Skip to content

Commit

Permalink
SSL: Fix SSL_get_error get the error of other coroutine. v5.0.155, v6…
Browse files Browse the repository at this point in the history
….0.46 (ossrs#3513)

---------

Co-authored-by: john <hondaxiao@tencent.com>
Co-authored-by: winlin <winlin@vip.126.com>
  • Loading branch information
3 people authored and johzzy committed Jun 25, 2023
1 parent 98b4d15 commit 757c51f
Show file tree
Hide file tree
Showing 5 changed files with 17 additions and 14 deletions.
8 changes: 4 additions & 4 deletions trunk/src/app/srs_app_conn.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -674,7 +674,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file)
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn);
}

r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0);
r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
}
Expand Down Expand Up @@ -717,7 +717,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file)
}

// fix: bug for local cert
r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0);
r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 == 1 && r1 == SSL_ERROR_NONE) {
break;
}
Expand Down Expand Up @@ -785,7 +785,7 @@ srs_error_t SrsSslConnection::read(void* plaintext, size_t nn_plaintext, ssize_t
srs_error_t err = srs_success;

while (true) {
int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0);
int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl);

// OK, got data.
Expand Down Expand Up @@ -843,7 +843,7 @@ srs_error_t SrsSslConnection::write(void* plaintext, size_t nn_plaintext, ssize_
for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) {
int left = (int)nn_plaintext - (p - (char*)plaintext);
int r0 = SSL_write(ssl, (const void*)p, left);
int r1 = SSL_get_error(ssl, r0);
int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 <= 0) {
return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1);
}
Expand Down
1 change: 1 addition & 0 deletions trunk/src/app/srs_app_conn.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
#include <map>

#include <openssl/ssl.h>
#include <openssl/err.h>

#include <srs_app_st.hpp>
#include <srs_protocol_kbps.hpp>
Expand Down
10 changes: 5 additions & 5 deletions trunk/src/app/srs_app_rtc_dtls.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ void ssl_on_info(const SSL* dtls, int where, int ret)
method = "undefined";
}

int r1 = SSL_get_error(dtls, ret);
int r1 = SSL_get_error(dtls, ret); ERR_clear_error();
if (where & SSL_CB_LOOP) {
srs_info("DTLS: method=%s state=%s(%s), where=%d, ret=%d, r1=%d", method, SSL_state_string(dtls),
SSL_state_string_long(dtls), where, ret, r1);
Expand Down Expand Up @@ -612,7 +612,7 @@ srs_error_t SrsDtlsImpl::do_on_dtls(char* data, int nb_data)
for (int i = 0; i < 1024 && BIO_ctrl_pending(bio_in) > 0; i++) {
char buf[8092];
int r0 = SSL_read(dtls, buf, sizeof(buf));
int r1 = SSL_get_error(dtls, r0);
int r1 = SSL_get_error(dtls, r0); ERR_clear_error();

if (r0 <= 0) {
// SSL_ERROR_ZERO_RETURN
Expand Down Expand Up @@ -681,7 +681,7 @@ srs_error_t SrsDtlsImpl::do_handshake()

// Do handshake and get the result.
int r0 = SSL_do_handshake(dtls);
int r1 = SSL_get_error(dtls, r0);
int r1 = SSL_get_error(dtls, r0); ERR_clear_error();

// Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2.
if (r0 < 0 && (r1 != SSL_ERROR_NONE && r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE)) {
Expand Down Expand Up @@ -1029,7 +1029,7 @@ srs_error_t SrsDtlsClientImpl::cycle()
}

// The timeout is 0, so there must be a ARQ packet to transmit in openssl.
r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0);
r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0); ERR_clear_error();
if (r0 != 1) {
return srs_error_new(ERROR_OpenSslBIOReset, "BIO_reset r0=%d, r1=%d", r0, r1);
}
Expand All @@ -1038,7 +1038,7 @@ srs_error_t SrsDtlsClientImpl::cycle()
// had expired, it returns 0. Otherwise, it retransmits the previous flight of handshake
// messages and returns 1. If too many timeouts had expired without progress or an error
// occurs, it returns -1.
r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0);
r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0); ERR_clear_error();
if (r0 == 0) {
continue; // No timeout had expired.
}
Expand Down
11 changes: 6 additions & 5 deletions trunk/src/protocol/srs_protocol_http_client.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ srs_error_t SrsSslClient::handshake()
SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);

// Send ClientHello.
int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0);
int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
}
Expand Down Expand Up @@ -121,7 +121,8 @@ srs_error_t SrsSslClient::handshake()
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn);
}

if ((r0 = SSL_do_handshake(ssl)) != -1 || (r1 = SSL_get_error(ssl, r0)) != SSL_ERROR_WANT_READ) {
r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
}

Expand Down Expand Up @@ -159,7 +160,7 @@ srs_error_t SrsSslClient::handshake()
return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn);
}

r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0);
r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 == 1 && r1 == SSL_ERROR_NONE) {
break;
}
Expand All @@ -180,7 +181,7 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr
srs_error_t err = srs_success;

while (true) {
int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0);
int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl);

// OK, got data.
Expand Down Expand Up @@ -228,7 +229,7 @@ srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* n
for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) {
int left = (int)nn_plaintext - (p - (char*)plaintext);
int r0 = SSL_write(ssl, (const void*)p, left);
int r1 = SSL_get_error(ssl, r0);
int r1 = SSL_get_error(ssl, r0); ERR_clear_error();
if (r0 <= 0) {
return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1);
}
Expand Down
1 change: 1 addition & 0 deletions trunk/src/protocol/srs_protocol_http_client.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
#include <map>

#include <openssl/ssl.h>
#include <openssl/err.h>

#include <srs_protocol_st.hpp>
#include <srs_protocol_http_stack.hpp>
Expand Down

0 comments on commit 757c51f

Please sign in to comment.