|
|
chunk_finished = 1;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-09-14 10:43:00 +00:00
|
|
|
offset = c->mem->ptr + c->offset;
|
|
|
|
|
toSend = c->mem->used - 1 - c->offset;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/**
|
|
|
|
|
* SSL_write man-page
|
2006-10-04 13:26:23 +00:00
|
|
|
*
|
2005-02-20 14:27:00 +00:00
|
|
|
* WARNING
|
|
|
|
|
* When an SSL_write() operation has to be repeated because of
|
|
|
|
|
* SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, it must be
|
|
|
|
|
* repeated with the same arguments.
|
2006-10-04 13:26:23 +00:00
|
|
|
*
|
2005-02-20 14:27:00 +00:00
|
|
|
*/
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2008-03-26 11:51:06 +00:00
|
|
|
ERR_clear_error();
|
2005-09-26 08:52:37 +00:00
|
|
|
if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
|
2005-09-08 09:55:23 +00:00
|
|
|
unsigned long err;
|
|
|
|
|
|
2005-09-26 08:52:37 +00:00
|
|
|
switch ((ssl_r = SSL_get_error(ssl, r))) {
|
2005-02-20 14:27:00 +00:00
|
|
|
case SSL_ERROR_WANT_WRITE:
|
|
|
|
|
break;
|
2005-03-03 17:17:18 +00:00
|
|
|
case SSL_ERROR_SYSCALL:
|
2005-09-08 09:55:23 +00:00
|
|
|
/* perhaps we have error waiting in our error-queue */
|
|
|
|
|
if (0 != (err = ERR_get_error())) {
|
2005-10-15 14:29:51 +00:00
|
|
|
do {
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
|
2005-10-15 14:29:51 +00:00
|
|
|
ssl_r, r,
|
|
|
|
|
ERR_error_string(err, NULL));
|
|
|
|
|
} while((err = ERR_get_error()));
|
2005-09-08 09:55:23 +00:00
|
|
|
} else if (r == -1) {
|
|
|
|
|
/* no, but we have errno */
|
|
|
|
|
switch(errno) {
|
|
|
|
|
case EPIPE:
|
2008-01-27 16:57:43 +00:00
|
|
|
case ECONNRESET:
|
2005-09-08 09:55:23 +00:00
|
|
|
return -2;
|
|
|
|
|
default:
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:",
|
2005-09-08 09:55:23 +00:00
|
|
|
ssl_r, r, errno,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* neither error-queue nor errno ? */
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
|
2005-03-03 17:35:46 +00:00
|
|
|
ssl_r, r, errno,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-03-03 17:17:18 +00:00
|
|
|
return -1;
|
2005-03-03 16:59:36 +00:00
|
|
|
case SSL_ERROR_ZERO_RETURN:
|
|
|
|
|
/* clean shutdown on the remote side */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-03-03 16:59:36 +00:00
|
|
|
if (r == 0) return -2;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-10-31 08:44:54 +00:00
|
|
|
/* fall through */
|
2005-02-20 14:27:00 +00:00
|
|
|
default:
|
2005-10-15 14:29:51 +00:00
|
|
|
while((err = ERR_get_error())) {
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
|
2005-10-15 14:29:51 +00:00
|
|
|
ssl_r, r,
|
|
|
|
|
ERR_error_string(err, NULL));
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
c->offset += r;
|
2005-09-22 09:08:06 +00:00
|
|
|
cq->bytes_out += r;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-09-14 10:43:00 +00:00
|
|
|
if (c->offset == (off_t)c->mem->used - 1) {
|
2005-02-20 14:27:00 +00:00
|
|
|
chunk_finished = 1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
case FILE_CHUNK: {
|
|
|
|
|
char *s;
|
|
|
|
|
ssize_t r;
|
2005-08-08 08:22:06 +00:00
|
|
|
stat_cache_entry *sce = NULL;
|
|
|
|
|
int ifd;
|
2005-08-25 06:21:32 +00:00
|
|
|
int write_wait = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-09-14 10:43:00 +00:00
|
|
|
if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->file.name, &sce)) {
|
2005-02-20 14:27:00 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sb",
|
2005-09-14 10:43:00 +00:00
|
|
|
strerror(errno), c->file.name);
|
2005-02-20 14:27:00 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2005-08-22 10:43:26 +00:00
|
|
|
|
|
|
|
|
if (NULL == local_send_buffer) {
|
|
|
|
|
local_send_buffer = malloc(LOCAL_SEND_BUFSIZE);
|
|
|
|
|
assert(local_send_buffer);
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
2005-08-08 08:22:06 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
do {
|
2005-11-17 12:53:44 +00:00
|
|
|
off_t offset = c->file.start + c->offset;
|
2006-10-04 13:26:23 +00:00
|
|
|
off_t toSend = c->file.length - c->offset;
|
2005-08-08 08:22:06 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
if (toSend > LOCAL_SEND_BUFSIZE) toSend = LOCAL_SEND_BUFSIZE;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-09-14 10:43:00 +00:00
|
|
|
if (-1 == (ifd = open(c->file.name->ptr, O_RDONLY))) {
|
2005-11-17 12:53:44 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "ss", "open failed:", strerror(errno));
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-08 08:22:06 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
lseek(ifd, offset, SEEK_SET);
|
|
|
|
|
if (-1 == (toSend = read(ifd, local_send_buffer, toSend))) {
|
2005-10-22 08:10:07 +00:00
|
|
|
close(ifd);
|
2005-11-17 12:53:44 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "ss", "read failed:", strerror(errno));
|
2005-08-22 10:43:26 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
s = local_send_buffer;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
close(ifd);
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2008-03-26 11:51:06 +00:00
|
|
|
ERR_clear_error();
|
2005-09-26 08:52:37 +00:00
|
|
|
if ((r = SSL_write(ssl, s, toSend)) <= 0) {
|
2005-10-31 08:44:54 +00:00
|
|
|
unsigned long err;
|
|
|
|
|
|
2005-09-26 08:52:37 +00:00
|
|
|
switch ((ssl_r = SSL_get_error(ssl, r))) {
|
2005-08-22 10:43:26 +00:00
|
|
|
case SSL_ERROR_WANT_WRITE:
|
2005-08-25 06:21:32 +00:00
|
|
|
write_wait = 1;
|
2005-03-03 17:35:46 +00:00
|
|
|
break;
|
2005-08-22 10:43:26 +00:00
|
|
|
case SSL_ERROR_SYSCALL:
|
2005-10-31 08:44:54 +00:00
|
|
|
/* perhaps we have error waiting in our error-queue */
|
|
|
|
|
if (0 != (err = ERR_get_error())) {
|
|
|
|
|
do {
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
|
2005-10-31 08:44:54 +00:00
|
|
|
ssl_r, r,
|
|
|
|
|
ERR_error_string(err, NULL));
|
|
|
|
|
} while((err = ERR_get_error()));
|
|
|
|
|
} else if (r == -1) {
|
|
|
|
|
/* no, but we have errno */
|
|
|
|
|
switch(errno) {
|
|
|
|
|
case EPIPE:
|
2008-01-28 07:02:11 +00:00
|
|
|
case ECONNRESET:
|
2005-10-31 08:44:54 +00:00
|
|
|
return -2;
|
|
|
|
|
default:
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:",
|
2005-10-31 08:44:54 +00:00
|
|
|
ssl_r, r, errno,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* neither error-queue nor errno ? */
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
|
2005-08-22 10:43:26 +00:00
|
|
|
ssl_r, r, errno,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
return -1;
|
|
|
|
|
case SSL_ERROR_ZERO_RETURN:
|
|
|
|
|
/* clean shutdown on the remote side */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
if (r == 0) return -2;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
/* fall thourgh */
|
|
|
|
|
default:
|
2005-10-31 08:44:54 +00:00
|
|
|
while((err = ERR_get_error())) {
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
|
2005-10-31 08:44:54 +00:00
|
|
|
ssl_r, r,
|
|
|
|
|
ERR_error_string(err, NULL));
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-08-22 10:43:26 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
c->offset += r;
|
2005-09-22 09:08:06 +00:00
|
|
|
cq->bytes_out += r;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-09-14 10:43:00 +00:00
|
|
|
if (c->offset == c->file.length) {
|
2005-08-22 10:43:26 +00:00
|
|
|
chunk_finished = 1;
|
|
|
|
|
}
|
2005-08-25 06:21:32 +00:00
|
|
|
} while(!chunk_finished && !write_wait);
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
default:
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "type not known");
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (!chunk_finished) {
|
|
|
|
|
/* not finished yet */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
chunks_written++;
|
|
|
|
|
}
|
2005-10-31 08:44:54 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return chunks_written;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if 0
|
|
|
|
|
network_openssl_init(void) {
|
|
|
|
|
p->write_ssl = network_openssl_write_chunkset;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
