1 /* ====================================================================
2 * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
59 #include <openssl/err.h>
60 #include <openssl/buffer.h>
64 * Throughout this file and bio_lcl.h, the existence of the macro
65 * AI_PASSIVE is used to detect the availability of struct addrinfo,
66 * getnameinfo() and getaddrinfo(). If that macro doesn't exist,
67 * we use our own implementation instead, using gethostbyname,
68 * getservbyname and a few other.
71 /**********************************************************************
77 BIO_ADDR *BIO_ADDR_new(void)
79 BIO_ADDR *ret = OPENSSL_zalloc(sizeof(*ret));
81 ret->sa.sa_family = AF_UNSPEC;
85 void BIO_ADDR_free(BIO_ADDR *ap)
90 void BIO_ADDR_clear(BIO_ADDR *ap)
92 memset(ap, 0, sizeof(*ap));
93 ap->sa.sa_family = AF_UNSPEC;
97 * BIO_ADDR_make - non-public routine to fill a BIO_ADDR with the contents
98 * of a struct sockaddr.
100 int BIO_ADDR_make(BIO_ADDR *ap, const struct sockaddr *sa)
102 if (sa->sa_family == AF_INET) {
103 ap->sin = *(const struct sockaddr_in *)sa;
107 if (sa->sa_family == AF_INET6) {
108 ap->sin6 = *(const struct sockaddr_in6 *)sa;
113 if (ap->sa.sa_family == AF_UNIX) {
114 ap->sun = *(const struct sockaddr_un *)sa;
122 int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
123 const void *where, size_t wherelen,
127 if (family == AF_UNIX) {
128 if (wherelen + 1 > sizeof(ap->sun.sun_path))
130 memset(&ap->sun, 0, sizeof(ap->sun));
131 ap->sun.sun_family = family;
132 strncpy(ap->sun.sun_path, where, sizeof(ap->sun.sun_path) - 1);
136 if (family == AF_INET) {
137 if (wherelen != sizeof(struct in_addr))
139 memset(&ap->sin, 0, sizeof(ap->sin));
140 ap->sin.sin_family = family;
141 ap->sin.sin_port = port;
142 ap->sin.sin_addr = *(struct in_addr *)where;
146 if (family == AF_INET6) {
147 if (wherelen != sizeof(struct in6_addr))
149 memset(&ap->sin6, 0, sizeof(ap->sin6));
150 ap->sin6.sin6_family = family;
151 ap->sin6.sin6_port = port;
152 ap->sin6.sin6_addr = *(struct in6_addr *)where;
160 int BIO_ADDR_family(const BIO_ADDR *ap)
162 return ap->sa.sa_family;
165 int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l)
168 const void *addrptr = NULL;
170 if (ap->sa.sa_family == AF_INET) {
171 len = sizeof(ap->sin.sin_addr);
172 addrptr = &ap->sin.sin_addr;
175 else if (ap->sa.sa_family == AF_INET6) {
176 len = sizeof(ap->sin6.sin6_addr);
177 addrptr = &ap->sin6.sin6_addr;
181 else if (ap->sa.sa_family == AF_UNIX) {
182 len = strlen(ap->sun.sun_path);
183 addrptr = &ap->sun.sun_path;
191 memcpy(p, addrptr, len);
199 unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap)
201 if (ap->sa.sa_family == AF_INET)
202 return ap->sin.sin_port;
204 if (ap->sa.sa_family == AF_INET6)
205 return ap->sin6.sin6_port;
211 * addr_strings - helper function to get host and service names
212 * @ap: the BIO_ADDR that has the input info
213 * @numeric: 0 if actual names should be returned, 1 if the numeric
214 * representation should be returned.
215 * @hostname: a pointer to a pointer to a memory area to store the
216 * host name or numeric representation. Unused if NULL.
217 * @service: a pointer to a pointer to a memory area to store the
218 * service name or numeric representation. Unused if NULL.
220 * The return value is 0 on failure, with the error code in the error
221 * stack, and 1 on success.
223 static int addr_strings(const BIO_ADDR *ap, int numeric,
224 char **hostname, char **service)
226 if (BIO_sock_init() != 1)
232 char host[NI_MAXHOST], serv[NI_MAXSERV];
236 flags |= NI_NUMERICHOST | NI_NUMERICSERV;
238 if ((ret = getnameinfo(BIO_ADDR_sockaddr(ap),
239 BIO_ADDR_sockaddr_size(ap),
240 host, sizeof(host), serv, sizeof(serv),
243 if (ret == EAI_SYSTEM) {
244 SYSerr(SYS_F_GETNAMEINFO, get_last_socket_error());
245 BIOerr(BIO_F_ADDR_STRINGS, ERR_R_SYS_LIB);
249 BIOerr(BIO_F_ADDR_STRINGS, ERR_R_SYS_LIB);
250 ERR_add_error_data(1, gai_strerror(ret));
255 /* VMS getnameinfo() seems to have a bug, where serv gets filled
256 * with gibberish. We can at least check for digits when flags
257 * has NI_NUMERICSERV enabled
259 if ((flags & NI_NUMERICSERV) != 0 && !isdigit(serv[0])) {
260 BIO_snprintf(serv, sizeof(serv), "%d",
261 ntohs(BIO_ADDR_rawport(ap)));
265 *hostname = OPENSSL_strdup(host);
267 *service = OPENSSL_strdup(serv);
271 *hostname = OPENSSL_strdup(inet_ntoa(ap->sin.sin_addr));
273 char serv[6]; /* port is 16 bits => max 5 decimal digits */
274 BIO_snprintf(serv, sizeof(serv), "%d", ntohs(ap->sin.sin_port));
275 *service = OPENSSL_strdup(serv);
282 char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric)
284 char *hostname = NULL;
286 if (addr_strings(ap, numeric, &hostname, NULL))
292 char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric)
294 char *service = NULL;
296 if (addr_strings(ap, numeric, NULL, &service))
302 char *BIO_ADDR_path_string(const BIO_ADDR *ap)
305 if (ap->sa.sa_family == AF_UNIX)
306 return OPENSSL_strdup(ap->sun.sun_path);
312 * BIO_ADDR_sockaddr - non-public routine to return the struct sockaddr
313 * for a given BIO_ADDR. In reality, this is simply a type safe cast.
314 * The returned struct sockaddr is const, so it can't be tampered with.
316 const struct sockaddr *BIO_ADDR_sockaddr(const BIO_ADDR *ap)
322 * BIO_ADDR_sockaddr_noconst - non-public function that does the same
323 * as BIO_ADDR_sockaddr, but returns a non-const. USE WITH CARE, as
324 * it allows you to tamper with the data (and thereby the contents
325 * of the input BIO_ADDR).
327 struct sockaddr *BIO_ADDR_sockaddr_noconst(BIO_ADDR *ap)
333 * BIO_ADDR_sockaddr_size - non-public function that returns the size
334 * of the struct sockaddr the BIO_ADDR is using. If the protocol family
335 * isn't set or is something other than AF_INET, AF_INET6 or AF_UNIX,
336 * the size of the BIO_ADDR type is returned.
338 socklen_t BIO_ADDR_sockaddr_size(const BIO_ADDR *ap)
340 if (ap->sa.sa_family == AF_INET)
341 return sizeof(ap->sin);
343 if (ap->sa.sa_family == AF_INET6)
344 return sizeof(ap->sin6);
347 if (ap->sa.sa_family == AF_UNIX)
348 return sizeof(ap->sun);
353 /**********************************************************************
355 * Address info database
359 const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai)
362 return bai->bai_next;
366 int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai)
369 return bai->bai_family;
373 int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai)
376 return bai->bai_socktype;
380 int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai)
383 return bai->bai_protocol;
388 * BIO_ADDRINFO_sockaddr_size - non-public function that returns the size
389 * of the struct sockaddr inside the BIO_ADDRINFO.
391 socklen_t BIO_ADDRINFO_sockaddr_size(const BIO_ADDRINFO *bai)
394 return bai->bai_addrlen;
399 * BIO_ADDRINFO_sockaddr - non-public function that returns bai_addr
400 * as the struct sockaddr it is.
402 const struct sockaddr *BIO_ADDRINFO_sockaddr(const BIO_ADDRINFO *bai)
405 return bai->bai_addr;
409 const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai)
412 return (BIO_ADDR *)bai->bai_addr;
416 void BIO_ADDRINFO_free(BIO_ADDRINFO *bai)
423 # define _cond bai->bai_family != AF_UNIX
433 /* Free manually when we know that addrinfo_wrap() was used.
434 * See further comment above addrinfo_wrap()
436 while (bai != NULL) {
437 BIO_ADDRINFO *next = bai->bai_next;
438 OPENSSL_free(bai->bai_addr);
444 /**********************************************************************
451 * The specs in hostserv can take these forms:
453 * host:service => *host = "host", *service = "service"
454 * host:* => *host = "host", *service = NULL
455 * host: => *host = "host", *service = NULL
456 * :service => *host = NULL, *service = "service"
457 * *:service => *host = NULL, *service = "service"
459 * in case no : is present in the string, the result depends on
460 * hostserv_prio, as follows:
462 * when hostserv_prio == BIO_PARSE_PRIO_HOST
463 * host => *host = "host", *service untouched
465 * when hostserv_prio == BIO_PARSE_PRIO_SERV
466 * service => *host untouched, *service = "service"
469 int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
470 enum BIO_hostserv_priorities hostserv_prio)
472 const char *h = NULL; size_t hl = 0;
473 const char *p = NULL; size_t pl = 0;
475 if (*hostserv == '[') {
476 if ((p = strchr(hostserv, ']')) == NULL)
490 const char *p2 = strrchr(hostserv, ':');
491 p = strchr(hostserv, ':');
494 * Check for more than one colon. There are three possible
496 * 1. IPv6 address with port number, last colon being separator.
497 * 2. IPv6 address only.
498 * 3. IPv6 address only if hostserv_prio == BIO_PARSE_PRIO_HOST,
499 * IPv6 address and port number if hostserv_prio == BIO_PARSE_PRIO_SERV
500 * Because of this ambiguity, we currently choose to make it an
511 } else if (hostserv_prio == BIO_PARSE_PRIO_HOST) {
520 if (p != NULL && strchr(p, ':'))
523 if (h != NULL && host != NULL) {
525 || (hl == 1 && h[0] == '*')) {
528 *host = OPENSSL_strndup(h, hl);
533 if (p != NULL && service != NULL) {
535 || (pl == 1 && p[0] == '*')) {
538 *service = OPENSSL_strndup(p, pl);
539 if (*service == NULL)
546 BIOerr(BIO_F_BIO_PARSE_HOSTSERV, BIO_R_AMBIGUOUS_HOST_OR_SERVICE);
549 BIOerr(BIO_F_BIO_PARSE_HOSTSERV, BIO_R_MALFORMED_HOST_OR_SERVICE);
552 BIOerr(BIO_F_BIO_PARSE_HOSTSERV, ERR_R_MALLOC_FAILURE);
556 /* addrinfo_wrap is used to build our own addrinfo "chain".
557 * (it has only one entry, so calling it a chain may be a stretch)
558 * It should ONLY be called when getaddrinfo() and friends
559 * aren't available, OR when dealing with a non IP protocol
560 * family, such as AF_UNIX
562 * the return value is 1 on success, or 0 on failure, which
563 * only happens if a memory allocation error occured.
565 static int addrinfo_wrap(int family, int socktype,
566 const void *where, size_t wherelen,
570 OPENSSL_assert(bai != NULL);
572 *bai = OPENSSL_zalloc(sizeof(**bai));
576 (*bai)->bai_family = family;
577 (*bai)->bai_socktype = socktype;
578 if (socktype == SOCK_STREAM)
579 (*bai)->bai_protocol = IPPROTO_TCP;
580 if (socktype == SOCK_DGRAM)
581 (*bai)->bai_protocol = IPPROTO_UDP;
583 if (family == AF_UNIX)
584 (*bai)->bai_protocol = 0;
587 /* Magic: We know that BIO_ADDR_sockaddr_noconst is really
588 just an advanced cast of BIO_ADDR* to struct sockaddr *
589 by the power of union, so while it may seem that we're
590 creating a memory leak here, we are not. It will be
592 BIO_ADDR *addr = BIO_ADDR_new();
594 BIO_ADDR_rawmake(addr, family, where, wherelen, port);
595 (*bai)->bai_addr = BIO_ADDR_sockaddr_noconst(addr);
598 (*bai)->bai_next = NULL;
599 if ((*bai)->bai_addr == NULL) {
600 BIO_ADDRINFO_free(*bai);
608 * BIO_lookup - look up the node and service you want to connect to.
609 * @node: the node you want to connect to.
610 * @service: the service you want to connect to.
611 * @lookup_type: declare intent with the result, client or server.
612 * @family: the address family you want to use. Use AF_UNSPEC for any, or
613 * AF_INET, AF_INET6 or AF_UNIX.
614 * @socktype: The socket type you want to use. Can be SOCK_STREAM, SOCK_DGRAM
616 * @res: Storage place for the resulting list of returned addresses
618 * This will do a lookup of the node and service that you want to connect to.
619 * It returns a linked list of different addresses you can try to connect to.
621 * When no longer needed you should call BIO_ADDRINFO_free() to free the result.
623 * The return value is 1 on success or 0 in case of error.
625 int BIO_lookup(const char *host, const char *service,
626 enum BIO_lookup_type lookup_type,
627 int family, int socktype, BIO_ADDRINFO **res)
629 int ret = 0; /* Assume failure */
644 BIOerr(BIO_F_BIO_LOOKUP, BIO_R_UNSUPPORTED_PROTOCOL_FAMILY);
649 if (family == AF_UNIX) {
650 if (addrinfo_wrap(family, socktype, host, strlen(host), 0, res))
653 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_MALLOC_FAILURE);
658 if (BIO_sock_init() != 1)
664 struct addrinfo hints;
667 # ifdef AI_ADDRCONFIG
668 hints.ai_flags = AI_ADDRCONFIG;
670 hints.ai_family = family;
671 hints.ai_socktype = socktype;
672 hints.ai_protocol = 0;
673 hints.ai_addrlen = 0;
674 hints.ai_addr = NULL;
675 hints.ai_canonname = NULL;
676 hints.ai_next = NULL;
678 if (lookup_type == BIO_LOOKUP_SERVER)
679 hints.ai_flags |= AI_PASSIVE;
681 /* Note that |res| SHOULD be a 'struct addrinfo **' thanks to
682 * macro magic in bio_lcl.h
684 switch ((gai_ret = getaddrinfo(host, service, &hints, res))) {
687 SYSerr(SYS_F_GETADDRINFO, get_last_socket_error());
688 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_SYS_LIB);
692 ret = 1; /* Success */
695 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_SYS_LIB);
696 ERR_add_error_data(1, gai_strerror(gai_ret));
701 const struct hostent *he;
702 /* Windows doesn't seem to have in_addr_t */
703 #ifdef OPENSSL_SYS_WINDOWS
704 static uint32_t he_fallback_address;
705 static const uint32_t *he_fallback_addresses[] =
706 { &he_fallback_address, NULL };
708 static in_addr_t he_fallback_address;
709 static const in_addr_t *he_fallback_addresses[] =
710 { &he_fallback_address, NULL };
712 static const struct hostent he_fallback =
713 { NULL, NULL, AF_INET, sizeof(he_fallback_address),
714 (char **)&he_fallback_addresses };
716 /* Apprently, on WIN64, s_proto and s_port have traded places... */
718 struct servent se_fallback = { NULL, NULL, NULL, 0 };
720 struct servent se_fallback = { NULL, NULL, 0, NULL };
724 CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
725 CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
726 he_fallback_address = INADDR_ANY;
729 switch(lookup_type) {
730 case BIO_LOOKUP_CLIENT:
731 he_fallback_address = INADDR_LOOPBACK;
733 case BIO_LOOKUP_SERVER:
734 he_fallback_address = INADDR_ANY;
737 OPENSSL_assert(("We forgot to handle a lookup type!" == 0));
741 he = gethostbyname(host);
744 #ifndef OPENSSL_SYS_WINDOWS
745 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_SYS_LIB);
746 ERR_add_error_data(1, hstrerror(h_errno));
748 SYSerr(SYS_F_GETHOSTBYNAME, WSAGetLastError());
755 if (service == NULL) {
756 se_fallback.s_port = 0;
757 se_fallback.s_proto = proto;
761 long portnum = strtol(service, &endp, 10);
763 if (endp != service && *endp == '\0'
764 && portnum > 0 && portnum < 65536) {
765 se_fallback.s_port = htons(portnum);
766 se_fallback.s_proto = proto;
768 } else if (endp == service) {
777 se = getservbyname(service, proto);
780 #ifndef OPENSSL_SYS_WINDOWS
781 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_SYS_LIB);
782 ERR_add_error_data(1, hstrerror(h_errno));
784 SYSerr(SYS_F_GETSERVBYNAME, WSAGetLastError());
789 BIOerr(BIO_F_BIO_LOOKUP, BIO_R_MALFORMED_HOST_OR_SERVICE);
799 BIO_ADDRINFO *tmp_bai = NULL;
801 /* The easiest way to create a linked list from an
802 array is to start from the back */
803 for(addrlistp = he->h_addr_list; *addrlistp != NULL;
807 for(addresses = addrlistp - he->h_addr_list;
808 addrlistp--, addresses-- > 0; ) {
809 if (!addrinfo_wrap(he->h_addrtype, socktype,
810 *addrlistp, he->h_length,
811 se->s_port, &tmp_bai))
812 goto addrinfo_malloc_err;
813 tmp_bai->bai_next = *res;
817 BIO_ADDRINFO_free(*res);
819 BIOerr(BIO_F_BIO_LOOKUP, ERR_R_MALLOC_FAILURE);
827 CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
828 CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);