Attempt to log an error if init failed

If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/apps/errstr.c b/apps/errstr.c
index 960815da65f7101df046093f61913fedeb0e313f..99bb9e9068f27186a0e77361986c82c6def951c9 100644 (file)
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -114,6 +114,11 @@ int errstr_main(int argc, char **argv)
         if (!opt_ulong(*argv, &l))
             ret++;
         else {
         if (!opt_ulong(*argv, &l))
             ret++;
         else {

+            /* We're not really an SSL application so this won't auto-init, but
+             * we're still interested in SSL error strings
+             */
+            OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS
+                             | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);

             ERR_error_string_n(l, buf, sizeof buf);
             BIO_printf(bio_out, "%s\n", buf);
         }
             ERR_error_string_n(l, buf, sizeof buf);
             BIO_printf(bio_out, "%s\n", buf);
         }

diff --git a/crypto/async/async.c b/crypto/async/async.c
index af9da35f99c3ec662edc13dbd542f016245d539c..ebc5ebbe93b43e0a49097cbebf992cddfcaf39ab 100644 (file)
--- a/crypto/async/async.c
+++ b/crypto/async/async.c
@@ -363,11 +363,9 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
     }
 
     if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {
     }
 
     if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {

-        ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);

         return 0;
     }
     if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
         return 0;
     }
     if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {

-        ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);

         return 0;
     }
 
         return 0;
     }
 

diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 46bd9c82d648eb5fdaf33fec6a5bdaca2620a3a0..d1e4b33b5c4d062c71c84d5389829553c4047ebf 100644 (file)
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,5 +1,5 @@
 /* ====================================================================
 /* ====================================================================

- * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.

  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions


@@ -84,6 +84,9 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
     {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},

+    {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START),
+     "OPENSSL_INIT_crypto_library_start"},
+    {ERR_FUNC(CRYPTO_F_OPENSSL_MEMDUP), "OPENSSL_MEMDUP"},

     {0, NULL}
 };
 
     {0, NULL}
 };
 

diff --git a/crypto/err/err.c b/crypto/err/err.c
index 72656339c564205aca582db5bc124e5a1689854a..5e1d5c55b422cf3c86a1ec0063070580982f72c8 100644 (file)
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -223,6 +223,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
     {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
     {ERR_R_INTERNAL_ERROR, "internal error"},
     {ERR_R_DISABLED, "called a function that was disabled at compile-time"},
     {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
     {ERR_R_INTERNAL_ERROR, "internal error"},
     {ERR_R_DISABLED, "called a function that was disabled at compile-time"},

+    {ERR_R_INIT_FAIL, "init fail"},

 
     {0, NULL},
 };
 
     {0, NULL},
 };

diff --git a/crypto/init.c b/crypto/init.c
index f01bd4d93f6e11740263a270ca54a489a1303edd..cb9d65a4ddd1835a2bccfda30b176fa0891a43e4 100644 (file)
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -628,8 +628,21 @@ static const OPENSSL_INIT_SETTINGS *ossl_init_get_setting(
  */
 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {
  */
 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {

-    if (stopped)
+    static int stoperrset = 0;
+
+    if (stopped) {
+        if (!stoperrset) {
+            /*
+             * We only ever set this once to avoid getting into an infinite
+             * loop where the error system keeps trying to init and fails so
+             * sets an error etc
+             */
+            stoperrset = 1;
+            CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START,
+                      ERR_R_INIT_FAIL);
+        }

         return 0;
         return 0;

+    }

 
     ossl_init_once_run(&base, ossl_init_base);
 
 
     ossl_init_once_run(&base, ossl_init_base);
 

diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index d6cedecd60afee38f1c67fec1b384cd04937ee87..d761a97f7fa6ecbc192e24caf92c2486bd2b4675 100644 (file)
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -627,6 +627,7 @@ void ERR_load_CRYPTO_strings(void);
 # define CRYPTO_F_INT_DUP_EX_DATA                         106
 # define CRYPTO_F_INT_FREE_EX_DATA                        107
 # define CRYPTO_F_INT_NEW_EX_DATA                         108
 # define CRYPTO_F_INT_DUP_EX_DATA                         106
 # define CRYPTO_F_INT_FREE_EX_DATA                        107
 # define CRYPTO_F_INT_NEW_EX_DATA                         108

+# define CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START       116

 # define CRYPTO_F_OPENSSL_MEMDUP                          114
 
 /* Reason codes. */
 # define CRYPTO_F_OPENSSL_MEMDUP                          114
 
 /* Reason codes. */

diff --git a/include/openssl/err.h b/include/openssl/err.h
index 39f216c21c3b817f5af952dbc78cda07a0eb4890..bdf83081cba68cedc4996afc9f845e002b7ca224 100644 (file)
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -309,7 +309,7 @@ typedef struct err_state_st {
 # define ERR_R_PASSED_NULL_PARAMETER             (3|ERR_R_FATAL)
 # define ERR_R_INTERNAL_ERROR                    (4|ERR_R_FATAL)
 # define ERR_R_DISABLED                          (5|ERR_R_FATAL)
 # define ERR_R_PASSED_NULL_PARAMETER             (3|ERR_R_FATAL)
 # define ERR_R_INTERNAL_ERROR                    (4|ERR_R_FATAL)
 # define ERR_R_DISABLED                          (5|ERR_R_FATAL)

-# define ERR_R_NOT_INITED                        (6|ERR_R_FATAL)
+# define ERR_R_INIT_FAIL                         (6|ERR_R_FATAL)

 
 /*
  * 99 is the maximum possible ERR_R_... code, higher values are reserved for
 
 /*
  * 99 is the maximum possible ERR_R_... code, higher values are reserved for

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 888f9a9c956b0f35987310bfca027f4186b38a31..87ea39cd08888c49dc19be0bb7aaae4c1b05f7cd 100644 (file)
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1986,6 +1986,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385
 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
 # define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385
 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386

+# define SSL_F_OPENSSL_INIT_SSL_LIBRARY_START             342

 # define SSL_F_READ_STATE_MACHINE                         352
 # define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
 # define SSL_F_SSL3_CALLBACK_CTRL                         233
 # define SSL_F_READ_STATE_MACHINE                         352
 # define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
 # define SSL_F_SSL3_CALLBACK_CTRL                         233

diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 0d8bcd4f5385a7088528623261d7d2acd1693fbf..4dc889555286e6874b1944735d86324e737a263d 100644 (file)
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -95,7 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
      "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
     {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
     {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
      "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
     {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},

-    {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "dtlsv1_listen"},
+    {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},

     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
      "dtls_construct_change_cipher_spec"},
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST),
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
      "dtls_construct_change_cipher_spec"},
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST),


@@ -103,6 +103,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE),
      "dtls_get_reassembled_message"},
     {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
     {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE),
      "dtls_get_reassembled_message"},
     {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},

+    {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START),
+     "OPENSSL_INIT_ssl_library_start"},

     {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
     {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
     {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
     {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
     {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
     {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},

diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index 134aa00d546aae266777f81bb8de18d0c5499518..e7fc63dd115de7a6e80375a75f93e4376e2acf97 100644 (file)
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c
@@ -301,8 +301,20 @@ static void ssl_library_stop(void)
  */
 int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {
  */
 int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {

-    if (stopped)
+    static int stoperrset = 0;
+
+    if (stopped) {
+        if (!stoperrset) {
+            /*
+             * We only ever set this once to avoid getting into an infinite
+             * loop where the error system keeps trying to init and fails so
+             * sets an error etc
+             */
+            stoperrset = 1;
+            SSLerr(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START, ERR_R_INIT_FAIL);
+        }

         return 0;
         return 0;

+    }

 
     if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
                              | OPENSSL_INIT_ADD_ALL_DIGESTS, settings))
 
     if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
                              | OPENSSL_INIT_ADD_ALL_DIGESTS, settings))