PageRenderTime 61ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/src/tds/net.c

https://gitlab.com/xk/FreeTDS
C | 1604 lines | 1202 code | 210 blank | 192 comment | 244 complexity | 8a01ecb413233279a18eb9967f1fc5cf MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.0 
    

  1. /* FreeTDS - Library of routines accessing Sybase and Microsoft databases
    2. 

  2.  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003  Brian Bruns
    3. 

  3.  * Copyright (C) 2004-2015  Ziglio Frediano
    4. 

  4.  *
    5. 

  5.  * This library is free software; you can redistribute it and/or
    6. 

  6.  * modify it under the terms of the GNU Library General Public
    7. 

  7.  * License as published by the Free Software Foundation; either
    8. 

  8.  * version 2 of the License, or (at your option) any later version.
    9. 

  9.  *
    10. 

  10.  * This library is distributed in the hope that it will be useful,
    11. 

  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    13. 

  13.  * Library General Public License for more details.
    14. 

  14.  *
    15. 

  15.  * You should have received a copy of the GNU Library General Public
    16. 

  16.  * License along with this library; if not, write to the
    17. 

  17.  * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
    18. 

  18.  * Boston, MA 02111-1307, USA.
    19. 

  19.  */
    20. 

  20. 

  21. #include <config.h>
    22. 

  22. 

  23. #include <stdarg.h>
    24. 

  24. #include <stdio.h>
    25. 

  25. 

  26. #include <freetds/time.h>
    27. 

  27. 

  28. #if HAVE_SYS_TYPES_H
    29. 

  29. #include <sys/types.h>
    30. 

  30. #endif /* HAVE_SYS_TYPES_H */
    31. 

  31. 

  32. #if HAVE_ERRNO_H
    33. 

  33. #include <errno.h>
    34. 

  34. #endif /* HAVE_ERRNO_H */
    35. 

  35. 

  36. #if HAVE_UNISTD_H
    37. 

  37. #include <unistd.h>
    38. 

  38. #endif /* HAVE_UNISTD_H */
    39. 

  39. 

  40. #if HAVE_STDLIB_H
    41. 

  41. #include <stdlib.h>
    42. 

  42. #endif /* HAVE_STDLIB_H */
    43. 

  43. 

  44. #if HAVE_STRING_H
    45. 

  45. #include <string.h>
    46. 

  46. #endif /* HAVE_STRING_H */
    47. 

  47. 

  48. #if HAVE_SYS_SOCKET_H
    49. 

  49. #include <sys/socket.h>
    50. 

  50. #endif /* HAVE_SYS_SOCKET_H */
    51. 

  51. 

  52. #if HAVE_NETINET_IN_H
    53. 

  53. #include <netinet/in.h>
    54. 

  54. #endif /* HAVE_NETINET_IN_H */
    55. 

  55. 

  56. #if HAVE_NETINET_TCP_H
    57. 

  57. #include <netinet/tcp.h>
    58. 

  58. #endif /* HAVE_NETINET_TCP_H */
    59. 

  59. 

  60. #if HAVE_ARPA_INET_H
    61. 

  61. #include <arpa/inet.h>
    62. 

  62. #endif /* HAVE_ARPA_INET_H */
    63. 

  63. 

  64. #if HAVE_SYS_IOCTL_H
    65. 

  65. #include <sys/ioctl.h>
    66. 

  66. #endif /* HAVE_SYS_IOCTL_H */
    67. 

  67. 

  68. #if HAVE_SELECT_H
    69. 

  69. #include <sys/select.h>
    70. 

  70. #endif /* HAVE_SELECT_H */
    71. 

  71. 

  72. #if HAVE_POLL_H
    73. 

  73. #include <poll.h>
    74. 

  74. #endif /* HAVE_POLL_H */
    75. 

  75. 

  76. #include <freetds/tds.h>
    77. 

  77. #include <freetds/string.h>
    78. 

  78. #include "replacements.h"
    79. 

  79. 

  80. #include <signal.h>
    81. 

  81. #include <assert.h>
    82. 

  82. 

  83. #ifdef HAVE_GNUTLS
    84. 

  84. #if defined(_THREAD_SAFE) && defined(TDS_HAVE_PTHREAD_MUTEX)
    85. 

  85. #include <freetds/thread.h>
    86. 

  86. #include <gcrypt.h>
    87. 

  87. #endif
    88. 

  88. #include <gnutls/gnutls.h>
    89. 

  89. #elif defined(HAVE_OPENSSL)
    90. 

  90. #include <openssl/ssl.h>
    91. 

  91. #endif
    92. 

  92. 

  93. /* error is always returned */
    94. 

  94. #define TDSSELERR   0
    95. 

  95. #define TDSPOLLURG 0x8000u
    96. 

  96. 

  97. #if ENABLE_ODBC_MARS
    98. 

  98. static void tds_check_cancel(TDSCONNECTION *conn);
    99. 

  99. #endif
    100. 

  100. 

  101. 

  102. /**
    103. 

  103.  * \addtogroup network
    104. 

  104.  * @{ 
    105. 

  105.  */
    106. 

  106. 

  107. #ifdef _WIN32
    108. 

  108. int
    109. 

  109. tds_socket_init(void)
    110. 

  110. {
    111. 

  111. 	WSADATA wsadata;
    112. 

  112. 

  113. 	return WSAStartup(MAKEWORD(1, 1), &wsadata);
    114. 

  114. }
    115. 

  115. 

  116. void
    117. 

  117. tds_socket_done(void)
    118. 

  118. {
    119. 

  119. 	WSACleanup();
    120. 

  120. }
    121. 

  121. #endif
    122. 

  122. 

  123. #if !defined(SOL_TCP) && (defined(IPPROTO_TCP) || defined(_WIN32))
    124. 

  124. /* fix incompatibility between MS headers */
    125. 

  125. # ifndef IPPROTO_TCP
    126. 

  126. #  define IPPROTO_TCP IPPROTO_TCP
    127. 

  127. # endif
    128. 

  128. # define SOL_TCP IPPROTO_TCP
    129. 

  129. #endif
    130. 

  130. 

  131. /* Optimize the way we send packets */
    132. 

  132. #undef USE_MSGMORE
    133. 

  133. #undef USE_CORK
    134. 

  134. #undef USE_NODELAY
    135. 

  135. /* On Linux 2.4.x we can use MSG_MORE */
    136. 

  136. #if defined(__linux__) && defined(MSG_MORE)
    137. 

  137. #define USE_MSGMORE 1
    138. 

  138. /* On early Linux use TCP_CORK if available */
    139. 

  139. #elif defined(__linux__) && defined(TCP_CORK)
    140. 

  140. #define USE_CORK 1
    141. 

  141. /* On *BSD try to use TCP_CORK */
    142. 

  142. /*
    143. 

  143.  * NOPUSH flag do not behave in the same way
    144. 

  144.  * cf ML "FreeBSD 5.0 performance problems with TCP_NOPUSH"
    145. 

  145.  */
    146. 

  146. #elif (defined(__FreeBSD__) || defined(__GNU_FreeBSD__) || defined(__OpenBSD__)) && defined(TCP_CORK)
    147. 

  147. #define USE_CORK 1
    148. 

  148. /* otherwise use NODELAY */
    149. 

  149. #elif defined(TCP_NODELAY) && defined(SOL_TCP)
    150. 

  150. #define USE_NODELAY 1
    151. 

  151. /* under VMS we have to define TCP_NODELAY */
    152. 

  152. #elif defined(__VMS)
    153. 

  153. #define TCP_NODELAY 1
    154. 

  154. #define USE_NODELAY 1
    155. 

  155. #endif
    156. 

  156. 

  157. #if !defined(_WIN32)
    158. 

  158. typedef unsigned int ioctl_nonblocking_t;
    159. 

  159. #else
    160. 

  160. typedef u_long ioctl_nonblocking_t;
    161. 

  161. #endif
    162. 

  162. 

  163. static void
    164. 

  164. tds_addrinfo_set_port(struct tds_addrinfo *addr, unsigned int port)
    165. 

  165. {
    166. 

  166. 	assert(addr != NULL);
    167. 

  167. 

  168. 	switch(addr->ai_family) {
    169. 

  169. 	case AF_INET:
    170. 

  170. 		((struct sockaddr_in *) addr->ai_addr)->sin_port = htons(port);
    171. 

  171. 		break;
    172. 

  172. 

  173. #ifdef AF_INET6
    174. 

  174. 	case AF_INET6:
    175. 

  175. 		((struct sockaddr_in6 *) addr->ai_addr)->sin6_port = htons(port);
    176. 

  176. 		break;
    177. 

  177. #endif
    178. 

  178. 	}
    179. 

  179. }
    180. 

  180. 

  181. const char*
    182. 

  182. tds_addrinfo2str(struct tds_addrinfo *addr, char *name, int namemax)
    183. 

  183. {
    184. 

  184. #ifndef NI_NUMERICHOST
    185. 

  185. #define NI_NUMERICHOST 0
    186. 

  186. #endif
    187. 

  187. 	if (!name || namemax <= 0)
    188. 

  188. 		return "";
    189. 

  189. 	if (tds_getnameinfo(addr->ai_addr, addr->ai_addrlen, name, namemax, NULL, 0, NI_NUMERICHOST) == 0)
    190. 

  190. 		return name;
    191. 

  191. 	name[0] = 0;
    192. 

  192. 	return name;
    193. 

  193. }
    194. 

  194. 

  195. TDSERRNO
    196. 

  196. tds_open_socket(TDSSOCKET *tds, struct tds_addrinfo *addr, unsigned int port, int timeout, int *p_oserr)
    197. 

  197. {
    198. 

  198. 	ioctl_nonblocking_t ioctl_nonblocking;
    199. 

  199. 	SOCKLEN_T optlen;
    200. 

  200. 	TDSCONNECTION *conn = tds->conn;
    201. 

  201. 	char ipaddr[128];
    202. 

  202. 	
    203. 

  203. 	int retval, len;
    204. 

  204. 	TDSERRNO tds_error = TDSECONN;
    205. 

  205. 

  206. 	*p_oserr = 0;
    207. 

  207. 

  208. 	tds_addrinfo_set_port(addr, port);
    209. 

  209. 	tds_addrinfo2str(addr, ipaddr, sizeof(ipaddr));
    210. 

  210. 

  211. 	tdsdump_log(TDS_DBG_INFO1, "Connecting to %s port %d (TDS version %d.%d)\n", 
    212. 

  212. 			ipaddr, port,
    213. 

  213. 			TDS_MAJOR(conn), TDS_MINOR(conn));
    214. 

  214. 

  215. 	conn->s = socket(addr->ai_family, SOCK_STREAM, 0);
    216. 

  216. 	if (TDS_IS_SOCKET_INVALID(conn->s)) {
    217. 

  217. 		*p_oserr = sock_errno;
    218. 

  218. 		tdsdump_log(TDS_DBG_ERROR, "socket creation error: %s\n", sock_strerror(sock_errno));
    219. 

  219. 		return TDSESOCK;
    220. 

  220. 	}
    221. 

  221. 

  222. #ifdef SO_KEEPALIVE
    223. 

  223. 	len = 1;
    224. 

  224. 	setsockopt(conn->s, SOL_SOCKET, SO_KEEPALIVE, (const void *) &len, sizeof(len));
    225. 

  225. #endif
    226. 

  226. 

  227. #if defined(TCP_KEEPIDLE) && defined(TCP_KEEPINTVL)
    228. 

  228. 	len = 40;
    229. 

  229. 	setsockopt(conn->s, SOL_TCP, TCP_KEEPIDLE, (const void *) &len, sizeof(len));
    230. 

  230. 	len = 2;
    231. 

  231. 	setsockopt(conn->s, SOL_TCP, TCP_KEEPINTVL, (const void *) &len, sizeof(len));
    232. 

  232. #endif
    233. 

  233. 

  234. #if defined(__APPLE__) && defined(SO_NOSIGPIPE)
    235. 

  235. 	len = 1;
    236. 

  236. 	if (setsockopt(conn->s, SOL_SOCKET, SO_NOSIGPIPE, (const void *) &len, sizeof(len))) {
    237. 

  237. 		*p_oserr = sock_errno;
    238. 

  238. 		tds_connection_close(conn);
    239. 

  239. 		return TDSESOCK;
    240. 

  240. 	}
    241. 

  241. #endif
    242. 

  242. 

  243. 	len = 1;
    244. 

  244. #if defined(USE_NODELAY) || defined(USE_MSGMORE)
    245. 

  245. 	setsockopt(conn->s, SOL_TCP, TCP_NODELAY, (const void *) &len, sizeof(len));
    246. 

  246. #elif defined(USE_CORK)
    247. 

  247. 	if (setsockopt(conn->s, SOL_TCP, TCP_CORK, (const void *) &len, sizeof(len)) < 0)
    248. 

  248. 		setsockopt(conn->s, SOL_TCP, TCP_NODELAY, (const void *) &len, sizeof(len));
    249. 

  249. #else
    250. 

  250. #error One should be defined
    251. 

  251. #endif
    252. 

  252. 

  253. #ifdef  DOS32X			/* the other connection doesn't work  on WATTCP32 */
    254. 

  254. 	if (connect(conn->s, addr->ai_addr, addr->ai_addrlen) < 0) {
    255. 

  255. 		char *message;
    256. 

  256. 

  257. 		*p_oserr = sock_errno;
    258. 

  258. 		if (asprintf(&message, "tds_open_socket(): %s:%d", ipaddr, port) >= 0) {
    259. 

  259. 			perror(message);
    260. 

  260. 			free(message);
    261. 

  261. 		}
    262. 

  262. 		tds_connection_close(conn);
    263. 

  263. 		return TDSECONN;
    264. 

  264. 	}
    265. 

  265. #else
    266. 

  266. 	if (!timeout) {
    267. 

  267. 		/* A timeout of zero means wait forever; 90,000 seconds will feel like forever. */
    268. 

  268. 		timeout = 90000;
    269. 

  269. 	}
    270. 

  270. 

  271. 	/* enable non-blocking mode */
    272. 

  272. 	ioctl_nonblocking = 1;
    273. 

  273. 	if (IOCTLSOCKET(conn->s, FIONBIO, &ioctl_nonblocking) < 0) {
    274. 

  274. 		*p_oserr = sock_errno;
    275. 

  275. 		tds_connection_close(conn);
    276. 

  276. 		return TDSEUSCT; 	/* close enough: "Unable to set communications timer" */
    277. 

  277. 	}
    278. 

  278. 	retval = connect(conn->s, addr->ai_addr, addr->ai_addrlen);
    279. 

  279. 	if (retval == 0) {
    280. 

  280. 		tdsdump_log(TDS_DBG_INFO2, "connection established\n");
    281. 

  281. 	} else {
    282. 

  282. 		int err = *p_oserr = sock_errno;
    283. 

  283. 		tdsdump_log(TDS_DBG_ERROR, "tds_open_socket: connect(2) returned \"%s\"\n", sock_strerror(err));
    284. 

  284. #if DEBUGGING_CONNECTING_PROBLEM
    285. 

  285. 		if (err != ECONNREFUSED && err != ENETUNREACH && err != TDSSOCK_EINPROGRESS) {
    286. 

  286. 			tdsdump_dump_buf(TDS_DBG_ERROR, "Contents of sockaddr_in", addr->ai_addr, addr->ai_addrlen);
    287. 

  287. 			tdsdump_log(TDS_DBG_ERROR, 	" sockaddr_in:\t"
    288. 

  288. 							      "%s = %x\n" 
    289. 

  289. 							"\t\t\t%s = %x\n" 
    290. 

  290. 							"\t\t\t%s = %s\n"
    291. 

  291. 							, "sin_family", addr->ai_family
    292. 

  292. 							, "port", port
    293. 

  293. 							, "address", ipaddr
    294. 

  294. 							);
    295. 

  295. 		}
    296. 

  296. #endif
    297. 

  297. 		if (err != TDSSOCK_EINPROGRESS)
    298. 

  298. 			goto not_available;
    299. 

  299. 		
    300. 

  300. 		*p_oserr = TDSSOCK_ETIMEDOUT;
    301. 

  301. 		if (tds_select(tds, TDSSELWRITE|TDSSELERR, timeout) <= 0) {
    302. 

  302. 			tds_error = TDSECONN;
    303. 

  303. 			goto not_available;
    304. 

  304. 		}
    305. 

  305. 	}
    306. 

  306. #endif	/* not DOS32X */
    307. 

  307. 

  308. 	/* check socket error */
    309. 

  309. 	optlen = sizeof(len);
    310. 

  310. 	len = 0;
    311. 

  311. 	if (tds_getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (char *) &len, &optlen) != 0) {
    312. 

  312. 		*p_oserr = sock_errno;
    313. 

  313. 		tdsdump_log(TDS_DBG_ERROR, "getsockopt(2) failed: %s\n", sock_strerror(sock_errno));
    314. 

  314. 		goto not_available;
    315. 

  315. 	}
    316. 

  316. 	if (len != 0) {
    317. 

  317. 		*p_oserr = len;
    318. 

  318. 		tdsdump_log(TDS_DBG_ERROR, "getsockopt(2) reported: %s\n", sock_strerror(len));
    319. 

  319. 		goto not_available;
    320. 

  320. 	}
    321. 

  321. 

  322. 	tdsdump_log(TDS_DBG_ERROR, "tds_open_socket() succeeded\n");
    323. 

  323. 	return TDSEOK;
    324. 

  324. 	
    325. 

  325.     not_available:
    326. 

  326. 	
    327. 

  327. 	tds_connection_close(conn);
    328. 

  328. 	tdsdump_log(TDS_DBG_ERROR, "tds_open_socket() failed\n");
    329. 

  329. 	return tds_error;
    330. 

  330. }
    331. 

  331. 

  332. /**
    333. 

  333.  * Close current socket
    334. 

  334.  * for last socket close entire connection
    335. 

  335.  * for MARS send FIN request
    336. 

  336.  */
    337. 

  337. void
    338. 

  338. tds_close_socket(TDSSOCKET * tds)
    339. 

  339. {
    340. 

  340. 	if (!IS_TDSDEAD(tds)) {
    341. 

  341. #if ENABLE_ODBC_MARS
    342. 

  342. 		TDSCONNECTION *conn = tds->conn;
    343. 

  343. 		unsigned n = 0, count = 0;
    344. 

  344. 		tds_mutex_lock(&conn->list_mtx);
    345. 

  345. 		for (; n < conn->num_sessions; ++n)
    346. 

  346. 			if (TDSSOCKET_VALID(conn->sessions[n]))
    347. 

  347. 				++count;
    348. 

  348. 		if (count > 1)
    349. 

  349. 			tds_append_fin(tds);
    350. 

  350. 		tds_mutex_unlock(&conn->list_mtx);
    351. 

  351. 		if (count <= 1) {
    352. 

  352. 			tds_disconnect(tds);
    353. 

  353. 			tds_connection_close(conn);
    354. 

  354. 		} else {
    355. 

  355. 			tds_set_state(tds, TDS_DEAD);
    356. 

  356. 		}
    357. 

  357. #else
    358. 

  358. 		tds_disconnect(tds);
    359. 

  359. 		if (CLOSESOCKET(tds_get_s(tds)) == -1)
    360. 

  360. 			tdserror(tds_get_ctx(tds), tds,  TDSECLOS, sock_errno);
    361. 

  361. 		tds_set_s(tds, INVALID_SOCKET);
    362. 

  362. 		tds_set_state(tds, TDS_DEAD);
    363. 

  363. #endif
    364. 

  364. 	}
    365. 

  365. }
    366. 

  366. 

  367. #if ENABLE_ODBC_MARS
    368. 

  368. void
    369. 

  369. tds_connection_close(TDSCONNECTION *conn)
    370. 

  370. {
    371. 

  371. 	unsigned n = 0;
    372. 

  372. 

  373. 	if (!TDS_IS_SOCKET_INVALID(conn->s)) {
    374. 

  374. 		/* TODO check error ?? how to return it ?? */
    375. 

  375. 		CLOSESOCKET(conn->s);
    376. 

  376. 		conn->s = INVALID_SOCKET;
    377. 

  377. 	}
    378. 

  378. 

  379. 	tds_mutex_lock(&conn->list_mtx);
    380. 

  380. 	for (; n < conn->num_sessions; ++n)
    381. 

  381. 		if (TDSSOCKET_VALID(conn->sessions[n]))
    382. 

  382. 			tds_set_state(conn->sessions[n], TDS_DEAD);
    383. 

  383. 	tds_mutex_unlock(&conn->list_mtx);
    384. 

  384. }
    385. 

  385. #endif
    386. 

  386. 

  387. /**
    388. 

  388.  * Select on a socket until it's available or the timeout expires. 
    389. 

  389.  * Meanwhile, call the interrupt function. 
    390. 

  390.  * \return	>0 ready descriptors
    391. 

  391.  *		 0 timeout 
    392. 

  392.  * 		<0 error (cf. errno).  Caller should  close socket and return failure. 
    393. 

  393.  * This function does not call tdserror or close the socket because it can't know the context in which it's being called.   
    394. 

  394.  */
    395. 

  395. int
    396. 

  396. tds_select(TDSSOCKET * tds, unsigned tds_sel, int timeout_seconds)
    397. 

  397. {
    398. 

  398. 	int rc, seconds;
    399. 

  399. 	unsigned int poll_seconds;
    400. 

  400. 

  401. 	assert(tds != NULL);
    402. 

  402. 	assert(timeout_seconds >= 0);
    403. 

  403. 

  404. 	/* 
    405. 

  405. 	 * The select loop.  
    406. 

  406. 	 * If an interrupt handler is installed, we iterate once per second, 
    407. 

  407. 	 * 	else we try once, timing out after timeout_seconds (0 == never). 
    408. 

  408. 	 * If select(2) is interrupted by a signal (e.g. press ^C in sqsh), we timeout.
    409. 

  409. 	 * 	(The application can retry if desired by installing a signal handler.)
    410. 

  410. 	 *
    411. 

  411. 	 * We do not measure current time against end time, to avoid being tricked by ntpd(8) or similar. 
    412. 

  412. 	 * Instead, we just count down.  
    413. 

  413. 	 *
    414. 

  414. 	 * We exit on the first of these events:
    415. 

  415. 	 * 1.  a descriptor is ready. (return to caller)
    416. 

  416. 	 * 2.  select(2) returns an important error.  (return to caller)
    417. 

  417. 	 * A timeout of zero says "wait forever".  We do that by passing a NULL timeval pointer to select(2). 
    418. 

  418. 	 */
    419. 

  419. 	poll_seconds = (tds_get_ctx(tds) && tds_get_ctx(tds)->int_handler)? 1 : timeout_seconds;
    420. 

  420. 	for (seconds = timeout_seconds; timeout_seconds == 0 || seconds > 0; seconds -= poll_seconds) {
    421. 

  421. 		struct pollfd fds[2];
    422. 

  422. 		int timeout = poll_seconds ? poll_seconds * 1000 : -1;
    423. 

  423. 

  424. 		if (TDS_IS_SOCKET_INVALID(tds_get_s(tds)))
    425. 

  425. 			return -1;
    426. 

  426. 

  427. 		fds[0].fd = tds_get_s(tds);
    428. 

  428. 		fds[0].events = tds_sel;
    429. 

  429. 		fds[0].revents = 0;
    430. 

  430. 		fds[1].fd = tds->conn->s_signaled;
    431. 

  431. 		fds[1].events = POLLIN;
    432. 

  432. 		fds[1].revents = 0;
    433. 

  433. 		rc = poll(fds, 2, timeout);
    434. 

  434. 

  435. 		if (rc > 0 ) {
    436. 

  436. 			if (fds[0].revents & POLLERR)
    437. 

  437. 				return -1;
    438. 

  438. 			rc = fds[0].revents;
    439. 

  439. 			if (fds[1].revents) {
    440. 

  440. #if ENABLE_ODBC_MARS
    441. 

  441. 				tds_check_cancel(tds->conn);
    442. 

  442. #endif
    443. 

  443. 				rc |= TDSPOLLURG;
    444. 

  444. 			}
    445. 

  445. 			return rc;
    446. 

  446. 		}
    447. 

  447. 

  448. 		if (rc < 0) {
    449. 

  449. 			switch (sock_errno) {
    450. 

  450. 			case TDSSOCK_EINTR:
    451. 

  451. 				/* FIXME this should be global maximun, not loop one */
    452. 

  452. 				seconds += poll_seconds;
    453. 

  453. 				break;	/* let interrupt handler be called */
    454. 

  454. 			default: /* documented: EFAULT, EBADF, EINVAL */
    455. 

  455. 				tdsdump_log(TDS_DBG_ERROR, "error: poll(2) returned %d, \"%s\"\n",
    456. 

  456. 						sock_errno, sock_strerror(sock_errno));
    457. 

  457. 				return rc;
    458. 

  458. 			}
    459. 

  459. 		}
    460. 

  460. 

  461. 		assert(rc == 0 || (rc < 0 && sock_errno == TDSSOCK_EINTR));
    462. 

  462. 

  463. 		if (tds_get_ctx(tds) && tds_get_ctx(tds)->int_handler) {	/* interrupt handler installed */
    464. 

  464. 			/*
    465. 

  465. 			 * "If hndlintr() returns INT_CANCEL, DB-Library sends an attention token [TDS_BUFSTAT_ATTN]
    466. 

  466. 			 * to the server. This causes the server to discontinue command processing. 
    467. 

  467. 			 * The server may send additional results that have already been computed. 
    468. 

  468. 			 * When control returns to the mainline code, the mainline code should do 
    469. 

  469. 			 * one of the following: 
    470. 

  470. 			 * - Flush the results using dbcancel 
    471. 

  471. 			 * - Process the results normally"
    472. 

  472. 			 */
    473. 

  473. 			int timeout_action = (*tds_get_ctx(tds)->int_handler) (tds_get_parent(tds));
    474. 

  474. 			switch (timeout_action) {
    475. 

  475. 			case TDS_INT_CONTINUE:		/* keep waiting */
    476. 

  476. 				continue;
    477. 

  477. 			case TDS_INT_CANCEL:		/* abort the current command batch */
    478. 

  478. 							/* FIXME tell tds_goodread() not to call tdserror() */
    479. 

  479. 				return 0;
    480. 

  480. 			default:
    481. 

  481. 				tdsdump_log(TDS_DBG_NETWORK, 
    482. 

  482. 					"tds_select: invalid interupt handler return code: %d\n", timeout_action);
    483. 

  483. 				return -1;
    484. 

  484. 			}
    485. 

  485. 		}
    486. 

  486. 		/* 
    487. 

  487. 		 * We can reach here if no interrupt handler was installed and we either timed out or got EINTR. 
    488. 

  488. 		 * We cannot be polling, so we are about to drop out of the loop. 
    489. 

  489. 		 */
    490. 

  490. 		assert(poll_seconds == timeout_seconds);
    491. 

  491. 	}
    492. 

  492. 	
    493. 

  493. 	return 0;
    494. 

  494. }
    495. 

  495. 

  496. /**
    497. 

  497.  * Read from an OS socket
    498. 

  498.  * @TODO remove tds, save error somewhere, report error in another way
    499. 

  499.  * @returns 0 if blocking, <0 error >0 bytes read
    500. 

  500.  */
    501. 

  501. static int
    502. 

  502. tds_socket_read(TDSCONNECTION * conn, TDSSOCKET *tds, unsigned char *buf, int buflen)
    503. 

  503. {
    504. 

  504. 	int len, err;
    505. 

  505. 

  506. 	/* read directly from socket*/
    507. 

  507. 	len = READSOCKET(conn->s, buf, buflen);
    508. 

  508. 	if (len > 0)
    509. 

  509. 		return len;
    510. 

  510. 

  511. 	err = sock_errno;
    512. 

  512. 	if (len < 0 && TDSSOCK_WOULDBLOCK(err))
    513. 

  513. 		return 0;
    514. 

  514. 

  515. 	/* detect connection close */
    516. 

  516. 	tds_connection_close(conn);
    517. 

  517. 	tdserror(conn->tds_ctx, tds, len == 0 ? TDSESEOF : TDSEREAD, len == 0 ? 0 : err);
    518. 

  518. 	return -1;
    519. 

  519. }
    520. 

  520. 

  521. /**
    522. 

  522.  * Write to an OS socket
    523. 

  523.  * @returns 0 if blocking, <0 error >0 bytes readed
    524. 

  524.  */
    525. 

  525. static int
    526. 

  526. tds_socket_write(TDSCONNECTION *conn, TDSSOCKET *tds, const unsigned char *buf, int buflen, int last)
    527. 

  527. {
    528. 

  528. 	int err, len;
    529. 

  529. 

  530. #ifdef USE_MSGMORE
    531. 

  531. 	len = send(conn->s, buf, buflen, last ? MSG_NOSIGNAL : MSG_NOSIGNAL|MSG_MORE);
    532. 

  532. 	/* In case the kernel does not support MSG_MORE, try again without it */
    533. 

  533. 	if (len < 0 && errno == EINVAL && !last)
    534. 

  534. 		len = send(conn->s, buf, buflen, MSG_NOSIGNAL);
    535. 

  535. #elif defined(__APPLE__) && defined(SO_NOSIGPIPE)
    536. 

  536. 	len = send(conn->s, buf, buflen, 0);
    537. 

  537. #else
    538. 

  538. 	len = WRITESOCKET(conn->s, buf, buflen);
    539. 

  539. #endif
    540. 

  540. 	if (len > 0)
    541. 

  541. 		return len;
    542. 

  542. 

  543. 	err = sock_errno;
    544. 

  544. 	if (0 == len || TDSSOCK_WOULDBLOCK(err))
    545. 

  545. 		return 0;
    546. 

  546. 

  547. 	assert(len < 0);
    548. 

  548. 

  549. 	/* detect connection close */
    550. 

  550. 	tdsdump_log(TDS_DBG_NETWORK, "send(2) failed: %d (%s)\n", err, sock_strerror(err));
    551. 

  551. 	tds_connection_close(conn);
    552. 

  552. 	tdserror(conn->tds_ctx, tds, TDSEWRIT, err);
    553. 

  553. 	return -1;
    554. 

  554. }
    555. 

  555. 

  556. #if ENABLE_ODBC_MARS
    557. 

  557. static void
    558. 

  558. tds_check_cancel(TDSCONNECTION *conn)
    559. 

  559. {
    560. 

  560. 	TDSSOCKET *tds;
    561. 

  561. 	int rc, len;
    562. 

  562. 	char to_cancel[16];
    563. 

  563. 

  564. 	len = READSOCKET(conn->s_signaled, to_cancel, sizeof(to_cancel));
    565. 

  565. 	do {
    566. 

  566. 		/* no cancel found */
    567. 

  567. 		if (len <= 0) return;
    568. 

  568. 	} while(!to_cancel[--len]);
    569. 

  569. 

  570. 	do {
    571. 

  571. 		unsigned n = 0;
    572. 

  572. 

  573. 		rc = TDS_SUCCESS;
    574. 

  574. 		tds_mutex_lock(&conn->list_mtx);
    575. 

  575. 		/* Here we scan all list searching for sessions that should send cancel packets */
    576. 

  576. 		for (; n < conn->num_sessions; ++n)
    577. 

  577. 			if (TDSSOCKET_VALID(tds=conn->sessions[n]) && tds->in_cancel == 1) {
    578. 

  578. 				/* send cancel */
    579. 

  579. 				tds->in_cancel = 2;
    580. 

  580. 				tds_mutex_unlock(&conn->list_mtx);
    581. 

  581. 				rc = tds_append_cancel(tds);
    582. 

  582. 				tds_mutex_lock(&conn->list_mtx);
    583. 

  583. 				if (rc != TDS_SUCCESS)
    584. 

  584. 					break;
    585. 

  585. 			}
    586. 

  586. 		tds_mutex_unlock(&conn->list_mtx);
    587. 

  587. 		/* for all failed */
    588. 

  588. 		/* this must be done outside loop cause it can alter list */
    589. 

  589. 		/* this must be done unlocked cause it can lock again */
    590. 

  590. 		if (rc != TDS_SUCCESS)
    591. 

  591. 			tds_close_socket(tds);
    592. 

  592. 	} while(rc != TDS_SUCCESS);
    593. 

  593. }
    594. 

  594. #endif
    595. 

  595. 

  596. /**
    597. 

  597.  * Loops until we have received some characters
    598. 

  598.  * return -1 on failure
    599. 

  599.  */
    600. 

  600. static int
    601. 

  601. tds_goodread(TDSSOCKET * tds, unsigned char *buf, int buflen)
    602. 

  602. {
    603. 

  603. 	if (tds == NULL || buf == NULL || buflen < 1)
    604. 

  604. 		return -1;
    605. 

  605. 

  606. 	for (;;) {
    607. 

  607. 		int len, err;
    608. 

  608. 

  609. 		/* FIXME this block writing from other sessions */
    610. 

  610. 		len = tds_select(tds, TDSSELREAD, tds->query_timeout);
    611. 

  611. #if !ENABLE_ODBC_MARS
    612. 

  612. 		if (len > 0 && (len & TDSPOLLURG)) {
    613. 

  613. 			char buf[32];
    614. 

  614. 			READSOCKET(tds->conn->s_signaled, buf, sizeof(buf));
    615. 

  615. 			/* send cancel */
    616. 

  616. 			if (!tds->in_cancel)
    617. 

  617. 				tds_put_cancel(tds);
    618. 

  618. 			continue;
    619. 

  619. 		}
    620. 

  620. #endif
    621. 

  621. 		if (len > 0) {
    622. 

  622. 			len = tds_socket_read(tds->conn, tds, buf, buflen);
    623. 

  623. 			if (len == 0)
    624. 

  624. 				continue;
    625. 

  625. 			return len;
    626. 

  626. 		}
    627. 

  627. 

  628. 		/* error */
    629. 

  629. 		if (len < 0) {
    630. 

  630. 			if (TDSSOCK_WOULDBLOCK(sock_errno)) /* shouldn't happen, but OK */
    631. 

  631. 				continue;
    632. 

  632. 			err = sock_errno;
    633. 

  633. 			tds_connection_close(tds->conn);
    634. 

  634. 			tdserror(tds_get_ctx(tds), tds, TDSEREAD, err);
    635. 

  635. 			return -1;
    636. 

  636. 		}
    637. 

  637. 

  638. 		/* timeout */
    639. 

  639. 		switch (tdserror(tds_get_ctx(tds), tds, TDSETIME, sock_errno)) {
    640. 

  640. 		case TDS_INT_CONTINUE:
    641. 

  641. 			break;
    642. 

  642. 		default:
    643. 

  643. 		case TDS_INT_CANCEL:
    644. 

  644. 			tds_close_socket(tds);
    645. 

  645. 			return -1;
    646. 

  646. 		}
    647. 

  647. 	}
    648. 

  648. }
    649. 

  649. 

  650. int
    651. 

  651. tds_connection_read(TDSSOCKET * tds, unsigned char *buf, int buflen)
    652. 

  652. {
    653. 

  653. 	TDSCONNECTION *conn = tds->conn;
    654. 

  654. 

  655. #ifdef HAVE_GNUTLS
    656. 

  656. 	if (conn->tls_session)
    657. 

  657. 		return gnutls_record_recv((gnutls_session) conn->tls_session, buf, buflen);
    658. 

  658. #elif defined(HAVE_OPENSSL)
    659. 

  659. 	if (conn->tls_session)
    660. 

  660. 		return SSL_read((SSL*) conn->tls_session, buf, buflen);
    661. 

  661. #endif
    662. 

  662. 

  663. #if ENABLE_ODBC_MARS
    664. 

  664. 	return tds_socket_read(conn, tds, buf, buflen);
    665. 

  665. #else
    666. 

  666. 	return tds_goodread(tds, buf, buflen);
    667. 

  667. #endif
    668. 

  668. }
    669. 

  669. 

  670. /**
    671. 

  671.  * \param tds the famous socket
    672. 

  672.  * \param buffer data to send
    673. 

  673.  * \param buflen bytes in buffer
    674. 

  674.  * \param last 1 if this is the last packet, else 0
    675. 

  675.  * \return length written (>0), <0 on failure
    676. 

  676.  */
    677. 

  677. static int
    678. 

  678. tds_goodwrite(TDSSOCKET * tds, const unsigned char *buffer, size_t buflen, unsigned char last)
    679. 

  679. {
    680. 

  680. 	int len;
    681. 

  681. 

  682. 	assert(tds && buffer);
    683. 

  683. 

  684. 	for (;;) {
    685. 

  685. 		/* TODO if send buffer is full we block receive !!! */
    686. 

  686. 		len = tds_select(tds, TDSSELWRITE, tds->query_timeout);
    687. 

  687. 

  688. 		if (len > 0) {
    689. 

  689. 			len = tds_socket_write(tds->conn, tds, buffer, buflen, last);
    690. 

  690. 			if (len == 0)
    691. 

  691. 				continue;
    692. 

  692. 			if (len > 0) {
    693. 

  693. #ifdef USE_CORK
    694. 

  694. 				if (len < buflen) last = 0;
    695. 

  695. #endif
    696. 

  696. 				break;
    697. 

  697. 			}
    698. 

  698. 			return len;
    699. 

  699. 		}
    700. 

  700. 

  701. 		/* error */
    702. 

  702. 		if (len < 0) {
    703. 

  703. 			int err = sock_errno;
    704. 

  704. 			if (TDSSOCK_WOULDBLOCK(err)) /* shouldn't happen, but OK, retry */
    705. 

  705. 				continue;
    706. 

  706. 			tdsdump_log(TDS_DBG_NETWORK, "select(2) failed: %d (%s)\n", err, sock_strerror(err));
    707. 

  707. 			tds_connection_close(tds->conn);
    708. 

  708. 			tdserror(tds_get_ctx(tds), tds, TDSEWRIT, err);
    709. 

  709. 			return -1;
    710. 

  710. 		}
    711. 

  711. 

  712. 		/* timeout */
    713. 

  713. 		tdsdump_log(TDS_DBG_NETWORK, "tds_goodwrite(): timed out, asking client\n");
    714. 

  714. 		switch (tdserror(tds_get_ctx(tds), tds, TDSETIME, sock_errno)) {
    715. 

  715. 		case TDS_INT_CONTINUE:
    716. 

  716. 			break;
    717. 

  717. 		default:
    718. 

  718. 		case TDS_INT_CANCEL:
    719. 

  719. 			tds_close_socket(tds);
    720. 

  720. 			return -1;
    721. 

  721. 		}
    722. 

  722. 	}
    723. 

  723. 

  724. #ifdef USE_CORK
    725. 

  725. 	/* force packet flush */
    726. 

  726. 	if (last) {
    727. 

  727. 		int opt;
    728. 

  728. 		TDS_SYS_SOCKET sock = tds_get_s(tds);
    729. 

  729. 		opt = 0;
    730. 

  730. 		setsockopt(sock, SOL_TCP, TCP_CORK, (const void *) &opt, sizeof(opt));
    731. 

  731. 		opt = 1;
    732. 

  732. 		setsockopt(sock, SOL_TCP, TCP_CORK, (const void *) &opt, sizeof(opt));
    733. 

  733. 	}
    734. 

  734. #endif
    735. 

  735. 

  736. 	return len;
    737. 

  737. }
    738. 

  738. 

  739. int
    740. 

  740. tds_connection_write(TDSSOCKET *tds, unsigned char *buf, int buflen, int final)
    741. 

  741. {
    742. 

  742. 	int sent;
    743. 

  743. 	TDSCONNECTION *conn = tds->conn;
    744. 

  744. 

  745. #if !defined(_WIN32) && !defined(MSG_NOSIGNAL) && !defined(DOS32X) && (!defined(__APPLE__) || !defined(SO_NOSIGPIPE))
    746. 

  746. 	void (*oldsig) (int);
    747. 

  747. 

  748. 	oldsig = signal(SIGPIPE, SIG_IGN);
    749. 

  749. 	if (oldsig == SIG_ERR) {
    750. 

  750. 		tdsdump_log(TDS_DBG_WARN, "TDS: Warning: Couldn't set SIGPIPE signal to be ignored\n");
    751. 

  751. 	}
    752. 

  752. #endif
    753. 

  753. 

  754. #ifdef HAVE_GNUTLS
    755. 

  755. 	if (conn->tls_session)
    756. 

  756. 		sent = gnutls_record_send((gnutls_session) conn->tls_session, buf, buflen);
    757. 

  757. 	else
    758. 

  758. #elif defined(HAVE_OPENSSL)
    759. 

  759. 	if (conn->tls_session)
    760. 

  760. 		sent = SSL_write((SSL*) conn->tls_session, buf, buflen);
    761. 

  761. 	else
    762. 

  762. #endif
    763. 

  763. #if ENABLE_ODBC_MARS
    764. 

  764. 		sent = tds_socket_write(conn, tds, buf, buflen, final);
    765. 

  765. #else
    766. 

  766. 		sent = tds_goodwrite(tds, buf, buflen, final);
    767. 

  767. #endif
    768. 

  768. 

  769. #if !defined(_WIN32) && !defined(MSG_NOSIGNAL) && !defined(DOS32X) && (!defined(__APPLE__) || !defined(SO_NOSIGPIPE))
    770. 

  770. 	if (signal(SIGPIPE, oldsig) == SIG_ERR) {
    771. 

  771. 		tdsdump_log(TDS_DBG_WARN, "TDS: Warning: Couldn't reset SIGPIPE signal to previous value\n");
    772. 

  772. 	}
    773. 

  773. #endif
    774. 

  774. 	return sent;
    775. 

  775. }
    776. 

  776. 

  777. /**
    778. 

  778.  * Get port of all instances
    779. 

  779.  * @return default port number or 0 if error
    780. 

  780.  * @remark experimental, cf. MC-SQLR.pdf.
    781. 

  781.  */
    782. 

  782. int
    783. 

  783. tds7_get_instance_ports(FILE *output, struct tds_addrinfo *addr)
    784. 

  784. {
    785. 

  785. 	int num_try;
    786. 

  786. 	ioctl_nonblocking_t ioctl_nonblocking;
    787. 

  787. 	struct pollfd fd;
    788. 

  788. 	int retval;
    789. 

  789. 	TDS_SYS_SOCKET s;
    790. 

  790. 	char msg[16*1024];
    791. 

  791. 	size_t msg_len = 0;
    792. 

  792. 	int port = 0;
    793. 

  793. 	char ipaddr[128];
    794. 

  794. 

  795. 

  796. 	tds_addrinfo_set_port(addr, 1434);
    797. 

  797. 	tds_addrinfo2str(addr, ipaddr, sizeof(ipaddr));
    798. 

  798. 

  799. 	tdsdump_log(TDS_DBG_ERROR, "tds7_get_instance_ports(%s)\n", ipaddr);
    800. 

  800. 

  801. 	/* create an UDP socket */
    802. 

  802. 	if (TDS_IS_SOCKET_INVALID(s = socket(addr->ai_family, SOCK_DGRAM, 0))) {
    803. 

  803. 		tdsdump_log(TDS_DBG_ERROR, "socket creation error: %s\n", sock_strerror(sock_errno));
    804. 

  804. 		return 0;
    805. 

  805. 	}
    806. 

  806. 

  807. 	/*
    808. 

  808. 	 * on cluster environment is possible that reply packet came from
    809. 

  809. 	 * different IP so do not filter by ip with connect
    810. 

  810. 	 */
    811. 

  811. 

  812. 	ioctl_nonblocking = 1;
    813. 

  813. 	if (IOCTLSOCKET(s, FIONBIO, &ioctl_nonblocking) < 0) {
    814. 

  814. 		CLOSESOCKET(s);
    815. 

  815. 		return 0;
    816. 

  816. 	}
    817. 

  817. 

  818. 	/* 
    819. 

  819. 	 * Request the instance's port from the server.  
    820. 

  820. 	 * There is no easy way to detect if port is closed so we always try to
    821. 

  821. 	 * get a reply from server 16 times. 
    822. 

  822. 	 */
    823. 

  823. 	for (num_try = 0; num_try < 16 && msg_len == 0; ++num_try) {
    824. 

  824. 		/* send the request */
    825. 

  825. 		msg[0] = 3;
    826. 

  826. 		sendto(s, msg, 1, 0, addr->ai_addr, addr->ai_addrlen);
    827. 

  827. 

  828. 		fd.fd = s;
    829. 

  829. 		fd.events = POLLIN;
    830. 

  830. 		fd.revents = 0;
    831. 

  831. 

  832. 		retval = poll(&fd, 1, 1000);
    833. 

  833. 		
    834. 

  834. 		/* on interrupt ignore */
    835. 

  835. 		if (retval < 0 && sock_errno == TDSSOCK_EINTR)
    836. 

  836. 			continue;
    837. 

  837. 		
    838. 

  838. 		if (retval == 0) { /* timed out */
    839. 

  839. #if 1
    840. 

  840. 			tdsdump_log(TDS_DBG_ERROR, "tds7_get_instance_port: timed out on try %d of 16\n", num_try);
    841. 

  841. 			continue;
    842. 

  842. #else
    843. 

  843. 			int rc;
    844. 

  844. 			tdsdump_log(TDS_DBG_INFO1, "timed out\n");
    845. 

  845. 

  846. 			switch(rc = tdserror(NULL, NULL, TDSETIME, 0)) {
    847. 

  847. 			case TDS_INT_CONTINUE:
    848. 

  848. 				continue;	/* try again */
    849. 

  849. 

  850. 			default:
    851. 

  851. 				tdsdump_log(TDS_DBG_ERROR, "error: client error handler returned %d\n", rc);
    852. 

  852. 			case TDS_INT_CANCEL: 
    853. 

  853. 				CLOSESOCKET(s);
    854. 

  854. 				return 0;
    855. 

  855. 			}
    856. 

  856. #endif
    857. 

  857. 		}
    858. 

  858. 		if (retval < 0)
    859. 

  859. 			break;
    860. 

  860. 

  861. 		/* got data, read and parse */
    862. 

  862. 		if ((msg_len = recv(s, msg, sizeof(msg) - 1, 0)) > 3 && msg[0] == 5) {
    863. 

  863. 			char *name, sep[2] = ";", *save;
    864. 

  864. 

  865. 			/* assure null terminated */
    866. 

  866. 			msg[msg_len] = 0;
    867. 

  867. 			tdsdump_dump_buf(TDS_DBG_INFO1, "instance info", msg, msg_len);
    868. 

  868. 			
    869. 

  869. 			if (0) {	/* To debug, print the whole string. */
    870. 

  870. 				char *p;
    871. 

  871. 

  872. 				for (*sep = '\n', p=msg+3; p < msg + msg_len; p++) {
    873. 

  873. 					if( *p == ';' )
    874. 

  874. 						*p = *sep;
    875. 

  875. 				}
    876. 

  876. 				fputs(msg + 3, output);
    877. 

  877. 			}
    878. 

  878. 

  879. 			/*
    880. 

  880. 			 * Parse and print message.
    881. 

  881. 			 */
    882. 

  882. 			name = strtok_r(msg+3, sep, &save);
    883. 

  883. 			while (name && output) {
    884. 

  884. 				int i;
    885. 

  885. 				static const char *names[] = { "ServerName", "InstanceName", "IsClustered", "Version", 
    886. 

  886. 							       "tcp", "np", "via" };
    887. 

  887. 

  888. 				for (i=0; name && i < TDS_VECTOR_SIZE(names); i++) {
    889. 

  889. 					const char *value = strtok_r(NULL, sep, &save);
    890. 

  890. 					
    891. 

  891. 					if (strcmp(name, names[i]) != 0)
    892. 

  892. 						fprintf(output, "error: expecting '%s', found '%s'\n", names[i], name);
    893. 

  893. 					if (value) 
    894. 

  894. 						fprintf(output, "%15s %s\n", name, value);
    895. 

  895. 					else 
    896. 

  896. 						break;
    897. 

  897. 

  898. 					name = strtok_r(NULL, sep, &save);
    899. 

  899. 

  900. 					if (name && strcmp(name, names[0]) == 0)
    901. 

  901. 						break;
    902. 

  902. 				}
    903. 

  903. 				if (name) 
    904. 

  904. 					fprintf(output, "\n");
    905. 

  905. 			}
    906. 

  906. 		}
    907. 

  907. 	}
    908. 

  908. 	CLOSESOCKET(s);
    909. 

  909. 	tdsdump_log(TDS_DBG_ERROR, "default instance port is %d\n", port);
    910. 

  910. 	return port;
    911. 

  911. }
    912. 

  912. 

  913. /**
    914. 

  914.  * Get port of given instance
    915. 

  915.  * @return port number or 0 if error
    916. 

  916.  */
    917. 

  917. int
    918. 

  918. tds7_get_instance_port(struct tds_addrinfo *addr, const char *instance)
    919. 

  919. {
    920. 

  920. 	int num_try;
    921. 

  921. 	ioctl_nonblocking_t ioctl_nonblocking;
    922. 

  922. 	struct pollfd fd;
    923. 

  923. 	int retval;
    924. 

  924. 	TDS_SYS_SOCKET s;
    925. 

  925. 	char msg[1024];
    926. 

  926. 	size_t msg_len;
    927. 

  927. 	int port = 0;
    928. 

  928. 	char ipaddr[128];
    929. 

  929. 

  930. 	tds_addrinfo_set_port(addr, 1434);
    931. 

  931. 	tds_addrinfo2str(addr, ipaddr, sizeof(ipaddr));
    932. 

  932. 

  933. 	tdsdump_log(TDS_DBG_ERROR, "tds7_get_instance_port(%s, %s)\n", ipaddr, instance);
    934. 

  934. 

  935. 	/* create an UDP socket */
    936. 

  936. 	if (TDS_IS_SOCKET_INVALID(s = socket(addr->ai_family, SOCK_DGRAM, 0))) {
    937. 

  937. 		tdsdump_log(TDS_DBG_ERROR, "socket creation error: %s\n", sock_strerror(sock_errno));
    938. 

  938. 		return 0;
    939. 

  939. 	}
    940. 

  940. 

  941. 	/*
    942. 

  942. 	 * on cluster environment is possible that reply packet came from
    943. 

  943. 	 * different IP so do not filter by ip with connect
    944. 

  944. 	 */
    945. 

  945. 

  946. 	ioctl_nonblocking = 1;
    947. 

  947. 	if (IOCTLSOCKET(s, FIONBIO, &ioctl_nonblocking) < 0) {
    948. 

  948. 		CLOSESOCKET(s);
    949. 

  949. 		return 0;
    950. 

  950. 	}
    951. 

  951. 

  952. 	/* 
    953. 

  953. 	 * Request the instance's port from the server.  
    954. 

  954. 	 * There is no easy way to detect if port is closed so we always try to
    955. 

  955. 	 * get a reply from server 16 times. 
    956. 

  956. 	 */
    957. 

  957. 	for (num_try = 0; num_try < 16; ++num_try) {
    958. 

  958. 		/* send the request */
    959. 

  959. 		msg[0] = 4;
    960. 

  960. 		tds_strlcpy(msg + 1, instance, sizeof(msg) - 1);
    961. 

  961. 		sendto(s, msg, (int)strlen(msg) + 1, 0, addr->ai_addr, addr->ai_addrlen);
    962. 

  962. 

  963. 		fd.fd = s;
    964. 

  964. 		fd.events = POLLIN;
    965. 

  965. 		fd.revents = 0;
    966. 

  966. 

  967. 		retval = poll(&fd, 1, 1000);
    968. 

  968. 		
    969. 

  969. 		/* on interrupt ignore */
    970. 

  970. 		if (retval < 0 && sock_errno == TDSSOCK_EINTR)
    971. 

  971. 			continue;
    972. 

  972. 		
    973. 

  973. 		if (retval == 0) { /* timed out */
    974. 

  974. #if 1
    975. 

  975. 			tdsdump_log(TDS_DBG_ERROR, "tds7_get_instance_port: timed out on try %d of 16\n", num_try);
    976. 

  976. 			continue;
    977. 

  977. #else
    978. 

  978. 			int rc;
    979. 

  979. 			tdsdump_log(TDS_DBG_INFO1, "timed out\n");
    980. 

  980. 

  981. 			switch(rc = tdserror(NULL, NULL, TDSETIME, 0)) {
    982. 

  982. 			case TDS_INT_CONTINUE:
    983. 

  983. 				continue;	/* try again */
    984. 

  984. 

  985. 			default:
    986. 

  986. 				tdsdump_log(TDS_DBG_ERROR, "error: client error handler returned %d\n", rc);
    987. 

  987. 			case TDS_INT_CANCEL: 
    988. 

  988. 				CLOSESOCKET(s);
    989. 

  989. 				return 0;
    990. 

  990. 			}
    991. 

  991. #endif
    992. 

  992. 		}
    993. 

  993. 		if (retval < 0)
    994. 

  994. 			break;
    995. 

  995. 

  996. 		/* TODO pass also connection and set instance/servername ?? */
    997. 

  997. 

  998. 		/* got data, read and parse */
    999. 

  999. 		if ((msg_len = recv(s, msg, sizeof(msg) - 1, 0)) > 3 && msg[0] == 5) {
    1000. 

  1000. 			char *p;
    1001. 

  1001. 			long l = 0;
    1002. 

  1002. 			int instance_ok = 0, port_ok = 0;
    1003. 

  1003. 

  1004. 			/* assure null terminated */
    1005. 

  1005. 			msg[msg_len] = 0;
    1006. 

  1006. 			tdsdump_dump_buf(TDS_DBG_INFO1, "instance info", msg, msg_len);
    1007. 

  1007. 

  1008. 			/*
    1009. 

  1009. 			 * Parse message and check instance name and port.
    1010. 

  1010. 			 * We don't check servername cause it can be very different from the client's. 
    1011. 

  1011. 			 */
    1012. 

  1012. 			for (p = msg + 3;;) {
    1013. 

  1013. 				char *name, *value;
    1014. 

  1014. 

  1015. 				name = p;
    1016. 

  1016. 				p = strchr(p, ';');
    1017. 

  1017. 				if (!p)
    1018. 

  1018. 					break;
    1019. 

  1019. 				*p++ = 0;
    1020. 

  1020. 

  1021. 				value = name;
    1022. 

  1022. 				if (*name) {
    1023. 

  1023. 					value = p;
    1024. 

  1024. 					p = strchr(p, ';');
    1025. 

  1025. 					if (!p)
    1026. 

  1026. 						break;
    1027. 

  1027. 					*p++ = 0;
    1028. 

  1028. 				}
    1029. 

  1029. 

  1030. 				if (strcasecmp(name, "InstanceName") == 0) {
    1031. 

  1031. 					if (strcasecmp(value, instance) != 0)
    1032. 

  1032. 						break;
    1033. 

  1033. 					instance_ok = 1;
    1034. 

  1034. 				} else if (strcasecmp(name, "tcp") == 0) {
    1035. 

  1035. 					l = strtol(value, &p, 10);
    1036. 

  1036. 					if (l > 0 && l <= 0xffff && *p == 0)
    1037. 

  1037. 						port_ok = 1;
    1038. 

  1038. 				}
    1039. 

  1039. 			}
    1040. 

  1040. 			if (port_ok && instance_ok) {
    1041. 

  1041. 				port = l;
    1042. 

  1042. 				break;
    1043. 

  1043. 			}
    1044. 

  1044. 		}
    1045. 

  1045. 	}
    1046. 

  1046. 	CLOSESOCKET(s);
    1047. 

  1047. 	tdsdump_log(TDS_DBG_ERROR, "instance port is %d\n", port);
    1048. 

  1048. 	return port;
    1049. 

  1049. }
    1050. 

  1050. 

  1051. #if defined(_WIN32)
    1052. 

  1052. const char *
    1053. 

  1053. tds_prwsaerror( int erc ) 
    1054. 

  1054. {
    1055. 

  1055. 	switch(erc) {
    1056. 

  1056. 	case WSAEINTR: /* 10004 */
    1057. 

  1057. 		return "WSAEINTR: Interrupted function call.";
    1058. 

  1058. 	case WSAEACCES: /* 10013 */
    1059. 

  1059. 		return "WSAEACCES: Permission denied.";
    1060. 

  1060. 	case WSAEFAULT: /* 10014 */
    1061. 

  1061. 		return "WSAEFAULT: Bad address.";
    1062. 

  1062. 	case WSAEINVAL: /* 10022 */
    1063. 

  1063. 		return "WSAEINVAL: Invalid argument.";
    1064. 

  1064. 	case WSAEMFILE: /* 10024 */
    1065. 

  1065. 		return "WSAEMFILE: Too many open files.";
    1066. 

  1066. 	case WSAEWOULDBLOCK: /* 10035 */
    1067. 

  1067. 		return "WSAEWOULDBLOCK: Resource temporarily unavailable.";
    1068. 

  1068. 	case WSAEINPROGRESS: /* 10036 */
    1069. 

  1069. 		return "WSAEINPROGRESS: Operation now in progress.";
    1070. 

  1070. 	case WSAEALREADY: /* 10037 */
    1071. 

  1071. 		return "WSAEALREADY: Operation already in progress.";
    1072. 

  1072. 	case WSAENOTSOCK: /* 10038 */
    1073. 

  1073. 		return "WSAENOTSOCK: Socket operation on nonsocket.";
    1074. 

  1074. 	case WSAEDESTADDRREQ: /* 10039 */
    1075. 

  1075. 		return "WSAEDESTADDRREQ: Destination address required.";
    1076. 

  1076. 	case WSAEMSGSIZE: /* 10040 */
    1077. 

  1077. 		return "WSAEMSGSIZE: Message too long.";
    1078. 

  1078. 	case WSAEPROTOTYPE: /* 10041 */
    1079. 

  1079. 		return "WSAEPROTOTYPE: Protocol wrong type for socket.";
    1080. 

  1080. 	case WSAENOPROTOOPT: /* 10042 */
    1081. 

  1081. 		return "WSAENOPROTOOPT: Bad protocol option.";
    1082. 

  1082. 	case WSAEPROTONOSUPPORT: /* 10043 */
    1083. 

  1083. 		return "WSAEPROTONOSUPPORT: Protocol not supported.";
    1084. 

  1084. 	case WSAESOCKTNOSUPPORT: /* 10044 */
    1085. 

  1085. 		return "WSAESOCKTNOSUPPORT: Socket type not supported.";
    1086. 

  1086. 	case WSAEOPNOTSUPP: /* 10045 */
    1087. 

  1087. 		return "WSAEOPNOTSUPP: Operation not supported.";
    1088. 

  1088. 	case WSAEPFNOSUPPORT: /* 10046 */
    1089. 

  1089. 		return "WSAEPFNOSUPPORT: Protocol family not supported.";
    1090. 

  1090. 	case WSAEAFNOSUPPORT: /* 10047 */
    1091. 

  1091. 		return "WSAEAFNOSUPPORT: Address family not supported by protocol family.";
    1092. 

  1092. 	case WSAEADDRINUSE: /* 10048 */
    1093. 

  1093. 		return "WSAEADDRINUSE: Address already in use.";
    1094. 

  1094. 	case WSAEADDRNOTAVAIL: /* 10049 */
    1095. 

  1095. 		return "WSAEADDRNOTAVAIL: Cannot assign requested address.";
    1096. 

  1096. 	case WSAENETDOWN: /* 10050 */
    1097. 

  1097. 		return "WSAENETDOWN: Network is down.";
    1098. 

  1098. 	case WSAENETUNREACH: /* 10051 */
    1099. 

  1099. 		return "WSAENETUNREACH: Network is unreachable.";
    1100. 

  1100. 	case WSAENETRESET: /* 10052 */
    1101. 

  1101. 		return "WSAENETRESET: Network dropped connection on reset.";
    1102. 

  1102. 	case WSAECONNABORTED: /* 10053 */
    1103. 

  1103. 		return "WSAECONNABORTED: Software caused connection abort.";
    1104. 

  1104. 	case WSAECONNRESET: /* 10054 */
    1105. 

  1105. 		return "WSAECONNRESET: Connection reset by peer.";
    1106. 

  1106. 	case WSAENOBUFS: /* 10055 */
    1107. 

  1107. 		return "WSAENOBUFS: No buffer space available.";
    1108. 

  1108. 	case WSAEISCONN: /* 10056 */
    1109. 

  1109. 		return "WSAEISCONN: Socket is already connected.";
    1110. 

  1110. 	case WSAENOTCONN: /* 10057 */
    1111. 

  1111. 		return "WSAENOTCONN: Socket is not connected.";
    1112. 

  1112. 	case WSAESHUTDOWN: /* 10058 */
    1113. 

  1113. 		return "WSAESHUTDOWN: Cannot send after socket shutdown.";
    1114. 

  1114. 	case WSAETIMEDOUT: /* 10060 */
    1115. 

  1115. 		return "WSAETIMEDOUT: Connection timed out.";
    1116. 

  1116. 	case WSAECONNREFUSED: /* 10061 */
    1117. 

  1117. 		return "WSAECONNREFUSED: Connection refused.";
    1118. 

  1118. 	case WSAEHOSTDOWN: /* 10064 */
    1119. 

  1119. 		return "WSAEHOSTDOWN: Host is down.";
    1120. 

  1120. 	case WSAEHOSTUNREACH: /* 10065 */
    1121. 

  1121. 		return "WSAEHOSTUNREACH: No route to host.";
    1122. 

  1122. 	case WSAEPROCLIM: /* 10067 */
    1123. 

  1123. 		return "WSAEPROCLIM: Too many processes.";
    1124. 

  1124. 	case WSASYSNOTREADY: /* 10091 */
    1125. 

  1125. 		return "WSASYSNOTREADY: Network subsystem is unavailable.";
    1126. 

  1126. 	case WSAVERNOTSUPPORTED: /* 10092 */
    1127. 

  1127. 		return "WSAVERNOTSUPPORTED: Winsock.dll version out of range.";
    1128. 

  1128. 	case WSANOTINITIALISED: /* 10093 */
    1129. 

  1129. 		return "WSANOTINITIALISED: Successful WSAStartup not yet performed.";
    1130. 

  1130. 	case WSAEDISCON: /* 10101 */
    1131. 

  1131. 		return "WSAEDISCON: Graceful shutdown in progress.";
    1132. 

  1132. 	case WSATYPE_NOT_FOUND: /* 10109 */
    1133. 

  1133. 		return "WSATYPE_NOT_FOUND: Class type not found.";
    1134. 

  1134. 	case WSAHOST_NOT_FOUND: /* 11001 */
    1135. 

  1135. 		return "WSAHOST_NOT_FOUND: Host not found.";
    1136. 

  1136. 	case WSATRY_AGAIN: /* 11002 */
    1137. 

  1137. 		return "WSATRY_AGAIN: Nonauthoritative host not found.";
    1138. 

  1138. 	case WSANO_RECOVERY: /* 11003 */
    1139. 

  1139. 		return "WSANO_RECOVERY: This is a nonrecoverable error.";
    1140. 

  1140. 	case WSANO_DATA: /* 11004 */
    1141. 

  1141. 		return "WSANO_DATA: Valid name, no data record of requested type.";
    1142. 

  1142. 	case WSA_INVALID_HANDLE: /* OS dependent */
    1143. 

  1143. 		return "WSA_INVALID_HANDLE: Specified event object handle is invalid.";
    1144. 

  1144. 	case WSA_INVALID_PARAMETER: /* OS dependent */
    1145. 

  1145. 		return "WSA_INVALID_PARAMETER: One or more parameters are invalid.";
    1146. 

  1146. 	case WSA_IO_INCOMPLETE: /* OS dependent */
    1147. 

  1147. 		return "WSA_IO_INCOMPLETE: Overlapped I/O event object not in signaled state.";
    1148. 

  1148. 	case WSA_IO_PENDING: /* OS dependent */
    1149. 

  1149. 		return "WSA_IO_PENDING: Overlapped operations will complete later.";
    1150. 

  1150. 	case WSA_NOT_ENOUGH_MEMORY: /* OS dependent */
    1151. 

  1151. 		return "WSA_NOT_ENOUGH_MEMORY: Insufficient memory available.";
    1152. 

  1152. 	case WSA_OPERATION_ABORTED: /* OS dependent */
    1153. 

  1153. 		return "WSA_OPERATION_ABORTED: Overlapped operation aborted.";
    1154. 

  1154. #if defined(WSAINVALIDPROCTABLE)
    1155. 

  1155. 	case WSAINVALIDPROCTABLE: /* OS dependent */
    1156. 

  1156. 		return "WSAINVALIDPROCTABLE: Invalid procedure table from service provider.";
    1157. 

  1157. #endif
    1158. 

  1158. #if defined(WSAINVALIDPROVIDER)
    1159. 

  1159. 	case WSAINVALIDPROVIDER: /* OS dependent */
    1160. 

  1160. 		return "WSAINVALIDPROVIDER: Invalid service provider version number.";
    1161. 

  1161. #endif
    1162. 

  1162. #if defined(WSAPROVIDERFAILEDINIT)
    1163. 

  1163. 	case WSAPROVIDERFAILEDINIT: /* OS dependent */
    1164. 

  1164. 		return "WSAPROVIDERFAILEDINIT: Unable to initialize a service provider.";
    1165. 

  1165. #endif
    1166. 

  1166. 	case WSASYSCALLFAILURE: /* OS dependent */
    1167. 

  1167. 		return "WSASYSCALLFAILURE: System call failure.";
    1168. 

  1168. 	}
    1169. 

  1169. 	return "undocumented WSA error code";
    1170. 

  1170. }
    1171. 

  1171. #endif
    1172. 

  1172. 

  1173. #if defined(HAVE_GNUTLS) || defined(HAVE_OPENSSL)
    1174. 

  1174. 

  1175. #ifdef HAVE_GNUTLS
    1176. 

  1176. #define SSL_RET ssize_t
    1177. 

  1177. #define SSL_PULL_ARGS gnutls_transport_ptr ptr, void *data, size_t len
    1178. 

  1178. #define SSL_PUSH_ARGS gnutls_transport_ptr ptr, const void *data, size_t len
    1179. 

  1179. #define SSL_PTR ptr
    1180. 

  1180. #else
    1181. 

  1181. #define SSL_RET int
    1182. 

  1182. #define SSL_PULL_ARGS BIO *bio, char *data, int len
    1183. 

  1183. #define SSL_PUSH_ARGS BIO *bio, const char *data, int len
    1184. 

  1184. #define SSL_PTR bio->ptr
    1185. 

  1185. #endif
    1186. 

  1186. 

  1187. static SSL_RET
    1188. 

  1188. tds_pull_func_login(SSL_PULL_ARGS)
    1189. 

  1189. {
    1190. 

  1190. 	TDSSOCKET *tds = (TDSSOCKET *) SSL_PTR;
    1191. 

  1191. 	int have;
    1192. 

  1192. 

  1193. 	tdsdump_log(TDS_DBG_INFO1, "in tds_pull_func_login\n");
    1194. 

  1194. 	
    1195. 

  1195. 	/* here we are initializing (crypted inside TDS packets) */
    1196. 

  1196. 

  1197. 	/* if we have some data send it */
    1198. 

  1198. 	/* here MARS is not already initialized so test is correct */
    1199. 

  1199. 	/* TODO test even after initializing ?? */
    1200. 

  1200. 	if (tds->out_pos > 8)
    1201. 

  1201. 		tds_flush_packet(tds);
    1202. 

  1202. 

  1203. 	for(;;) {
    1204. 

  1204. 		have = tds->in_len - tds->in_pos;
    1205. 

  1205. 		tdsdump_log(TDS_DBG_INFO1, "have %d\n", have);
    1206. 

  1206. 		assert(have >= 0);
    1207. 

  1207. 		if (have > 0)
    1208. 

  1208. 			break;
    1209. 

  1209. 		tdsdump_log(TDS_DBG_INFO1, "before read\n");
    1210. 

  1210. 		if (tds_read_packet(tds) < 0)
    1211. 

  1211. 			return -1;
    1212. 

  1212. 		tdsdump_log(TDS_DBG_INFO1, "after read\n");
    1213. 

  1213. 	}
    1214. 

  1214. 	if (len > have)
    1215. 

  1215. 		len = have;
    1216. 

  1216. 	tdsdump_log(TDS_DBG_INFO1, "read %lu bytes\n", (unsigned long int) len);
    1217. 

  1217. 	memcpy(data, tds->in_buf + tds->in_pos, len);
    1218. 

  1218. 	tds->in_pos += len;
    1219. 

  1219. 	return len;
    1220. 

  1220. }
    1221. 

  1221. 

  1222. static SSL_RET
    1223. 

  1223. tds_push_func_login(SSL_PUSH_ARGS)
    1224. 

  1224. {
    1225. 

  1225. 	TDSSOCKET *tds = (TDSSOCKET *) SSL_PTR;
    1226. 

  1226. 

  1227. 	tdsdump_log(TDS_DBG_INFO1, "in tds_push_func_login\n");
    1228. 

  1228. 

  1229. 	/* initializing SSL, write crypted data inside normal TDS packets */
    1230. 

  1230. 	tds_put_n(tds, data, len);
    1231. 

  1231. 	return len;
    1232. 

  1232. }
    1233. 

  1233. 

  1234. static SSL_RET
    1235. 

  1235. tds_pull_func(SSL_PULL_ARGS)
    1236. 

  1236. {
    1237. 

  1237. 	TDSCONNECTION *conn = (TDSCONNECTION *) SSL_PTR;
    1238. 

  1238. 	TDSSOCKET *tds;
    1239. 

  1239. 

  1240. 	tdsdump_log(TDS_DBG_INFO1, "in tds_pull_func\n");
    1241. 

  1241. 

  1242. #if ENABLE_ODBC_MARS
    1243. 

  1243. 	tds = conn->in_net_tds;
    1244. 

  1244. 	assert(tds);
    1245. 

  1245. #else
    1246. 

  1246. 	tds = (TDSSOCKET *) conn;
    1247. 

  1247. #endif
    1248. 

  1248. 

  1249. 	/* already initialized (crypted TDS packets) */
    1250. 

  1250. 

  1251. 	/* read directly from socket */
    1252. 

  1252. 	/* TODO we block write on other sessions */
    1253. 

  1253. 	/* also we should already have tested for data on socket */
    1254. 

  1254. 	return tds_goodread(tds, (unsigned char*) data, len);
    1255. 

  1255. }
    1256. 

  1256. 

  1257. static SSL_RET
    1258. 

  1258. tds_push_func(SSL_PUSH_ARGS)
    1259. 

  1259. {
    1260. 

  1260. 	TDSCONNECTION *conn = (TDSCONNECTION *) SSL_PTR;
    1261. 

  1261. 	TDSSOCKET *tds;
    1262. 

  1262. 

  1263. 	tdsdump_log(TDS_DBG_INFO1, "in tds_push_func\n");
    1264. 

  1264. 

  1265. 	/* write to socket directly */
    1266. 

  1266. 	/* TODO use cork if available here to flush only on last chunk of packet ?? */
    1267. 

  1267. #if ENABLE_ODBC_MARS
    1268. 

  1268. 	tds = conn->in_net_tds;
    1269. 

  1269. 	/* FIXME with SMP trick to detect final is not ok */
    1270. 

  1270. 	return tds_goodwrite(tds, (const unsigned char*) data, len,
    1271. 

  1271. 			     conn->send_packets->next == NULL);
    1272. 

  1272. #else
    1273. 

  1273. 	tds = (TDSSOCKET *) conn;
    1274. 

  1274. 	return tds_goodwrite(tds, (const unsigned char*) data, len, tds->out_buf[1]);
    1275. 

  1275. #endif
    1276. 

  1276. }
    1277. 

  1277. 

  1278. static int tls_initialized = 0;
    1279. 

  1279. static tds_mutex tls_mutex = TDS_MUTEX_INITIALIZER;
    1280. 

  1280. 

  1281. #ifdef HAVE_GNUTLS
    1282. 

  1282. 

  1283. static void
    1284. 

  1284. tds_tls_log( int level, const char* s)
    1285. 

  1285. {
    1286. 

  1286. 	tdsdump_log(TDS_DBG_INFO1, "GNUTLS: level %d:\n  %s", level, s);
    1287. 

  1287. }
    1288. 

  1288. 

  1289. #ifdef TDS_ATTRIBUTE_DESTRUCTOR
    1290. 

  1290. static void __attribute__((destructor))
    1291. 

  1291. tds_tls_deinit(void)
    1292. 

  1292. {
    1293. 

  1293. 	if (tls_initialized)
    1294. 

  1294. 		gnutls_global_deinit();
    1295. 

  1295. }
    1296. 

  1296. #endif
    1297. 

  1297. 

  1298. #if defined(_THREAD_SAFE) && defined(TDS_HAVE_PTHREAD_MUTEX)
    1299. 

  1299. GCRY_THREAD_OPTION_PTHREAD_IMPL;
    1300. 

  1300. #define tds_gcry_init() gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread)
    1301. 

  1301. #else
    1302. 

  1302. #define tds_gcry_init() do {} while(0)
    1303. 

  1303. #endif
    1304. 

  1304. 

  1305. TDSRET
    1306. 

  1306. tds_ssl_init(TDSSOCKET *tds)
    1307. 

  1307. {
    1308. 

  1308. 	gnutls_session session;
    1309. 

  1309. 	gnutls_certificate_credentials xcred;
    1310. 

  1310. 

  1311. 	static const int kx_priority[] = {
    1312. 

  1312. 		GNUTLS_KX_RSA_EXPORT, 
    1313. 

  1313. 		GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, 
    1314. 

  1314. 		0
    1315. 

  1315. 	};
    1316. 

  1316. 	static const int cipher_priority[] = {
    1317. 

  1317. 		GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
    1318. 

  1318. 		GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128,
    1319. 

  1319. #if 0
    1320. 

  1320. 		GNUTLS_CIPHER_ARCFOUR_40,
    1321. 

  1321. 		GNUTLS_CIPHER_DES_CBC,
    1322. 

  1322. #endif
    1323. 

  1323. 		0
    1324. 

  1324. 	};
    1325. 

  1325. 	static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 };
    1326. 

  1326. 	static const int mac_priority[] = {
    1327. 

  1327. 		GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0
    1328. 

  1328. 	};
    1329. 

  1329. 	int ret;
    1330. 

  1330. 	const char *tls_msg;
    1331. 

  1331. 

  1332. 	xcred = NULL;
    1333. 

  1333. 	session = NULL;	
    1334. 

  1334. 	tls_msg = "initializing tls";
    1335. 

  1335. 

  1336. 	/* FIXME place somewhere else, deinit at end */
    1337. 

  1337. 	ret = 0;
    1338. 

  1338. 	if (!tls_initialized) {
    1339. 

  1339. 		tds_mutex_lock(&tls_mutex);
    1340. 

  1340. 		if (!tls_initialized) {
    1341. 

  1341. 			tds_gcry_init();
    1342. 

  1342. 			ret = gnutls_global_init();
    1343. 

  1343. 			if (ret == 0) {
    1344. 

  1344. 				gnutls_global_set_log_level(11);
    1345. 

  1345. 				gnutls_global_set_log_function(tds_tls_log);
    1346. 

  1346. 				tls_initialized = 1;
    1347. 

  1347. 			}
    1348. 

  1348. 		}
    1349. 

  1349. 		tds_mutex_unlock(&tls_mutex);
    1350. 

  1350. 	}
    1351. 

  1351. 	if (ret == 0) {
    1352. 

  1352. 		tls_msg = "allocating credentials";
    1353. 

  1353. 		ret = gnutls_certificate_allocate_credentials(&xcred);
    1354. 

  1354. 	}
    1355. 

  1355. 

  1356. 	if (ret == 0) {
    1357. 

  1357. 		/* Initialize TLS session */
    1358. 

  1358. 		tls_msg = "initializing session";
    1359. 

  1359. 		ret = gnutls_init(&session, GNUTLS_CLIENT);
    1360. 

  1360. 	}
    1361. 

  1361. 	
    1362. 

  1362. 	if (ret == 0) {
    1363. 

  1363. 		gnutls_transport_set_ptr(session, tds);
    1364. 

  1364. 		gnutls_transport_set_pull_function(session, tds_pull_func_login);
    1365. 

  1365. 		gnutls_transport_set_push_function(session, tds_push_func_login);
    1366. 

  1366. 

  1367. 		/* NOTE: there functions return int however they cannot fail */
    1368. 

  1368. 

  1369. 		/* use default priorities... */
    1370. 

  1370. 		gnutls_set_default_priority(session);
    1371. 

  1371. 

  1372. 		/* ... but overwrite some */
    1373. 

  1373. 		gnutls_cipher_set_priority(session, cipher_priority);
    1374. 

  1374. 		gnutls_compression_set_priority(session, comp_priority);
    1375. 

  1375. 		gnutls_kx_set_priority(session, kx_priority);
    1376. 

  1376. 		gnutls_mac_set_priority(session, mac_priority);
    1377. 

  1377. 		/* mssql does not like padding too much */
    1378. 

  1378. #ifdef HAVE_GNUTLS_RECORD_DISABLE_PADDING
    1379. 

  1379. 		gnutls_record_disable_padding(session);
    1380. 

  1380. #endif
    1381. 

  1381. 

  1382. 		/* put the anonymous credentials to the current session */
    1383. 

  1383. 		tls_msg = "setting credential";
    1384. 

  1384. 		ret = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
    1385. 

  1385. 	}
    1386. 

  1386. 	
    1387. 

  1387. 	if (ret == 0) {
    1388. 

  1388. 		/* Perform the TLS handshake */
    1389. 

  1389. 		tls_msg = "handshake";
    1390. 

  1390. 		ret = gnutls_handshake (session);
    1391. 

  1391. 	}
    1392. 

  1392. 

  1393. 	if (ret != 0) {
    1394. 

  1394. 		if (session)
    1395. 

  1395. 			gnutls_deinit(session);
    1396. 

  1396. 		if (xcred)
    1397. 

  1397. 			gnutls_certificate_free_credentials(xcred);
    1398. 

  1398. 		tdsdump_log(TDS_DBG_ERROR, "%s failed: %s\n", tls_msg, gnutls_strerror (ret));
    1399. 

  1399. 		return TDS_FAIL;
    1400. 

  1400. 	}
    1401. 

  1401. 

  1402. 	tdsdump_log(TDS_DBG_INFO1, "handshake succeeded!!\n");
    1403. 

  1403. 

  1404. 	gnutls_transport_set_ptr(session, tds->conn);
    1405. 

  1405. 	gnutls_transport_set_pull_function(session, tds_pull_func);
    1406. 

  1406. 	gnutls_transport_set_push_function(session, tds_push_func);
    1407. 

  1407. 

  1408. 	tds->conn->tls_session = session;
    1409. 

  1409. 	tds->conn->tls_credentials = xcred;
    1410. 

  1410. 

  1411. 	return TDS_SUCCESS;
    1412. 

  1412. }
    1413. 

  1413. 

  1414. void
    1415. 

  1415. tds_ssl_deinit(TDSCONNECTION *conn)
    1416. 

  1416. {
    1417. 

  1417. 	if (conn->tls_session) {
    1418. 

  1418. 		gnutls_deinit((gnutls_session) conn->tls_session);
    1419. 

  1419. 		conn->tls_session = NULL;
    1420. 

  1420. 	}
    1421. 

  1421. 	if (conn->tls_credentials) {
    1422. 

  1422. 		gnutls_certificate_free_credentials((gnutls_certificate_credentials) conn->tls_credentials);
    1423. 

  1423. 		conn->tls_credentials = NULL;
    1424. 

  1424. 	}
    1425. 

  1425. }
    1426. 

  1426. 

  1427. #else
    1428. 

  1428. static long
    1429. 

  1429. tds_ssl_ctrl_login(BIO *b, int cmd, long num, void *ptr)
    1430. 

  1430. {
    1431. 

  1431. 	TDSSOCKET *tds = (TDSSOCKET *) b->ptr;
    1432. 

  1432. 

  1433. 	switch (cmd) {
    1434. 

  1434. 	case BIO_CTRL_FLUSH:
    1435. 

  1435. 		if (tds->out_pos > 8)
    1436. 

  1436. 			tds_flush_packet(tds);
    1437. 

  1437. 		return 1;
    1438. 

  1438. 	}
    1439. 

  1439. 	return 0;
    1440. 

  1440. }
    1441. 

  1441. 

  1442. static int
    1443. 

  1443. tds_ssl_free(BIO *a)
    1444. 

  1444. {
    1445. 

  1445. 	/* nothing to do but required */
    1446. 

  1446. 	return 1;
    1447. 

  1447. }
    1448. 

  1448. 

  1449. static BIO_METHOD tds_method_login =
    1450. 

  1450. {
    1451. 

  1451. 	BIO_TYPE_MEM,
    1452. 

  1452. 	"tds",
    1453. 

  1453. 	tds_push_func_login,
    1454. 

  1454. 	tds_pull_func_login,
    1455. 

  1455. 	NULL,
    1456. 

  1456. 	NULL,
    1457. 

  1457. 	tds_ssl_ctrl_login,
    1458. 

  1458. 	NULL,
    1459. 

  1459. 	tds_ssl_free,
    1460. 

  1460. 	NULL,
    1461. 

  1461. };
    1462. 

  1462. 

  1463. static BIO_METHOD tds_method =
    1464. 

  1464. {
    1465. 

  1465. 	BIO_TYPE_MEM,
    1466. 

  1466. 	"tds",
    1467. 

  1467. 	tds_push_func,
    1468. 

  1468. 	tds_pull_func,
    1469. 

  1469. 	NULL,
    1470. 

  1470. 	NULL,
    1471. 

  1471. 	NULL,
    1472. 

  1472. 	NULL,
    1473. 

  1473. 	tds_ssl_free,
    1474. 

  1474. 	NULL,
    1475. 

  1475. };
    1476. 

  1476. 

  1477. 

  1478. static SSL_CTX *
    1479. 

  1479. tds_init_openssl(void)
    1480. 

  1480. {
    1481. 

  1481. 	const SSL_METHOD *meth;
    1482. 

  1482. 

  1483. 	if (!tls_initialized) {
    1484. 

  1484. 		tds_mutex_lock(&tls_mutex);
    1485. 

  1485. 		if (!tls_initialized) {
    1486. 

  1486. 			SSL_library_init();
    1487. 

  1487. 			tls_initialized = 1;
    1488. 

  1488. 		}
    1489. 

  1489. 		tds_mutex_unlock(&tls_mutex);
    1490. 

  1490. 	}
    1491. 

  1491. 	meth = TLSv1_client_method ();
    1492. 

  1492. 	if (meth == NULL)
    1493. 

  1493. 		return NULL;
    1494. 

  1494. 	return SSL_CTX_new (meth);
    1495. 

  1495. }
    1496. 

  1496. 

  1497. int
    1498. 

  1498. tds_ssl_init(TDSSOCKET *tds)
    1499. 

  1499. {
    1500. 

  1500. #define OPENSSL_CIPHERS \
    1501. 

  1501. 	"DHE-RSA-AES256-SHA DHE-DSS-AES256-SHA " \
    1502. 

  1502. 	"AES256-SHA EDH-RSA-DES-CBC3-SHA " \
    1503. 

  1503. 	"EDH-DSS-DES-CBC3-SHA DES-CBC3-SHA " \
    1504. 

  1504. 	"DES-CBC3-MD5 DHE-RSA-AES128-SHA " \
    1505. 

  1505. 	"DHE-DSS-AES128-SHA AES128-SHA RC2-CBC-MD5 RC4-SHA RC4-MD5"
    1506. 

  1506. 

  1507. 	SSL *con;
    1508. 

  1508. 	BIO *b, *b2;
    1509. 

  1509. 

  1510. 	int ret;
    1511. 

  1511. 	const char *tls_msg;
    1512. 

  1512. 

  1513. 	con = NULL;
    1514. 

  1514. 	b = NULL;
    1515. 

  1515. 	b2 = NULL;
    1516. 

  1516. 	ret = 1;
    1517. 

  1517. 

  1518. 	tls_msg = "initializing tls";
    1519. 

  1519. 	if (tds->conn->tls_ctx == NULL)
    1520. 

  1520. 		tds->conn->tls_ctx = tds_init_openssl();
    1521. 

  1521. 

  1522. 	if (tds->conn->tls_ctx) {
    1523. 

  1523. 		/* Initialize TLS session */
    1524. 

  1524. 		tls_msg = "initializing session";
    1525. 

  1525. 		con = SSL_new(tds->conn->tls_ctx);
    1526. 

  1526. 	}
    1527. 

  1527. 	
    1528. 

  1528. 	if (con) {
    1529. 

  1529. 		tls_msg = "creating bio";
    1530. 

  1530. 		b = BIO_new(&tds_method_login);
    1531. 

  1531. 	}
    1532. 

  1532. 

  1533. 	if (b) {
    1534. 

  1534. 		b2 = BIO_new(&tds_method);
    1535. 

  1535. 	}
    1536. 

  1536. 

  1537. 	if (b2) {
    1538. 

  1538. 		b->shutdown=1;
    1539. 

  1539. 		b->init=1;
    1540. 

  1540. 		b->num= -1;
    1541. 

  1541. 		b->ptr = tds;
    1542. 

  1542. 		SSL_set_bio(con, b, b);
    1543. 

  1543. 		b = NULL;
    1544. 

  1544. 

  1545. 		/* use priorities... */
    1546. 

  1546. 		SSL_set_cipher_list(con, OPENSSL_CIPHERS);
    1547. 

  1547. 

  1548. #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
    1549. 

  1549. 		/* this disable a security improvement but allow connection... */
    1550. 

  1550. 		SSL_set_options(con, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
    1551. 

  1551. #endif
    1552. 

  1552. 

  1553. 		/* Perform the TLS handshake */
    1554. 

  1554. 		tls_msg = "handshake";
    1555. 

  1555. 		SSL_set_connect_state(con);
    1556. 

  1556. 		ret = SSL_connect(con) != 1 || con->state != SSL_ST_OK;
    1557. 

  1557. 	}
    1558. 

  1558. 

  1559. 	if (ret != 0) {
    1560. 

  1560. 		if (b2)
    1561. 

  1561. 			BIO_free(b2);
    1562. 

  1562. 		if (b)
    1563. 

  1563. 			BIO_free(b);
    1564. 

  1564. 		if (con) {
    1565. 

  1565. 			SSL_shutdown(con);
    1566. 

  1566. 			SSL_free(con);
    1567. 

  1567. 		}
    1568. 

  1568. 		SSL_CTX_free(tds->conn->tls_ctx);
    1569. 

  1569. 		tds->conn->tls_ctx = NULL;
    1570. 

  1570. 		tdsdump_log(TDS_DBG_ERROR, "%s failed\n", tls_msg);
    1571. 

  1571. 		return TDS_FAIL;
    1572. 

  1572. 	}
    1573. 

  1573. 

  1574. 	tdsdump_log(TDS_DBG_INFO1, "handshake succeeded!!\n");
    1575. 

  1575. 

  1576. 	b2->shutdown = 1;
    1577. 

  1577. 	b2->init = 1;
    1578. 

  1578. 	b2->num = -1;
    1579. 

  1579. 	b2->ptr = tds->conn;
    1580. 

  1580. 	SSL_set_bio(con, b2, b2);
    1581. 

  1581. 

  1582. 	tds->conn->tls_session = con;
    1583. 

  1583. 

  1584. 	return TDS_SUCCESS;
    1585. 

  1585. }
    1586. 

  1586. 

  1587. void
    1588. 

  1588. tds_ssl_deinit(TDSCONNECTION *conn)
    1589. 

  1589. {
    1590. 

  1590. 	if (conn->tls_session) {
    1591. 

  1591. 		/* NOTE do not call SSL_shutdown here */
    1592. 

  1592. 		SSL_free(conn->tls_session);
    1593. 

  1593. 		conn->tls_session = NULL;
    1594. 

  1594. 	}
    1595. 

  1595. 	if (conn->tls_ctx) {
    1596. 

  1596. 		SSL_CTX_free(conn->tls_ctx);
    1597. 

  1597. 		conn->tls_ctx = NULL;
    1598. 

  1598. 	}
    1599. 

  1599. }
    1600. 

  1600. #endif
    1601. 

  1601. 

  1602. #endif
    1603. 

  1603. /** @} */
    1604. 

  1604. 

  1605.