mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-16 05:23:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Attempt to log an error if init failed

Browse Source 
If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-02-10 15:16:06 +00:00
parent 0fc32b0718
commit 302f75887e
10 changed files with 43 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/errstr.c
View File

@ -114,6 +114,11 @@ int errstr_main(int argc, char **argv)
if (!opt_ulong(*argv, &l))
ret++;
else {
/* We're not really an SSL application so this won't auto-init, but
* we're still interested in SSL error strings
*/
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
ERR_error_string_n(l, buf, sizeof buf);
BIO_printf(bio_out, "%s\n", buf);
}

2
crypto/async/async.c
View File

@ -363,11 +363,9 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
}
if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {
ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);
return 0;
}
if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);
return 0;
}

5
crypto/cpt_err.c
View File

@ -1,5 +1,5 @@
/* ====================================================================
* Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -84,6 +84,9 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
{ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START),
"OPENSSL_INIT_crypto_library_start"},
{ERR_FUNC(CRYPTO_F_OPENSSL_MEMDUP), "OPENSSL_MEMDUP"},
{0, NULL}
};

1
crypto/err/err.c
View File

@ -223,6 +223,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
{ERR_R_INTERNAL_ERROR, "internal error"},
{ERR_R_DISABLED, "called a function that was disabled at compile-time"},
{ERR_R_INIT_FAIL, "init fail"},
{0, NULL},
};

15
crypto/init.c
View File

@ -628,8 +628,21 @@ static const OPENSSL_INIT_SETTINGS *ossl_init_get_setting(
*/
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
if (stopped)
static int stoperrset = 0;
if (stopped) {
if (!stoperrset) {
/*
* We only ever set this once to avoid getting into an infinite
* loop where the error system keeps trying to init and fails so
* sets an error etc
*/
stoperrset = 1;
CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START,
ERR_R_INIT_FAIL);
}
return 0;
}
ossl_init_once_run(&base, ossl_init_base);

1
include/openssl/crypto.h
View File

@ -627,6 +627,7 @@ void ERR_load_CRYPTO_strings(void);
# define CRYPTO_F_INT_DUP_EX_DATA 106
# define CRYPTO_F_INT_FREE_EX_DATA 107
# define CRYPTO_F_INT_NEW_EX_DATA 108
# define CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START 116
# define CRYPTO_F_OPENSSL_MEMDUP 114
/* Reason codes. */

2
include/openssl/err.h
View File

@ -309,7 +309,7 @@ typedef struct err_state_st {
# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
# define ERR_R_DISABLED (5|ERR_R_FATAL)
# define ERR_R_NOT_INITED (6|ERR_R_FATAL)
# define ERR_R_INIT_FAIL (6|ERR_R_FATAL)
/*
* 99 is the maximum possible ERR_R_... code, higher values are reserved for

1
include/openssl/ssl.h
View File

@ -1986,6 +1986,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 385
# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370
# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386
# define SSL_F_OPENSSL_INIT_SSL_LIBRARY_START 342
# define SSL_F_READ_STATE_MACHINE 352
# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
# define SSL_F_SSL3_CALLBACK_CTRL 233

4
ssl/ssl_err.c
View File

@ -95,7 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
"DTLS1_SEND_HELLO_VERIFY_REQUEST"},
{ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
{ERR_FUNC(SSL_F_DTLSV1_LISTEN), "dtlsv1_listen"},
{ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},
{ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
"dtls_construct_change_cipher_spec"},
{ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST),
@ -103,6 +103,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE),
"dtls_get_reassembled_message"},
{ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
{ERR_FUNC(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START),
"OPENSSL_INIT_ssl_library_start"},
{ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
{ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},

14
ssl/ssl_init.c
View File

@ -301,8 +301,20 @@ static void ssl_library_stop(void)
*/
int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
if (stopped)
static int stoperrset = 0;
if (stopped) {
if (!stoperrset) {
/*
* We only ever set this once to avoid getting into an infinite
* loop where the error system keeps trying to init and fails so
* sets an error etc
*/
stoperrset = 1;
SSLerr(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START, ERR_R_INIT_FAIL);
}
return 0;
}
if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS, settings))