crypto/openssl_util.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/openssl_util.h"
   6
   7 #include <openssl/err.h>
   8 #include <openssl/ssl.h>
   9 #include <openssl/cpu.h>
  10
  11 #include "base/logging.h"
  12 #include "base/memory/singleton.h"
  13 #include "base/strings/string_piece.h"
  14 #include "build/build_config.h"
  15
  16 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
  17 #include <cpu-features.h>
  18 #include "base/cpu.h"
  19 #endif
  20
  21 namespace crypto {
  22
  23 namespace {
  24
  25 // Singleton for initializing and cleaning up the OpenSSL library.
  26 class OpenSSLInitSingleton {
  27  public:
  28   static OpenSSLInitSingleton* GetInstance() {
  29     // We allow the SSL environment to leak for multiple reasons:
  30     //   -  it is used from a non-joinable worker thread that is not stopped on
  31     //      shutdown, hence may still be using OpenSSL library after the AtExit
  32     //      runner has completed.
  33     //   -  There are other OpenSSL related singletons (e.g. the client socket
  34     //      context) who's cleanup depends on the global environment here, but
  35     //      we can't control the order the AtExit handlers will run in so
  36     //      allowing the global environment to leak at least ensures it is
  37     //      available for those other singletons to reliably cleanup.
  38     return base::Singleton<
  39         OpenSSLInitSingleton,
  40         base::LeakySingletonTraits<OpenSSLInitSingleton>>::get();
  41   }
  42  private:
  43   friend struct base::DefaultSingletonTraits<OpenSSLInitSingleton>;
  44   OpenSSLInitSingleton() {
  45 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
  46     const bool has_neon =
  47         (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON) != 0;
  48     // CRYPTO_set_NEON_capable is called before |SSL_library_init| because this
  49     // stops BoringSSL from probing for NEON support via SIGILL in the case
  50     // that getauxval isn't present.
  51     CRYPTO_set_NEON_capable(has_neon);
  52     // See https://code.google.com/p/chromium/issues/detail?id=341598
  53     base::CPU cpu;
  54     CRYPTO_set_NEON_functional(!cpu.has_broken_neon());
  55 #endif
  56
  57     SSL_library_init();
  58   }
  59
  60   ~OpenSSLInitSingleton() {}
  61
  62   DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton);
  63 };
  64
  65 // Callback routine for OpenSSL to print error messages. |str| is a
  66 // NULL-terminated string of length |len| containing diagnostic information
  67 // such as the library, function and reason for the error, the file and line
  68 // where the error originated, plus potentially any context-specific
  69 // information about the error. |context| contains a pointer to user-supplied
  70 // data, which is currently unused.
  71 // If this callback returns a value <= 0, OpenSSL will stop processing the
  72 // error queue and return, otherwise it will continue calling this function
  73 // until all errors have been removed from the queue.
  74 int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
  75   DVLOG(1) << "\t" << base::StringPiece(str, len);
  76   return 1;
  77 }
  78
  79 }  // namespace
  80
  81 void EnsureOpenSSLInit() {
  82   (void)OpenSSLInitSingleton::GetInstance();
  83 }
  84
  85 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
  86   if (logging::DEBUG_MODE && VLOG_IS_ON(1)) {
  87     uint32_t error_num = ERR_peek_error();
  88     if (error_num == 0)
  89       return;
  90
  91     std::string message;
  92     location.Write(true, true, &message);
  93     DVLOG(1) << "OpenSSL ERR_get_error stack from " << message;
  94     ERR_print_errors_cb(&OpenSSLErrorCallback, NULL);
  95   } else {
  96     ERR_clear_error();
  97   }
  98 }
  99
 100 }  // namespace crypto