diff options
| author | Daniel P. Berrangé <berrange@redhat.com> | 2024-03-15 14:29:11 +0000 |
|---|---|---|
| committer | Daniel P. Berrangé <berrange@redhat.com> | 2024-07-24 10:39:10 +0100 |
| commit | 97f7bf113eb50fcdaf0c73aa2ee01e5355abc073 (patch) | |
| tree | 2efc788f71855eae6b5aebf68ead7e0a36c2cfcf | |
| parent | 57941c9c86357a6a642f9ee3279d881df4043b6d (diff) | |
crypto: propagate errors from TLS session I/O callbacks
GNUTLS doesn't know how to perform I/O on anything other than plain
FDs, so the TLS session provides it with some I/O callbacks. The
GNUTLS API design requires these callbacks to return a unix errno
value, which means we're currently loosing the useful QEMU "Error"
object.
This changes the I/O callbacks in QEMU to stash the "Error" object
in the QCryptoTLSSession class, and fetch it when seeing an I/O
error returned from GNUTLS, thus preserving useful error messages.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
| -rw-r--r-- | crypto/tlssession.c | 76 | ||||
| -rw-r--r-- | include/crypto/tlssession.h | 10 | ||||
| -rw-r--r-- | io/channel-tls.c | 18 | ||||
| -rw-r--r-- | tests/unit/test-crypto-tlssession.c | 30 |
4 files changed, 108 insertions, 26 deletions
diff --git a/crypto/tlssession.c b/crypto/tlssession.c index 926f19c115..77286e23f4 100644 --- a/crypto/tlssession.c +++ b/crypto/tlssession.c @@ -44,6 +44,13 @@ struct QCryptoTLSSession { QCryptoTLSSessionReadFunc readFunc; void *opaque; char *peername; + + /* + * Allow concurrent reads and writes, so track + * errors separately + */ + Error *rerr; + Error *werr; }; @@ -54,6 +61,9 @@ qcrypto_tls_session_free(QCryptoTLSSession *session) return; } + error_free(session->rerr); + error_free(session->werr); + gnutls_deinit(session->handle); g_free(session->hostname); g_free(session->peername); @@ -67,13 +77,26 @@ static ssize_t qcrypto_tls_session_push(void *opaque, const void *buf, size_t len) { QCryptoTLSSession *session = opaque; + ssize_t ret; if (!session->writeFunc) { errno = EIO; return -1; }; - return session->writeFunc(buf, len, session->opaque); + error_free(session->werr); + session->werr = NULL; + + ret = session->writeFunc(buf, len, session->opaque, &session->werr); + if (ret == QCRYPTO_TLS_SESSION_ERR_BLOCK) { + errno = EAGAIN; + return -1; + } else if (ret < 0) { + errno = EIO; + return -1; + } else { + return ret; + } } @@ -81,13 +104,26 @@ static ssize_t qcrypto_tls_session_pull(void *opaque, void *buf, size_t len) { QCryptoTLSSession *session = opaque; + ssize_t ret; if (!session->readFunc) { errno = EIO; return -1; }; - return session->readFunc(buf, len, session->opaque); + error_free(session->rerr); + session->rerr = NULL; + + ret = session->readFunc(buf, len, session->opaque, &session->rerr); + if (ret == QCRYPTO_TLS_SESSION_ERR_BLOCK) { + errno = EAGAIN; + return -1; + } else if (ret < 0) { + errno = EIO; + return -1; + } else { + return ret; + } } #define TLS_PRIORITY_ADDITIONAL_ANON "+ANON-DH" @@ -450,9 +486,14 @@ qcrypto_tls_session_write(QCryptoTLSSession *session, if (ret == GNUTLS_E_AGAIN) { return QCRYPTO_TLS_SESSION_ERR_BLOCK; } else { - error_setg(errp, - "Cannot write to TLS channel: %s", - gnutls_strerror(ret)); + if (session->werr) { + error_propagate(errp, session->werr); + session->werr = NULL; + } else { + error_setg(errp, + "Cannot write to TLS channel: %s", + gnutls_strerror(ret)); + } return -1; } } @@ -477,9 +518,14 @@ qcrypto_tls_session_read(QCryptoTLSSession *session, gracefulTermination){ return 0; } else { - error_setg(errp, - "Cannot read from TLS channel: %s", - gnutls_strerror(ret)); + if (session->rerr) { + error_propagate(errp, session->rerr); + session->rerr = NULL; + } else { + error_setg(errp, + "Cannot read from TLS channel: %s", + gnutls_strerror(ret)); + } return -1; } } @@ -507,11 +553,21 @@ qcrypto_tls_session_handshake(QCryptoTLSSession *session, ret == GNUTLS_E_AGAIN) { ret = 1; } else { - error_setg(errp, "TLS handshake failed: %s", - gnutls_strerror(ret)); + if (session->rerr || session->werr) { + error_setg(errp, "TLS handshake failed: %s: %s", + gnutls_strerror(ret), + error_get_pretty(session->rerr ? + session->rerr : session->werr)); + } else { + error_setg(errp, "TLS handshake failed: %s", + gnutls_strerror(ret)); + } ret = -1; } } + error_free(session->rerr); + error_free(session->werr); + session->rerr = session->werr = NULL; return ret; } diff --git a/include/crypto/tlssession.h b/include/crypto/tlssession.h index 291e602540..f694a5c3c5 100644 --- a/include/crypto/tlssession.h +++ b/include/crypto/tlssession.h @@ -178,12 +178,18 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoTLSSession, qcrypto_tls_session_free) int qcrypto_tls_session_check_credentials(QCryptoTLSSession *sess, Error **errp); +/* + * These must return QCRYPTO_TLS_SESSION_ERR_BLOCK if the I/O + * would block, but on other errors, must fill 'errp' + */ typedef ssize_t (*QCryptoTLSSessionWriteFunc)(const char *buf, size_t len, - void *opaque); + void *opaque, + Error **errp); typedef ssize_t (*QCryptoTLSSessionReadFunc)(char *buf, size_t len, - void *opaque); + void *opaque, + Error **errp); /** * qcrypto_tls_session_set_callbacks: diff --git a/io/channel-tls.c b/io/channel-tls.c index 9d8bb158d1..aab630e5ae 100644 --- a/io/channel-tls.c +++ b/io/channel-tls.c @@ -28,17 +28,16 @@ static ssize_t qio_channel_tls_write_handler(const char *buf, size_t len, - void *opaque) + void *opaque, + Error **errp) { QIOChannelTLS *tioc = QIO_CHANNEL_TLS(opaque); ssize_t ret; - ret = qio_channel_write(tioc->master, buf, len, NULL); + ret = qio_channel_write(tioc->master, buf, len, errp); if (ret == QIO_CHANNEL_ERR_BLOCK) { - errno = EAGAIN; - return -1; + return QCRYPTO_TLS_SESSION_ERR_BLOCK; } else if (ret < 0) { - errno = EIO; return -1; } return ret; @@ -46,17 +45,16 @@ static ssize_t qio_channel_tls_write_handler(const char *buf, static ssize_t qio_channel_tls_read_handler(char *buf, size_t len, - void *opaque) + void *opaque, + Error **errp) { QIOChannelTLS *tioc = QIO_CHANNEL_TLS(opaque); ssize_t ret; - ret = qio_channel_read(tioc->master, buf, len, NULL); + ret = qio_channel_read(tioc->master, buf, len, errp); if (ret == QIO_CHANNEL_ERR_BLOCK) { - errno = EAGAIN; - return -1; + return QCRYPTO_TLS_SESSION_ERR_BLOCK; } else if (ret < 0) { - errno = EIO; return -1; } return ret; diff --git a/tests/unit/test-crypto-tlssession.c b/tests/unit/test-crypto-tlssession.c index b12e7b6879..3395f73560 100644 --- a/tests/unit/test-crypto-tlssession.c +++ b/tests/unit/test-crypto-tlssession.c @@ -35,18 +35,40 @@ #define PSKFILE WORKDIR "keys.psk" #define KEYFILE WORKDIR "key-ctx.pem" -static ssize_t testWrite(const char *buf, size_t len, void *opaque) +static ssize_t +testWrite(const char *buf, size_t len, void *opaque, Error **errp) { int *fd = opaque; + int ret; - return write(*fd, buf, len); + ret = write(*fd, buf, len); + if (ret < 0) { + if (errno == EAGAIN) { + return QCRYPTO_TLS_SESSION_ERR_BLOCK; + } else { + error_setg_errno(errp, errno, "unable to write"); + return -1; + } + } + return ret; } -static ssize_t testRead(char *buf, size_t len, void *opaque) +static ssize_t +testRead(char *buf, size_t len, void *opaque, Error **errp) { int *fd = opaque; + int ret; - return read(*fd, buf, len); + ret = read(*fd, buf, len); + if (ret < 0) { + if (errno == EAGAIN) { + return QCRYPTO_TLS_SESSION_ERR_BLOCK; + } else { + error_setg_errno(errp, errno, "unable to read"); + return -1; + } + } + return ret; } static QCryptoTLSCreds *test_tls_creds_psk_create( |