Attempt to log an error if init failed
authorMatt Caswell <matt@openssl.org>
Wed, 10 Feb 2016 15:16:06 +0000 (15:16 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Feb 2016 17:40:59 +0000 (17:40 +0000)
If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>
apps/errstr.c
crypto/async/async.c
crypto/cpt_err.c
crypto/err/err.c
crypto/init.c
include/openssl/crypto.h
include/openssl/err.h
include/openssl/ssl.h
ssl/ssl_err.c
ssl/ssl_init.c

index 960815d..99bb9e9 100644 (file)
@@ -114,6 +114,11 @@ int errstr_main(int argc, char **argv)
         if (!opt_ulong(*argv, &l))
             ret++;
         else {
+            /* We're not really an SSL application so this won't auto-init, but
+             * we're still interested in SSL error strings
+             */
+            OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS
+                             | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
             ERR_error_string_n(l, buf, sizeof buf);
             BIO_printf(bio_out, "%s\n", buf);
         }
index af9da35..ebc5ebb 100644 (file)
@@ -363,11 +363,9 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
     }
 
     if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) {
-        ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);
         return 0;
     }
     if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_ASYNC)) {
-        ASYNCerr(ASYNC_F_ASYNC_INIT_THREAD, ERR_R_NOT_INITED);
         return 0;
     }
 
index 46bd9c8..d1e4b33 100644 (file)
@@ -1,5 +1,5 @@
 /* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -84,6 +84,9 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
     {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
+    {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START),
+     "OPENSSL_INIT_crypto_library_start"},
+    {ERR_FUNC(CRYPTO_F_OPENSSL_MEMDUP), "OPENSSL_MEMDUP"},
     {0, NULL}
 };
 
index 7265633..5e1d5c5 100644 (file)
@@ -223,6 +223,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
     {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
     {ERR_R_INTERNAL_ERROR, "internal error"},
     {ERR_R_DISABLED, "called a function that was disabled at compile-time"},
+    {ERR_R_INIT_FAIL, "init fail"},
 
     {0, NULL},
 };
index f01bd4d..cb9d65a 100644 (file)
@@ -628,8 +628,21 @@ static const OPENSSL_INIT_SETTINGS *ossl_init_get_setting(
  */
 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {
-    if (stopped)
+    static int stoperrset = 0;
+
+    if (stopped) {
+        if (!stoperrset) {
+            /*
+             * We only ever set this once to avoid getting into an infinite
+             * loop where the error system keeps trying to init and fails so
+             * sets an error etc
+             */
+            stoperrset = 1;
+            CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START,
+                      ERR_R_INIT_FAIL);
+        }
         return 0;
+    }
 
     ossl_init_once_run(&base, ossl_init_base);
 
index d6cedec..d761a97 100644 (file)
@@ -627,6 +627,7 @@ void ERR_load_CRYPTO_strings(void);
 # define CRYPTO_F_INT_DUP_EX_DATA                         106
 # define CRYPTO_F_INT_FREE_EX_DATA                        107
 # define CRYPTO_F_INT_NEW_EX_DATA                         108
+# define CRYPTO_F_OPENSSL_INIT_CRYPTO_LIBRARY_START       116
 # define CRYPTO_F_OPENSSL_MEMDUP                          114
 
 /* Reason codes. */
index 39f216c..bdf8308 100644 (file)
@@ -309,7 +309,7 @@ typedef struct err_state_st {
 # define ERR_R_PASSED_NULL_PARAMETER             (3|ERR_R_FATAL)
 # define ERR_R_INTERNAL_ERROR                    (4|ERR_R_FATAL)
 # define ERR_R_DISABLED                          (5|ERR_R_FATAL)
-# define ERR_R_NOT_INITED                        (6|ERR_R_FATAL)
+# define ERR_R_INIT_FAIL                         (6|ERR_R_FATAL)
 
 /*
  * 99 is the maximum possible ERR_R_... code, higher values are reserved for
index 888f9a9..87ea39c 100644 (file)
@@ -1986,6 +1986,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385
 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
+# define SSL_F_OPENSSL_INIT_SSL_LIBRARY_START             342
 # define SSL_F_READ_STATE_MACHINE                         352
 # define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
 # define SSL_F_SSL3_CALLBACK_CTRL                         233
index 0d8bcd4..4dc8895 100644 (file)
@@ -95,7 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
      "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
     {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
-    {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "dtlsv1_listen"},
+    {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
      "dtls_construct_change_cipher_spec"},
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST),
@@ -103,6 +103,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE),
      "dtls_get_reassembled_message"},
     {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
+    {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START),
+     "OPENSSL_INIT_ssl_library_start"},
     {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
     {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
     {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
index 134aa00..e7fc63d 100644 (file)
@@ -301,8 +301,20 @@ static void ssl_library_stop(void)
  */
 int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {
-    if (stopped)
+    static int stoperrset = 0;
+
+    if (stopped) {
+        if (!stoperrset) {
+            /*
+             * We only ever set this once to avoid getting into an infinite
+             * loop where the error system keeps trying to init and fails so
+             * sets an error etc
+             */
+            stoperrset = 1;
+            SSLerr(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START, ERR_R_INIT_FAIL);
+        }
         return 0;
+    }
 
     if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
                              | OPENSSL_INIT_ADD_ALL_DIGESTS, settings))