MySQL 8.4.2
Source Code Documentation
viossl.cc File Reference
#include <errno.h>
#include <stddef.h>
#include "my_dbug.h"
#include "my_inttypes.h"
#include "my_io.h"
#include "mysql/psi/mysql_socket.h"
#include "vio/vio_priv.h"

Typedefs

typedef int(* ssl_handshake_func_t) (SSL *)
 SSL handshake handler. More...
 

Functions

static void report_errors (SSL *ssl)
 
static void ssl_set_sys_error (int ssl_error)
 Obtain the equivalent system error status for the last SSL I/O operation. More...
 
static bool ssl_should_retry (Vio *vio, int ret, enum enum_vio_io_event *event, unsigned long *ssl_errno_holder)
 Check if an operation should be retried and handle errors. More...
 
size_t vio_ssl_read (Vio *vio, uchar *buf, size_t size)
 
size_t vio_ssl_write (Vio *vio, const uchar *buf, size_t size)
 
int vio_ssl_shutdown (Vio *vio)
 
void vio_ssl_delete (Vio *vio)
 
static size_t ssl_handshake_loop (Vio *vio, SSL *ssl, ssl_handshake_func_t func, unsigned long *ssl_errno_holder)
 Loop and wait until a SSL handshake is completed. More...
 
long pfs_ssl_bio_callback_ex (BIO *b, int oper, const char *, size_t len, int, long, int ret, size_t *processed)
 
long pfs_ssl_bio_callback (BIO *b, int oper, const char *argp, int argi, long argl, long ret)
 Forward openSSL old style callback to openSSL 1.1.1 style callback. More...
 
static void pfs_ssl_setup_instrumentation (Vio *vio, const SSL *ssl)
 
static void print_ssl_session_id (SSL_SESSION *sess, const char *action)
 
static int ssl_do (struct st_VioSSLFd *ptr, Vio *vio, long timeout, SSL_SESSION *ssl_session, ssl_handshake_func_t func, unsigned long *ssl_errno_holder, SSL **sslptr, const char *sni_servername)
 
int sslaccept (struct st_VioSSLFd *ptr, Vio *vio, long timeout, unsigned long *ssl_errno_holder)
 
int sslconnect (struct st_VioSSLFd *ptr, Vio *vio, long timeout, SSL_SESSION *session, unsigned long *ssl_errno_holder, SSL **ssl, const char *sni_servername)
 
bool vio_ssl_has_data (Vio *vio)
 

Typedef Documentation

◆ ssl_handshake_func_t

typedef int(* ssl_handshake_func_t) (SSL *)

SSL handshake handler.

Function Documentation

◆ pfs_ssl_bio_callback()

long pfs_ssl_bio_callback ( BIO *  b,
int  oper,
const char *  argp,
int  argi,
long  argl,
long  ret 
)

Forward openSSL old style callback to openSSL 1.1.1 style callback.

◆ pfs_ssl_bio_callback_ex()

long pfs_ssl_bio_callback_ex ( BIO *  b,
int  oper,
const char *  ,
size_t  len,
int  ,
long  ,
int  ret,
size_t *  processed 
)

◆ pfs_ssl_setup_instrumentation()

static void pfs_ssl_setup_instrumentation ( Vio vio,
const SSL *  ssl 
)
static

◆ print_ssl_session_id()

static void print_ssl_session_id ( SSL_SESSION *  sess,
const char *  action 
)
static

◆ report_errors()

static void report_errors ( SSL *  ssl)
static

◆ ssl_do()

static int ssl_do ( struct st_VioSSLFd ptr,
Vio vio,
long  timeout,
SSL_SESSION *  ssl_session,
ssl_handshake_func_t  func,
unsigned long *  ssl_errno_holder,
SSL **  sslptr,
const char *  sni_servername 
)
static

◆ ssl_handshake_loop()

static size_t ssl_handshake_loop ( Vio vio,
SSL *  ssl,
ssl_handshake_func_t  func,
unsigned long *  ssl_errno_holder 
)
static

Loop and wait until a SSL handshake is completed.

Parameters
vioVIO object representing a SSL connection.
sslSSL structure for the connection.
funcSSL handshake handler.
[out]ssl_errno_holderThe SSL error code.
Returns
Return value is 1 on success.

◆ ssl_set_sys_error()

static void ssl_set_sys_error ( int  ssl_error)
static

Obtain the equivalent system error status for the last SSL I/O operation.

Parameters
ssl_errorThe result code of the failed TLS/SSL I/O operation.

◆ ssl_should_retry()

static bool ssl_should_retry ( Vio vio,
int  ret,
enum enum_vio_io_event event,
unsigned long *  ssl_errno_holder 
)
static

Check if an operation should be retried and handle errors.

This function does the following:

  • it indicates whether a SSL I/O operation must be retried later;
  • if DBUG is enabled it prints all the errors in the thread's queue to DBUG
  • it clears the OpenSSL error queue, thus the next OpenSSL-operation can be performed even after failed OpenSSL-call.

Note that this is not done for SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE since these are not treated as errors and a call to the function is retried.

When SSL_ERROR_SSL is returned the ERR code of the top error in the queue is peeked and returned to the caller so they can call ERR_error_string_n() and retrieve the right error message.

Parameters
vioVIO object representing a SSL connection.
retValue returned by a SSL I/O function.
[out]eventThe type of I/O event to wait/retry.
[out]ssl_errno_holderThe SSL error code.
Returns
Whether a SSL I/O operation should be deferred.
Return values
trueTemporary failure, retry operation.
falseIndeterminate failure.

◆ sslaccept()

int sslaccept ( struct st_VioSSLFd ptr,
Vio vio,
long  timeout,
unsigned long *  ssl_errno_holder 
)

◆ sslconnect()

int sslconnect ( struct st_VioSSLFd ptr,
Vio vio,
long  timeout,
SSL_SESSION *  session,
unsigned long *  ssl_errno_holder,
SSL **  ssl,
const char *  sni_servername 
)

◆ vio_ssl_delete()

void vio_ssl_delete ( Vio vio)

◆ vio_ssl_has_data()

bool vio_ssl_has_data ( Vio vio)

◆ vio_ssl_read()

size_t vio_ssl_read ( Vio vio,
uchar buf,
size_t  size 
)

◆ vio_ssl_shutdown()

int vio_ssl_shutdown ( Vio vio)

◆ vio_ssl_write()

size_t vio_ssl_write ( Vio vio,
const uchar buf,
size_t  size 
)