2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-lib-core.h"
23 #include "private-lib-tls-openssl.h"
26 int openssl_websocket_private_data_index,
27 openssl_SSL_CTX_private_data_index;
30 * Care: many openssl apis return 1 for success. These are translated to the
31 * lws convention of 0 for success.
34 int lws_openssl_describe_cipher(struct lws *wsi)
36 #if !defined(LWS_WITH_NO_LOGS)
38 SSL *s = wsi->tls.ssl;
40 SSL_get_cipher_bits(s, &np);
41 lwsl_info("%s: wsi %p: %s, %s, %d bits, %s\n", __func__, wsi,
42 SSL_get_cipher_name(s), SSL_get_cipher(s), np,
43 SSL_get_cipher_version(s));
49 int lws_ssl_get_error(struct lws *wsi, int n)
56 m = SSL_get_error(wsi->tls.ssl, n);
57 lwsl_debug("%s: %p %d -> %d (errno %d)\n", __func__, wsi->tls.ssl, n, m,
64 lws_context_init_ssl_pem_passwd_cb(char *buf, int size, int rwflag,
67 struct lws_context_creation_info * info =
68 (struct lws_context_creation_info *)userdata;
70 strncpy(buf, info->ssl_private_key_password, size);
73 return (int)strlen(buf);
77 lws_context_init_ssl_pem_passwd_client_cb(char *buf, int size, int rwflag,
80 struct lws_context_creation_info * info =
81 (struct lws_context_creation_info *)userdata;
82 const char *p = info->ssl_private_key_password;
84 if (info->client_ssl_private_key_password)
85 p = info->client_ssl_private_key_password;
87 strncpy(buf, p, size);
90 return (int)strlen(buf);
94 lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, int is_client,
95 const struct lws_context_creation_info *info)
97 if (!info->ssl_private_key_password &&
98 !info->client_ssl_private_key_password)
101 * password provided, set ssl callback and user data
102 * for checking password which will be trigered during
103 * SSL_CTX_use_PrivateKey_file function
105 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)info);
106 SSL_CTX_set_default_passwd_cb(ssl_ctx, is_client ?
107 lws_context_init_ssl_pem_passwd_client_cb:
108 lws_context_init_ssl_pem_passwd_cb);
112 lws_ssl_destroy_client_ctx(struct lws_vhost *vhost)
114 struct lws_tls_client_reuse *tcr;
116 if (vhost->tls.user_supplied_ssl_ctx || !vhost->tls.ssl_client_ctx)
119 tcr = SSL_CTX_get_ex_data(vhost->tls.ssl_client_ctx,
120 openssl_SSL_CTX_private_data_index);
122 if (!tcr || --tcr->refcount)
125 SSL_CTX_free(vhost->tls.ssl_client_ctx);
126 vhost->tls.ssl_client_ctx = NULL;
128 vhost->context->tls.count_client_contexts--;
130 lws_dll2_remove(&tcr->cc_list);
135 lws_ssl_destroy(struct lws_vhost *vhost)
137 if (!lws_check_opt(vhost->context->options,
138 LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
141 if (vhost->tls.ssl_ctx)
142 SSL_CTX_free(vhost->tls.ssl_ctx);
144 lws_ssl_destroy_client_ctx(vhost);
146 // after 1.1.0 no need
147 #if (OPENSSL_VERSION_NUMBER < 0x10100000)
148 // <= 1.0.1f = old api, 1.0.1g+ = new api
149 #if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
152 #if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
153 !defined(LIBRESSL_VERSION_NUMBER) && \
154 !defined(OPENSSL_IS_BORINGSSL)
155 ERR_remove_thread_state();
157 ERR_remove_thread_state(NULL);
160 /* not needed after 1.1.0 */
161 #if (OPENSSL_VERSION_NUMBER >= 0x10002000) && \
162 (OPENSSL_VERSION_NUMBER <= 0x10100000)
163 SSL_COMP_free_compression_methods();
167 CRYPTO_cleanup_all_ex_data();
172 lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len)
174 struct lws_context *context = wsi->context;
175 struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
179 return lws_ssl_capable_read_no_ssl(wsi, buf, len);
181 lws_stats_bump(pt, LWSSTATS_C_API_READ, 1);
185 n = SSL_read(wsi->tls.ssl, buf, len);
186 #if defined(LWS_WITH_ESP32)
187 if (!n && errno == LWS_ENOTCONN) {
188 lwsl_debug("%p: SSL_read ENOTCONN\n", wsi);
189 return LWS_SSL_CAPABLE_ERROR;
192 #if defined(LWS_WITH_STATS)
193 if (!wsi->seen_rx && wsi->accept_start_us) {
194 lws_stats_bump(pt, LWSSTATS_US_SSL_RX_DELAY_AVG,
196 wsi->accept_start_us);
197 lws_stats_bump(pt, LWSSTATS_C_SSL_CONNS_HAD_RX, 1);
203 lwsl_debug("%p: SSL_read says %d\n", wsi, n);
204 /* manpage: returning 0 means connection shut down
206 * 2018-09-10: https://github.com/openssl/openssl/issues/1903
208 * So, in summary, if you get a 0 or -1 return from SSL_read() /
209 * SSL_write(), you should call SSL_get_error():
211 * - If you get back SSL_ERROR_RETURN_ZERO then you know the connection
212 * has been cleanly shutdown by the peer. To fully close the
213 * connection you may choose to call SSL_shutdown() to send a
216 * - If you get back SSL_ERROR_SSL then some kind of internal or
217 * protocol error has occurred. More details will be on the SSL error
218 * queue. You can also call SSL_get_shutdown(). If this indicates a
219 * state of SSL_RECEIVED_SHUTDOWN then you know a fatal alert has
220 * been received from the peer (if it had been a close_notify then
221 * SSL_get_error() would have returned SSL_ERROR_RETURN_ZERO).
222 * SSL_ERROR_SSL is considered fatal - you should not call
223 * SSL_shutdown() in this case.
225 * - If you get back SSL_ERROR_SYSCALL then some kind of fatal (i.e.
226 * non-retryable) error has occurred in a system call.
229 m = lws_ssl_get_error(wsi, n);
230 lwsl_debug("%p: ssl err %d errno %d\n", wsi, m, errno);
231 if (m == SSL_ERROR_ZERO_RETURN) /* cleanly shut down */
232 return LWS_SSL_CAPABLE_ERROR;
234 /* hm not retryable.. could be 0 size pkt or error */
236 if (m == SSL_ERROR_SSL || m == SSL_ERROR_SYSCALL ||
237 errno == LWS_ENOTCONN) {
239 /* unclean, eg closed conn */
241 wsi->socket_is_permanently_unusable = 1;
243 return LWS_SSL_CAPABLE_ERROR;
248 if (SSL_want_read(wsi->tls.ssl)) {
249 lwsl_debug("%s: WANT_READ\n", __func__);
250 lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
251 return LWS_SSL_CAPABLE_MORE_SERVICE;
253 if (SSL_want_write(wsi->tls.ssl)) {
254 lwsl_debug("%s: WANT_WRITE\n", __func__);
255 lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
256 return LWS_SSL_CAPABLE_MORE_SERVICE;
259 /* keep on trucking it seems */
262 lws_stats_bump(pt, LWSSTATS_B_READ, n);
265 wsi->vhost->conn_stats.rx += n;
267 // lwsl_hexdump_err(buf, n);
270 * if it was our buffer that limited what we read,
271 * check if SSL has additional data pending inside SSL buffers.
273 * Because these won't signal at the network layer with POLLIN
274 * and if we don't realize, this data will sit there forever
281 if (SSL_pending(wsi->tls.ssl) &&
282 lws_dll2_is_detached(&wsi->tls.dll_pending_tls))
283 lws_dll2_add_head(&wsi->tls.dll_pending_tls,
284 &pt->tls.dll_pending_tls_owner);
288 lws_ssl_remove_wsi_from_buffered_list(wsi);
294 lws_ssl_pending(struct lws *wsi)
299 return SSL_pending(wsi->tls.ssl);
303 lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len)
308 return lws_ssl_capable_write_no_ssl(wsi, buf, len);
312 n = SSL_write(wsi->tls.ssl, buf, len);
316 m = lws_ssl_get_error(wsi, n);
317 if (m != SSL_ERROR_SYSCALL) {
318 if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {
319 lwsl_notice("%s: want read\n", __func__);
321 return LWS_SSL_CAPABLE_MORE_SERVICE;
324 if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {
325 lws_set_blocking_send(wsi);
327 lwsl_debug("%s: want write\n", __func__);
329 return LWS_SSL_CAPABLE_MORE_SERVICE;
333 lwsl_debug("%s failed: %s\n",__func__, ERR_error_string(m, NULL));
334 lws_tls_err_describe_clear();
336 wsi->socket_is_permanently_unusable = 1;
338 return LWS_SSL_CAPABLE_ERROR;
342 lws_ssl_info_callback(const SSL *ssl, int where, int ret)
345 struct lws_context *context;
346 struct lws_ssl_info si;
349 context = (struct lws_context *)SSL_CTX_get_ex_data(
350 SSL_get_SSL_CTX(ssl),
351 openssl_SSL_CTX_private_data_index);
353 context = (struct lws_context *)SSL_CTX_get_ex_data(
354 SSL_get_SSL_CTX((SSL*) ssl),
355 openssl_SSL_CTX_private_data_index);
359 wsi = wsi_from_fd(context, SSL_get_fd(ssl));
363 if (!(where & wsi->vhost->tls.ssl_info_event_mask))
369 if (user_callback_handle_rxflow(wsi->protocol->callback,
370 wsi, LWS_CALLBACK_SSL_INFO,
371 wsi->user_space, &si, 0))
372 lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1);
377 lws_ssl_close(struct lws *wsi)
382 return 0; /* not handled */
384 #if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
385 /* kill ssl callbacks, because we will remove the fd from the
386 * table linking it to the wsi
388 if (wsi->vhost->tls.ssl_info_event_mask)
389 SSL_set_info_callback(wsi->tls.ssl, NULL);
392 n = SSL_get_fd(wsi->tls.ssl);
393 if (!wsi->socket_is_permanently_unusable)
394 SSL_shutdown(wsi->tls.ssl);
396 SSL_free(wsi->tls.ssl);
399 if (wsi->context->simultaneous_ssl_restriction &&
400 wsi->context->simultaneous_ssl-- ==
401 wsi->context->simultaneous_ssl_restriction)
402 /* we made space and can do an accept */
403 lws_gate_accepts(wsi->context, 1);
405 // lwsl_notice("%s: ssl restr %d, simul %d\n", __func__,
406 // wsi->context->simultaneous_ssl_restriction,
407 // wsi->context->simultaneous_ssl);
409 #if defined(LWS_WITH_STATS)
410 wsi->context->updated = 1;
413 return 1; /* handled */
417 lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost)
419 if (vhost->tls.ssl_ctx)
420 SSL_CTX_free(vhost->tls.ssl_ctx);
422 lws_ssl_destroy_client_ctx(vhost);
424 #if defined(LWS_WITH_ACME)
425 lws_tls_acme_sni_cert_destroy(vhost);
430 lws_ssl_context_destroy(struct lws_context *context)
432 // after 1.1.0 no need
433 #if (OPENSSL_VERSION_NUMBER < 0x10100000)
434 // <= 1.0.1f = old api, 1.0.1g+ = new api
435 #if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
438 #if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
439 !defined(LIBRESSL_VERSION_NUMBER) && \
440 !defined(OPENSSL_IS_BORINGSSL)
441 ERR_remove_thread_state();
443 ERR_remove_thread_state(NULL);
446 // after 1.1.0 no need
447 #if (OPENSSL_VERSION_NUMBER >= 0x10002000) && (OPENSSL_VERSION_NUMBER <= 0x10100000)
448 SSL_COMP_free_compression_methods();
452 CRYPTO_cleanup_all_ex_data();
457 lws_tls_ctx_from_wsi(struct lws *wsi)
462 return SSL_get_SSL_CTX(wsi->tls.ssl);
465 enum lws_ssl_capable_status
466 __lws_tls_shutdown(struct lws *wsi)
472 n = SSL_shutdown(wsi->tls.ssl);
473 lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd);
475 case 1: /* successful completion */
476 n = shutdown(wsi->desc.sockfd, SHUT_WR);
477 return LWS_SSL_CAPABLE_DONE;
479 case 0: /* needs a retry */
480 __lws_change_pollfd(wsi, 0, LWS_POLLIN);
481 return LWS_SSL_CAPABLE_MORE_SERVICE;
483 default: /* fatal error, or WANT */
484 n = SSL_get_error(wsi->tls.ssl, n);
485 if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) {
486 if (SSL_want_read(wsi->tls.ssl)) {
487 lwsl_debug("(wants read)\n");
488 __lws_change_pollfd(wsi, 0, LWS_POLLIN);
489 return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
491 if (SSL_want_write(wsi->tls.ssl)) {
492 lwsl_debug("(wants write)\n");
493 __lws_change_pollfd(wsi, 0, LWS_POLLOUT);
494 return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;
497 return LWS_SSL_CAPABLE_ERROR;
503 tops_fake_POLLIN_for_buffered_openssl(struct lws_context_per_thread *pt)
505 return lws_tls_fake_POLLIN_for_buffered(pt);
508 const struct lws_tls_ops tls_ops_openssl = {
509 /* fake_POLLIN_for_buffered */ tops_fake_POLLIN_for_buffered_openssl,