2.093 - another attempt do deal with one-sided SSL shutdown

Author: Steffen Ullrich

Changes

@@ -1,3 +1,7 @@
+2.093 2025/06/17
+- Another rework for one-sided SSL shutdown, to a) implement a useful and secure
+  behavior and b) without affecting existing applications. 2.092 had still
+  unwanted side effects
 2.092 2025/06/16
 - rework implementation and behavior for one-sided SSL shutdown. Implementation
   in 2.091 lead to some problems with Net::FTP and others.

MANIFEST

@@ -75,6 +75,7 @@ t/sni_verify.t
 t/startssl-failed.t
 t/startssl.t
 t/start-stopssl.t
+t/start-stopssl-with-cb.t
 t/sysread_write.t
 t/testlib.pl
 t/verify_fingerprint.t

lib/IO/Socket/SSL.pm

@@ -13,13 +13,13 @@
 
 package IO::Socket::SSL;
 
-our $VERSION = '2.092';
+our $VERSION = '2.093';
 
 use IO::Socket;
 use Net::SSLeay 1.46;
 use IO::Socket::SSL::PublicSuffix;
 use Exporter ();
-use Errno qw( EWOULDBLOCK EAGAIN ETIMEDOUT EINTR EPIPE );
+use Errno qw( EWOULDBLOCK EAGAIN ETIMEDOUT EINTR EPIPE EPERM );
 use Carp;
 use strict;
 
@@ -1209,16 +1209,23 @@ sub _generic_read {
 	    if ($status & SSL_SENT_SHUTDOWN) {
 		# fully done, close SSL object - no need to call shutdown again
 		$self->stop_SSL(SSL_no_shutdown => 1);
+	    } elsif (my $cb = ${*$self}{_SSL_arguments}{SSL_on_peer_shutdown}) {
+		# Mark as half done but leave further handling to callback
+		${*$self}{_SSL_read_closed} = 1;
+		return $cb->($self);
 	    } else {
-		# mark read side as automatically closed
-		# _SSL_read_closed is
-		# -1: SSL shutdown done, but not acknowledged by user
-		#  1: SSL shutdown acknowledged by the user
-		${*$self}{_SSL_read_closed} = -1;
+		# Half done, send also close notify
+		# Don't destruct _SSL_object since code might still rely on
+		# having access to it. Leave this to explicit stop_SSL or close.
+		local $SIG{PIPE} = 'IGNORE';
+		$SSL_ERROR = $! = undef;
+		Net::SSLeay::shutdown($ssl);
+		# Use "-1" to mark as automatic closed and thus require action
+		# before reading/sending plain data
+		${*$self}{_SSL_read_closed} = ${*$self}{_SSL_write_closed} = -1;
 	    }
 	}
-	$! = EAGAIN;
-	return;
+	return 0;
     }
 
     $$buffer = '' if !defined $$buffer;
@@ -1244,8 +1251,7 @@ sub _handle_read_closed_unack {
     # reading eof is fine, reading plain data is not
     return if ! defined recv($self,my $buf,1,MSG_PEEK);
     return 0 if $buf eq '';
-    carp "got SSL shutdown by peer, call stop_SSL(SSL_ack_read_closed => 1) before reading plain data";
-    $! = EAGAIN;
+    $! = EPERM;
     return;
 }
 
@@ -1285,10 +1291,7 @@ sub peek {
 	return _generic_read( $self, $ssl, 1, \&Net::SSLeay::peek, @_ );
     }
 
-    if ($rc<0) {
-	carp "got SSL shutdown by peer, call stop_SSL(SSL_ack_read_closed => 1) before reading plain data";
-	return;
-    }
+    return _handle_read_closed_unack($self) if $rc<0;
 
     # fall back to plain peek if we are not required to use SSL yet
     # emulate peek with recv(...,MSG_PEEK) - peek(buf,len,offset)
@@ -1337,11 +1340,17 @@ sub _generic_write {
 # if all data are written
 sub write {
     my $self = shift;
-    my $wc = ${*$self}{_SSL_write_closed};
+    my $wc = ${*$self}{_SSL_write_closed} || 0;
     if (my $ssl = !$wc && ${*$self}{_SSL_object}) {
 	return _generic_write( $self, $ssl, scalar($self->blocking),@_ );
     }
 
+    # don't write plain after automtic SSL shutdown
+    if ($wc<0) {
+	$! = EPERM;
+	return;
+    }
+
     # fall back to plain write if we are not required to use SSL yet
     return ($wc ? _rawfd($self) : $self)->SUPER::write(@_);
 }
@@ -1350,11 +1359,17 @@ sub write {
 # a part of the data is written
 sub syswrite {
     my $self = shift;
-    my $wc = ${*$self}{_SSL_write_closed};
+    my $wc = ${*$self}{_SSL_write_closed} || 0;
     if (my $ssl = !$wc && ${*$self}{_SSL_object}) {
 	return _generic_write($self,$ssl,0,@_);
     }
 
+    # don't write plain after automtic SSL shutdown
+    if ($wc<0) {
+	$! = EPERM;
+	return;
+    }
+
     # fall back to plain syswrite if we are not required to use SSL yet
     return ($wc ? _rawfd($self) : $self)->SUPER::syswrite(@_);
 }
@@ -1519,10 +1534,6 @@ sub stop_SSL {
     if (my $ssl = ${*$self}{'_SSL_object'}) {
 	if (delete ${*$self}{'_SSL_opening'}) {
 	    # just destroy the object further below
-	} elsif ($stop_args->{SSL_ack_read_closed} ) {
-	    return 0 if !${*$self}{_SSL_read_closed}; # not (automatically) closed
-	    ${*$self}{_SSL_read_closed} = 1; # accept as closed
-	    return 1;
 	} elsif ( ! $stop_args->{SSL_no_shutdown} ) {
 	    my $status = Net::SSLeay::get_shutdown($ssl);
 
@@ -1602,8 +1613,8 @@ sub stop_SSL {
 	if (my $cert = delete ${*$self}{'_SSL_certificate'}) {
 	    Net::SSLeay::X509_free($cert);
 	}
-	delete ${*$self}{_SSL_object};
-	delete ${*$self}{_SSL_rawfd};
+	delete @{*$self}{
+	    qw(_SSL_object _SSL_write_closed _SSL_read_closed _SSL_rawfd)};
 	${*$self}{'_SSL_opened'} = 0;
 	delete $SSL_OBJECT{$ssl};
 	delete $CREATED_IN_THIS_THREAD{$ssl};

lib/IO/Socket/SSL.pod

@@ -1,4 +1,4 @@
-
+CK
 =head1 NAME
 
 IO::Socket::SSL - SSL sockets with IO::Socket interface
@@ -1559,6 +1559,12 @@ Example:
 
     my $srv = IO::Socket::SSL->new(..., SSL_ticket_keycb => $keycb);
 
+=item SSL_on_peer_shutdown CODE
+
+This defines a callback which gets called on receiving SSL shutdown (close
+notify) from the peer. This can be used to override the default behavior, see
+C<stop_SSL> for more.
+
 =item SSL_mode_release_buffers 1|0
 
 This enables or disables the SSL_MODE_RELEASE_BUFFERS option on the SSL object.
@@ -1905,6 +1911,14 @@ This returns false if the socket could not be opened, 1 if the socket could be
 opened and the SSL handshake was successful done and -1 if the underlying
 IO::Handle is open, but the SSL handshake failed.
 
+=item B<is_SSL()>
+
+This returns undefined if there is no SSL object associated with the socket.
+It will return C<rw> if the state of the SSL object has SSL active for both
+directions, C<r> if there was a locally initiated SSL shutdown (close notify),
+C<w> if a remote SSL shutdown was received and C<> (empty string but defined) if
+a bidirectional SSL shutdown was done.
+
 =item B<< IO::Socket::SSL->start_SSL($socket, ... ) >>
 
 This will convert a glob reference or a socket that you provide to an
@@ -1953,15 +1967,20 @@ Even if the SSL shutdown is only done for writing (C<SSL_fast_shutdown>) plain
 data can be immediately written.
 
 If the SSL shutdown was initiated by the peer it will lead to an implicit SSL
-shutdown for reading and sysread will return undef with errno EAGAIN once in
-this case. After this the socket is ready to receive plain data from the peer.
-But to keep the program in control when encrypted and when plain data are
-received the plain read will only be done if either a full SSL shutdown was
-explicitly issued by calling C<stop_SSL> or if the one sided SSL shutdown from
-the peer is explicitly acknowledged by calling C<stop_SSL> with
-C<SSL_ack_read_closed> set to true. Without this reading will just check
-if the socket is closed and without this issue a warning and return undef with
-EAGAIN.
+shutdown for reading and sysread will return with 0 in this case. It will also
+SSL shutdown the local side. After this the socket is ready to receive plain
+data from the peer and locally send data will also be transmitted in plain. To
+prevent accidental sending/receiving plain data after such implicit SSL
+shutdown, the read and write functions will return undef with $ERRNO set to
+EPERM until an explicit stop_SSL was done. If the peer directly closes the TCP
+connection ater the SSL shutdown without sending plain data this will still be
+detected though.
+
+If this default behavior is not wanted a callback can be setup using
+C<SSL_on_peer_shutdown> which gets C<$self> as first argument. The result from
+the callback will then be returned instead of 0 and no local SSL shutdown will
+be automatically initiated. Similar no explicit stop_SSL is needed before
+receiving plain data since the callback is considered explicit action enough.
 
 =item B<connect_SSL>, B<accept_SSL>
 

t/start-stopssl-with-cb.t

@@ -0,0 +1,157 @@
+#!perl
+
+use strict;
+use warnings;
+use IO::Socket::INET;
+use IO::Socket::SSL;
+do './testlib.pl' || do './t/testlib.pl' || die "no testlib";
+
+$|=1;
+my @tests = qw( start stop start stop:write close );
+print "1..20\n";
+
+my $server = IO::Socket::INET->new(
+    LocalAddr => '127.0.0.1',
+    LocalPort => 0,
+    Listen => 2,
+) || die "not ok # tcp listen failed: $!\n";
+print "ok # listen\n";
+my $saddr = $server->sockhost.':'.$server->sockport;
+
+defined( my $pid = fork() ) || die $!;
+$pid ? server():client();
+wait;
+exit(0);
+
+
+sub client {
+    close($server);
+    my $client = IO::Socket::INET->new($saddr) or
+	die "not ok # client connect: $!\n";
+    $client->autoflush;
+    print "ok # client connect\n";
+
+    for my $test (@tests) {
+	alarm(15);
+	#print STDERR "begin test $test\n";
+	if ( $test eq 'start' ) {
+	    syswrite($client,"start\n");
+	    sleep(1); # avoid race condition, if client calls start but server is not yet available
+
+	    #print STDERR ">>$$(client) start\n";
+	    IO::Socket::SSL->start_SSL($client, SSL_verify_mode => 0 )
+		|| die "not ok # client::start_SSL: $SSL_ERROR\n";
+	    #print STDERR "<<$$(client) start\n";
+	    print "ok # client::start_SSL\n";
+
+	    ref($client) eq "IO::Socket::SSL" or print "not ";
+	    print "ok # client::class=".ref($client)."\n";
+
+	} elsif ( $test eq 'stop' ) {
+	    syswrite($client,"stop\n");
+	    $client->stop_SSL || die "not ok # client::stop_SSL\n";
+	    print "ok # client::stop_SSL\n";
+
+	    ref($client) eq "IO::Socket::INET" or print "not ";
+	    print "ok # client::class=".ref($client)."\n";
+
+	} elsif ( $test eq 'stop:write' ) {
+	    syswrite($client,"stop:write\n");
+	    $client->stop_SSL(SSL_fast_shutdown => 1)
+		|| die "not ok # client::stop_SSL\n";
+	    print "ok # client::stop_SSL(SSL_fast_shutdown => 1)\n";
+
+	    ref($client) eq "IO::Socket::SSL" or print "not ";
+	    print "ok # client::class=".ref($client)."\n";
+
+	    ${*$client}{_SSL_write_closed} or print "not ";
+	    print "ok # client _SSL_write_closed\n";
+
+	    # this should be send in plain
+	    syswrite($client, "after stop:write\n");
+
+	} elsif ( $test eq 'close' ) {
+	    syswrite($client,"close\n");
+	    my $class = ref($client);
+	    $client->close || die "not ok # client::close\n";
+	    print "ok # client::close\n";
+
+	    ref($client) eq $class or print "not ";
+	    print "ok # client::class=".ref($client)."\n";
+	    last;
+	}
+	#print STDERR "cont test $test\n";
+
+	sysread($client, my $line, 1024) or return;
+	die "'$line'" if $line ne "OK\n";
+    }
+}
+
+
+sub server {
+    my $client = $server->accept || die $!;
+    $client->autoflush;
+    my $peer_shutdown;
+    while (1) {
+	alarm(15);
+	sysread($client, my $line, 1024) or last;
+	chomp($line);
+	if ( $line eq 'start' ) {
+	    #print STDERR ">>$$ start\n";
+	    IO::Socket::SSL->start_SSL( $client,
+		SSL_server => 1,
+		SSL_cert_file => "t/certs/client-cert.pem",
+		SSL_key_file => "t/certs/client-key.pem",
+		SSL_on_peer_shutdown => sub {
+		    $peer_shutdown = 1;
+		    return;
+		}
+	    ) || die "not ok # server::start_SSL: $SSL_ERROR\n";
+	    #print STDERR "<<$$ start\n";
+
+	    ref($client) eq "IO::Socket::SSL" or print "not ";
+	    print "ok # server::class=".ref($client)."\n";
+	    syswrite($client,"OK\n");
+
+	} elsif ( $line eq 'stop' ) {
+	    $client->stop_SSL || die "not ok # server::stop_SSL\n";
+	    print "ok # server::stop_SSL\n";
+
+	    ref($client) eq "IO::Socket::INET" or print "not ";
+	    print "ok # server class=".ref($client)."\n";
+	    syswrite($client,"OK\n");
+
+	} elsif ( $line eq 'stop:write' ) {
+	    # expect undef + $peer_shutdown true - see SSL_on_peer_shutdown
+	    my $n = sysread($client, $line, 1);
+	    print "not " if defined $n or !$peer_shutdown;
+	    print "ok # server read ssl n=undef + peer_shutdown true\n";
+
+	    ref($client) eq "IO::Socket::SSL" or print "not ";
+	    print "ok # server class=".ref($client)."\n";
+
+	    ${*$client}{_SSL_read_closed} == 1 or print "not ";
+	    print "ok # server _SSL_read_closed == 1\n";
+
+	    # finish shutdown
+	    $client->stop_SSL() || die "not ok # server::stop_SSL\n";
+	    # _SSL_read_closed should be no longer there
+	    exists(${*$client}{_SSL_read_closed}) and print "not ";
+	    print "ok # server _SSL_read_closed gone\n";
+
+	    $n = sysread($client, $line, 100);
+	    print "not " if ! $line || $line ne "after stop:write\n";
+	    print "ok # server plain read: $line\n";
+	    syswrite($client,"OK\n");
+
+	} elsif ( $line eq 'close' ) {
+	    my $class = ref($client);
+	    $client->close || die "not ok # server::close\n";
+	    print "ok # server::close\n";
+
+	    ref($client) eq $class or print "not ";
+	    print "ok # server class=".ref($client)."\n";
+	    last;
+	}
+    }
+}