feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3901 from dgarske/bio_read

Browse Source 
Fix for BIO read callback not called
This commit is contained in:
toddouska
2021-04-23 15:51:38 -07:00
committed by GitHub
parent bbda833909 beff4daf7e
commit 47fe114a02
4 changed files with 199 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/dox_comments/header_files/asn_public.h
View File

@@ -1210,7 +1210,7 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
and storing it as a pem file and storing it as a pem file
\return MEMORY_E Returned if there is an error allocating memory \return MEMORY_E Returned if there is an error allocating memory
with XMALLOC with XMALLOC
\return ASN_INPUT_E Returned in the case of a base 64 encoding error \return ASN_INPUT_E Returned in the case of a base64 encoding error
\return BUFFER_E May be returned if the output buffer is too small to \return BUFFER_E May be returned if the output buffer is too small to
store the pem formatted certificate store the pem formatted certificate
@@ -1253,7 +1253,7 @@ WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
and storing it as a pem file and storing it as a pem file
\return MEMORY_E Returned if there is an error allocating memory \return MEMORY_E Returned if there is an error allocating memory
with XMALLOC with XMALLOC
\return ASN_INPUT_E Returned in the case of a base 64 encoding error \return ASN_INPUT_E Returned in the case of a base64 encoding error
\return BUFFER_E May be returned if the output buffer is too small to \return BUFFER_E May be returned if the output buffer is too small to
store the pem formatted certificate store the pem formatted certificate

288
src/bio.c
View File

@@ -40,7 +40,7 @@ static int wolfSSL_BIO_BASE64_read(WOLFSSL_BIO* bio, void* buf, int len)
if (Base64_Decode((const byte*)buf, (word32)len, (byte*)buf, &frmtSz) !=0) { if (Base64_Decode((const byte*)buf, (word32)len, (byte*)buf, &frmtSz) !=0) {
WOLFSSL_MSG("Err doing base64 decode"); WOLFSSL_MSG("Err doing base64 decode");
return SSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
(void)bio; (void)bio;
@@ -146,7 +146,7 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf,
front->eof = 1; front->eof = 1;
else if (ret < 0) { else if (ret < 0) {
int err = wolfSSL_get_error((WOLFSSL*)bio->ptr, 0); int err = wolfSSL_get_error((WOLFSSL*)bio->ptr, 0);
if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) { if ( !(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE) ) {
front->eof = 1; front->eof = 1;
} }
else { else {
@@ -213,46 +213,57 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
if (bio->method && bio->method->readCb) { if (bio->method && bio->method->readCb) {
ret = bio->method->readCb(bio, (char*)buf, len); ret = bio->method->readCb(bio, (char*)buf, len);
} }
else {
/* formatting data */ switch (bio->type) {
if (bio->type == WOLFSSL_BIO_BASE64 && ret > 0 && sz > 0) { case WOLFSSL_BIO_BASE64: /* formatting data */
if (sz > 0)
ret = wolfSSL_BIO_BASE64_read(bio, buf, sz); ret = wolfSSL_BIO_BASE64_read(bio, buf, sz);
} break;
case WOLFSSL_BIO_BIO: /* read BIOs */
/* write BIOs */
if (bio && bio->type == WOLFSSL_BIO_BIO) {
ret = wolfSSL_BIO_BIO_read(bio, buf, len); ret = wolfSSL_BIO_BIO_read(bio, buf, len);
} break;
case WOLFSSL_BIO_MEMORY:
if (bio && bio->type == WOLFSSL_BIO_MEMORY) {
ret = wolfSSL_BIO_MEMORY_read(bio, buf, len); ret = wolfSSL_BIO_MEMORY_read(bio, buf, len);
} break;
case WOLFSSL_BIO_FILE:
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
if (bio && bio->type == WOLFSSL_BIO_FILE) { if (bio->ptr) {
if (bio->ptr)
ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr); ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr);
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\ }
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2) #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR) && \
else !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
else {
ret = (int)XREAD(bio->num, buf, len); ret = (int)XREAD(bio->num, buf, len);
#endif
} }
#else
WOLFSSL_MSG("No file pointer and XREAD not enabled");
ret = NOT_COMPILED_IN;
#endif #endif
#else
WOLFSSL_MSG("WOLFSSL_BIO_FILE used with NO_FILESYSTEM");
ret = NOT_COMPILED_IN;
#endif /* !NO_FILESYSTEM */
break;
case WOLFSSL_BIO_SSL:
#ifndef WOLFCRYPT_ONLY #ifndef WOLFCRYPT_ONLY
if (bio && bio->type == WOLFSSL_BIO_SSL) {
ret = wolfSSL_BIO_SSL_read(bio, buf, len, front); ret = wolfSSL_BIO_SSL_read(bio, buf, len, front);
} #else
WOLFSSL_MSG("WOLFSSL_BIO_SSL used with WOLFCRYPT_ONLY");
/* data passing through BIO MD wrapper */ ret = NOT_COMPILED_IN;
if (bio && bio->type == WOLFSSL_BIO_MD && ret > 0) {
ret = wolfSSL_BIO_MD_read(bio, buf, ret);
}
#endif #endif
break;
if (bio->type == WOLFSSL_BIO_SOCKET) { case WOLFSSL_BIO_MD: /* data passing through BIO MD wrapper */
#ifndef WOLFCRYPT_ONLY
ret = wolfSSL_BIO_MD_read(bio, buf, ret);
#else
WOLFSSL_MSG("WOLFSSL_BIO_MD used with WOLFCRYPT_ONLY");
ret = NOT_COMPILED_IN;
#endif
break;
case WOLFSSL_BIO_SOCKET:
ret = wolfIO_Recv(bio->num, (char*)buf, len, 0); ret = wolfIO_Recv(bio->num, (char*)buf, len, 0);
break;
} /* switch */
} }
/* case where front of list is done */ /* case where front of list is done */
@@ -279,15 +290,22 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
} }
#ifdef WOLFSSL_BASE64_ENCODE
/* Converts data into base64 output /* Converts data into base64 output
* *
* returns the resulting buffer size on success. * returns the resulting buffer size on success.
*/ */
/**
* `out` buffer is allocated here and the caller is responsible
* for free'ing it
* `data` and `out` can be the same in which case `data` should
* always be set to `out` after this function call succeeds
*/
static int wolfSSL_BIO_BASE64_write(WOLFSSL_BIO* bio, const void* data, static int wolfSSL_BIO_BASE64_write(WOLFSSL_BIO* bio, const void* data,
word32 inLen, byte* out, word32* outLen) word32 inLen, byte** out, word32* outLen, void* heap)
{ {
byte* tmp = NULL; byte* tmp = NULL;
int ret = 0; word32 sz = 0;
WOLFSSL_ENTER("wolfSSL_BIO_BASE64_write"); WOLFSSL_ENTER("wolfSSL_BIO_BASE64_write");
@@ -295,44 +313,61 @@ static int wolfSSL_BIO_BASE64_write(WOLFSSL_BIO* bio, const void* data,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#if defined(WOLFSSL_BASE64_ENCODE) /* get the encoded length */
tmp = (byte*)XMALLOC(*outLen, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); if (bio->flags & WOLFSSL_BIO_FLAG_BASE64_NO_NL) {
if (tmp == NULL) { if (Base64_Encode_NoNl((const byte*)data, inLen, NULL,
&sz) != LENGTH_ONLY_E) {
WOLFSSL_MSG("Error with base64 get length");
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
}
else {
if (Base64_Encode((const byte*)data, inLen, NULL, &sz) !=
LENGTH_ONLY_E) {
WOLFSSL_MSG("Error with base64 get length");
return WOLFSSL_FATAL_ERROR;
}
}
if ((bio->flags & WOLFSSL_BIO_FLAG_BASE64_NO_NL) == if (sz == 0) {
WOLFSSL_BIO_FLAG_BASE64_NO_NL) { *outLen = 0;
return 0; /* nothing to do */
}
/* allocate temp buffer, since base64 encode does not allow inline */
tmp = (byte*)XMALLOC(sz, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
WOLFSSL_MSG("Memory error");
return WOLFSSL_FATAL_ERROR;
}
if (bio->flags & WOLFSSL_BIO_FLAG_BASE64_NO_NL) {
if (Base64_Encode_NoNl((const byte*)data, inLen, if (Base64_Encode_NoNl((const byte*)data, inLen,
tmp, outLen) < 0) { tmp, &sz) < 0) {
ret = WOLFSSL_FATAL_ERROR; WOLFSSL_MSG("Base64_Encode_NoNl error");
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FATAL_ERROR;
} }
} }
else { else {
if (Base64_Encode((const byte*)data, inLen, if (Base64_Encode((const byte*)data, inLen,
tmp, outLen) < 0) { tmp, &sz) < 0) {
ret = WOLFSSL_FATAL_ERROR; WOLFSSL_MSG("Base64_Encode error");
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FATAL_ERROR;
} }
} }
if (ret != WOLFSSL_FATAL_ERROR) { if (*out != NULL)
ret = (int) inLen; XFREE(*out, heap, DYNAMIC_TYPE_TMP_BUFFER);
XMEMCPY(out, tmp, *outLen); *out = tmp;
*outLen = sz;
/* out is free'd by caller */
} (void)heap;
XFREE(tmp, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
#else return inLen;
(void)bio;
(void)data;
(void)inLen;
(void)out;
(void)outLen;
(void)tmp;
WOLFSSL_MSG("BASE64 encoding not compiled in");
#endif
return ret;
} }
#endif /* WOLFSSL_BASE64_ENCODE */
#ifndef WOLFCRYPT_ONLY #ifndef WOLFCRYPT_ONLY
/* Helper function for writing to a WOLFSSL_BIO_SSL type /* Helper function for writing to a WOLFSSL_BIO_SSL type
@@ -356,7 +391,7 @@ static int wolfSSL_BIO_SSL_write(WOLFSSL_BIO* bio, const void* data,
front->eof = 1; front->eof = 1;
else if (ret < 0) { else if (ret < 0) {
int err = wolfSSL_get_error((WOLFSSL*)bio->ptr, 0); int err = wolfSSL_get_error((WOLFSSL*)bio->ptr, 0);
if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) { if ( !(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE) ) {
front->eof = 1; front->eof = 1;
} }
else { else {
@@ -506,6 +541,8 @@ static int wolfSSL_BIO_MD_write(WOLFSSL_BIO* bio, const void* data, int len)
int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len) int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
{ {
int ret = 0; int ret = 0;
/* Use extra return var as we want to return how much of input we have
* written, not how big the base64 encoding ended up being */
int retB64 = 0; int retB64 = 0;
WOLFSSL_BIO* front = bio; WOLFSSL_BIO* front = bio;
void* frmt = NULL; void* frmt = NULL;
@@ -527,109 +564,90 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
if (bio->method && bio->method->writeCb) { if (bio->method && bio->method->writeCb) {
ret = bio->method->writeCb(bio, (const char*)data, len); ret = bio->method->writeCb(bio, (const char*)data, len);
} }
/* check for formatting */
if (bio->type == WOLFSSL_BIO_BASE64) {
#if defined(WOLFSSL_BASE64_ENCODE)
word32 sz = 0;
if (bio->flags & WOLFSSL_BIO_FLAG_BASE64_NO_NL) {
if (Base64_Encode_NoNl((const byte*)data, len, NULL,
&sz) != LENGTH_ONLY_E) {
WOLFSSL_MSG("Error with base 64 get length");
ret = SSL_FATAL_ERROR;
}
}
else { else {
if (Base64_Encode((const byte*)data, len, NULL, &sz) != switch (bio->type) {
LENGTH_ONLY_E) { case WOLFSSL_BIO_BASE64:
WOLFSSL_MSG("Error with base 64 get length"); {
ret = SSL_FATAL_ERROR; #ifdef WOLFSSL_BASE64_ENCODE
} ret = retB64 = wolfSSL_BIO_BASE64_write(bio, data, (word32)len,
} (byte**)&frmt, &frmtSz, front->heap);
if (ret > 0) {
if (frmt == NULL && sz > 0 && ret != SSL_FATAL_ERROR) {
frmt = (void*)XMALLOC(sz, front->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (frmt == NULL) {
WOLFSSL_MSG("Memory error");
ret = SSL_FATAL_ERROR;
}
frmtSz = sz;
}
else if (sz > frmtSz) {
frmt = (void*)XREALLOC(frmt, sz, front->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (frmt == NULL) {
WOLFSSL_MSG("Memory error");
ret = SSL_FATAL_ERROR;
}
/* since frmt already existed then data should point to knew
formatted buffer */
data = frmt;
len = frmtSz;
frmtSz = sz;
}
#endif /* defined(WOLFSSL_BASE64_ENCODE) */
if (ret >= 0) {
/* change so that data is formatted buffer */ /* change so that data is formatted buffer */
retB64 = wolfSSL_BIO_BASE64_write(bio, data, (word32)len,
(byte*)frmt, &frmtSz);
data = frmt; data = frmt;
len = frmtSz; len = frmtSz;
} }
#else
WOLFSSL_MSG("WOLFSSL_BIO_BASE64 used without "
"WOLFSSL_BASE64_ENCODE");
ret = NOT_COMPILED_IN;
#endif /* WOLFSSL_BASE64_ENCODE */
break;
} }
case WOLFSSL_BIO_BIO: /* write bios */
/* write bios */
if (bio->type == WOLFSSL_BIO_BIO) {
ret = wolfSSL_BIO_BIO_write(bio, data, len); ret = wolfSSL_BIO_BIO_write(bio, data, len);
} break;
case WOLFSSL_BIO_MEMORY:
if (bio->type == WOLFSSL_BIO_MEMORY) {
ret = wolfSSL_BIO_MEMORY_write(bio, data, len); ret = wolfSSL_BIO_MEMORY_write(bio, data, len);
} break;
case WOLFSSL_BIO_FILE:
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
if (bio && bio->type == WOLFSSL_BIO_FILE) { if (bio->ptr) {
if (bio->ptr)
ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr); ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr);
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
else
ret = (int)XWRITE(bio->num, data, len);
#endif
} }
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR) && \
!defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
else {
ret = (int)XWRITE(bio->num, data, len);
}
#else
WOLFSSL_MSG("No file pointer and XWRITE not enabled");
ret = NOT_COMPILED_IN;
#endif #endif
#else
WOLFSSL_MSG("WOLFSSL_BIO_FILE used with NO_FILESYSTEM");
ret = NOT_COMPILED_IN;
#endif /* !NO_FILESYSTEM */
break;
case WOLFSSL_BIO_SSL:
#ifndef WOLFCRYPT_ONLY #ifndef WOLFCRYPT_ONLY
if (bio->type == WOLFSSL_BIO_SSL) {
/* already got eof, again is error */ /* already got eof, again is error */
if (front->eof) { if (front->eof) {
ret = SSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
} }
else { else {
ret = wolfSSL_BIO_SSL_write(bio, data, len, front); ret = wolfSSL_BIO_SSL_write(bio, data, len, front);
} }
/* Rest of chain is taken care of inside call */ /* Rest of chain is taken care of inside call */
goto exit_chain;
#else
WOLFSSL_MSG("WOLFSSL_BIO_SSL used with WOLFCRYPT_ONLY");
ret = NOT_COMPILED_IN;
#endif
break; break;
} case WOLFSSL_BIO_MD:
#ifndef WOLFCRYPT_ONLY
if (bio->type == WOLFSSL_BIO_MD) {
if (bio->next != NULL) { /* data passing through MD BIO */ if (bio->next != NULL) { /* data passing through MD BIO */
ret = wolfSSL_BIO_MD_write(bio, data, len); ret = wolfSSL_BIO_MD_write(bio, data, len);
} }
} #else
#endif /* WOLFCRYPT_ONLY */ WOLFSSL_MSG("WOLFSSL_BIO_MD used with WOLFCRYPT_ONLY");
ret = NOT_COMPILED_IN;
if (bio->type == WOLFSSL_BIO_SOCKET) { #endif
break;
case WOLFSSL_BIO_SOCKET:
ret = wolfIO_Send(bio->num, (char*)data, len, 0); ret = wolfIO_Send(bio->num, (char*)data, len, 0);
break;
} /* switch */
} }
/* advance to the next bio in list */ /* advance to the next bio in list */
bio = bio->next; bio = bio->next;
} }
#ifndef WOLFCRYPT_ONLY
exit_chain:
#endif
/* info cb, user can override return value */ /* info cb, user can override return value */
if (front != NULL && front->infoCb != NULL) { if (front != NULL && front->infoCb != NULL) {
ret = (int)front->infoCb(front, ret = (int)front->infoCb(front,
@@ -641,7 +659,7 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
} }
if (retB64 != 0) if (retB64 > 0 && ret > 0)
return retB64; return retB64;
else else
return ret; return ret;
@@ -1144,7 +1162,7 @@ int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b)
WOLFSSL_ENTER("wolfSSL_BIO_ctrl_reset_read_request"); WOLFSSL_ENTER("wolfSSL_BIO_ctrl_reset_read_request");
if (b == NULL || b->type == WOLFSSL_BIO_MEMORY) { if (b == NULL || b->type == WOLFSSL_BIO_MEMORY) {
return SSL_FAILURE; return WOLFSSL_FAILURE;
} }
b->readRq = 0; b->readRq = 0;
@@ -1194,7 +1212,7 @@ int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
} }
if (bio->type == WOLFSSL_BIO_MEMORY) { if (bio->type == WOLFSSL_BIO_MEMORY) {
return SSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (bio->pair != NULL) { if (bio->pair != NULL) {
@@ -1246,7 +1264,7 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
} }
if (bio->type != WOLFSSL_BIO_BIO) { if (bio->type != WOLFSSL_BIO_BIO) {
return SSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (bio->pair != NULL) { if (bio->pair != NULL) {
@@ -1414,7 +1432,7 @@ long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp)
} }
if (bio->type != WOLFSSL_BIO_FILE) { if (bio->type != WOLFSSL_BIO_FILE) {
return SSL_FAILURE; return WOLFSSL_FAILURE;
} }
*fp = (XFILE)bio->ptr; *fp = (XFILE)bio->ptr;

11
src/wolfio.c
View File

@@ -133,14 +133,13 @@ int BioReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
return WOLFSSL_CBIO_ERR_GENERAL; return WOLFSSL_CBIO_ERR_GENERAL;
} }
if (wolfSSL_BIO_supports_pending(ssl->biord) &&
wolfSSL_BIO_ctrl_pending(ssl->biord) == 0) {
WOLFSSL_MSG("BIO want read");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
recvd = wolfSSL_BIO_read(ssl->biord, buf, sz); recvd = wolfSSL_BIO_read(ssl->biord, buf, sz);
if (recvd <= 0) { if (recvd <= 0) {
if (ssl->biord->type == WOLFSSL_BIO_SOCKET) { if (wolfSSL_BIO_supports_pending(ssl->biord) &&
wolfSSL_BIO_ctrl_pending(ssl->biord) == 0) {
return WOLFSSL_CBIO_ERR_WANT_READ;
}
else if (ssl->biord->type == WOLFSSL_BIO_SOCKET) {
int err; int err;
if (recvd == 0) { if (recvd == 0) {

1
wolfssl/ssl.h
View File

@@ -3724,6 +3724,7 @@ WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio); WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
/* non-standard API to determine if BIO supports "pending" */
WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio); WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio);
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);