2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/crypto.h>
15 #ifndef OPENSSL_NO_SOCK
16 #include <openssl/err.h>
17 #include <openssl/buffer.h>
18 #include <internal/thread_once.h>
21 CRYPTO_RWLOCK
*bio_lookup_lock
;
22 static CRYPTO_ONCE bio_lookup_init
= CRYPTO_ONCE_STATIC_INIT
;
25 * Throughout this file and bio_lcl.h, the existence of the macro
26 * AI_PASSIVE is used to detect the availability of struct addrinfo,
27 * getnameinfo() and getaddrinfo(). If that macro doesn't exist,
28 * we use our own implementation instead, using gethostbyname,
29 * getservbyname and a few other.
32 /**********************************************************************
38 BIO_ADDR
*BIO_ADDR_new(void)
40 BIO_ADDR
*ret
= OPENSSL_zalloc(sizeof(*ret
));
43 BIOerr(BIO_F_BIO_ADDR_NEW
, ERR_R_MALLOC_FAILURE
);
47 ret
->sa
.sa_family
= AF_UNSPEC
;
51 void BIO_ADDR_free(BIO_ADDR
*ap
)
56 void BIO_ADDR_clear(BIO_ADDR
*ap
)
58 memset(ap
, 0, sizeof(*ap
));
59 ap
->sa
.sa_family
= AF_UNSPEC
;
63 * BIO_ADDR_make - non-public routine to fill a BIO_ADDR with the contents
64 * of a struct sockaddr.
66 int BIO_ADDR_make(BIO_ADDR
*ap
, const struct sockaddr
*sa
)
68 if (sa
->sa_family
== AF_INET
) {
69 ap
->s_in
= *(const struct sockaddr_in
*)sa
;
73 if (sa
->sa_family
== AF_INET6
) {
74 ap
->s_in6
= *(const struct sockaddr_in6
*)sa
;
79 if (ap
->sa
.sa_family
== AF_UNIX
) {
80 ap
->s_un
= *(const struct sockaddr_un
*)sa
;
88 int BIO_ADDR_rawmake(BIO_ADDR
*ap
, int family
,
89 const void *where
, size_t wherelen
,
93 if (family
== AF_UNIX
) {
94 if (wherelen
+ 1 > sizeof(ap
->s_un
.sun_path
))
96 memset(&ap
->s_un
, 0, sizeof(ap
->s_un
));
97 ap
->s_un
.sun_family
= family
;
98 strncpy(ap
->s_un
.sun_path
, where
, sizeof(ap
->s_un
.sun_path
) - 1);
102 if (family
== AF_INET
) {
103 if (wherelen
!= sizeof(struct in_addr
))
105 memset(&ap
->s_in
, 0, sizeof(ap
->s_in
));
106 ap
->s_in
.sin_family
= family
;
107 ap
->s_in
.sin_port
= port
;
108 ap
->s_in
.sin_addr
= *(struct in_addr
*)where
;
112 if (family
== AF_INET6
) {
113 if (wherelen
!= sizeof(struct in6_addr
))
115 memset(&ap
->s_in6
, 0, sizeof(ap
->s_in6
));
116 ap
->s_in6
.sin6_family
= family
;
117 ap
->s_in6
.sin6_port
= port
;
118 ap
->s_in6
.sin6_addr
= *(struct in6_addr
*)where
;
126 int BIO_ADDR_family(const BIO_ADDR
*ap
)
128 return ap
->sa
.sa_family
;
131 int BIO_ADDR_rawaddress(const BIO_ADDR
*ap
, void *p
, size_t *l
)
134 const void *addrptr
= NULL
;
136 if (ap
->sa
.sa_family
== AF_INET
) {
137 len
= sizeof(ap
->s_in
.sin_addr
);
138 addrptr
= &ap
->s_in
.sin_addr
;
141 else if (ap
->sa
.sa_family
== AF_INET6
) {
142 len
= sizeof(ap
->s_in6
.sin6_addr
);
143 addrptr
= &ap
->s_in6
.sin6_addr
;
147 else if (ap
->sa
.sa_family
== AF_UNIX
) {
148 len
= strlen(ap
->s_un
.sun_path
);
149 addrptr
= &ap
->s_un
.sun_path
;
157 memcpy(p
, addrptr
, len
);
165 unsigned short BIO_ADDR_rawport(const BIO_ADDR
*ap
)
167 if (ap
->sa
.sa_family
== AF_INET
)
168 return ap
->s_in
.sin_port
;
170 if (ap
->sa
.sa_family
== AF_INET6
)
171 return ap
->s_in6
.sin6_port
;
177 * addr_strings - helper function to get host and service names
178 * @ap: the BIO_ADDR that has the input info
179 * @numeric: 0 if actual names should be returned, 1 if the numeric
180 * representation should be returned.
181 * @hostname: a pointer to a pointer to a memory area to store the
182 * host name or numeric representation. Unused if NULL.
183 * @service: a pointer to a pointer to a memory area to store the
184 * service name or numeric representation. Unused if NULL.
186 * The return value is 0 on failure, with the error code in the error
187 * stack, and 1 on success.
189 static int addr_strings(const BIO_ADDR
*ap
, int numeric
,
190 char **hostname
, char **service
)
192 if (BIO_sock_init() != 1)
198 char host
[NI_MAXHOST
] = "", serv
[NI_MAXSERV
] = "";
202 flags
|= NI_NUMERICHOST
| NI_NUMERICSERV
;
204 if ((ret
= getnameinfo(BIO_ADDR_sockaddr(ap
),
205 BIO_ADDR_sockaddr_size(ap
),
206 host
, sizeof(host
), serv
, sizeof(serv
),
209 if (ret
== EAI_SYSTEM
) {
210 SYSerr(SYS_F_GETNAMEINFO
, get_last_socket_error());
211 BIOerr(BIO_F_ADDR_STRINGS
, ERR_R_SYS_LIB
);
215 BIOerr(BIO_F_ADDR_STRINGS
, ERR_R_SYS_LIB
);
216 ERR_add_error_data(1, gai_strerror(ret
));
221 /* VMS getnameinfo() has a bug, it doesn't fill in serv, which
222 * leaves it with whatever garbage that happens to be there.
223 * However, we initialise serv with the empty string (serv[0]
224 * is therefore NUL), so it gets real easy to detect when things
225 * didn't go the way one might expect.
227 if (serv
[0] == '\0') {
228 BIO_snprintf(serv
, sizeof(serv
), "%d",
229 ntohs(BIO_ADDR_rawport(ap
)));
232 if (hostname
!= NULL
)
233 *hostname
= OPENSSL_strdup(host
);
235 *service
= OPENSSL_strdup(serv
);
238 if (hostname
!= NULL
)
239 *hostname
= OPENSSL_strdup(inet_ntoa(ap
->s_in
.sin_addr
));
240 if (service
!= NULL
) {
241 char serv
[6]; /* port is 16 bits => max 5 decimal digits */
242 BIO_snprintf(serv
, sizeof(serv
), "%d", ntohs(ap
->s_in
.sin_port
));
243 *service
= OPENSSL_strdup(serv
);
247 if ((hostname
!= NULL
&& *hostname
== NULL
)
248 || (service
!= NULL
&& *service
== NULL
)) {
249 if (hostname
!= NULL
) {
250 OPENSSL_free(*hostname
);
253 if (service
!= NULL
) {
254 OPENSSL_free(*service
);
257 BIOerr(BIO_F_ADDR_STRINGS
, ERR_R_MALLOC_FAILURE
);
264 char *BIO_ADDR_hostname_string(const BIO_ADDR
*ap
, int numeric
)
266 char *hostname
= NULL
;
268 if (addr_strings(ap
, numeric
, &hostname
, NULL
))
274 char *BIO_ADDR_service_string(const BIO_ADDR
*ap
, int numeric
)
276 char *service
= NULL
;
278 if (addr_strings(ap
, numeric
, NULL
, &service
))
284 char *BIO_ADDR_path_string(const BIO_ADDR
*ap
)
287 if (ap
->sa
.sa_family
== AF_UNIX
)
288 return OPENSSL_strdup(ap
->s_un
.sun_path
);
294 * BIO_ADDR_sockaddr - non-public routine to return the struct sockaddr
295 * for a given BIO_ADDR. In reality, this is simply a type safe cast.
296 * The returned struct sockaddr is const, so it can't be tampered with.
298 const struct sockaddr
*BIO_ADDR_sockaddr(const BIO_ADDR
*ap
)
304 * BIO_ADDR_sockaddr_noconst - non-public function that does the same
305 * as BIO_ADDR_sockaddr, but returns a non-const. USE WITH CARE, as
306 * it allows you to tamper with the data (and thereby the contents
307 * of the input BIO_ADDR).
309 struct sockaddr
*BIO_ADDR_sockaddr_noconst(BIO_ADDR
*ap
)
315 * BIO_ADDR_sockaddr_size - non-public function that returns the size
316 * of the struct sockaddr the BIO_ADDR is using. If the protocol family
317 * isn't set or is something other than AF_INET, AF_INET6 or AF_UNIX,
318 * the size of the BIO_ADDR type is returned.
320 socklen_t
BIO_ADDR_sockaddr_size(const BIO_ADDR
*ap
)
322 if (ap
->sa
.sa_family
== AF_INET
)
323 return sizeof(ap
->s_in
);
325 if (ap
->sa
.sa_family
== AF_INET6
)
326 return sizeof(ap
->s_in6
);
329 if (ap
->sa
.sa_family
== AF_UNIX
)
330 return sizeof(ap
->s_un
);
335 /**********************************************************************
337 * Address info database
341 const BIO_ADDRINFO
*BIO_ADDRINFO_next(const BIO_ADDRINFO
*bai
)
344 return bai
->bai_next
;
348 int BIO_ADDRINFO_family(const BIO_ADDRINFO
*bai
)
351 return bai
->bai_family
;
355 int BIO_ADDRINFO_socktype(const BIO_ADDRINFO
*bai
)
358 return bai
->bai_socktype
;
362 int BIO_ADDRINFO_protocol(const BIO_ADDRINFO
*bai
)
365 if (bai
->bai_protocol
!= 0)
366 return bai
->bai_protocol
;
369 if (bai
->bai_family
== AF_UNIX
)
373 switch (bai
->bai_socktype
) {
386 * BIO_ADDRINFO_sockaddr_size - non-public function that returns the size
387 * of the struct sockaddr inside the BIO_ADDRINFO.
389 socklen_t
BIO_ADDRINFO_sockaddr_size(const BIO_ADDRINFO
*bai
)
392 return bai
->bai_addrlen
;
397 * BIO_ADDRINFO_sockaddr - non-public function that returns bai_addr
398 * as the struct sockaddr it is.
400 const struct sockaddr
*BIO_ADDRINFO_sockaddr(const BIO_ADDRINFO
*bai
)
403 return bai
->bai_addr
;
407 const BIO_ADDR
*BIO_ADDRINFO_address(const BIO_ADDRINFO
*bai
)
410 return (BIO_ADDR
*)bai
->bai_addr
;
414 void BIO_ADDRINFO_free(BIO_ADDRINFO
*bai
)
421 # define _cond bai->bai_family != AF_UNIX
431 /* Free manually when we know that addrinfo_wrap() was used.
432 * See further comment above addrinfo_wrap()
434 while (bai
!= NULL
) {
435 BIO_ADDRINFO
*next
= bai
->bai_next
;
436 OPENSSL_free(bai
->bai_addr
);
442 /**********************************************************************
449 * The specs in hostserv can take these forms:
451 * host:service => *host = "host", *service = "service"
452 * host:* => *host = "host", *service = NULL
453 * host: => *host = "host", *service = NULL
454 * :service => *host = NULL, *service = "service"
455 * *:service => *host = NULL, *service = "service"
457 * in case no : is present in the string, the result depends on
458 * hostserv_prio, as follows:
460 * when hostserv_prio == BIO_PARSE_PRIO_HOST
461 * host => *host = "host", *service untouched
463 * when hostserv_prio == BIO_PARSE_PRIO_SERV
464 * service => *host untouched, *service = "service"
467 int BIO_parse_hostserv(const char *hostserv
, char **host
, char **service
,
468 enum BIO_hostserv_priorities hostserv_prio
)
470 const char *h
= NULL
; size_t hl
= 0;
471 const char *p
= NULL
; size_t pl
= 0;
473 if (*hostserv
== '[') {
474 if ((p
= strchr(hostserv
, ']')) == NULL
)
488 const char *p2
= strrchr(hostserv
, ':');
489 p
= strchr(hostserv
, ':');
492 * Check for more than one colon. There are three possible
494 * 1. IPv6 address with port number, last colon being separator.
495 * 2. IPv6 address only.
496 * 3. IPv6 address only if hostserv_prio == BIO_PARSE_PRIO_HOST,
497 * IPv6 address and port number if hostserv_prio == BIO_PARSE_PRIO_SERV
498 * Because of this ambiguity, we currently choose to make it an
509 } else if (hostserv_prio
== BIO_PARSE_PRIO_HOST
) {
518 if (p
!= NULL
&& strchr(p
, ':'))
521 if (h
!= NULL
&& host
!= NULL
) {
523 || (hl
== 1 && h
[0] == '*')) {
526 *host
= OPENSSL_strndup(h
, hl
);
531 if (p
!= NULL
&& service
!= NULL
) {
533 || (pl
== 1 && p
[0] == '*')) {
536 *service
= OPENSSL_strndup(p
, pl
);
537 if (*service
== NULL
)
544 BIOerr(BIO_F_BIO_PARSE_HOSTSERV
, BIO_R_AMBIGUOUS_HOST_OR_SERVICE
);
547 BIOerr(BIO_F_BIO_PARSE_HOSTSERV
, BIO_R_MALFORMED_HOST_OR_SERVICE
);
550 BIOerr(BIO_F_BIO_PARSE_HOSTSERV
, ERR_R_MALLOC_FAILURE
);
554 /* addrinfo_wrap is used to build our own addrinfo "chain".
555 * (it has only one entry, so calling it a chain may be a stretch)
556 * It should ONLY be called when getaddrinfo() and friends
557 * aren't available, OR when dealing with a non IP protocol
558 * family, such as AF_UNIX
560 * the return value is 1 on success, or 0 on failure, which
561 * only happens if a memory allocation error occurred.
563 static int addrinfo_wrap(int family
, int socktype
,
564 const void *where
, size_t wherelen
,
568 OPENSSL_assert(bai
!= NULL
);
570 *bai
= OPENSSL_zalloc(sizeof(**bai
));
574 (*bai
)->bai_family
= family
;
575 (*bai
)->bai_socktype
= socktype
;
576 if (socktype
== SOCK_STREAM
)
577 (*bai
)->bai_protocol
= IPPROTO_TCP
;
578 if (socktype
== SOCK_DGRAM
)
579 (*bai
)->bai_protocol
= IPPROTO_UDP
;
581 if (family
== AF_UNIX
)
582 (*bai
)->bai_protocol
= 0;
585 /* Magic: We know that BIO_ADDR_sockaddr_noconst is really
586 just an advanced cast of BIO_ADDR* to struct sockaddr *
587 by the power of union, so while it may seem that we're
588 creating a memory leak here, we are not. It will be
590 BIO_ADDR
*addr
= BIO_ADDR_new();
592 BIO_ADDR_rawmake(addr
, family
, where
, wherelen
, port
);
593 (*bai
)->bai_addr
= BIO_ADDR_sockaddr_noconst(addr
);
596 (*bai
)->bai_next
= NULL
;
597 if ((*bai
)->bai_addr
== NULL
) {
598 BIO_ADDRINFO_free(*bai
);
605 DEFINE_RUN_ONCE_STATIC(do_bio_lookup_init
)
607 bio_lookup_lock
= CRYPTO_THREAD_lock_new();
608 return bio_lookup_lock
!= NULL
;
612 * BIO_lookup - look up the node and service you want to connect to.
613 * @node: the node you want to connect to.
614 * @service: the service you want to connect to.
615 * @lookup_type: declare intent with the result, client or server.
616 * @family: the address family you want to use. Use AF_UNSPEC for any, or
617 * AF_INET, AF_INET6 or AF_UNIX.
618 * @socktype: The socket type you want to use. Can be SOCK_STREAM, SOCK_DGRAM
620 * @res: Storage place for the resulting list of returned addresses
622 * This will do a lookup of the node and service that you want to connect to.
623 * It returns a linked list of different addresses you can try to connect to.
625 * When no longer needed you should call BIO_ADDRINFO_free() to free the result.
627 * The return value is 1 on success or 0 in case of error.
629 int BIO_lookup(const char *host
, const char *service
,
630 enum BIO_lookup_type lookup_type
,
631 int family
, int socktype
, BIO_ADDRINFO
**res
)
633 int ret
= 0; /* Assume failure */
648 BIOerr(BIO_F_BIO_LOOKUP
, BIO_R_UNSUPPORTED_PROTOCOL_FAMILY
);
653 if (family
== AF_UNIX
) {
654 if (addrinfo_wrap(family
, socktype
, host
, strlen(host
), 0, res
))
657 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_MALLOC_FAILURE
);
662 if (BIO_sock_init() != 1)
668 struct addrinfo hints
;
669 memset(&hints
, 0, sizeof hints
);
671 hints
.ai_family
= family
;
672 hints
.ai_socktype
= socktype
;
674 if (lookup_type
== BIO_LOOKUP_SERVER
)
675 hints
.ai_flags
|= AI_PASSIVE
;
677 /* Note that |res| SHOULD be a 'struct addrinfo **' thanks to
678 * macro magic in bio_lcl.h
680 switch ((gai_ret
= getaddrinfo(host
, service
, &hints
, res
))) {
683 SYSerr(SYS_F_GETADDRINFO
, get_last_socket_error());
684 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_SYS_LIB
);
688 ret
= 1; /* Success */
691 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_SYS_LIB
);
692 ERR_add_error_data(1, gai_strerror(gai_ret
));
697 const struct hostent
*he
;
699 * Because struct hostent is defined for 32-bit pointers only with
700 * VMS C, we need to make sure that '&he_fallback_address' and
701 * '&he_fallback_addresses' are 32-bit pointers
703 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
704 # pragma pointer_size save
705 # pragma pointer_size 32
707 /* Windows doesn't seem to have in_addr_t */
708 #ifdef OPENSSL_SYS_WINDOWS
709 static uint32_t he_fallback_address
;
710 static const char *he_fallback_addresses
[] =
711 { (char *)&he_fallback_address
, NULL
};
713 static in_addr_t he_fallback_address
;
714 static const char *he_fallback_addresses
[] =
715 { (char *)&he_fallback_address
, NULL
};
717 static const struct hostent he_fallback
=
718 { NULL
, NULL
, AF_INET
, sizeof(he_fallback_address
),
719 (char **)&he_fallback_addresses
};
720 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
721 # pragma pointer_size restore
725 /* Apparently, on WIN64, s_proto and s_port have traded places... */
727 struct servent se_fallback
= { NULL
, NULL
, NULL
, 0 };
729 struct servent se_fallback
= { NULL
, NULL
, 0, NULL
};
732 if (!RUN_ONCE(&bio_lookup_init
, do_bio_lookup_init
)) {
733 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_MALLOC_FAILURE
);
738 CRYPTO_THREAD_write_lock(bio_lookup_lock
);
739 he_fallback_address
= INADDR_ANY
;
742 switch(lookup_type
) {
743 case BIO_LOOKUP_CLIENT
:
744 he_fallback_address
= INADDR_LOOPBACK
;
746 case BIO_LOOKUP_SERVER
:
747 he_fallback_address
= INADDR_ANY
;
750 OPENSSL_assert(("We forgot to handle a lookup type!" == 0));
754 he
= gethostbyname(host
);
757 #ifndef OPENSSL_SYS_WINDOWS
758 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_SYS_LIB
);
759 ERR_add_error_data(1, hstrerror(h_errno
));
761 SYSerr(SYS_F_GETHOSTBYNAME
, WSAGetLastError());
768 if (service
== NULL
) {
769 se_fallback
.s_port
= 0;
770 se_fallback
.s_proto
= NULL
;
774 long portnum
= strtol(service
, &endp
, 10);
777 * Because struct servent is defined for 32-bit pointers only with
778 * VMS C, we need to make sure that 'proto' is a 32-bit pointer.
780 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
781 # pragma pointer_size save
782 # pragma pointer_size 32
785 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
786 # pragma pointer_size restore
798 if (endp
!= service
&& *endp
== '\0'
799 && portnum
> 0 && portnum
< 65536) {
800 se_fallback
.s_port
= htons(portnum
);
801 se_fallback
.s_proto
= proto
;
803 } else if (endp
== service
) {
804 se
= getservbyname(service
, proto
);
807 #ifndef OPENSSL_SYS_WINDOWS
808 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_SYS_LIB
);
809 ERR_add_error_data(1, hstrerror(h_errno
));
811 SYSerr(SYS_F_GETSERVBYNAME
, WSAGetLastError());
816 BIOerr(BIO_F_BIO_LOOKUP
, BIO_R_MALFORMED_HOST_OR_SERVICE
);
825 * Because hostent::h_addr_list is an array of 32-bit pointers with VMS C,
826 * we must make sure our iterator designates the same element type, hence
827 * the pointer size dance.
829 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
830 # pragma pointer_size save
831 # pragma pointer_size 32
834 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
835 # pragma pointer_size restore
838 BIO_ADDRINFO
*tmp_bai
= NULL
;
840 /* The easiest way to create a linked list from an
841 array is to start from the back */
842 for(addrlistp
= he
->h_addr_list
; *addrlistp
!= NULL
;
846 for(addresses
= addrlistp
- he
->h_addr_list
;
847 addrlistp
--, addresses
-- > 0; ) {
848 if (!addrinfo_wrap(he
->h_addrtype
, socktype
,
849 *addrlistp
, he
->h_length
,
850 se
->s_port
, &tmp_bai
))
851 goto addrinfo_malloc_err
;
852 tmp_bai
->bai_next
= *res
;
856 BIO_ADDRINFO_free(*res
);
858 BIOerr(BIO_F_BIO_LOOKUP
, ERR_R_MALLOC_FAILURE
);
866 CRYPTO_THREAD_unlock(bio_lookup_lock
);
872 #endif /* OPENSSL_NO_SOCK */