Move OpenSSL error hancling functions to tdutils.

GitOrigin-RevId: 6d45b5ee1077eca430802fb6258104b0371688fa
This commit is contained in:
levlam 2020-06-06 21:31:47 +03:00
parent c67816454f
commit ed615430e1
3 changed files with 41 additions and 33 deletions

View File

@ -8,6 +8,7 @@
#if !TD_EMSCRIPTEN
#include "td/utils/common.h"
#include "td/utils/crypto.h"
#include "td/utils/logging.h"
#include "td/utils/misc.h"
#include "td/utils/port/IPAddress.h"
@ -142,42 +143,14 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) {
return preverify_ok;
}
Status create_openssl_error(int code, Slice message) {
const int max_result_size = 1 << 12;
auto result = StackAllocator::alloc(max_result_size);
StringBuilder sb(result.as_slice());
sb << message;
while (unsigned long error_code = ERR_get_error()) {
char error_buf[1024];
ERR_error_string_n(error_code, error_buf, sizeof(error_buf));
Slice error(error_buf, std::strlen(error_buf));
sb << "{" << error << "}";
}
LOG_IF(ERROR, sb.is_error()) << "OpenSSL error buffer overflow";
LOG(DEBUG) << sb.as_cslice();
return Status::Error(code, sb.as_cslice());
}
void openssl_clear_errors(Slice from) {
if (ERR_peek_error() != 0) {
LOG(ERROR) << from << ": " << create_openssl_error(0, "Unprocessed OPENSSL_ERROR");
}
#if TD_PORT_WINDOWS // TODO move to utils
WSASetLastError(0);
#else
errno = 0;
#endif
}
void do_ssl_shutdown(SSL *ssl_handle) {
if (!SSL_is_init_finished(ssl_handle)) {
return;
}
openssl_clear_errors("Before SSL_shutdown");
clear_openssl_errors("Before SSL_shutdown");
SSL_set_quiet_shutdown(ssl_handle, 1);
SSL_shutdown(ssl_handle);
openssl_clear_errors("After SSL_shutdown");
clear_openssl_errors("After SSL_shutdown");
}
} // namespace
@ -209,7 +182,7 @@ class SslStreamImpl {
}();
CHECK(init_openssl);
openssl_clear_errors("Before SslFd::init");
clear_openssl_errors("Before SslFd::init");
auto ssl_method =
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
@ -385,7 +358,7 @@ class SslStreamImpl {
friend class SslWriteByteFlow;
Result<size_t> write(Slice slice) {
openssl_clear_errors("Before SslFd::write");
clear_openssl_errors("Before SslFd::write");
auto size = SSL_write(ssl_handle_, slice.data(), static_cast<int>(slice.size()));
if (size <= 0) {
return process_ssl_error(size);
@ -394,7 +367,7 @@ class SslStreamImpl {
}
Result<size_t> read(MutableSlice slice) {
openssl_clear_errors("Before SslFd::read");
clear_openssl_errors("Before SslFd::read");
auto size = SSL_read(ssl_handle_, slice.data(), static_cast<int>(slice.size()));
if (size <= 0) {
return process_ssl_error(size);

View File

@ -8,6 +8,7 @@
#include "td/utils/as.h"
#include "td/utils/BigNum.h"
#include "td/utils/common.h"
#include "td/utils/logging.h"
#include "td/utils/misc.h"
#include "td/utils/port/RwMutex.h"
@ -19,6 +20,7 @@
#include <openssl/aes.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
@ -670,6 +672,35 @@ void init_openssl_threads() {
}
#endif
}
Status create_openssl_error(int code, Slice message) {
const int max_result_size = 1 << 12;
auto result = StackAllocator::alloc(max_result_size);
StringBuilder sb(result.as_slice());
sb << message;
while (unsigned long error_code = ERR_get_error()) {
char error_buf[1024];
ERR_error_string_n(error_code, error_buf, sizeof(error_buf));
Slice error(error_buf, std::strlen(error_buf));
sb << "{" << error << "}";
}
LOG_IF(ERROR, sb.is_error()) << "OpenSSL error buffer overflow";
LOG(DEBUG) << sb.as_cslice();
return Status::Error(code, sb.as_cslice());
}
void clear_openssl_errors(Slice source) {
if (ERR_peek_error() != 0) {
LOG(ERROR) << source << ": " << create_openssl_error(0, "Unprocessed OPENSSL_ERROR");
}
#if TD_PORT_WINDOWS
WSASetLastError(0);
#else
errno = 0;
#endif
}
#endif
#if TD_HAVE_ZLIB

View File

@ -103,6 +103,10 @@ Result<BufferSlice> rsa_encrypt_pkcs1_oaep(Slice public_key, Slice data);
Result<BufferSlice> rsa_decrypt_pkcs1_oaep(Slice private_key, Slice data);
void init_openssl_threads();
Status create_openssl_error(int code, Slice message);
void clear_openssl_errors(Slice source);
#endif
#if TD_HAVE_ZLIB