src/bio.c:

* in wolfSSL_BIO_free(), add WOLFSSL_BIO_DGRAM to the test for closing bio->num, fixing a descriptor leak.

* use SOCKET_INVALID consistently as the invalid value for WOLFSSL_BIO.num, and use SOCKET_T consistently as the type for file descriptors.

src/bio.c

@@ -620,7 +620,7 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
 
     XMEMCPY(bio->mem_buf->data + bio->wrSz, data, len);
     bio->ptr = bio->mem_buf->data;
-    bio->num = (int)bio->mem_buf->max;
+    bio->num = (SOCKET_T)bio->mem_buf->max;
     bio->wrSz += len;
     bio->wrIdx += len;
 
@@ -1379,7 +1379,7 @@ long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **ptr)
 
         bio->wrSz = (int)bio->mem_buf->length;
         bio->wrSzReset = bio->wrSz;
-        bio->num = (int)bio->mem_buf->max;
+        bio->num = (SOCKET_T)bio->mem_buf->max;
         bio->ptr = bio->mem_buf->data;
         bio->wrIdx = 0;
         bio->rdIdx = 0;
@@ -1421,7 +1421,7 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
     if (bio->ptr == NULL) {
         WOLFSSL_MSG("Memory allocation error");
         bio->wrSz  = 0;
-        bio->num = 0;
+        bio->num = SOCKET_INVALID;
         bio->wrIdx = 0;
         bio->rdIdx = 0;
         if (bio->mem_buf != NULL) {
@@ -1432,7 +1432,7 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
         return WOLFSSL_FAILURE;
     }
     bio->wrSz  = (int)size;
-    bio->num = (int)size;
+    bio->num = (SOCKET_T)size;
     bio->wrIdx = 0;
     bio->rdIdx = 0;
     if (bio->mem_buf != NULL) {
@@ -1720,7 +1720,7 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
                 bio->wrSz  = 0;
                 XFREE(bio->ptr, bio->heap, DYNAMIC_TYPE_OPENSSL);
                 bio->ptr = NULL;
-                bio->num = 0;
+                bio->num = SOCKET_INVALID;
                 if (bio->mem_buf != NULL) {
                     bio->mem_buf->data = NULL;
                     bio->mem_buf->length = 0;
@@ -1755,7 +1755,7 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
  * @param close_flag BIO_NOCLOSE or BIO_CLOSE
  * @return New BIO object or NULL on failure
  */
-WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag)
+WOLFSSL_BIO *wolfSSL_BIO_new_fd(SOCKET_T fd, int close_flag)
 {
     WOLFSSL_BIO* bio;
 
@@ -2311,7 +2311,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
     }
 
 
-    WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int closeF)
+    WOLFSSL_BIO* wolfSSL_BIO_new_socket(SOCKET_T sfd, int closeF)
     {
         WOLFSSL_BIO* bio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket());
 
@@ -2337,7 +2337,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
     }
 
 
-    WOLFSSL_BIO* wolfSSL_BIO_new_dgram(int fd, int closeF)
+    WOLFSSL_BIO* wolfSSL_BIO_new_dgram(SOCKET_T fd, int closeF)
     {
         WOLFSSL_BIO* bio = wolfSSL_BIO_new(wolfSSL_BIO_s_datagram());
 
@@ -2468,7 +2468,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
             return WOLFSSL_FAILURE;
         }
 
-        b->num = (int)sfd;
+        b->num = sfd;
         b->shutdown = BIO_CLOSE;
         return WOLFSSL_SUCCESS;
     }
@@ -2492,12 +2492,12 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
             return WOLFSSL_FAILURE;
         }
 
-        if (b->num == WOLFSSL_BIO_ERROR) {
+        if (b->num == SOCKET_INVALID) {
             if (wolfIO_TcpBind(&sfd, b->port) < 0) {
                 WOLFSSL_MSG("wolfIO_TcpBind error");
                 return WOLFSSL_FAILURE;
             }
-            b->num = (int)sfd;
+            b->num = sfd;
             b->shutdown = BIO_CLOSE;
         }
         else {
@@ -2772,7 +2772,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
     }
 
 #ifndef NO_FILESYSTEM
-    long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int closeF)
+    long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, SOCKET_T fd, int closeF)
     {
         WOLFSSL_ENTER("wolfSSL_BIO_set_fd");
 
@@ -2821,7 +2821,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
             bio->method = method;
 #endif
             bio->shutdown = BIO_CLOSE; /* default to close things */
-            bio->num = WOLFSSL_BIO_ERROR;
+            bio->num = SOCKET_INVALID;
             bio->init = 1;
 
         #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
@@ -2893,7 +2893,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
             return NULL;
         }
 
-        bio->num = (int)bio->mem_buf->max;
+        bio->num = (SOCKET_T)bio->mem_buf->max;
         bio->wrSz = len;
         bio->ptr = bio->mem_buf->data;
         if (len > 0 && bio->ptr != NULL) {
@@ -2968,8 +2968,12 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
                 if (bio->type == WOLFSSL_BIO_SSL && bio->ptr)
                     wolfSSL_free((WOLFSSL*)bio->ptr);
             #ifdef CloseSocket
-                if ((bio->type == WOLFSSL_BIO_SOCKET) && (bio->num > 0))
+                if (((bio->type == WOLFSSL_BIO_SOCKET) ||
+                     (bio->type == WOLFSSL_BIO_DGRAM)) &&
+                    (bio->num != SOCKET_INVALID))
+                {
                     CloseSocket(bio->num);
+                }
             #endif
             }
 
@@ -2980,7 +2984,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
                 }
             #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
                 && !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
-                else if (bio->num != WOLFSSL_BIO_ERROR) {
+                else if (bio->num != SOCKET_INVALID) {
                     XCLOSE(bio->num);
                 }
             #endif
@@ -3146,7 +3150,7 @@ int wolfSSL_BIO_set_ex_data(WOLFSSL_BIO *bio, int idx, void *data)
     return WOLFSSL_FAILURE;
 }
 
-int wolfSSL_BIO_get_fd(WOLFSSL_BIO *bio, int* fd)
+SOCKET_T wolfSSL_BIO_get_fd(WOLFSSL_BIO *bio, SOCKET_T* fd)
 {
     WOLFSSL_ENTER("wolfSSL_BIO_get_fd");
 

wolfssl/internal.h

@@ -2761,7 +2761,7 @@ struct WOLFSSL_BIO {
     int          wrIdx;         /* current index for write buffer */
     int          rdIdx;         /* current read index */
     int          readRq;        /* read request */
-    int          num;           /* socket num or length */
+    SOCKET_T     num;           /* socket num or length */
     int          eof;           /* eof flag */
     int          flags;
     byte         type;          /* method type */

wolfssl/ssl.h

@@ -1753,15 +1753,15 @@ WOLFSSL_API int wolfSSL_BIO_get_md_ctx(WOLFSSL_BIO *bio,
 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void);
 WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO* bio, long size);
 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void);
-WOLFSSL_API WOLFSSL_BIO*        wolfSSL_BIO_new_socket(int sfd, int flag);
-WOLFSSL_API WOLFSSL_BIO*        wolfSSL_BIO_new_dgram(int fd, int closeF);
+WOLFSSL_API WOLFSSL_BIO*        wolfSSL_BIO_new_socket(SOCKET_T sfd, int flag);
+WOLFSSL_API WOLFSSL_BIO*        wolfSSL_BIO_new_dgram(SOCKET_T fd, int closeF);
 WOLFSSL_API int         wolfSSL_BIO_eof(WOLFSSL_BIO* b);
 
 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void);
 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void);
 WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO* bio, int flags);
 WOLFSSL_API void wolfSSL_BIO_clear_flags(WOLFSSL_BIO *bio, int flags);
-WOLFSSL_API int wolfSSL_BIO_get_fd(WOLFSSL_BIO *bio, int* fd);
+WOLFSSL_API SOCKET_T wolfSSL_BIO_get_fd(WOLFSSL_BIO *bio, SOCKET_T* fd);
 WOLFSSL_API int wolfSSL_BIO_set_ex_data(WOLFSSL_BIO *bio, int idx, void *data);
 #ifdef HAVE_EX_DATA_CLEANUP_HOOKS
 WOLFSSL_API int wolfSSL_BIO_set_ex_data_with_cleanup(
@@ -1799,7 +1799,7 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(const void* buf, int len);
 WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO* b, WOLFSSL* ssl, int flag);
 WOLFSSL_API long wolfSSL_BIO_get_ssl(WOLFSSL_BIO* bio, WOLFSSL** ssl);
 #ifndef NO_FILESYSTEM
-WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
+WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, SOCKET_T fd, int flag);
 #endif
 WOLFSSL_API int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
 WOLFSSL_API void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
@@ -1809,7 +1809,7 @@ WOLFSSL_API int wolfSSL_BIO_method_type(const WOLFSSL_BIO *b);
 
 #ifndef NO_FILESYSTEM
 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void);
-WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag);
+WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_fd(SOCKET_T fd, int close_flag);
 #endif
 
 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_bio(void);