1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "crypto/openssl_util.h" 6 7 #include <openssl/err.h> 8 #include <openssl/ssl.h> 9 #include <openssl/cpu.h> 10 #include <stddef.h> 11 #include <stdint.h> 12 13 #include "base/logging.h" 14 #include "base/macros.h" 15 #include "base/memory/singleton.h" 16 #include "base/strings/string_piece.h" 17 #include "build/build_config.h" 18 19 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL) 20 #include <cpu-features.h> 21 #include "base/cpu.h" 22 #endif 23 24 namespace crypto { 25 26 namespace { 27 28 // Singleton for initializing and cleaning up the OpenSSL library. 29 class OpenSSLInitSingleton { 30 public: 31 static OpenSSLInitSingleton* GetInstance() { 32 // We allow the SSL environment to leak for multiple reasons: 33 // - it is used from a non-joinable worker thread that is not stopped on 34 // shutdown, hence may still be using OpenSSL library after the AtExit 35 // runner has completed. 36 // - There are other OpenSSL related singletons (e.g. the client socket 37 // context) who's cleanup depends on the global environment here, but 38 // we can't control the order the AtExit handlers will run in so 39 // allowing the global environment to leak at least ensures it is 40 // available for those other singletons to reliably cleanup. 41 return base::Singleton< 42 OpenSSLInitSingleton, 43 base::LeakySingletonTraits<OpenSSLInitSingleton>>::get(); 44 } 45 private: 46 friend struct base::DefaultSingletonTraits<OpenSSLInitSingleton>; 47 OpenSSLInitSingleton() { 48 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL) 49 const bool has_neon = 50 (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON) != 0; 51 // CRYPTO_set_NEON_capable is called before |SSL_library_init| because this 52 // stops BoringSSL from probing for NEON support via SIGILL in the case 53 // that getauxval isn't present. 54 CRYPTO_set_NEON_capable(has_neon); 55 // See https://code.google.com/p/chromium/issues/detail?id=341598 56 base::CPU cpu; 57 CRYPTO_set_NEON_functional(!cpu.has_broken_neon()); 58 #endif 59 60 SSL_library_init(); 61 } 62 63 ~OpenSSLInitSingleton() {} 64 65 DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton); 66 }; 67 68 // Callback routine for OpenSSL to print error messages. |str| is a 69 // NULL-terminated string of length |len| containing diagnostic information 70 // such as the library, function and reason for the error, the file and line 71 // where the error originated, plus potentially any context-specific 72 // information about the error. |context| contains a pointer to user-supplied 73 // data, which is currently unused. 74 // If this callback returns a value <= 0, OpenSSL will stop processing the 75 // error queue and return, otherwise it will continue calling this function 76 // until all errors have been removed from the queue. 77 int OpenSSLErrorCallback(const char* str, size_t len, void* context) { 78 DVLOG(1) << "\t" << base::StringPiece(str, len); 79 return 1; 80 } 81 82 } // namespace 83 84 void EnsureOpenSSLInit() { 85 (void)OpenSSLInitSingleton::GetInstance(); 86 } 87 88 void ClearOpenSSLERRStack(const tracked_objects::Location& location) { 89 if (logging::DEBUG_MODE && VLOG_IS_ON(1)) { 90 uint32_t error_num = ERR_peek_error(); 91 if (error_num == 0) 92 return; 93 94 std::string message; 95 location.Write(true, true, &message); 96 DVLOG(1) << "OpenSSL ERR_get_error stack from " << message; 97 ERR_print_errors_cb(&OpenSSLErrorCallback, NULL); 98 } else { 99 ERR_clear_error(); 100 } 101 } 102 103 } // namespace crypto 104
