• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "crypto/openssl_util.h"
6 
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9 
10 #include "base/logging.h"
11 #include "base/memory/scoped_vector.h"
12 #include "base/memory/singleton.h"
13 #include "base/string_piece.h"
14 #include "base/synchronization/lock.h"
15 
16 namespace crypto {
17 
18 namespace {
19 
CurrentThreadId()20 unsigned long CurrentThreadId() {
21   return static_cast<unsigned long>(base::PlatformThread::CurrentId());
22 }
23 
24 // Singleton for initializing and cleaning up the OpenSSL library.
25 class OpenSSLInitSingleton {
26  public:
GetInstance()27   static OpenSSLInitSingleton* GetInstance() {
28     // We allow the SSL environment to leak for multiple reasons:
29     //   -  it is used from a non-joinable worker thread that is not stopped on
30     //      shutdown, hence may still be using OpenSSL library after the AtExit
31     //      runner has completed.
32     //   -  There are other OpenSSL related singletons (e.g. the client socket
33     //      context) who's cleanup depends on the global environment here, but
34     //      we can't control the order the AtExit handlers will run in so
35     //      allowing the global environment to leak at least ensures it is
36     //      available for those other singletons to reliably cleanup.
37     return Singleton<OpenSSLInitSingleton,
38                LeakySingletonTraits<OpenSSLInitSingleton> >::get();
39   }
40  private:
41   friend struct DefaultSingletonTraits<OpenSSLInitSingleton>;
OpenSSLInitSingleton()42   OpenSSLInitSingleton() {
43     SSL_load_error_strings();
44     SSL_library_init();
45     OpenSSL_add_all_algorithms();
46     int num_locks = CRYPTO_num_locks();
47     locks_.reserve(num_locks);
48     for (int i = 0; i < num_locks; ++i)
49       locks_.push_back(new base::Lock());
50     CRYPTO_set_locking_callback(LockingCallback);
51     CRYPTO_set_id_callback(CurrentThreadId);
52   }
53 
~OpenSSLInitSingleton()54   ~OpenSSLInitSingleton() {
55     CRYPTO_set_locking_callback(NULL);
56     EVP_cleanup();
57     ERR_free_strings();
58   }
59 
LockingCallback(int mode,int n,const char * file,int line)60   static void LockingCallback(int mode, int n, const char* file, int line) {
61     OpenSSLInitSingleton::GetInstance()->OnLockingCallback(mode, n, file, line);
62   }
63 
OnLockingCallback(int mode,int n,const char * file,int line)64   void OnLockingCallback(int mode, int n, const char* file, int line) {
65     CHECK_LT(static_cast<size_t>(n), locks_.size());
66     if (mode & CRYPTO_LOCK)
67       locks_[n]->Acquire();
68     else
69       locks_[n]->Release();
70   }
71 
72   // These locks are used and managed by OpenSSL via LockingCallback().
73   ScopedVector<base::Lock> locks_;
74 
75   DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton);
76 };
77 
78 // Callback routine for OpenSSL to print error messages. |str| is a
79 // NULL-terminated string of length |len| containing diagnostic information
80 // such as the library, function and reason for the error, the file and line
81 // where the error originated, plus potentially any context-specific
82 // information about the error. |context| contains a pointer to user-supplied
83 // data, which is currently unused.
84 // If this callback returns a value <= 0, OpenSSL will stop processing the
85 // error queue and return, otherwise it will continue calling this function
86 // until all errors have been removed from the queue.
OpenSSLErrorCallback(const char * str,size_t len,void * context)87 int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
88   DVLOG(1) << "\t" << base::StringPiece(str, len);
89   return 1;
90 }
91 
92 }  // namespace
93 
EnsureOpenSSLInit()94 void EnsureOpenSSLInit() {
95   (void)OpenSSLInitSingleton::GetInstance();
96 }
97 
ClearOpenSSLERRStack(const tracked_objects::Location & location)98 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
99   if (logging::DEBUG_MODE && VLOG_IS_ON(1)) {
100     int error_num = ERR_peek_error();
101     if (error_num == 0)
102       return;
103 
104     std::string message;
105     location.Write(true, true, &message);
106     DVLOG(1) << "OpenSSL ERR_get_error stack from " << message;
107     ERR_print_errors_cb(&OpenSSLErrorCallback, NULL);
108   } else {
109     ERR_clear_error();
110   }
111 }
112 
113 }  // namespace crypto
114