Revert "Disable the buggy RSA parser by default."

This reverts commit 2878e36f. Reason for revert: This is checking for a feature before FeatureList::InitializeInstance is called, causing a crash at startup; see https://crbug.com/736251. Original change's description: > Disable the buggy RSA parser by default. > > In doing so, fix the error mapping in openssl_ssl_util.cc. An SSL > connection may fail due to errors in other modules as well (notably the > RSA parser lives in libcrypto). Map any unknown error to > ERR_SSL_PROTOCOL_ERROR, rather than ERR_FAILED and continue to > report the error info. > > Bug: 735616 > Change-Id: Icb587e66987ddd9d5445d30d456de1c029cda21a > Reviewed-on: https://chromium-review.googlesource.com/540536 > Commit-Queue: Steven Valdez <svaldez@chromium.org> > Reviewed-by: Steven Valdez <svaldez@chromium.org> > Cr-Commit-Position: refs/heads/master@{#481640} TBR=davidben@chromium.org,svaldez@chromium.org Change-Id: If7f24fa8a99bfd7a8daa2efad926b06350d5d9a6 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: 735616 Reviewed-on: https://chromium-review.googlesource.com/545715Reviewed-by: Greg Thompson <grt@chromium.org> Commit-Queue: Greg Thompson <grt@chromium.org> Cr-Commit-Position: refs/heads/master@{#481877}

Revert "Disable the buggy RSA parser by default."
This reverts commit 2878e36f. Reason for revert: This is checking for a feature before FeatureList::InitializeInstance is called, causing a crash at startup; see https://crbug.com/736251. Original change's description: > Disable the buggy RSA parser by default. > > In doing so, fix the error mapping in openssl_ssl_util.cc. An SSL > connection may fail due to errors in other modules as well (notably the > RSA parser lives in libcrypto). Map any unknown error to > ERR_SSL_PROTOCOL_ERROR, rather than ERR_FAILED and continue to > report the error info. > > Bug: 735616 > Change-Id: Icb587e66987ddd9d5445d30d456de1c029cda21a > Reviewed-on: https://chromium-review.googlesource.com/540536 > Commit-Queue: Steven Valdez <svaldez@chromium.org> > Reviewed-by: Steven Valdez <svaldez@chromium.org> > Cr-Commit-Position: refs/heads/master@{#481640} TBR=davidben@chromium.org,svaldez@chromium.org Change-Id: If7f24fa8a99bfd7a8daa2efad926b06350d5d9a6 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: 735616 Reviewed-on: https://chromium-review.googlesource.com/545715Reviewed-by: Greg Thompson <grt@chromium.org> Commit-Queue: Greg Thompson <grt@chromium.org> Cr-Commit-Position: refs/heads/master@{#481877}
e545f646 · Greg Thompson · Commit Bot · 20ac2167 · e545f646 · e545f646
Commit e545f646 authored Jun 23, 2017 by Greg Thompson Committed by Commit Bot Jun 23, 2017
Show whitespace changes
Inline Side-by-side

Showing with 17 additions and 39 deletions

crypto/openssl_util.cc crypto/openssl_util.cc +0 -22

net/ssl/openssl_ssl_util.cc net/ssl/openssl_ssl_util.cc +17 -17

No files found.
--- a/crypto/openssl_util.cc
+++ b/crypto/openssl_util.cc
@@ -9,13 +9,10 @@

 #include <string>

-#include "base/feature_list.h"
-#include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/strings/string_piece.h"
 #include "third_party/boringssl/src/include/openssl/crypto.h"
 #include "third_party/boringssl/src/include/openssl/err.h"
-#include "third_party/boringssl/src/include/openssl/evp.h"

 namespace crypto {

@@ -35,30 +32,11 @@ int OpenSSLErrorCallback(const char* str, size_t len, void* context) {
  return 1;
 }

-// TODO(davidben): Remove this after Chrome 61 is released to
-// stable. https://crbug.com/735616.
-const base::Feature kBuggyRSAParser{
-    "BuggyRSAParser", base::FEATURE_DISABLED_BY_DEFAULT,
-};
-
-class BuggyRSAParser {
- public:
-  BuggyRSAParser() {
-    EVP_set_buggy_rsa_parser(base::FeatureList::IsEnabled(kBuggyRSAParser));
-  }
-};
-
-base::LazyInstance<BuggyRSAParser>::Leaky g_buggy_rsa_parser =
-    LAZY_INSTANCE_INITIALIZER;
-
 }  // namespace

 void EnsureOpenSSLInit() {
  // CRYPTO_library_init may be safely called concurrently.
  CRYPTO_library_init();
-
-  // Configure the RSA parser.
-  g_buggy_rsa_parser.Get();
 }

 void ClearOpenSSLERRStack(const tracked_objects::Location& location) {

--- a/net/ssl/openssl_ssl_util.cc
+++ b/net/ssl/openssl_ssl_util.cc
@@ -173,26 +173,26 @@ int MapOpenSSLErrorWithDetails(int err,
      return ERR_FAILED;
    case SSL_ERROR_SSL:
      // Walk down the error stack to find an SSL or net error.
-      while (true) {
-        OpenSSLErrorInfo error_info;
-        error_info.error_code =
-            ERR_get_error_line(&error_info.file, &error_info.line);
-        if (error_info.error_code == 0) {
-          // Map errors to ERR_SSL_PROTOCOL_ERROR by default, reporting the most
-          // recent error in |*out_error_info|.
-          return ERR_SSL_PROTOCOL_ERROR;
-        }
-
-        *out_error_info = error_info;
-        if (ERR_GET_LIB(error_info.error_code) == ERR_LIB_SSL) {
-          return MapOpenSSLErrorSSL(error_info.error_code);
-        }
-        if (ERR_GET_LIB(error_info.error_code) == OpenSSLNetErrorLib()) {
+      uint32_t error_code;
+      const char* file;
+      int line;
+      do {
+        error_code = ERR_get_error_line(&file, &line);
+        if (ERR_GET_LIB(error_code) == ERR_LIB_SSL) {
+          out_error_info->error_code = error_code;
+          out_error_info->file = file;
+          out_error_info->line = line;
+          return MapOpenSSLErrorSSL(error_code);
+        } else if (ERR_GET_LIB(error_code) == OpenSSLNetErrorLib()) {
+          out_error_info->error_code = error_code;
+          out_error_info->file = file;
+          out_error_info->line = line;
          // Net error codes are negative but encoded in OpenSSL as positive
          // numbers.
-          return -ERR_GET_REASON(error_info.error_code);
-        }
+          return -ERR_GET_REASON(error_code);
        }
+      } while (error_code != 0);
+      return ERR_FAILED;
    default:
      // TODO(joth): Implement full mapping.
      LOG(WARNING) << "Unknown OpenSSL error " << err;