| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_server_socket_openssl.h" | 5 #include "net/socket/ssl_server_socket_openssl.h" |
| 6 | 6 |
| 7 #include <openssl/err.h> | 7 #include <openssl/err.h> |
| 8 #include <openssl/ssl.h> | 8 #include <openssl/ssl.h> |
| 9 | 9 |
| 10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "crypto/openssl_util.h" | 12 #include "crypto/openssl_util.h" |
| 13 #include "crypto/rsa_private_key.h" | 13 #include "crypto/rsa_private_key.h" |
| 14 #include "crypto/scoped_openssl_types.h" | 14 #include "crypto/scoped_openssl_types.h" |
| 15 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
| 16 #include "net/socket/ssl_error_params.h" | |
| 17 #include "net/ssl/openssl_ssl_util.h" | 16 #include "net/ssl/openssl_ssl_util.h" |
| 18 | 17 |
| 19 #define GotoState(s) next_handshake_state_ = s | 18 #define GotoState(s) next_handshake_state_ = s |
| 20 | 19 |
| 21 namespace net { | 20 namespace net { |
| 22 | 21 |
| 23 void EnableSSLServerSockets() { | 22 void EnableSSLServerSockets() { |
| 24 // No-op because CreateSSLServerSocket() calls crypto::EnsureOpenSSLInit(). | 23 // No-op because CreateSSLServerSocket() calls crypto::EnsureOpenSSLInit(). |
| 25 } | 24 } |
| 26 | 25 |
| (...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 450 } | 449 } |
| 451 | 450 |
| 452 int SSLServerSocketOpenSSL::DoPayloadRead() { | 451 int SSLServerSocketOpenSSL::DoPayloadRead() { |
| 453 DCHECK(user_read_buf_.get()); | 452 DCHECK(user_read_buf_.get()); |
| 454 DCHECK_GT(user_read_buf_len_, 0); | 453 DCHECK_GT(user_read_buf_len_, 0); |
| 455 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 454 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 456 int rv = SSL_read(ssl_, user_read_buf_->data(), user_read_buf_len_); | 455 int rv = SSL_read(ssl_, user_read_buf_->data(), user_read_buf_len_); |
| 457 if (rv >= 0) | 456 if (rv >= 0) |
| 458 return rv; | 457 return rv; |
| 459 int ssl_error = SSL_get_error(ssl_, rv); | 458 int ssl_error = SSL_get_error(ssl_, rv); |
| 460 int net_error = MapOpenSSLError(ssl_error, err_tracer); | 459 uint32_t error_code; |
| 460 const char* file; |
| 461 int line; |
| 462 int net_error = MapOpenSSLErrorWithDetails( |
| 463 ssl_error, err_tracer, &error_code, &file, &line); |
| 461 if (net_error != ERR_IO_PENDING) { | 464 if (net_error != ERR_IO_PENDING) { |
| 462 net_log_.AddEvent(NetLog::TYPE_SSL_READ_ERROR, | 465 net_log_.AddEvent(NetLog::TYPE_SSL_READ_ERROR, |
| 463 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 466 CreateNetLogOpenSSLErrorCallback( |
| 467 net_error, ssl_error, error_code, file, line)); |
| 464 } | 468 } |
| 465 return net_error; | 469 return net_error; |
| 466 } | 470 } |
| 467 | 471 |
| 468 int SSLServerSocketOpenSSL::DoPayloadWrite() { | 472 int SSLServerSocketOpenSSL::DoPayloadWrite() { |
| 469 DCHECK(user_write_buf_.get()); | 473 DCHECK(user_write_buf_.get()); |
| 470 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 474 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 471 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); | 475 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); |
| 472 if (rv >= 0) | 476 if (rv >= 0) |
| 473 return rv; | 477 return rv; |
| 474 int ssl_error = SSL_get_error(ssl_, rv); | 478 int ssl_error = SSL_get_error(ssl_, rv); |
| 475 int net_error = MapOpenSSLError(ssl_error, err_tracer); | 479 uint32_t error_code; |
| 480 const char* file; |
| 481 int line; |
| 482 int net_error = MapOpenSSLErrorWithDetails( |
| 483 ssl_error, err_tracer, &error_code, &file, &line); |
| 476 if (net_error != ERR_IO_PENDING) { | 484 if (net_error != ERR_IO_PENDING) { |
| 477 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR, | 485 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR, |
| 478 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 486 CreateNetLogOpenSSLErrorCallback( |
| 487 net_error, ssl_error, error_code, file, line)); |
| 479 } | 488 } |
| 480 return net_error; | 489 return net_error; |
| 481 } | 490 } |
| 482 | 491 |
| 483 int SSLServerSocketOpenSSL::DoHandshakeLoop(int last_io_result) { | 492 int SSLServerSocketOpenSSL::DoHandshakeLoop(int last_io_result) { |
| 484 int rv = last_io_result; | 493 int rv = last_io_result; |
| 485 do { | 494 do { |
| 486 // Default to STATE_NONE for next state. | 495 // Default to STATE_NONE for next state. |
| 487 // (This is a quirk carried over from the windows | 496 // (This is a quirk carried over from the windows |
| 488 // implementation. It makes reading the logs a bit harder.) | 497 // implementation. It makes reading the logs a bit harder.) |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 547 | 556 |
| 548 int SSLServerSocketOpenSSL::DoHandshake() { | 557 int SSLServerSocketOpenSSL::DoHandshake() { |
| 549 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 558 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 550 int net_error = OK; | 559 int net_error = OK; |
| 551 int rv = SSL_do_handshake(ssl_); | 560 int rv = SSL_do_handshake(ssl_); |
| 552 | 561 |
| 553 if (rv == 1) { | 562 if (rv == 1) { |
| 554 completed_handshake_ = true; | 563 completed_handshake_ = true; |
| 555 } else { | 564 } else { |
| 556 int ssl_error = SSL_get_error(ssl_, rv); | 565 int ssl_error = SSL_get_error(ssl_, rv); |
| 557 net_error = MapOpenSSLError(ssl_error, err_tracer); | 566 uint32_t error_code; |
| 567 const char* file; |
| 568 int line; |
| 569 net_error = MapOpenSSLErrorWithDetails( |
| 570 ssl_error, err_tracer, &error_code, &file, &line); |
| 558 | 571 |
| 559 // If not done, stay in this state | 572 // If not done, stay in this state |
| 560 if (net_error == ERR_IO_PENDING) { | 573 if (net_error == ERR_IO_PENDING) { |
| 561 GotoState(STATE_HANDSHAKE); | 574 GotoState(STATE_HANDSHAKE); |
| 562 } else { | 575 } else { |
| 563 LOG(ERROR) << "handshake failed; returned " << rv | 576 LOG(ERROR) << "handshake failed; returned " << rv |
| 564 << ", SSL error code " << ssl_error | 577 << ", SSL error code " << ssl_error |
| 565 << ", net_error " << net_error; | 578 << ", net_error " << net_error; |
| 566 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR, | 579 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR, |
| 567 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 580 CreateNetLogOpenSSLErrorCallback( |
| 581 net_error, ssl_error, error_code, file, line)); |
| 568 } | 582 } |
| 569 } | 583 } |
| 570 return net_error; | 584 return net_error; |
| 571 } | 585 } |
| 572 | 586 |
| 573 void SSLServerSocketOpenSSL::DoHandshakeCallback(int rv) { | 587 void SSLServerSocketOpenSSL::DoHandshakeCallback(int rv) { |
| 574 DCHECK_NE(rv, ERR_IO_PENDING); | 588 DCHECK_NE(rv, ERR_IO_PENDING); |
| 575 ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv); | 589 ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv); |
| 576 } | 590 } |
| 577 | 591 |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 677 | 691 |
| 678 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); | 692 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); |
| 679 | 693 |
| 680 SSL_set_mode(ssl_, mode.set_mask); | 694 SSL_set_mode(ssl_, mode.set_mask); |
| 681 SSL_clear_mode(ssl_, mode.clear_mask); | 695 SSL_clear_mode(ssl_, mode.clear_mask); |
| 682 | 696 |
| 683 return OK; | 697 return OK; |
| 684 } | 698 } |
| 685 | 699 |
| 686 } // namespace net | 700 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 494913002:
Include better OpenSSL error information in NetLog. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src