2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #define OPENSSL_SUPPRESS_DEPRECATED
14 #include "bio_local.h"
16 #ifndef OPENSSL_NO_SOCK
18 typedef struct bio_accept_st
{
21 int bind_mode
; /* Socket mode for BIO_listen */
22 int accepted_mode
; /* Socket mode for BIO_accept (set on accepted sock) */
28 BIO_ADDRINFO
*addr_first
;
29 const BIO_ADDRINFO
*addr_iter
;
30 BIO_ADDR cache_accepting_addr
; /* Useful if we asked for port 0 */
31 char *cache_accepting_name
, *cache_accepting_serv
;
32 BIO_ADDR cache_peer_addr
;
33 char *cache_peer_name
, *cache_peer_serv
;
38 static int acpt_write(BIO
*h
, const char *buf
, int num
);
39 static int acpt_read(BIO
*h
, char *buf
, int size
);
40 static int acpt_puts(BIO
*h
, const char *str
);
41 static long acpt_ctrl(BIO
*h
, int cmd
, long arg1
, void *arg2
);
42 static int acpt_new(BIO
*h
);
43 static int acpt_free(BIO
*data
);
44 static int acpt_state(BIO
*b
, BIO_ACCEPT
*c
);
45 static void acpt_close_socket(BIO
*data
);
46 static BIO_ACCEPT
*BIO_ACCEPT_new(void);
47 static void BIO_ACCEPT_free(BIO_ACCEPT
*a
);
49 # define ACPT_S_BEFORE 1
50 # define ACPT_S_GET_ADDR 2
51 # define ACPT_S_CREATE_SOCKET 3
52 # define ACPT_S_LISTEN 4
53 # define ACPT_S_ACCEPT 5
56 static const BIO_METHOD methods_acceptp
= {
64 NULL
, /* connect_gets, */
68 NULL
, /* connect_callback_ctrl */
71 const BIO_METHOD
*BIO_s_accept(void)
73 return &methods_acceptp
;
76 static int acpt_new(BIO
*bi
)
81 bi
->num
= (int)INVALID_SOCKET
;
83 if ((ba
= BIO_ACCEPT_new()) == NULL
)
86 ba
->state
= ACPT_S_BEFORE
;
91 static BIO_ACCEPT
*BIO_ACCEPT_new(void)
95 if ((ret
= OPENSSL_zalloc(sizeof(*ret
))) == NULL
) {
96 ERR_raise(ERR_LIB_BIO
, ERR_R_MALLOC_FAILURE
);
99 ret
->accept_family
= BIO_FAMILY_IPANY
;
100 ret
->accept_sock
= (int)INVALID_SOCKET
;
104 static void BIO_ACCEPT_free(BIO_ACCEPT
*a
)
108 OPENSSL_free(a
->param_addr
);
109 OPENSSL_free(a
->param_serv
);
110 BIO_ADDRINFO_free(a
->addr_first
);
111 OPENSSL_free(a
->cache_accepting_name
);
112 OPENSSL_free(a
->cache_accepting_serv
);
113 OPENSSL_free(a
->cache_peer_name
);
114 OPENSSL_free(a
->cache_peer_serv
);
115 BIO_free(a
->bio_chain
);
119 static void acpt_close_socket(BIO
*bio
)
123 c
= (BIO_ACCEPT
*)bio
->ptr
;
124 if (c
->accept_sock
!= (int)INVALID_SOCKET
) {
125 shutdown(c
->accept_sock
, 2);
126 closesocket(c
->accept_sock
);
127 c
->accept_sock
= (int)INVALID_SOCKET
;
128 bio
->num
= (int)INVALID_SOCKET
;
132 static int acpt_free(BIO
*a
)
138 data
= (BIO_ACCEPT
*)a
->ptr
;
141 acpt_close_socket(a
);
142 BIO_ACCEPT_free(data
);
150 static int acpt_state(BIO
*b
, BIO_ACCEPT
*c
)
152 BIO
*bio
= NULL
, *dbio
;
153 int s
= -1, ret
= -1;
158 if (c
->param_addr
== NULL
&& c
->param_serv
== NULL
) {
159 ERR_raise_data(ERR_LIB_BIO
,
160 BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED
,
161 "hostname=%s, service=%s",
162 c
->param_addr
, c
->param_serv
);
166 /* Because we're starting a new bind, any cached name and serv
167 * are now obsolete and need to be cleaned out.
168 * QUESTION: should this be done in acpt_close_socket() instead?
170 OPENSSL_free(c
->cache_accepting_name
);
171 c
->cache_accepting_name
= NULL
;
172 OPENSSL_free(c
->cache_accepting_serv
);
173 c
->cache_accepting_serv
= NULL
;
174 OPENSSL_free(c
->cache_peer_name
);
175 c
->cache_peer_name
= NULL
;
176 OPENSSL_free(c
->cache_peer_serv
);
177 c
->cache_peer_serv
= NULL
;
179 c
->state
= ACPT_S_GET_ADDR
;
182 case ACPT_S_GET_ADDR
:
184 int family
= AF_UNSPEC
;
185 switch (c
->accept_family
) {
186 case BIO_FAMILY_IPV6
:
187 if (1) { /* This is a trick we use to avoid bit rot.
188 * at least the "else" part will always be
195 ERR_raise(ERR_LIB_BIO
, BIO_R_UNAVAILABLE_IP_FAMILY
);
199 case BIO_FAMILY_IPV4
:
202 case BIO_FAMILY_IPANY
:
206 ERR_raise(ERR_LIB_BIO
, BIO_R_UNSUPPORTED_IP_FAMILY
);
209 if (BIO_lookup(c
->param_addr
, c
->param_serv
, BIO_LOOKUP_SERVER
,
210 family
, SOCK_STREAM
, &c
->addr_first
) == 0)
213 if (c
->addr_first
== NULL
) {
214 ERR_raise(ERR_LIB_BIO
, BIO_R_LOOKUP_RETURNED_NOTHING
);
217 c
->addr_iter
= c
->addr_first
;
218 c
->state
= ACPT_S_CREATE_SOCKET
;
221 case ACPT_S_CREATE_SOCKET
:
223 s
= BIO_socket(BIO_ADDRINFO_family(c
->addr_iter
),
224 BIO_ADDRINFO_socktype(c
->addr_iter
),
225 BIO_ADDRINFO_protocol(c
->addr_iter
), 0);
226 if (s
== (int)INVALID_SOCKET
) {
227 if ((c
->addr_iter
= BIO_ADDRINFO_next(c
->addr_iter
)) != NULL
) {
229 * if there are more addresses to try, do that first
234 ERR_clear_last_mark();
235 ERR_raise_data(ERR_LIB_SYS
, get_last_socket_error(),
236 "calling socket(%s, %s)",
237 c
->param_addr
, c
->param_serv
);
238 ERR_raise(ERR_LIB_BIO
, BIO_R_UNABLE_TO_CREATE_SOCKET
);
243 c
->state
= ACPT_S_LISTEN
;
249 if (!BIO_listen(c
->accept_sock
,
250 BIO_ADDRINFO_address(c
->addr_iter
),
252 BIO_closesocket(c
->accept_sock
);
258 union BIO_sock_info_u info
;
260 info
.addr
= &c
->cache_accepting_addr
;
261 if (!BIO_sock_info(c
->accept_sock
, BIO_SOCK_INFO_ADDRESS
,
263 BIO_closesocket(c
->accept_sock
);
268 c
->cache_accepting_name
=
269 BIO_ADDR_hostname_string(&c
->cache_accepting_addr
, 1);
270 c
->cache_accepting_serv
=
271 BIO_ADDR_service_string(&c
->cache_accepting_addr
, 1);
272 c
->state
= ACPT_S_ACCEPT
;
278 if (b
->next_bio
!= NULL
) {
279 c
->state
= ACPT_S_OK
;
282 BIO_clear_retry_flags(b
);
285 OPENSSL_free(c
->cache_peer_name
);
286 c
->cache_peer_name
= NULL
;
287 OPENSSL_free(c
->cache_peer_serv
);
288 c
->cache_peer_serv
= NULL
;
290 s
= BIO_accept_ex(c
->accept_sock
, &c
->cache_peer_addr
,
293 /* If the returned socket is invalid, this might still be
297 if (BIO_sock_should_retry(s
)) {
298 BIO_set_retry_special(b
);
299 b
->retry_reason
= BIO_RR_ACCEPT
;
304 /* If it wasn't retryable, we fail */
310 bio
= BIO_new_socket(s
, BIO_CLOSE
);
314 BIO_set_callback_ex(bio
, BIO_get_callback_ex(b
));
315 #ifndef OPENSSL_NO_DEPRECATED_3_0
316 BIO_set_callback(bio
, BIO_get_callback(b
));
318 BIO_set_callback_arg(bio
, BIO_get_callback_arg(b
));
320 * If the accept BIO has an bio_chain, we dup it and put the new
323 if (c
->bio_chain
!= NULL
) {
324 if ((dbio
= BIO_dup_chain(c
->bio_chain
)) == NULL
)
326 if (!BIO_push(dbio
, bio
))
330 if (BIO_push(b
, bio
) == NULL
)
334 BIO_ADDR_hostname_string(&c
->cache_peer_addr
, 1);
336 BIO_ADDR_service_string(&c
->cache_peer_addr
, 1);
337 c
->state
= ACPT_S_OK
;
343 if (b
->next_bio
== NULL
) {
344 c
->state
= ACPT_S_ACCEPT
;
365 static int acpt_read(BIO
*b
, char *out
, int outl
)
370 BIO_clear_retry_flags(b
);
371 data
= (BIO_ACCEPT
*)b
->ptr
;
373 while (b
->next_bio
== NULL
) {
374 ret
= acpt_state(b
, data
);
379 ret
= BIO_read(b
->next_bio
, out
, outl
);
380 BIO_copy_next_retry(b
);
384 static int acpt_write(BIO
*b
, const char *in
, int inl
)
389 BIO_clear_retry_flags(b
);
390 data
= (BIO_ACCEPT
*)b
->ptr
;
392 while (b
->next_bio
== NULL
) {
393 ret
= acpt_state(b
, data
);
398 ret
= BIO_write(b
->next_bio
, in
, inl
);
399 BIO_copy_next_retry(b
);
403 static long acpt_ctrl(BIO
*b
, int cmd
, long num
, void *ptr
)
410 data
= (BIO_ACCEPT
*)b
->ptr
;
415 data
->state
= ACPT_S_BEFORE
;
416 acpt_close_socket(b
);
417 BIO_ADDRINFO_free(data
->addr_first
);
418 data
->addr_first
= NULL
;
421 case BIO_C_DO_STATE_MACHINE
:
422 /* use this one to start the connection */
423 ret
= (long)acpt_state(b
, data
);
425 case BIO_C_SET_ACCEPT
:
428 char *hold_serv
= data
->param_serv
;
429 /* We affect the hostname regardless. However, the input
430 * string might contain a host:service spec, so we must
431 * parse it, which might or might not affect the service
433 OPENSSL_free(data
->param_addr
);
434 data
->param_addr
= NULL
;
435 ret
= BIO_parse_hostserv(ptr
,
438 BIO_PARSE_PRIO_SERV
);
439 if (hold_serv
!= data
->param_serv
)
440 OPENSSL_free(hold_serv
);
442 } else if (num
== 1) {
443 OPENSSL_free(data
->param_serv
);
444 if ((data
->param_serv
= OPENSSL_strdup(ptr
)) == NULL
)
448 } else if (num
== 2) {
449 data
->bind_mode
|= BIO_SOCK_NONBLOCK
;
450 } else if (num
== 3) {
451 BIO_free(data
->bio_chain
);
452 data
->bio_chain
= (BIO
*)ptr
;
453 } else if (num
== 4) {
454 data
->accept_family
= *(int *)ptr
;
455 } else if (num
== 5) {
456 data
->bind_mode
|= BIO_SOCK_TFO
;
460 data
->bind_mode
&= ~BIO_SOCK_NONBLOCK
;
461 } else if (num
== 5) {
462 data
->bind_mode
&= ~BIO_SOCK_TFO
;
468 data
->accepted_mode
|= BIO_SOCK_NONBLOCK
;
470 data
->accepted_mode
&= ~BIO_SOCK_NONBLOCK
;
473 b
->num
= *((int *)ptr
);
474 data
->accept_sock
= b
->num
;
475 data
->state
= ACPT_S_ACCEPT
;
476 b
->shutdown
= (int)num
;
483 *ip
= data
->accept_sock
;
484 ret
= data
->accept_sock
;
488 case BIO_C_GET_ACCEPT
:
490 if (num
== 0 && ptr
!= NULL
) {
492 *pp
= data
->cache_accepting_name
;
493 } else if (num
== 1 && ptr
!= NULL
) {
495 *pp
= data
->cache_accepting_serv
;
496 } else if (num
== 2 && ptr
!= NULL
) {
498 *pp
= data
->cache_peer_name
;
499 } else if (num
== 3 && ptr
!= NULL
) {
501 *pp
= data
->cache_peer_serv
;
502 } else if (num
== 4) {
503 switch (BIO_ADDRINFO_family(data
->addr_iter
)) {
506 ret
= BIO_FAMILY_IPV6
;
510 ret
= BIO_FAMILY_IPV4
;
513 ret
= data
->accept_family
;
524 case BIO_CTRL_GET_CLOSE
:
527 case BIO_CTRL_SET_CLOSE
:
528 b
->shutdown
= (int)num
;
530 case BIO_CTRL_PENDING
:
531 case BIO_CTRL_WPENDING
:
536 case BIO_C_SET_BIND_MODE
:
537 data
->bind_mode
= (int)num
;
539 case BIO_C_GET_BIND_MODE
:
540 ret
= (long)data
->bind_mode
;
545 if (b
->next_bio
== NULL
)
548 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
557 static int acpt_puts(BIO
*bp
, const char *str
)
562 ret
= acpt_write(bp
, str
, n
);
566 BIO
*BIO_new_accept(const char *str
)
570 ret
= BIO_new(BIO_s_accept());
573 if (BIO_set_accept_name(ret
, str
))