From 27f9db97621341cefd93593e176d633b60e4ae8e Mon Sep 17 00:00:00 2001 From: chundonglinlin Date: Mon, 29 May 2023 13:00:41 +0800 Subject: [PATCH] SSL: Fix SSL_get_error get the error of other coroutine. v5.0.155, v6.0.46 (#3513) --------- Co-authored-by: john Co-authored-by: winlin --- README.md | 2 +- trunk/doc/CHANGELOG.md | 2 ++ trunk/src/app/srs_app_conn.cpp | 8 ++++---- trunk/src/app/srs_app_conn.hpp | 1 + trunk/src/app/srs_app_rtc_dtls.cpp | 10 +++++----- trunk/src/core/srs_core_version5.hpp | 2 +- trunk/src/core/srs_core_version6.hpp | 2 +- trunk/src/protocol/srs_protocol_http_client.cpp | 11 ++++++----- trunk/src/protocol/srs_protocol_http_client.hpp | 1 + 9 files changed, 22 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index be8cff679c..42201148e0 100755 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ [![](https://badgen.net/badge/srs/stackoverflow/orange?icon=terminal)](https://stackoverflow.com/questions/tagged/simple-realtime-server) [![](https://opencollective.com/srs-server/tiers/badge.svg)](https://opencollective.com/srs-server/contribute) [![](https://img.shields.io/docker/pulls/ossrs/srs)](https://hub.docker.com/r/ossrs/srs/tags) -[![](https://ossrs.net/wiki/images/do-btn-srs-125x20.svg)](https://cloud.digitalocean.com/droplets/new?appId=104916642&size=s-1vcpu-1gb®ion=sgp1&image=ossrs-srs&type=applications) +[![](https://ossrs.net/wiki/images/do-btn-srs-125x20.svg)](https://cloud.digitalocean.com/droplets/new?appId=133468816&size=s-1vcpu-512mb-10gb®ion=sgp1&image=ossrs-srs&type=applications) [![](https://api.securityscorecards.dev/projects/github.com/ossrs/srs/badge)](https://api.securityscorecards.dev/projects/github.com/ossrs/srs) [![](https://bestpractices.coreinfrastructure.org/projects/5619/badge)](https://bestpractices.coreinfrastructure.org/projects/5619) diff --git a/trunk/doc/CHANGELOG.md b/trunk/doc/CHANGELOG.md index 0818df8b6f..d0fe91aa38 100644 --- a/trunk/doc/CHANGELOG.md +++ b/trunk/doc/CHANGELOG.md @@ -8,6 +8,7 @@ The changelog for SRS. ## SRS 6.0 Changelog +* v6.0, 2023-05-29, Merge [#3513](https://github.com/ossrs/srs/pull/3513): SSL: Fix SSL_get_error get the error of other coroutine. v6.0.46 (#3513) * v6.0, 2023-05-14, Merge [#3534](https://github.com/ossrs/srs/pull/3534): Replace sprintf with snprintf to eliminate compile warnings. v6.0.45 (#3534) * v6.0, 2023-05-13, Merge [#3541](https://github.com/ossrs/srs/pull/3541): asan: Fix memory leak in asan by releasing global IPs when run_directly_or_daemon fails. v6.0.44 (#3541) * v6.0, 2023-05-12, Merge [#3539](https://github.com/ossrs/srs/pull/3539): WHIP: Improve HTTP DELETE for notifying server unpublish event. v6.0.43 (#3539) @@ -59,6 +60,7 @@ The changelog for SRS. ## SRS 5.0 Changelog +* v5.0, 2023-05-29, Merge [#3513](https://github.com/ossrs/srs/pull/3513): SSL: Fix SSL_get_error get the error of other coroutine. v5.0.155 (#3513) * v5.0, 2023-05-13, Merge [#3541](https://github.com/ossrs/srs/pull/3541): asan: Fix memory leak in asan by releasing global IPs when run_directly_or_daemon fails. v5.0.154 (#3541) * v5.0, 2023-05-12, Merge [#3539](https://github.com/ossrs/srs/pull/3539): WHIP: Improve HTTP DELETE for notifying server unpublish event. v5.0.153 (#3539) * v5.0, 2023-03-27, Merge [#3450](https://github.com/ossrs/srs/pull/3450): WebRTC: Error message carries the SDP when failed. v5.0.151 (#3450) diff --git a/trunk/src/app/srs_app_conn.cpp b/trunk/src/app/srs_app_conn.cpp index 8200db26b8..34b54020f8 100644 --- a/trunk/src/app/srs_app_conn.cpp +++ b/trunk/src/app/srs_app_conn.cpp @@ -798,7 +798,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file) return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -840,7 +840,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file) return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 == 1 && r1 == SSL_ERROR_NONE) { break; } @@ -908,7 +908,7 @@ srs_error_t SrsSslConnection::read(void* plaintext, size_t nn_plaintext, ssize_t srs_error_t err = srs_success; while (true) { - int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl); // OK, got data. @@ -966,7 +966,7 @@ srs_error_t SrsSslConnection::write(void* plaintext, size_t nn_plaintext, ssize_ for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) { int left = (int)nn_plaintext - (p - (char*)plaintext); int r0 = SSL_write(ssl, (const void*)p, left); - int r1 = SSL_get_error(ssl, r0); + int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 <= 0) { return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1); } diff --git a/trunk/src/app/srs_app_conn.hpp b/trunk/src/app/srs_app_conn.hpp index e06d648b00..2154cc6f99 100644 --- a/trunk/src/app/srs_app_conn.hpp +++ b/trunk/src/app/srs_app_conn.hpp @@ -14,6 +14,7 @@ #include #include +#include #include #include diff --git a/trunk/src/app/srs_app_rtc_dtls.cpp b/trunk/src/app/srs_app_rtc_dtls.cpp index 487e461340..38f862d899 100644 --- a/trunk/src/app/srs_app_rtc_dtls.cpp +++ b/trunk/src/app/srs_app_rtc_dtls.cpp @@ -77,7 +77,7 @@ void ssl_on_info(const SSL* dtls, int where, int ret) method = "undefined"; } - int r1 = SSL_get_error(dtls, ret); + int r1 = SSL_get_error(dtls, ret); ERR_clear_error(); if (where & SSL_CB_LOOP) { srs_info("DTLS: method=%s state=%s(%s), where=%d, ret=%d, r1=%d", method, SSL_state_string(dtls), SSL_state_string_long(dtls), where, ret, r1); @@ -528,7 +528,7 @@ srs_error_t SrsDtlsImpl::do_on_dtls(char* data, int nb_data) for (int i = 0; i < 1024 && BIO_ctrl_pending(bio_in) > 0; i++) { char buf[8092]; int r0 = SSL_read(dtls, buf, sizeof(buf)); - int r1 = SSL_get_error(dtls, r0); + int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 <= 0) { // SSL_ERROR_ZERO_RETURN @@ -580,7 +580,7 @@ srs_error_t SrsDtlsImpl::do_handshake() // Do handshake and get the result. int r0 = SSL_do_handshake(dtls); - int r1 = SSL_get_error(dtls, r0); + int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); // Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2. if (r0 < 0 && (r1 != SSL_ERROR_NONE && r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE)) { @@ -864,7 +864,7 @@ srs_error_t SrsDtlsClientImpl::cycle() } // The timeout is 0, so there must be a ARQ packet to transmit in openssl. - r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0); + r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 != 1) { return srs_error_new(ERROR_OpenSslBIOReset, "BIO_reset r0=%d, r1=%d", r0, r1); } @@ -873,7 +873,7 @@ srs_error_t SrsDtlsClientImpl::cycle() // had expired, it returns 0. Otherwise, it retransmits the previous flight of handshake // messages and returns 1. If too many timeouts had expired without progress or an error // occurs, it returns -1. - r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0); + r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 == 0) { continue; // No timeout had expired. } diff --git a/trunk/src/core/srs_core_version5.hpp b/trunk/src/core/srs_core_version5.hpp index 59e6836af2..fe7b6beebd 100644 --- a/trunk/src/core/srs_core_version5.hpp +++ b/trunk/src/core/srs_core_version5.hpp @@ -9,6 +9,6 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 0 -#define VERSION_REVISION 154 +#define VERSION_REVISION 155 #endif diff --git a/trunk/src/core/srs_core_version6.hpp b/trunk/src/core/srs_core_version6.hpp index d06027b94c..b1fdb167af 100644 --- a/trunk/src/core/srs_core_version6.hpp +++ b/trunk/src/core/srs_core_version6.hpp @@ -9,6 +9,6 @@ #define VERSION_MAJOR 6 #define VERSION_MINOR 0 -#define VERSION_REVISION 45 +#define VERSION_REVISION 46 #endif diff --git a/trunk/src/protocol/srs_protocol_http_client.cpp b/trunk/src/protocol/srs_protocol_http_client.cpp index 627888a96f..b5deb35590 100644 --- a/trunk/src/protocol/srs_protocol_http_client.cpp +++ b/trunk/src/protocol/srs_protocol_http_client.cpp @@ -90,7 +90,7 @@ srs_error_t SrsSslClient::handshake() SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE); // Send ClientHello. - int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -121,7 +121,8 @@ srs_error_t SrsSslClient::handshake() return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - if ((r0 = SSL_do_handshake(ssl)) != -1 || (r1 = SSL_get_error(ssl, r0)) != SSL_ERROR_WANT_READ) { + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); + if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -159,7 +160,7 @@ srs_error_t SrsSslClient::handshake() return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 == 1 && r1 == SSL_ERROR_NONE) { break; } @@ -180,7 +181,7 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr srs_error_t err = srs_success; while (true) { - int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl); // OK, got data. @@ -228,7 +229,7 @@ srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* n for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) { int left = (int)nn_plaintext - (p - (char*)plaintext); int r0 = SSL_write(ssl, (const void*)p, left); - int r1 = SSL_get_error(ssl, r0); + int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 <= 0) { return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1); } diff --git a/trunk/src/protocol/srs_protocol_http_client.hpp b/trunk/src/protocol/srs_protocol_http_client.hpp index c0719b5d32..2da1108136 100644 --- a/trunk/src/protocol/srs_protocol_http_client.hpp +++ b/trunk/src/protocol/srs_protocol_http_client.hpp @@ -13,6 +13,7 @@ #include #include +#include #include #include