/*
- * Copyright 2017 Facebook, Inc.
+ * Copyright 2014-present Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <boost/noncopyable.hpp>
#include <errno.h>
#include <fcntl.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-#include <openssl/ssl.h>
#include <sys/types.h>
#include <chrono>
+#include <memory>
-#include <folly/Bits.h>
+#include <folly/Format.h>
#include <folly/SocketAddress.h>
#include <folly/SpinLock.h>
#include <folly/io/Cursor.h>
#include <folly/io/IOBuf.h>
+#include <folly/lang/Bits.h>
#include <folly/portability/OpenSSL.h>
-#include <folly/portability/Unistd.h>
using folly::SocketAddress;
using folly::SSLContext;
using namespace folly::ssl;
using folly::ssl::OpenSSLUtils;
+
// We have one single dummy SSL context so that we can implement attach
// and detach methods in a thread safe fashion without modifying opnessl.
static SSLContext *dummyCtx = nullptr;
timeoutLeft = timeout_ - (curTime - startTime_);
if (timeoutLeft <= 0) {
- AsyncSocketException ex(AsyncSocketException::TIMED_OUT,
- "SSL connect timed out");
+ AsyncSocketException ex(
+ AsyncSocketException::TIMED_OUT,
+ folly::sformat("SSL connect timed out after {}ms", timeout_));
fail(ex);
delete this;
return;
}
-BIO_METHOD sslBioMethod;
+// Note: This is a Leaky Meyer's Singleton. The reason we can't use a non-leaky
+// thing is because we will be setting this BIO_METHOD* inside BIOs owned by
+// various SSL objects which may get callbacks even during teardown. We may
+// eventually try to fix this
+static BIO_METHOD* getSSLBioMethod() {
+ static auto const instance = OpenSSLUtils::newSocketBioMethod().release();
+ return instance;
+}
-void* initsslBioMethod(void) {
- memcpy(&sslBioMethod, BIO_s_socket(), sizeof(sslBioMethod));
+void* initsslBioMethod() {
+ auto sslBioMethod = getSSLBioMethod();
// override the bwrite method for MSG_EOR support
- OpenSSLUtils::setCustomBioWriteMethod(
- &sslBioMethod, AsyncSSLSocket::bioWrite);
- OpenSSLUtils::setCustomBioReadMethod(&sslBioMethod, AsyncSSLSocket::bioRead);
+ OpenSSLUtils::setCustomBioWriteMethod(sslBioMethod, AsyncSSLSocket::bioWrite);
+ OpenSSLUtils::setCustomBioReadMethod(sslBioMethod, AsyncSSLSocket::bioRead);
// Note that the sslBioMethod.type and sslBioMethod.name are not
// set here. openssl code seems to be checking ".type == BIO_TYPE_SOCKET" and
return nullptr;
}
-} // anonymous namespace
+} // namespace
namespace folly {
/**
* Create a server/client AsyncSSLSocket
*/
-AsyncSSLSocket::AsyncSSLSocket(const shared_ptr<SSLContext>& ctx,
- EventBase* evb, int fd, bool server,
- bool deferSecurityNegotiation) :
- AsyncSocket(evb, fd),
- server_(server),
- ctx_(ctx),
- handshakeTimeout_(this, evb),
- connectionTimeout_(this, evb) {
+AsyncSSLSocket::AsyncSSLSocket(
+ const shared_ptr<SSLContext>& ctx,
+ EventBase* evb,
+ int fd,
+ bool server,
+ bool deferSecurityNegotiation)
+ : AsyncSocket(evb, fd),
+ server_(server),
+ ctx_(ctx),
+ handshakeTimeout_(this, evb),
+ connectionTimeout_(this, evb) {
+ noTransparentTls_ = true;
+ init();
+ if (server) {
+ SSL_CTX_set_info_callback(
+ ctx_->getSSLCtx(), AsyncSSLSocket::sslInfoCallback);
+ }
+ if (deferSecurityNegotiation) {
+ sslState_ = STATE_UNENCRYPTED;
+ }
+}
+
+AsyncSSLSocket::AsyncSSLSocket(
+ const shared_ptr<SSLContext>& ctx,
+ AsyncSocket::UniquePtr oldAsyncSocket,
+ bool server,
+ bool deferSecurityNegotiation)
+ : AsyncSocket(std::move(oldAsyncSocket)),
+ server_(server),
+ ctx_(ctx),
+ handshakeTimeout_(this, AsyncSocket::getEventBase()),
+ connectionTimeout_(this, AsyncSocket::getEventBase()) {
noTransparentTls_ = true;
init();
if (server) {
* Create a client AsyncSSLSocket from an already connected fd
* and allow tlsext_hostname to be sent in Client Hello.
*/
-AsyncSSLSocket::AsyncSSLSocket(const shared_ptr<SSLContext>& ctx,
- EventBase* evb, int fd,
- const std::string& serverName,
- bool deferSecurityNegotiation) :
- AsyncSSLSocket(ctx, evb, fd, false, deferSecurityNegotiation) {
+AsyncSSLSocket::AsyncSSLSocket(
+ const shared_ptr<SSLContext>& ctx,
+ EventBase* evb,
+ int fd,
+ const std::string& serverName,
+ bool deferSecurityNegotiation)
+ : AsyncSSLSocket(ctx, evb, fd, false, deferSecurityNegotiation) {
tlsextHostname_ = serverName;
}
#endif // FOLLY_OPENSSL_HAS_SNI
return 0;
}
BIO* next = BIO_next(b);
- while (next != NULL) {
+ while (next != nullptr) {
b = next;
next = BIO_next(b);
}
std::chrono::milliseconds timeout,
const SSLContext::SSLVerifyPeerEnum& verifyPeer) {
DestructorGuard dg(this);
- assert(eventBase_->isInEventBaseThread());
+ eventBase_->dcheckIsInEventBaseThread();
verifyPeer_ = verifyPeer;
// Make sure we're in the uninitialized state
- if (!server_ || (sslState_ != STATE_UNINIT &&
- sslState_ != STATE_UNENCRYPTED) ||
+ if (!server_ ||
+ (sslState_ != STATE_UNINIT && sslState_ != STATE_UNENCRYPTED) ||
handshakeCallback_ != nullptr) {
return invalidState(callback);
}
// Cache local and remote socket addresses to keep them available
// after socket file descriptor is closed.
- if (cacheAddrOnFailure_ && -1 != getFd()) {
- cacheLocalPeerAddr();
+ if (cacheAddrOnFailure_) {
+ cacheAddresses();
}
handshakeStartTime_ = std::chrono::steady_clock::now();
/* register for a read operation (waiting for CLIENT HELLO) */
updateEventRegistration(EventHandler::READ, EventHandler::WRITE);
- if (preReceivedData_) {
- handleRead();
- }
+ checkForImmediateRead();
}
-#if OPENSSL_VERSION_NUMBER >= 0x009080bfL
void AsyncSSLSocket::attachSSLContext(
const std::shared_ptr<SSLContext>& ctx) {
// In order to call attachSSLContext, detachSSLContext must have been
// previously called.
// We need to update the initial_ctx if necessary
+ // The 'initial_ctx' inside an SSL* points to the context that it was created
+ // with, which is also where session callbacks and servername callbacks
+ // happen.
+ // When we switch to a different SSL_CTX, we want to update the initial_ctx as
+ // well so that any callbacks don't go to a different object
+ // NOTE: this will only work if we have access to ssl_ internals, so it may
+ // not work on
+ // OpenSSL version >= 1.1.0
auto sslCtx = ctx->getSSLCtx();
- SSL_CTX_up_ref(sslCtx);
-#ifndef OPENSSL_NO_TLSEXT
- // note that detachSSLContext has already freed ssl_->initial_ctx
- ssl_->initial_ctx = sslCtx;
-#endif
+ OpenSSLUtils::setSSLInitialCtx(ssl_, sslCtx);
// Detach sets the socket's context to the dummy context. Thus we must acquire
// this lock.
SpinLockGuard guard(dummyCtxLock);
if (!ssl_) {
return;
}
-// Detach the initial_ctx as well. Internally w/ OPENSSL_NO_TLSEXT
-// it is used for session info. It will be reattached in attachSSLContext
-#ifndef OPENSSL_NO_TLSEXT
- if (ssl_->initial_ctx) {
- SSL_CTX_free(ssl_->initial_ctx);
- ssl_->initial_ctx = nullptr;
+ // The 'initial_ctx' inside an SSL* points to the context that it was created
+ // with, which is also where session callbacks and servername callbacks
+ // happen.
+ // Detach the initial_ctx as well. It will be reattached in attachSSLContext
+ // it is used for session info.
+ // NOTE: this will only work if we have access to ssl_ internals, so it may
+ // not work on
+ // OpenSSL version >= 1.1.0
+ SSL_CTX* initialCtx = OpenSSLUtils::getSSLInitialCtx(ssl_);
+ if (initialCtx) {
+ SSL_CTX_free(initialCtx);
+ OpenSSLUtils::setSSLInitialCtx(ssl_, nullptr);
}
-#endif
+
SpinLockGuard guard(dummyCtxLock);
if (nullptr == dummyCtx) {
// We need to lazily initialize the dummy context so we don't
// would not be thread safe.
SSL_set_SSL_CTX(ssl_, dummyCtx->getSSLCtx());
}
-#endif
#if FOLLY_OPENSSL_HAS_SNI
void AsyncSSLSocket::switchServerSSLContext(
return false;
}
- if(!ss->tlsext_hostname) {
- return false;
- }
- return (tlsextHostname_.compare(ss->tlsext_hostname) ? false : true);
+ auto tlsextHostname = SSL_SESSION_get0_hostname(ss);
+ return (tlsextHostname && !tlsextHostname_.compare(tlsextHostname));
}
void AsyncSSLSocket::setServerName(std::string serverName) noexcept {
#endif // FOLLY_OPENSSL_HAS_SNI
-void AsyncSSLSocket::timeoutExpired() noexcept {
+void AsyncSSLSocket::timeoutExpired(
+ std::chrono::milliseconds timeout) noexcept {
if (state_ == StateEnum::ESTABLISHED &&
- (sslState_ == STATE_CACHE_LOOKUP ||
- sslState_ == STATE_ASYNC_PENDING)) {
+ (sslState_ == STATE_CACHE_LOOKUP || sslState_ == STATE_ASYNC_PENDING)) {
sslState_ = STATE_ERROR;
// We are expecting a callback in restartSSLAccept. The cache lookup
// and rsa-call necessarily have pointers to this ssl socket, so delay
assert(state_ == StateEnum::ESTABLISHED &&
(sslState_ == STATE_CONNECTING || sslState_ == STATE_ACCEPTING));
DestructorGuard dg(this);
- AsyncSocketException ex(AsyncSocketException::TIMED_OUT,
- (sslState_ == STATE_CONNECTING) ?
- "SSL connect timed out" : "SSL accept timed out");
+ AsyncSocketException ex(
+ AsyncSocketException::TIMED_OUT,
+ folly::sformat(
+ "SSL {} timed out after {}ms",
+ (sslState_ == STATE_CONNECTING) ? "connect" : "accept",
+ timeout.count()));
failHandshake(__func__, ex);
}
}
}
}
-void AsyncSSLSocket::cacheLocalPeerAddr() {
- SocketAddress address;
- try {
- getLocalAddress(&address);
- getPeerAddress(&address);
- } catch (const std::system_error& e) {
- // The handle can be still valid while the connection is already closed.
- if (e.code() != std::error_code(ENOTCONN, std::system_category())) {
- throw;
- }
- }
+void AsyncSSLSocket::connect(
+ ConnectCallback* callback,
+ const folly::SocketAddress& address,
+ int timeout,
+ const OptionMap& options,
+ const folly::SocketAddress& bindAddr) noexcept {
+ auto timeoutChrono = std::chrono::milliseconds(timeout);
+ connect(callback, address, timeoutChrono, timeoutChrono, options, bindAddr);
}
-void AsyncSSLSocket::connect(ConnectCallback* callback,
- const folly::SocketAddress& address,
- int timeout,
- const OptionMap &options,
- const folly::SocketAddress& bindAddr)
- noexcept {
+void AsyncSSLSocket::connect(
+ ConnectCallback* callback,
+ const folly::SocketAddress& address,
+ std::chrono::milliseconds connectTimeout,
+ std::chrono::milliseconds totalConnectTimeout,
+ const OptionMap& options,
+ const folly::SocketAddress& bindAddr) noexcept {
assert(!server_);
assert(state_ == StateEnum::UNINIT);
- assert(sslState_ == STATE_UNINIT);
+ assert(sslState_ == STATE_UNINIT || sslState_ == STATE_UNENCRYPTED);
noTransparentTls_ = true;
- AsyncSSLSocketConnector *connector =
- new AsyncSSLSocketConnector(this, callback, timeout);
- AsyncSocket::connect(connector, address, timeout, options, bindAddr);
+ totalConnectTimeout_ = totalConnectTimeout;
+ if (sslState_ != STATE_UNENCRYPTED) {
+ callback = new AsyncSSLSocketConnector(
+ this, callback, int(totalConnectTimeout.count()));
+ }
+ AsyncSocket::connect(
+ callback, address, int(connectTimeout.count()), options, bindAddr);
+}
+
+bool AsyncSSLSocket::needsPeerVerification() const {
+ if (verifyPeer_ == SSLContext::SSLVerifyPeerEnum::USE_CTX) {
+ return ctx_->needsPeerVerification();
+ }
+ return (
+ verifyPeer_ == SSLContext::SSLVerifyPeerEnum::VERIFY ||
+ verifyPeer_ == SSLContext::SSLVerifyPeerEnum::VERIFY_REQ_CLIENT_CERT);
}
void AsyncSSLSocket::applyVerificationOptions(SSL * ssl) {
}
bool AsyncSSLSocket::setupSSLBio() {
- auto sslBio = BIO_new(&sslBioMethod);
+ auto sslBio = BIO_new(getSSLBioMethod());
if (!sslBio) {
return false;
std::chrono::milliseconds timeout,
const SSLContext::SSLVerifyPeerEnum& verifyPeer) {
DestructorGuard dg(this);
- assert(eventBase_->isInEventBaseThread());
+ eventBase_->dcheckIsInEventBaseThread();
// Cache local and remote socket addresses to keep them available
// after socket file descriptor is closed.
- if (cacheAddrOnFailure_ && -1 != getFd()) {
- cacheLocalPeerAddr();
+ if (cacheAddrOnFailure_) {
+ cacheAddresses();
}
verifyPeer_ = verifyPeer;
const char *AsyncSSLSocket::getSSLCertSigAlgName() const {
X509 *cert = (ssl_ != nullptr) ? SSL_get_certificate(ssl_) : nullptr;
if (cert) {
- int nid = OBJ_obj2nid(cert->sig_alg->algorithm);
+ int nid = X509_get_signature_nid(cert);
return OBJ_nid2ln(nid);
}
return nullptr;
// The timeout (if set) keeps running here
return true;
#endif
- } else if (0
+ } else if ((false
#ifdef SSL_ERROR_WANT_RSA_ASYNC_PENDING
- || error == SSL_ERROR_WANT_RSA_ASYNC_PENDING
+ || error == SSL_ERROR_WANT_RSA_ASYNC_PENDING
#endif
#ifdef SSL_ERROR_WANT_ECDSA_ASYNC_PENDING
- || error == SSL_ERROR_WANT_ECDSA_ASYNC_PENDING
+ || error == SSL_ERROR_WANT_ECDSA_ASYNC_PENDING
#endif
- ) {
+ )) {
// Our custom openssl function has kicked off an async request to do
// rsa/ecdsa private key operation. When that call returns, a callback will
// be invoked that will re-call handleAccept.
// the socket to become readable again.
if (ssl_ != nullptr && SSL_pending(ssl_) > 0) {
AsyncSocket::handleRead();
+ } else {
+ AsyncSocket::checkForImmediateRead();
}
}
}
if (sslState_ == STATE_ERROR) {
// go straight to fail if timeout expired during lookup
- AsyncSocketException ex(AsyncSocketException::TIMED_OUT,
- "SSL accept timed out");
+ AsyncSocketException ex(
+ AsyncSocketException::TIMED_OUT, "SSL accept timed out");
failHandshake(__func__, ex);
return;
}
<< "): client intitiated SSL renegotiation not permitted";
return ReadResult(
READ_ERROR,
- folly::make_unique<SSLException>(SSLError::CLIENT_RENEGOTIATION));
+ std::make_unique<SSLException>(SSLError::CLIENT_RENEGOTIATION));
}
if (bytes <= 0) {
int error = SSL_get_error(ssl_, bytes);
<< "): unsupported SSL renegotiation during read";
return ReadResult(
READ_ERROR,
- folly::make_unique<SSLException>(SSLError::INVALID_RENEGOTIATION));
+ std::make_unique<SSLException>(SSLError::INVALID_RENEGOTIATION));
} else {
if (zero_return(error, bytes)) {
return ReadResult(bytes);
}
- long errError = ERR_get_error();
+ auto errError = ERR_get_error();
VLOG(6) << "AsyncSSLSocket(fd=" << fd_ << ", "
<< "state=" << state_ << ", "
<< "sslState=" << sslState_ << ", "
<< "reason: " << ERR_reason_error_string(errError);
return ReadResult(
READ_ERROR,
- folly::make_unique<SSLException>(error, errError, bytes, errno));
+ std::make_unique<SSLException>(error, errError, bytes, errno));
}
} else {
appBytesReceived_ += bytes;
<< "unsupported SSL renegotiation during write";
return WriteResult(
WRITE_ERROR,
- folly::make_unique<SSLException>(SSLError::INVALID_RENEGOTIATION));
+ std::make_unique<SSLException>(SSLError::INVALID_RENEGOTIATION));
} else {
if (zero_return(error, rc)) {
return WriteResult(0);
<< ", reason: " << ERR_reason_error_string(errError);
return WriteResult(
WRITE_ERROR,
- folly::make_unique<SSLException>(error, errError, rc, errno));
+ std::make_unique<SSLException>(error, errError, rc, errno));
}
}
<< "TODO: AsyncSSLSocket currently does not support calling "
<< "write() before the handshake has fully completed";
return WriteResult(
- WRITE_ERROR, folly::make_unique<SSLException>(SSLError::EARLY_WRITE));
+ WRITE_ERROR, std::make_unique<SSLException>(SSLError::EARLY_WRITE));
}
// Declare a buffer used to hold small write requests. It could point to a
uint32_t nextIndex = i + buffersStolen + 1;
bytesStolenFromNextBuffer = std::min(vec[nextIndex].iov_len,
minWriteSize_ - len);
- memcpy(combinedBuf + len, vec[nextIndex].iov_base,
- bytesStolenFromNextBuffer);
+ if (bytesStolenFromNextBuffer > 0) {
+ assert(vec[nextIndex].iov_base != nullptr);
+ ::memcpy(
+ combinedBuf + len,
+ vec[nextIndex].iov_base,
+ bytesStolenFromNextBuffer);
+ }
len += bytesStolenFromNextBuffer;
if (bytesStolenFromNextBuffer < vec[nextIndex].iov_len) {
// couldn't steal the whole buffer
int AsyncSSLSocket::bioWrite(BIO* b, const char* in, int inl) {
struct msghdr msg;
struct iovec iov;
- int flags = 0;
AsyncSSLSocket* tsslSock;
iov.iov_base = const_cast<char*>(in);
- iov.iov_len = inl;
+ iov.iov_len = size_t(inl);
memset(&msg, 0, sizeof(msg));
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
tsslSock = reinterpret_cast<AsyncSSLSocket*>(appData);
CHECK(tsslSock);
+ WriteFlags flags = WriteFlags::NONE;
if (tsslSock->isEorTrackingEnabled() && tsslSock->minEorRawByteNo_ &&
tsslSock->minEorRawByteNo_ <= BIO_number_written(b) + inl) {
- flags = MSG_EOR;
+ flags |= WriteFlags::EOR;
}
-#ifdef MSG_NOSIGNAL
- flags |= MSG_NOSIGNAL;
-#endif
-
-#ifdef MSG_MORE
if (tsslSock->corkCurrentWrite_) {
- flags |= MSG_MORE;
+ flags |= WriteFlags::CORK;
+ }
+
+ int msg_flags = tsslSock->getSendMsgParamsCB()->getFlags(
+ flags, false /*zeroCopyEnabled*/);
+ msg.msg_controllen =
+ tsslSock->getSendMsgParamsCB()->getAncillaryDataSize(flags);
+ CHECK_GE(AsyncSocket::SendMsgParamsCallback::maxAncillaryDataSize,
+ msg.msg_controllen);
+ if (msg.msg_controllen != 0) {
+ msg.msg_control = reinterpret_cast<char*>(alloca(msg.msg_controllen));
+ tsslSock->getSendMsgParamsCB()->getAncillaryData(flags, msg.msg_control);
}
-#endif
auto result = tsslSock->sendSocketMessage(
- OpenSSLUtils::getBioFd(b, nullptr), &msg, flags);
+ OpenSSLUtils::getBioFd(b, nullptr), &msg, msg_flags);
BIO_clear_retry_flags(b);
if (!result.exception && result.writeReturn <= 0) {
if (OpenSSLUtils::getBioShouldRetryWrite(int(result.writeReturn))) {
queue.append(std::move(sslSock->preReceivedData_));
queue.trimStart(len);
sslSock->preReceivedData_ = queue.move();
- return len;
+ return static_cast<int>(len);
} else {
- auto result = recv(OpenSSLUtils::getBioFd(b, nullptr), out, outl, 0);
+ auto result = int(recv(OpenSSLUtils::getBioFd(b, nullptr), out, outl, 0));
if (result <= 0 && OpenSSLUtils::getBioShouldRetryWrite(result)) {
BIO_set_retry_read(b);
}
preverifyOk;
}
-void AsyncSSLSocket::setPreReceivedData(std::unique_ptr<IOBuf> data) {
- CHECK(sslState_ == STATE_UNINIT || sslState_ == STATE_UNENCRYPTED);
- CHECK(!preReceivedData_);
- preReceivedData_ = std::move(data);
-}
-
void AsyncSSLSocket::enableClientHelloParsing() {
parseClientHello_ = true;
- clientHelloInfo_.reset(new ssl::ClientHelloInfo());
+ clientHelloInfo_ = std::make_unique<ssl::ClientHelloInfo>();
}
void AsyncSSLSocket::resetClientHelloParsing(SSL *ssl) {
return ret;
}
+void AsyncSSLSocket::setSSLCertVerificationAlert(std::string alert) {
+ sslVerificationAlert_ = std::move(alert);
+}
+
+std::string AsyncSSLSocket::getSSLCertVerificationAlert() const {
+ return sslVerificationAlert_;
+}
+
void AsyncSSLSocket::getSSLSharedCiphers(std::string& sharedCiphers) const {
char ciphersBuffer[1024];
ciphersBuffer[0] = '\0';
}
}
-} // namespace
+} // namespace folly