1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "crypto/openssl_util.h"
6
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9
10 #include "base/logging.h"
11 #include "base/memory/scoped_vector.h"
12 #include "base/memory/singleton.h"
13 #include "base/strings/string_piece.h"
14 #include "base/synchronization/lock.h"
15 #include "build/build_config.h"
16
17 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
18 #include <cpu-features.h>
19 #endif
20
21 namespace crypto {
22
23 namespace {
24
CurrentThreadId()25 unsigned long CurrentThreadId() {
26 return static_cast<unsigned long>(base::PlatformThread::CurrentId());
27 }
28
29 // Singleton for initializing and cleaning up the OpenSSL library.
30 class OpenSSLInitSingleton {
31 public:
GetInstance()32 static OpenSSLInitSingleton* GetInstance() {
33 // We allow the SSL environment to leak for multiple reasons:
34 // - it is used from a non-joinable worker thread that is not stopped on
35 // shutdown, hence may still be using OpenSSL library after the AtExit
36 // runner has completed.
37 // - There are other OpenSSL related singletons (e.g. the client socket
38 // context) who's cleanup depends on the global environment here, but
39 // we can't control the order the AtExit handlers will run in so
40 // allowing the global environment to leak at least ensures it is
41 // available for those other singletons to reliably cleanup.
42 return Singleton<OpenSSLInitSingleton,
43 LeakySingletonTraits<OpenSSLInitSingleton> >::get();
44 }
45 private:
46 friend struct DefaultSingletonTraits<OpenSSLInitSingleton>;
OpenSSLInitSingleton()47 OpenSSLInitSingleton() {
48 SSL_load_error_strings();
49 SSL_library_init();
50 OpenSSL_add_all_algorithms();
51 int num_locks = CRYPTO_num_locks();
52 locks_.reserve(num_locks);
53 for (int i = 0; i < num_locks; ++i)
54 locks_.push_back(new base::Lock());
55 CRYPTO_set_locking_callback(LockingCallback);
56 CRYPTO_set_id_callback(CurrentThreadId);
57
58 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
59 const bool has_neon =
60 (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON) != 0;
61 if (has_neon)
62 CRYPTO_set_NEON_capable(1);
63 #endif
64 }
65
~OpenSSLInitSingleton()66 ~OpenSSLInitSingleton() {
67 CRYPTO_set_locking_callback(NULL);
68 EVP_cleanup();
69 ERR_free_strings();
70 }
71
LockingCallback(int mode,int n,const char * file,int line)72 static void LockingCallback(int mode, int n, const char* file, int line) {
73 OpenSSLInitSingleton::GetInstance()->OnLockingCallback(mode, n, file, line);
74 }
75
OnLockingCallback(int mode,int n,const char * file,int line)76 void OnLockingCallback(int mode, int n, const char* file, int line) {
77 CHECK_LT(static_cast<size_t>(n), locks_.size());
78 if (mode & CRYPTO_LOCK)
79 locks_[n]->Acquire();
80 else
81 locks_[n]->Release();
82 }
83
84 // These locks are used and managed by OpenSSL via LockingCallback().
85 ScopedVector<base::Lock> locks_;
86
87 DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton);
88 };
89
90 // Callback routine for OpenSSL to print error messages. |str| is a
91 // NULL-terminated string of length |len| containing diagnostic information
92 // such as the library, function and reason for the error, the file and line
93 // where the error originated, plus potentially any context-specific
94 // information about the error. |context| contains a pointer to user-supplied
95 // data, which is currently unused.
96 // If this callback returns a value <= 0, OpenSSL will stop processing the
97 // error queue and return, otherwise it will continue calling this function
98 // until all errors have been removed from the queue.
OpenSSLErrorCallback(const char * str,size_t len,void * context)99 int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
100 DVLOG(1) << "\t" << base::StringPiece(str, len);
101 return 1;
102 }
103
104 } // namespace
105
EnsureOpenSSLInit()106 void EnsureOpenSSLInit() {
107 (void)OpenSSLInitSingleton::GetInstance();
108 }
109
ClearOpenSSLERRStack(const tracked_objects::Location & location)110 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
111 if (logging::DEBUG_MODE && VLOG_IS_ON(1)) {
112 int error_num = ERR_peek_error();
113 if (error_num == 0)
114 return;
115
116 std::string message;
117 location.Write(true, true, &message);
118 DVLOG(1) << "OpenSSL ERR_get_error stack from " << message;
119 ERR_print_errors_cb(&OpenSSLErrorCallback, NULL);
120 } else {
121 ERR_clear_error();
122 }
123 }
124
125 } // namespace crypto
126