1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "crypto/openssl_util.h"
6
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9 #include <openssl/cpu.h>
10 #include <stddef.h>
11 #include <stdint.h>
12
13 #include "base/logging.h"
14 #include "base/macros.h"
15 #include "base/memory/singleton.h"
16 #include "base/strings/string_piece.h"
17 #include "build/build_config.h"
18
19 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
20 #include <cpu-features.h>
21 #include "base/cpu.h"
22 #endif
23
24 namespace crypto {
25
26 namespace {
27
28 // Singleton for initializing and cleaning up the OpenSSL library.
29 class OpenSSLInitSingleton {
30 public:
GetInstance()31 static OpenSSLInitSingleton* GetInstance() {
32 // We allow the SSL environment to leak for multiple reasons:
33 // - it is used from a non-joinable worker thread that is not stopped on
34 // shutdown, hence may still be using OpenSSL library after the AtExit
35 // runner has completed.
36 // - There are other OpenSSL related singletons (e.g. the client socket
37 // context) who's cleanup depends on the global environment here, but
38 // we can't control the order the AtExit handlers will run in so
39 // allowing the global environment to leak at least ensures it is
40 // available for those other singletons to reliably cleanup.
41 return base::Singleton<
42 OpenSSLInitSingleton,
43 base::LeakySingletonTraits<OpenSSLInitSingleton>>::get();
44 }
45 private:
46 friend struct base::DefaultSingletonTraits<OpenSSLInitSingleton>;
OpenSSLInitSingleton()47 OpenSSLInitSingleton() {
48 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
49 const bool has_neon =
50 (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON) != 0;
51 // CRYPTO_set_NEON_capable is called before |SSL_library_init| because this
52 // stops BoringSSL from probing for NEON support via SIGILL in the case
53 // that getauxval isn't present.
54 CRYPTO_set_NEON_capable(has_neon);
55 // See https://code.google.com/p/chromium/issues/detail?id=341598
56 base::CPU cpu;
57 CRYPTO_set_NEON_functional(!cpu.has_broken_neon());
58 #endif
59
60 SSL_library_init();
61 }
62
~OpenSSLInitSingleton()63 ~OpenSSLInitSingleton() {}
64
65 DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton);
66 };
67
68 // Callback routine for OpenSSL to print error messages. |str| is a
69 // NULL-terminated string of length |len| containing diagnostic information
70 // such as the library, function and reason for the error, the file and line
71 // where the error originated, plus potentially any context-specific
72 // information about the error. |context| contains a pointer to user-supplied
73 // data, which is currently unused.
74 // If this callback returns a value <= 0, OpenSSL will stop processing the
75 // error queue and return, otherwise it will continue calling this function
76 // until all errors have been removed from the queue.
OpenSSLErrorCallback(const char * str,size_t len,void * context)77 int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
78 DVLOG(1) << "\t" << base::StringPiece(str, len);
79 return 1;
80 }
81
82 } // namespace
83
EnsureOpenSSLInit()84 void EnsureOpenSSLInit() {
85 (void)OpenSSLInitSingleton::GetInstance();
86 }
87
ClearOpenSSLERRStack(const tracked_objects::Location & location)88 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
89 if (logging::DEBUG_MODE && VLOG_IS_ON(1)) {
90 uint32_t error_num = ERR_peek_error();
91 if (error_num == 0)
92 return;
93
94 std::string message;
95 location.Write(true, true, &message);
96 DVLOG(1) << "OpenSSL ERR_get_error stack from " << message;
97 ERR_print_errors_cb(&OpenSSLErrorCallback, NULL);
98 } else {
99 ERR_clear_error();
100 }
101 }
102
103 } // namespace crypto
104