2 * Copyright 2005-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
17 #include "bio_local.h"
18 #ifndef OPENSSL_NO_DGRAM
20 # ifndef OPENSSL_NO_SCTP
21 # include <netinet/sctp.h>
23 # define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
24 # define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
27 # if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
28 # define IP_MTU 14 /* linux is lame */
31 # if OPENSSL_USE_IPV6 && !defined(IPPROTO_IPV6)
32 # define IPPROTO_IPV6 41 /* windows is lame */
35 # if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
36 /* Standard definition causes type-punning problems. */
37 # undef IN6_IS_ADDR_V4MAPPED
38 # define s6_addr32 __u6_addr.__u6_addr32
39 # define IN6_IS_ADDR_V4MAPPED(a) \
40 (((a)->s6_addr32[0] == 0) && \
41 ((a)->s6_addr32[1] == 0) && \
42 ((a)->s6_addr32[2] == htonl(0x0000ffff)))
45 static int dgram_write(BIO *h, const char *buf, int num);
46 static int dgram_read(BIO *h, char *buf, int size);
47 static int dgram_puts(BIO *h, const char *str);
48 static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
49 static int dgram_new(BIO *h);
50 static int dgram_free(BIO *data);
51 static int dgram_clear(BIO *bio);
53 # ifndef OPENSSL_NO_SCTP
54 static int dgram_sctp_write(BIO *h, const char *buf, int num);
55 static int dgram_sctp_read(BIO *h, char *buf, int size);
56 static int dgram_sctp_puts(BIO *h, const char *str);
57 static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
58 static int dgram_sctp_new(BIO *h);
59 static int dgram_sctp_free(BIO *data);
60 static int dgram_sctp_wait_for_dry(BIO *b);
61 static int dgram_sctp_msg_waiting(BIO *b);
62 # ifdef SCTP_AUTHENTICATION_EVENT
63 static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
68 static int BIO_dgram_should_retry(int s);
70 static void get_current_time(struct timeval *t);
72 static const BIO_METHOD methods_dgramp = {
80 NULL, /* dgram_gets, */
84 NULL, /* dgram_callback_ctrl */
87 # ifndef OPENSSL_NO_SCTP
88 static const BIO_METHOD methods_dgramp_sctp = {
90 "datagram sctp socket",
96 NULL, /* dgram_gets, */
100 NULL, /* dgram_callback_ctrl */
104 typedef struct bio_dgram_data_st {
106 unsigned int connected;
109 struct timeval next_timeout;
110 struct timeval socket_timeout;
111 unsigned int peekmode;
114 # ifndef OPENSSL_NO_SCTP
115 typedef struct bio_dgram_sctp_save_message_st {
119 } bio_dgram_sctp_save_message;
121 typedef struct bio_dgram_sctp_data_st {
123 unsigned int connected;
126 struct bio_dgram_sctp_sndinfo sndinfo;
127 struct bio_dgram_sctp_rcvinfo rcvinfo;
128 struct bio_dgram_sctp_prinfo prinfo;
129 BIO_dgram_sctp_notification_handler_fn handle_notifications;
130 void *notification_context;
135 int peer_auth_tested;
136 } bio_dgram_sctp_data;
139 const BIO_METHOD *BIO_s_datagram(void)
141 return &methods_dgramp;
144 BIO *BIO_new_dgram(int fd, int close_flag)
148 ret = BIO_new(BIO_s_datagram());
151 BIO_set_fd(ret, fd, close_flag);
155 static int dgram_new(BIO *bi)
157 bio_dgram_data *data = OPENSSL_zalloc(sizeof(*data));
165 static int dgram_free(BIO *a)
167 bio_dgram_data *data;
174 data = (bio_dgram_data *)a->ptr;
180 static int dgram_clear(BIO *a)
186 BIO_closesocket(a->num);
194 static void dgram_adjust_rcv_timeout(BIO *b)
196 # if defined(SO_RCVTIMEO)
197 bio_dgram_data *data = (bio_dgram_data *)b->ptr;
199 /* Is a timer active? */
200 if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
201 struct timeval timenow, timeleft;
203 /* Read current socket timeout */
204 # ifdef OPENSSL_SYS_WINDOWS
207 int sz = sizeof(timeout);
208 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
209 (void *)&timeout, &sz) < 0) {
210 perror("getsockopt");
212 data->socket_timeout.tv_sec = timeout / 1000;
213 data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
216 socklen_t sz = sizeof(data->socket_timeout);
217 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
218 &(data->socket_timeout), &sz) < 0) {
219 perror("getsockopt");
221 OPENSSL_assert(sz <= sizeof(data->socket_timeout));
224 /* Get current time */
225 get_current_time(&timenow);
227 /* Calculate time left until timer expires */
228 memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
229 if (timeleft.tv_usec < timenow.tv_usec) {
230 timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
233 timeleft.tv_usec -= timenow.tv_usec;
235 if (timeleft.tv_sec < timenow.tv_sec) {
237 timeleft.tv_usec = 1;
239 timeleft.tv_sec -= timenow.tv_sec;
243 * Adjust socket timeout if next handshake message timer will expire
246 if ((data->socket_timeout.tv_sec == 0
247 && data->socket_timeout.tv_usec == 0)
248 || (data->socket_timeout.tv_sec > timeleft.tv_sec)
249 || (data->socket_timeout.tv_sec == timeleft.tv_sec
250 && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
251 # ifdef OPENSSL_SYS_WINDOWS
252 timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
253 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
254 (void *)&timeout, sizeof(timeout)) < 0) {
255 perror("setsockopt");
258 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
259 sizeof(struct timeval)) < 0) {
260 perror("setsockopt");
268 static void dgram_reset_rcv_timeout(BIO *b)
270 # if defined(SO_RCVTIMEO)
271 bio_dgram_data *data = (bio_dgram_data *)b->ptr;
273 /* Is a timer active? */
274 if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
275 # ifdef OPENSSL_SYS_WINDOWS
276 int timeout = data->socket_timeout.tv_sec * 1000 +
277 data->socket_timeout.tv_usec / 1000;
278 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
279 (void *)&timeout, sizeof(timeout)) < 0) {
280 perror("setsockopt");
284 (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
285 sizeof(struct timeval)) < 0) {
286 perror("setsockopt");
293 static int dgram_read(BIO *b, char *out, int outl)
296 bio_dgram_data *data = (bio_dgram_data *)b->ptr;
300 socklen_t len = sizeof(peer);
303 clear_socket_error();
304 memset(&peer, 0, sizeof(peer));
305 dgram_adjust_rcv_timeout(b);
308 ret = recvfrom(b->num, out, outl, flags,
309 BIO_ADDR_sockaddr_noconst(&peer), &len);
311 if (!data->connected && ret >= 0)
312 BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
314 BIO_clear_retry_flags(b);
316 if (BIO_dgram_should_retry(ret)) {
317 BIO_set_retry_read(b);
318 data->_errno = get_last_socket_error();
322 dgram_reset_rcv_timeout(b);
327 static int dgram_write(BIO *b, const char *in, int inl)
330 bio_dgram_data *data = (bio_dgram_data *)b->ptr;
331 clear_socket_error();
334 ret = writesocket(b->num, in, inl);
336 int peerlen = BIO_ADDR_sockaddr_size(&data->peer);
338 ret = sendto(b->num, in, inl, 0,
339 BIO_ADDR_sockaddr(&data->peer), peerlen);
342 BIO_clear_retry_flags(b);
344 if (BIO_dgram_should_retry(ret)) {
345 BIO_set_retry_write(b);
346 data->_errno = get_last_socket_error();
352 static long dgram_get_mtu_overhead(bio_dgram_data *data)
356 switch (BIO_ADDR_family(&data->peer)) {
359 * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
363 # if OPENSSL_USE_IPV6
366 # ifdef IN6_IS_ADDR_V4MAPPED
367 struct in6_addr tmp_addr;
368 if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL)
369 && IN6_IS_ADDR_V4MAPPED(&tmp_addr))
371 * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
377 * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
384 /* We don't know. Go with the historical default */
391 static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
395 bio_dgram_data *data = NULL;
398 # if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
399 socklen_t sockopt_len; /* assume that system supporting IP_MTU is
400 * modern enough to define socklen_t */
405 data = (bio_dgram_data *)b->ptr;
417 b->num = *((int *)ptr);
418 b->shutdown = (int)num;
430 case BIO_CTRL_GET_CLOSE:
433 case BIO_CTRL_SET_CLOSE:
434 b->shutdown = (int)num;
436 case BIO_CTRL_PENDING:
437 case BIO_CTRL_WPENDING:
444 case BIO_CTRL_DGRAM_CONNECT:
445 BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
447 /* (Linux)kernel sets DF bit on outgoing IP packets */
448 case BIO_CTRL_DGRAM_MTU_DISCOVER:
449 # if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
450 addr_len = (socklen_t) sizeof(addr);
451 memset(&addr, 0, sizeof(addr));
452 if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
456 switch (addr.sa.sa_family) {
458 sockopt_val = IP_PMTUDISC_DO;
459 if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
460 &sockopt_val, sizeof(sockopt_val))) < 0)
461 perror("setsockopt");
463 # if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
465 sockopt_val = IPV6_PMTUDISC_DO;
466 if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
467 &sockopt_val, sizeof(sockopt_val))) < 0)
468 perror("setsockopt");
479 case BIO_CTRL_DGRAM_QUERY_MTU:
480 # if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
481 addr_len = (socklen_t) sizeof(addr);
482 memset(&addr, 0, sizeof(addr));
483 if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
487 sockopt_len = sizeof(sockopt_val);
488 switch (addr.sa.sa_family) {
491 getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
492 &sockopt_len)) < 0 || sockopt_val < 0) {
496 * we assume that the transport protocol is UDP and no IP
499 data->mtu = sockopt_val - 8 - 20;
503 # if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
506 getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
507 (void *)&sockopt_val, &sockopt_len)) < 0
508 || sockopt_val < 0) {
512 * we assume that the transport protocol is UDP and no IPV6
515 data->mtu = sockopt_val - 8 - 40;
528 case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
529 ret = -dgram_get_mtu_overhead(data);
530 switch (BIO_ADDR_family(&data->peer)) {
534 # if OPENSSL_USE_IPV6
537 # ifdef IN6_IS_ADDR_V4MAPPED
538 struct in6_addr tmp_addr;
539 if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL)
540 && IN6_IS_ADDR_V4MAPPED(&tmp_addr))
553 case BIO_CTRL_DGRAM_GET_MTU:
555 case BIO_CTRL_DGRAM_SET_MTU:
559 case BIO_CTRL_DGRAM_SET_CONNECTED:
562 BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
565 memset(&data->peer, 0, sizeof(data->peer));
568 case BIO_CTRL_DGRAM_GET_PEER:
569 ret = BIO_ADDR_sockaddr_size(&data->peer);
570 /* FIXME: if num < ret, we will only return part of an address.
571 That should bee an error, no? */
572 if (num == 0 || num > ret)
574 memcpy(ptr, &data->peer, (ret = num));
576 case BIO_CTRL_DGRAM_SET_PEER:
577 BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
579 case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
580 memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
582 # if defined(SO_RCVTIMEO)
583 case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
584 # ifdef OPENSSL_SYS_WINDOWS
586 struct timeval *tv = (struct timeval *)ptr;
587 int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
588 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
589 (void *)&timeout, sizeof(timeout)) < 0) {
590 perror("setsockopt");
595 if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
596 sizeof(struct timeval)) < 0) {
597 perror("setsockopt");
602 case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
604 # ifdef OPENSSL_SYS_WINDOWS
607 struct timeval *tv = (struct timeval *)ptr;
609 sz = sizeof(timeout);
610 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
611 (void *)&timeout, &sz) < 0) {
612 perror("getsockopt");
615 tv->tv_sec = timeout / 1000;
616 tv->tv_usec = (timeout % 1000) * 1000;
620 socklen_t sz = sizeof(struct timeval);
621 if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
623 perror("getsockopt");
626 OPENSSL_assert(sz <= sizeof(struct timeval));
633 # if defined(SO_SNDTIMEO)
634 case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
635 # ifdef OPENSSL_SYS_WINDOWS
637 struct timeval *tv = (struct timeval *)ptr;
638 int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
639 if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
640 (void *)&timeout, sizeof(timeout)) < 0) {
641 perror("setsockopt");
646 if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
647 sizeof(struct timeval)) < 0) {
648 perror("setsockopt");
653 case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
655 # ifdef OPENSSL_SYS_WINDOWS
658 struct timeval *tv = (struct timeval *)ptr;
660 sz = sizeof(timeout);
661 if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
662 (void *)&timeout, &sz) < 0) {
663 perror("getsockopt");
666 tv->tv_sec = timeout / 1000;
667 tv->tv_usec = (timeout % 1000) * 1000;
671 socklen_t sz = sizeof(struct timeval);
672 if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
674 perror("getsockopt");
677 OPENSSL_assert(sz <= sizeof(struct timeval));
684 case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
686 case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
687 # ifdef OPENSSL_SYS_WINDOWS
688 d_errno = (data->_errno == WSAETIMEDOUT);
690 d_errno = (data->_errno == EAGAIN);
699 case BIO_CTRL_DGRAM_MTU_EXCEEDED:
700 if (data->_errno == EMSGSIZE) {
707 case BIO_CTRL_DGRAM_SET_DONT_FRAG:
708 sockopt_val = num ? 1 : 0;
710 switch (data->peer.sa.sa_family) {
712 # if defined(IP_DONTFRAG)
713 if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
714 &sockopt_val, sizeof(sockopt_val))) < 0) {
715 perror("setsockopt");
718 # elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined (IP_PMTUDISC_PROBE)
719 if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
720 (ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
721 &sockopt_val, sizeof(sockopt_val))) < 0) {
722 perror("setsockopt");
725 # elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
726 if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
727 (const char *)&sockopt_val,
728 sizeof(sockopt_val))) < 0) {
729 perror("setsockopt");
736 # if OPENSSL_USE_IPV6
738 # if defined(IPV6_DONTFRAG)
739 if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
740 (const void *)&sockopt_val,
741 sizeof(sockopt_val))) < 0) {
742 perror("setsockopt");
745 # elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
746 if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
747 (ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
748 &sockopt_val, sizeof(sockopt_val))) < 0) {
749 perror("setsockopt");
762 case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
763 ret = dgram_get_mtu_overhead(data);
767 * BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE is used here for compatibility
768 * reasons. When BIO_CTRL_DGRAM_SET_PEEK_MODE was first defined its value
769 * was incorrectly clashing with BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE. The
770 * value has been updated to a non-clashing value. However to preserve
771 * binary compatibility we now respond to both the old value and the new one
773 case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
774 case BIO_CTRL_DGRAM_SET_PEEK_MODE:
775 data->peekmode = (unsigned int)num;
784 static int dgram_puts(BIO *bp, const char *str)
789 ret = dgram_write(bp, str, n);
793 # ifndef OPENSSL_NO_SCTP
794 const BIO_METHOD *BIO_s_datagram_sctp(void)
796 return &methods_dgramp_sctp;
799 BIO *BIO_new_dgram_sctp(int fd, int close_flag)
802 int ret, optval = 20000;
803 int auth_data = 0, auth_forward = 0;
805 struct sctp_authchunk auth;
806 struct sctp_authchunks *authchunks;
807 socklen_t sockopt_len;
808 # ifdef SCTP_AUTHENTICATION_EVENT
810 struct sctp_event event;
812 struct sctp_event_subscribe event;
816 bio = BIO_new(BIO_s_datagram_sctp());
819 BIO_set_fd(bio, fd, close_flag);
821 /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
822 auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
824 setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
825 sizeof(struct sctp_authchunk));
828 ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
829 "Ensure SCTP AUTH chunks are enabled in kernel");
832 auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
834 setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
835 sizeof(struct sctp_authchunk));
838 ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
839 "Ensure SCTP AUTH chunks are enabled in kernel");
844 * Test if activation was successful. When using accept(), SCTP-AUTH has
845 * to be activated for the listening socket already, otherwise the
846 * connected socket won't use it. Similarly with connect(): the socket
847 * prior to connection must be activated for SCTP-AUTH
849 sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
850 authchunks = OPENSSL_zalloc(sockopt_len);
851 if (authchunks == NULL) {
855 ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
858 OPENSSL_free(authchunks);
863 for (p = (unsigned char *)authchunks->gauth_chunks;
864 p < (unsigned char *)authchunks + sockopt_len;
865 p += sizeof(uint8_t)) {
866 if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
868 if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
872 OPENSSL_free(authchunks);
874 if (!auth_data || !auth_forward) {
876 ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
877 "Ensure SCTP AUTH chunks are enabled on the "
878 "underlying socket");
882 # ifdef SCTP_AUTHENTICATION_EVENT
884 memset(&event, 0, sizeof(event));
885 event.se_assoc_id = 0;
886 event.se_type = SCTP_AUTHENTICATION_EVENT;
889 setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
890 sizeof(struct sctp_event));
896 sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
897 ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
903 event.sctp_authentication_event = 1;
906 setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
907 sizeof(struct sctp_event_subscribe));
916 * Disable partial delivery by setting the min size larger than the max
917 * record size of 2^14 + 2048 + 13
920 setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
930 int BIO_dgram_is_sctp(BIO *bio)
932 return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
935 static int dgram_sctp_new(BIO *bi)
937 bio_dgram_sctp_data *data = NULL;
941 if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) {
942 ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE);
945 # ifdef SCTP_PR_SCTP_NONE
946 data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
954 static int dgram_sctp_free(BIO *a)
956 bio_dgram_sctp_data *data;
963 data = (bio_dgram_sctp_data *) a->ptr;
970 # ifdef SCTP_AUTHENTICATION_EVENT
971 void dgram_sctp_handle_auth_free_key_event(BIO *b,
972 union sctp_notification *snp)
975 struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
977 if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
978 struct sctp_authkeyid authkeyid;
981 authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
982 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
983 &authkeyid, sizeof(struct sctp_authkeyid));
988 static int dgram_sctp_read(BIO *b, char *out, int outl)
990 int ret = 0, n = 0, i, optval;
992 bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
995 struct cmsghdr *cmsg;
999 clear_socket_error();
1002 memset(&data->rcvinfo, 0, sizeof(data->rcvinfo));
1005 msg.msg_name = NULL;
1006 msg.msg_namelen = 0;
1009 msg.msg_control = cmsgbuf;
1010 msg.msg_controllen = 512;
1012 n = recvmsg(b->num, &msg, 0);
1020 if (msg.msg_controllen > 0) {
1021 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
1022 cmsg = CMSG_NXTHDR(&msg, cmsg)) {
1023 if (cmsg->cmsg_level != IPPROTO_SCTP)
1025 # ifdef SCTP_RCVINFO
1026 if (cmsg->cmsg_type == SCTP_RCVINFO) {
1027 struct sctp_rcvinfo *rcvinfo;
1029 rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
1030 data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
1031 data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
1032 data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
1033 data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
1034 data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
1035 data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
1036 data->rcvinfo.rcv_context = rcvinfo->rcv_context;
1040 if (cmsg->cmsg_type == SCTP_SNDRCV) {
1041 struct sctp_sndrcvinfo *sndrcvinfo;
1044 (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
1045 data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
1046 data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
1047 data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
1048 data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
1049 data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
1050 data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
1051 data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
1057 if (msg.msg_flags & MSG_NOTIFICATION) {
1058 union sctp_notification snp;
1060 memcpy(&snp, out, sizeof(snp));
1061 if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
1063 struct sctp_event event;
1065 struct sctp_event_subscribe event;
1066 socklen_t eventsize;
1069 /* disable sender dry event */
1071 memset(&event, 0, sizeof(event));
1072 event.se_assoc_id = 0;
1073 event.se_type = SCTP_SENDER_DRY_EVENT;
1075 i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
1076 sizeof(struct sctp_event));
1082 eventsize = sizeof(struct sctp_event_subscribe);
1083 i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
1090 event.sctp_sender_dry_event = 0;
1092 i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
1093 sizeof(struct sctp_event_subscribe));
1100 # ifdef SCTP_AUTHENTICATION_EVENT
1101 if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1102 dgram_sctp_handle_auth_free_key_event(b, &snp);
1105 if (data->handle_notifications != NULL)
1106 data->handle_notifications(b, data->notification_context,
1109 memset(&snp, 0, sizeof(snp));
1110 memset(out, 0, outl);
1115 while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
1118 if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
1119 /* Partial message read, this should never happen! */
1122 * The buffer was too small, this means the peer sent a message
1123 * that was larger than allowed.
1129 * Test if socket buffer can handle max record size (2^14 + 2048
1132 optlen = (socklen_t) sizeof(int);
1133 ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
1135 OPENSSL_assert(optval >= 18445);
1138 * Test if SCTP doesn't partially deliver below max record size
1139 * (2^14 + 2048 + 13)
1141 optlen = (socklen_t) sizeof(int);
1143 getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
1146 OPENSSL_assert(optval >= 18445);
1149 * Partially delivered notification??? Probably a bug....
1151 OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
1154 * Everything seems ok till now, so it's most likely a message
1155 * dropped by PR-SCTP.
1157 memset(out, 0, outl);
1158 BIO_set_retry_read(b);
1162 BIO_clear_retry_flags(b);
1164 if (BIO_dgram_should_retry(ret)) {
1165 BIO_set_retry_read(b);
1166 data->_errno = get_last_socket_error();
1170 /* Test if peer uses SCTP-AUTH before continuing */
1171 if (!data->peer_auth_tested) {
1172 int ii, auth_data = 0, auth_forward = 0;
1174 struct sctp_authchunks *authchunks;
1177 (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
1178 authchunks = OPENSSL_malloc(optlen);
1179 if (authchunks == NULL) {
1180 ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE);
1183 memset(authchunks, 0, optlen);
1184 ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
1185 authchunks, &optlen);
1188 for (p = (unsigned char *)authchunks->gauth_chunks;
1189 p < (unsigned char *)authchunks + optlen;
1190 p += sizeof(uint8_t)) {
1191 if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
1193 if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
1197 OPENSSL_free(authchunks);
1199 if (!auth_data || !auth_forward) {
1200 ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
1204 data->peer_auth_tested = 1;
1211 * dgram_sctp_write - send message on SCTP socket
1212 * @b: BIO to write to
1214 * @inl: amount of bytes in @in to send
1216 * Returns -1 on error or the sent amount of bytes on success
1218 static int dgram_sctp_write(BIO *b, const char *in, int inl)
1221 bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
1222 struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
1223 struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
1224 struct bio_dgram_sctp_sndinfo handshake_sinfo;
1225 struct iovec iov[1];
1227 struct cmsghdr *cmsg;
1228 # if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
1229 char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
1230 CMSG_SPACE(sizeof(struct sctp_prinfo))];
1231 struct sctp_sndinfo *sndinfo;
1232 struct sctp_prinfo *prinfo;
1234 char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
1235 struct sctp_sndrcvinfo *sndrcvinfo;
1238 clear_socket_error();
1241 * If we're send anything else than application data, disable all user
1242 * parameters and flags.
1245 memset(&handshake_sinfo, 0, sizeof(handshake_sinfo));
1246 # ifdef SCTP_SACK_IMMEDIATELY
1247 handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
1249 sinfo = &handshake_sinfo;
1252 /* We can only send a shutdown alert if the socket is dry */
1253 if (data->save_shutdown) {
1254 ret = BIO_dgram_sctp_wait_for_dry(b);
1258 BIO_clear_retry_flags(b);
1259 BIO_set_retry_write(b);
1264 iov[0].iov_base = (char *)in;
1265 iov[0].iov_len = inl;
1266 msg.msg_name = NULL;
1267 msg.msg_namelen = 0;
1270 msg.msg_control = (caddr_t) cmsgbuf;
1271 msg.msg_controllen = 0;
1273 # if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
1274 cmsg = (struct cmsghdr *)cmsgbuf;
1275 cmsg->cmsg_level = IPPROTO_SCTP;
1276 cmsg->cmsg_type = SCTP_SNDINFO;
1277 cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
1278 sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
1279 memset(sndinfo, 0, sizeof(*sndinfo));
1280 sndinfo->snd_sid = sinfo->snd_sid;
1281 sndinfo->snd_flags = sinfo->snd_flags;
1282 sndinfo->snd_ppid = sinfo->snd_ppid;
1283 sndinfo->snd_context = sinfo->snd_context;
1284 msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
1287 (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
1288 cmsg->cmsg_level = IPPROTO_SCTP;
1289 cmsg->cmsg_type = SCTP_PRINFO;
1290 cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
1291 prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
1292 memset(prinfo, 0, sizeof(*prinfo));
1293 prinfo->pr_policy = pinfo->pr_policy;
1294 prinfo->pr_value = pinfo->pr_value;
1295 msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
1297 cmsg = (struct cmsghdr *)cmsgbuf;
1298 cmsg->cmsg_level = IPPROTO_SCTP;
1299 cmsg->cmsg_type = SCTP_SNDRCV;
1300 cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
1301 sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
1302 memset(sndrcvinfo, 0, sizeof(*sndrcvinfo));
1303 sndrcvinfo->sinfo_stream = sinfo->snd_sid;
1304 sndrcvinfo->sinfo_flags = sinfo->snd_flags;
1306 sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
1308 sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
1309 sndrcvinfo->sinfo_context = sinfo->snd_context;
1310 sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
1311 msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
1314 ret = sendmsg(b->num, &msg, 0);
1316 BIO_clear_retry_flags(b);
1318 if (BIO_dgram_should_retry(ret)) {
1319 BIO_set_retry_write(b);
1320 data->_errno = get_last_socket_error();
1326 static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
1329 bio_dgram_sctp_data *data = NULL;
1330 socklen_t sockopt_len = 0;
1331 struct sctp_authkeyid authkeyid;
1332 struct sctp_authkey *authkey = NULL;
1334 data = (bio_dgram_sctp_data *) b->ptr;
1337 case BIO_CTRL_DGRAM_QUERY_MTU:
1339 * Set to maximum (2^14) and ignore user input to enable transport
1340 * protocol fragmentation. Returns always 2^14.
1345 case BIO_CTRL_DGRAM_SET_MTU:
1347 * Set to maximum (2^14) and ignore input to enable transport
1348 * protocol fragmentation. Returns always 2^14.
1353 case BIO_CTRL_DGRAM_SET_CONNECTED:
1354 case BIO_CTRL_DGRAM_CONNECT:
1355 /* Returns always -1. */
1358 case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
1360 * SCTP doesn't need the DTLS timer Returns always 1.
1363 case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
1365 * We allow transport protocol fragmentation so this is irrelevant
1369 case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
1371 data->in_handshake = 1;
1373 data->in_handshake = 0;
1376 setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
1377 &data->in_handshake, sizeof(int));
1379 case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
1381 * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
1384 /* Get active key */
1385 sockopt_len = sizeof(struct sctp_authkeyid);
1387 getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
1393 sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
1394 authkey = OPENSSL_malloc(sockopt_len);
1395 if (authkey == NULL) {
1399 memset(authkey, 0, sockopt_len);
1400 authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
1401 # ifndef __FreeBSD__
1403 * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
1404 * and higher work without it.
1406 authkey->sca_keylength = 64;
1408 memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
1411 setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
1413 OPENSSL_free(authkey);
1418 /* Reset active key */
1419 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
1420 &authkeyid, sizeof(struct sctp_authkeyid));
1425 case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
1426 /* Returns 0 on success, -1 otherwise. */
1428 /* Get active key */
1429 sockopt_len = sizeof(struct sctp_authkeyid);
1431 getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
1436 /* Set active key */
1437 authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
1438 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
1439 &authkeyid, sizeof(struct sctp_authkeyid));
1444 * CCS has been sent, so remember that and fall through to check if
1445 * we need to deactivate an old key
1450 case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
1451 /* Returns 0 on success, -1 otherwise. */
1454 * Has this command really been called or is this just a
1457 if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
1461 * CSS has been both, received and sent, so deactivate an old key
1463 if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
1464 /* Get active key */
1465 sockopt_len = sizeof(struct sctp_authkeyid);
1467 getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
1468 &authkeyid, &sockopt_len);
1473 * Deactivate key or delete second last key if
1474 * SCTP_AUTHENTICATION_EVENT is not available.
1476 authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
1477 # ifdef SCTP_AUTH_DEACTIVATE_KEY
1478 sockopt_len = sizeof(struct sctp_authkeyid);
1479 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
1480 &authkeyid, sockopt_len);
1484 # ifndef SCTP_AUTHENTICATION_EVENT
1485 if (authkeyid.scact_keynumber > 0) {
1486 authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
1487 ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
1488 &authkeyid, sizeof(struct sctp_authkeyid));
1498 case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
1499 /* Returns the size of the copied struct. */
1500 if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
1501 num = sizeof(struct bio_dgram_sctp_sndinfo);
1503 memcpy(ptr, &(data->sndinfo), num);
1506 case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
1507 /* Returns the size of the copied struct. */
1508 if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
1509 num = sizeof(struct bio_dgram_sctp_sndinfo);
1511 memcpy(&(data->sndinfo), ptr, num);
1513 case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
1514 /* Returns the size of the copied struct. */
1515 if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
1516 num = sizeof(struct bio_dgram_sctp_rcvinfo);
1518 memcpy(ptr, &data->rcvinfo, num);
1522 case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
1523 /* Returns the size of the copied struct. */
1524 if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
1525 num = sizeof(struct bio_dgram_sctp_rcvinfo);
1527 memcpy(&(data->rcvinfo), ptr, num);
1529 case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
1530 /* Returns the size of the copied struct. */
1531 if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
1532 num = sizeof(struct bio_dgram_sctp_prinfo);
1534 memcpy(ptr, &(data->prinfo), num);
1537 case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
1538 /* Returns the size of the copied struct. */
1539 if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
1540 num = sizeof(struct bio_dgram_sctp_prinfo);
1542 memcpy(&(data->prinfo), ptr, num);
1544 case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
1545 /* Returns always 1. */
1547 data->save_shutdown = 1;
1549 data->save_shutdown = 0;
1551 case BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY:
1552 return dgram_sctp_wait_for_dry(b);
1553 case BIO_CTRL_DGRAM_SCTP_MSG_WAITING:
1554 return dgram_sctp_msg_waiting(b);
1558 * Pass to default ctrl function to process SCTP unspecific commands
1560 ret = dgram_ctrl(b, cmd, num, ptr);
1566 int BIO_dgram_sctp_notification_cb(BIO *b,
1567 BIO_dgram_sctp_notification_handler_fn handle_notifications,
1570 bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
1572 if (handle_notifications != NULL) {
1573 data->handle_notifications = handle_notifications;
1574 data->notification_context = context;
1582 * BIO_dgram_sctp_wait_for_dry - Wait for SCTP SENDER_DRY event
1583 * @b: The BIO to check for the dry event
1585 * Wait until the peer confirms all packets have been received, and so that
1586 * our kernel doesn't have anything to send anymore. This is only received by
1587 * the peer's kernel, not the application.
1591 * 0 when not dry yet
1594 int BIO_dgram_sctp_wait_for_dry(BIO *b)
1596 return (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY, 0, NULL);
1599 static int dgram_sctp_wait_for_dry(BIO *b)
1604 union sctp_notification snp;
1608 struct sctp_event event;
1610 struct sctp_event_subscribe event;
1611 socklen_t eventsize;
1613 bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
1615 /* set sender dry event */
1617 memset(&event, 0, sizeof(event));
1618 event.se_assoc_id = 0;
1619 event.se_type = SCTP_SENDER_DRY_EVENT;
1622 setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
1623 sizeof(struct sctp_event));
1625 eventsize = sizeof(struct sctp_event_subscribe);
1626 ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
1630 event.sctp_sender_dry_event = 1;
1633 setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
1634 sizeof(struct sctp_event_subscribe));
1639 /* peek for notification */
1640 memset(&snp, 0, sizeof(snp));
1641 iov.iov_base = (char *)&snp;
1642 iov.iov_len = sizeof(union sctp_notification);
1643 msg.msg_name = NULL;
1644 msg.msg_namelen = 0;
1647 msg.msg_control = NULL;
1648 msg.msg_controllen = 0;
1651 n = recvmsg(b->num, &msg, MSG_PEEK);
1653 if ((n < 0) && (get_last_socket_error() != EAGAIN)
1654 && (get_last_socket_error() != EWOULDBLOCK))
1660 /* if we find a notification, process it and try again if necessary */
1661 while (msg.msg_flags & MSG_NOTIFICATION) {
1662 memset(&snp, 0, sizeof(snp));
1663 iov.iov_base = (char *)&snp;
1664 iov.iov_len = sizeof(union sctp_notification);
1665 msg.msg_name = NULL;
1666 msg.msg_namelen = 0;
1669 msg.msg_control = NULL;
1670 msg.msg_controllen = 0;
1673 n = recvmsg(b->num, &msg, 0);
1675 if ((n < 0) && (get_last_socket_error() != EAGAIN)
1676 && (get_last_socket_error() != EWOULDBLOCK))
1682 if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
1685 /* disable sender dry event */
1687 memset(&event, 0, sizeof(event));
1688 event.se_assoc_id = 0;
1689 event.se_type = SCTP_SENDER_DRY_EVENT;
1692 setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
1693 sizeof(struct sctp_event));
1695 eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
1697 getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
1702 event.sctp_sender_dry_event = 0;
1705 setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
1706 sizeof(struct sctp_event_subscribe));
1711 # ifdef SCTP_AUTHENTICATION_EVENT
1712 if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1713 dgram_sctp_handle_auth_free_key_event(b, &snp);
1716 if (data->handle_notifications != NULL)
1717 data->handle_notifications(b, data->notification_context,
1720 /* found notification, peek again */
1721 memset(&snp, 0, sizeof(snp));
1722 iov.iov_base = (char *)&snp;
1723 iov.iov_len = sizeof(union sctp_notification);
1724 msg.msg_name = NULL;
1725 msg.msg_namelen = 0;
1728 msg.msg_control = NULL;
1729 msg.msg_controllen = 0;
1732 /* if we have seen the dry already, don't wait */
1734 sockflags = fcntl(b->num, F_GETFL, 0);
1735 fcntl(b->num, F_SETFL, O_NONBLOCK);
1738 n = recvmsg(b->num, &msg, MSG_PEEK);
1741 fcntl(b->num, F_SETFL, sockflags);
1745 if ((n < 0) && (get_last_socket_error() != EAGAIN)
1746 && (get_last_socket_error() != EWOULDBLOCK))
1753 /* read anything else */
1757 int BIO_dgram_sctp_msg_waiting(BIO *b)
1759 return (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SCTP_MSG_WAITING, 0, NULL);
1762 static int dgram_sctp_msg_waiting(BIO *b)
1765 union sctp_notification snp;
1768 bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
1770 /* Check if there are any messages waiting to be read */
1772 memset(&snp, 0, sizeof(snp));
1773 iov.iov_base = (char *)&snp;
1774 iov.iov_len = sizeof(union sctp_notification);
1775 msg.msg_name = NULL;
1776 msg.msg_namelen = 0;
1779 msg.msg_control = NULL;
1780 msg.msg_controllen = 0;
1783 sockflags = fcntl(b->num, F_GETFL, 0);
1784 fcntl(b->num, F_SETFL, O_NONBLOCK);
1785 n = recvmsg(b->num, &msg, MSG_PEEK);
1786 fcntl(b->num, F_SETFL, sockflags);
1788 /* if notification, process and try again */
1789 if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
1790 # ifdef SCTP_AUTHENTICATION_EVENT
1791 if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
1792 dgram_sctp_handle_auth_free_key_event(b, &snp);
1795 memset(&snp, 0, sizeof(snp));
1796 iov.iov_base = (char *)&snp;
1797 iov.iov_len = sizeof(union sctp_notification);
1798 msg.msg_name = NULL;
1799 msg.msg_namelen = 0;
1802 msg.msg_control = NULL;
1803 msg.msg_controllen = 0;
1805 n = recvmsg(b->num, &msg, 0);
1807 if (data->handle_notifications != NULL)
1808 data->handle_notifications(b, data->notification_context,
1812 } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
1814 /* Return 1 if there is a message to be read, return 0 otherwise. */
1821 static int dgram_sctp_puts(BIO *bp, const char *str)
1826 ret = dgram_sctp_write(bp, str, n);
1831 static int BIO_dgram_should_retry(int i)
1835 if ((i == 0) || (i == -1)) {
1836 err = get_last_socket_error();
1838 # if defined(OPENSSL_SYS_WINDOWS)
1840 * If the socket return value (i) is -1 and err is unexpectedly 0 at
1841 * this point, the error code was overwritten by another system call
1842 * before this error handling is called.
1846 return BIO_dgram_non_fatal_error(err);
1851 int BIO_dgram_non_fatal_error(int err)
1854 # if defined(OPENSSL_SYS_WINDOWS)
1855 # if defined(WSAEWOULDBLOCK)
1856 case WSAEWOULDBLOCK:
1861 # ifdef WSAEWOULDBLOCK
1862 # if WSAEWOULDBLOCK != EWOULDBLOCK
1875 # if EWOULDBLOCK != EAGAIN
1899 static void get_current_time(struct timeval *t)
1901 # if defined(_WIN32)
1903 unsigned __int64 now_ul;
1907 SystemTimeToFileTime(&st, &now_ft);
1908 now_ul = ((unsigned __int64)now_ft.dwHighDateTime << 32) | now_ft.dwLowDateTime;
1910 now_ul -= 116444736000000000ULL;
1912 now_ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
1914 t->tv_sec = (long)(now_ul / 10000000);
1915 t->tv_usec = ((int)(now_ul % 10000000)) / 10;
1917 if (gettimeofday(t, NULL) < 0)
1918 perror("gettimeofday");