| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_server_socket_openssl.h" | 5 #include "net/socket/ssl_server_socket_openssl.h" |
| 6 | 6 |
| 7 #include <openssl/err.h> | 7 #include <openssl/err.h> |
| 8 #include <openssl/ssl.h> | 8 #include <openssl/ssl.h> |
| 9 | 9 |
| 10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "crypto/openssl_util.h" | 12 #include "crypto/openssl_util.h" |
| 13 #include "crypto/rsa_private_key.h" | 13 #include "crypto/rsa_private_key.h" |
| 14 #include "crypto/scoped_openssl_types.h" | 14 #include "crypto/scoped_openssl_types.h" |
| 15 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
| 16 #include "net/socket/ssl_error_params.h" | |
| 17 #include "net/ssl/openssl_ssl_util.h" | 16 #include "net/ssl/openssl_ssl_util.h" |
| 18 | 17 |
| 19 #define GotoState(s) next_handshake_state_ = s | 18 #define GotoState(s) next_handshake_state_ = s |
| 20 | 19 |
| 21 namespace net { | 20 namespace net { |
| 22 | 21 |
| 23 void EnableSSLServerSockets() { | 22 void EnableSSLServerSockets() { |
| 24 // No-op because CreateSSLServerSocket() calls crypto::EnsureOpenSSLInit(). | 23 // No-op because CreateSSLServerSocket() calls crypto::EnsureOpenSSLInit(). |
| 25 } | 24 } |
| 26 | 25 |
| (...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 450 } | 449 } |
| 451 | 450 |
| 452 int SSLServerSocketOpenSSL::DoPayloadRead() { | 451 int SSLServerSocketOpenSSL::DoPayloadRead() { |
| 453 DCHECK(user_read_buf_.get()); | 452 DCHECK(user_read_buf_.get()); |
| 454 DCHECK_GT(user_read_buf_len_, 0); | 453 DCHECK_GT(user_read_buf_len_, 0); |
| 455 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 454 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 456 int rv = SSL_read(ssl_, user_read_buf_->data(), user_read_buf_len_); | 455 int rv = SSL_read(ssl_, user_read_buf_->data(), user_read_buf_len_); |
| 457 if (rv >= 0) | 456 if (rv >= 0) |
| 458 return rv; | 457 return rv; |
| 459 int ssl_error = SSL_get_error(ssl_, rv); | 458 int ssl_error = SSL_get_error(ssl_, rv); |
| 460 int net_error = MapOpenSSLError(ssl_error, err_tracer); | 459 OpenSSLErrorInfo error_info; |
| 460 int net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, |
| 461 &error_info); |
| 461 if (net_error != ERR_IO_PENDING) { | 462 if (net_error != ERR_IO_PENDING) { |
| 462 net_log_.AddEvent(NetLog::TYPE_SSL_READ_ERROR, | 463 net_log_.AddEvent( |
| 463 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 464 NetLog::TYPE_SSL_READ_ERROR, |
| 465 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
| 464 } | 466 } |
| 465 return net_error; | 467 return net_error; |
| 466 } | 468 } |
| 467 | 469 |
| 468 int SSLServerSocketOpenSSL::DoPayloadWrite() { | 470 int SSLServerSocketOpenSSL::DoPayloadWrite() { |
| 469 DCHECK(user_write_buf_.get()); | 471 DCHECK(user_write_buf_.get()); |
| 470 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 472 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 471 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); | 473 int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); |
| 472 if (rv >= 0) | 474 if (rv >= 0) |
| 473 return rv; | 475 return rv; |
| 474 int ssl_error = SSL_get_error(ssl_, rv); | 476 int ssl_error = SSL_get_error(ssl_, rv); |
| 475 int net_error = MapOpenSSLError(ssl_error, err_tracer); | 477 OpenSSLErrorInfo error_info; |
| 478 int net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, |
| 479 &error_info); |
| 476 if (net_error != ERR_IO_PENDING) { | 480 if (net_error != ERR_IO_PENDING) { |
| 477 net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR, | 481 net_log_.AddEvent( |
| 478 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 482 NetLog::TYPE_SSL_WRITE_ERROR, |
| 483 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
| 479 } | 484 } |
| 480 return net_error; | 485 return net_error; |
| 481 } | 486 } |
| 482 | 487 |
| 483 int SSLServerSocketOpenSSL::DoHandshakeLoop(int last_io_result) { | 488 int SSLServerSocketOpenSSL::DoHandshakeLoop(int last_io_result) { |
| 484 int rv = last_io_result; | 489 int rv = last_io_result; |
| 485 do { | 490 do { |
| 486 // Default to STATE_NONE for next state. | 491 // Default to STATE_NONE for next state. |
| 487 // (This is a quirk carried over from the windows | 492 // (This is a quirk carried over from the windows |
| 488 // implementation. It makes reading the logs a bit harder.) | 493 // implementation. It makes reading the logs a bit harder.) |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 547 | 552 |
| 548 int SSLServerSocketOpenSSL::DoHandshake() { | 553 int SSLServerSocketOpenSSL::DoHandshake() { |
| 549 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 554 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 550 int net_error = OK; | 555 int net_error = OK; |
| 551 int rv = SSL_do_handshake(ssl_); | 556 int rv = SSL_do_handshake(ssl_); |
| 552 | 557 |
| 553 if (rv == 1) { | 558 if (rv == 1) { |
| 554 completed_handshake_ = true; | 559 completed_handshake_ = true; |
| 555 } else { | 560 } else { |
| 556 int ssl_error = SSL_get_error(ssl_, rv); | 561 int ssl_error = SSL_get_error(ssl_, rv); |
| 557 net_error = MapOpenSSLError(ssl_error, err_tracer); | 562 OpenSSLErrorInfo error_info; |
| 563 net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, &error_info); |
| 558 | 564 |
| 559 // If not done, stay in this state | 565 // If not done, stay in this state |
| 560 if (net_error == ERR_IO_PENDING) { | 566 if (net_error == ERR_IO_PENDING) { |
| 561 GotoState(STATE_HANDSHAKE); | 567 GotoState(STATE_HANDSHAKE); |
| 562 } else { | 568 } else { |
| 563 LOG(ERROR) << "handshake failed; returned " << rv | 569 LOG(ERROR) << "handshake failed; returned " << rv |
| 564 << ", SSL error code " << ssl_error | 570 << ", SSL error code " << ssl_error |
| 565 << ", net_error " << net_error; | 571 << ", net_error " << net_error; |
| 566 net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR, | 572 net_log_.AddEvent( |
| 567 CreateNetLogSSLErrorCallback(net_error, ssl_error)); | 573 NetLog::TYPE_SSL_HANDSHAKE_ERROR, |
| 574 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
| 568 } | 575 } |
| 569 } | 576 } |
| 570 return net_error; | 577 return net_error; |
| 571 } | 578 } |
| 572 | 579 |
| 573 void SSLServerSocketOpenSSL::DoHandshakeCallback(int rv) { | 580 void SSLServerSocketOpenSSL::DoHandshakeCallback(int rv) { |
| 574 DCHECK_NE(rv, ERR_IO_PENDING); | 581 DCHECK_NE(rv, ERR_IO_PENDING); |
| 575 ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv); | 582 ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv); |
| 576 } | 583 } |
| 577 | 584 |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 677 | 684 |
| 678 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); | 685 mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true); |
| 679 | 686 |
| 680 SSL_set_mode(ssl_, mode.set_mask); | 687 SSL_set_mode(ssl_, mode.set_mask); |
| 681 SSL_clear_mode(ssl_, mode.clear_mask); | 688 SSL_clear_mode(ssl_, mode.clear_mask); |
| 682 | 689 |
| 683 return OK; | 690 return OK; |
| 684 } | 691 } |
| 685 | 692 |
| 686 } // namespace net | 693 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 494913002:
Include better OpenSSL error information in NetLog. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src