• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "crypto/openssl_util.h"
6 
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9 #include <openssl/cpu.h>
10 
11 #include "base/logging.h"
12 #include "base/memory/scoped_vector.h"
13 #include "base/memory/singleton.h"
14 #include "base/strings/string_piece.h"
15 #include "base/synchronization/lock.h"
16 #include "build/build_config.h"
17 
18 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
19 #include <cpu-features.h>
20 #include "base/cpu.h"
21 #endif
22 
23 namespace crypto {
24 
25 namespace {
26 
CurrentThreadId(CRYPTO_THREADID * id)27 void CurrentThreadId(CRYPTO_THREADID* id) {
28   CRYPTO_THREADID_set_numeric(
29       id, static_cast<unsigned long>(base::PlatformThread::CurrentId()));
30 }
31 
32 // Singleton for initializing and cleaning up the OpenSSL library.
33 class OpenSSLInitSingleton {
34  public:
GetInstance()35   static OpenSSLInitSingleton* GetInstance() {
36     // We allow the SSL environment to leak for multiple reasons:
37     //   -  it is used from a non-joinable worker thread that is not stopped on
38     //      shutdown, hence may still be using OpenSSL library after the AtExit
39     //      runner has completed.
40     //   -  There are other OpenSSL related singletons (e.g. the client socket
41     //      context) who's cleanup depends on the global environment here, but
42     //      we can't control the order the AtExit handlers will run in so
43     //      allowing the global environment to leak at least ensures it is
44     //      available for those other singletons to reliably cleanup.
45     return Singleton<OpenSSLInitSingleton,
46                LeakySingletonTraits<OpenSSLInitSingleton> >::get();
47   }
48  private:
49   friend struct DefaultSingletonTraits<OpenSSLInitSingleton>;
OpenSSLInitSingleton()50   OpenSSLInitSingleton() {
51     SSL_load_error_strings();
52     SSL_library_init();
53     int num_locks = CRYPTO_num_locks();
54     locks_.reserve(num_locks);
55     for (int i = 0; i < num_locks; ++i)
56       locks_.push_back(new base::Lock());
57     CRYPTO_set_locking_callback(LockingCallback);
58     CRYPTO_THREADID_set_callback(CurrentThreadId);
59 
60 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
61     const bool has_neon =
62         (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON) != 0;
63     if (has_neon)
64       CRYPTO_set_NEON_capable(1);
65     // See https://code.google.com/p/chromium/issues/detail?id=341598
66     base::CPU cpu;
67     CRYPTO_set_NEON_functional(!cpu.has_broken_neon());
68 #endif
69   }
70 
~OpenSSLInitSingleton()71   ~OpenSSLInitSingleton() {
72     CRYPTO_set_locking_callback(NULL);
73     EVP_cleanup();
74     ERR_free_strings();
75   }
76 
LockingCallback(int mode,int n,const char * file,int line)77   static void LockingCallback(int mode, int n, const char* file, int line) {
78     OpenSSLInitSingleton::GetInstance()->OnLockingCallback(mode, n, file, line);
79   }
80 
OnLockingCallback(int mode,int n,const char * file,int line)81   void OnLockingCallback(int mode, int n, const char* file, int line) {
82     CHECK_LT(static_cast<size_t>(n), locks_.size());
83     if (mode & CRYPTO_LOCK)
84       locks_[n]->Acquire();
85     else
86       locks_[n]->Release();
87   }
88 
89   // These locks are used and managed by OpenSSL via LockingCallback().
90   ScopedVector<base::Lock> locks_;
91 
92   DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton);
93 };
94 
95 // Callback routine for OpenSSL to print error messages. |str| is a
96 // NULL-terminated string of length |len| containing diagnostic information
97 // such as the library, function and reason for the error, the file and line
98 // where the error originated, plus potentially any context-specific
99 // information about the error. |context| contains a pointer to user-supplied
100 // data, which is currently unused.
101 // If this callback returns a value <= 0, OpenSSL will stop processing the
102 // error queue and return, otherwise it will continue calling this function
103 // until all errors have been removed from the queue.
OpenSSLErrorCallback(const char * str,size_t len,void * context)104 int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
105   DVLOG(1) << "\t" << base::StringPiece(str, len);
106   return 1;
107 }
108 
109 }  // namespace
110 
EnsureOpenSSLInit()111 void EnsureOpenSSLInit() {
112   (void)OpenSSLInitSingleton::GetInstance();
113 }
114 
ClearOpenSSLERRStack(const tracked_objects::Location & location)115 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
116   if (logging::DEBUG_MODE && VLOG_IS_ON(1)) {
117     int error_num = ERR_peek_error();
118     if (error_num == 0)
119       return;
120 
121     std::string message;
122     location.Write(true, true, &message);
123     DVLOG(1) << "OpenSSL ERR_get_error stack from " << message;
124     ERR_print_errors_cb(&OpenSSLErrorCallback, NULL);
125   } else {
126     ERR_clear_error();
127   }
128 }
129 
130 }  // namespace crypto
131