1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/openssl_util.h"
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9 #include <openssl/cpu.h>
11 #include "base/logging.h"
12 #include "base/memory/singleton.h"
13 #include "base/strings/string_piece.h"
14 #include "build/build_config.h"
16 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
17 #include <cpu-features.h>
25 // Singleton for initializing and cleaning up the OpenSSL library.
26 class OpenSSLInitSingleton
{
28 static OpenSSLInitSingleton
* GetInstance() {
29 // We allow the SSL environment to leak for multiple reasons:
30 // - it is used from a non-joinable worker thread that is not stopped on
31 // shutdown, hence may still be using OpenSSL library after the AtExit
32 // runner has completed.
33 // - There are other OpenSSL related singletons (e.g. the client socket
34 // context) who's cleanup depends on the global environment here, but
35 // we can't control the order the AtExit handlers will run in so
36 // allowing the global environment to leak at least ensures it is
37 // available for those other singletons to reliably cleanup.
38 return base::Singleton
<
40 base::LeakySingletonTraits
<OpenSSLInitSingleton
>>::get();
43 friend struct base::DefaultSingletonTraits
<OpenSSLInitSingleton
>;
44 OpenSSLInitSingleton() {
45 #if defined(OS_ANDROID) && defined(ARCH_CPU_ARMEL)
47 (android_getCpuFeatures() & ANDROID_CPU_ARM_FEATURE_NEON
) != 0;
48 // CRYPTO_set_NEON_capable is called before |SSL_library_init| because this
49 // stops BoringSSL from probing for NEON support via SIGILL in the case
50 // that getauxval isn't present.
51 CRYPTO_set_NEON_capable(has_neon
);
52 // See https://code.google.com/p/chromium/issues/detail?id=341598
54 CRYPTO_set_NEON_functional(!cpu
.has_broken_neon());
60 ~OpenSSLInitSingleton() {}
62 DISALLOW_COPY_AND_ASSIGN(OpenSSLInitSingleton
);
65 // Callback routine for OpenSSL to print error messages. |str| is a
66 // NULL-terminated string of length |len| containing diagnostic information
67 // such as the library, function and reason for the error, the file and line
68 // where the error originated, plus potentially any context-specific
69 // information about the error. |context| contains a pointer to user-supplied
70 // data, which is currently unused.
71 // If this callback returns a value <= 0, OpenSSL will stop processing the
72 // error queue and return, otherwise it will continue calling this function
73 // until all errors have been removed from the queue.
74 int OpenSSLErrorCallback(const char* str
, size_t len
, void* context
) {
75 DVLOG(1) << "\t" << base::StringPiece(str
, len
);
81 void EnsureOpenSSLInit() {
82 (void)OpenSSLInitSingleton::GetInstance();
85 void ClearOpenSSLERRStack(const tracked_objects::Location
& location
) {
86 if (logging::DEBUG_MODE
&& VLOG_IS_ON(1)) {
87 uint32_t error_num
= ERR_peek_error();
92 location
.Write(true, true, &message
);
93 DVLOG(1) << "OpenSSL ERR_get_error stack from " << message
;
94 ERR_print_errors_cb(&OpenSSLErrorCallback
, NULL
);
100 } // namespace crypto