From 79fd66d8e607a52fb7711679f8fc204862ed9953 Mon Sep 17 00:00:00 2001 From: chundonglinlin Date: Mon, 29 May 2023 13:00:41 +0800 Subject: [PATCH] SSL: Fix SSL_get_error get the error of other coroutine. v5.0.156, v6.0.46 (#3513) --------- Co-authored-by: john Co-authored-by: winlin --- README.md | 2 +- trunk/doc/CHANGELOG.md | 1 + trunk/src/app/srs_app_conn.cpp | 8 ++++---- trunk/src/app/srs_app_conn.hpp | 1 + trunk/src/app/srs_app_rtc_dtls.cpp | 10 +++++----- trunk/src/core/srs_core_version5.hpp | 2 +- trunk/src/protocol/srs_protocol_http_client.cpp | 11 ++++++----- trunk/src/protocol/srs_protocol_http_client.hpp | 1 + 8 files changed, 20 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 91030a32f..2ebb75cba 100755 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ [![](https://badgen.net/badge/srs/stackoverflow/orange?icon=terminal)](https://stackoverflow.com/questions/tagged/simple-realtime-server) [![](https://opencollective.com/srs-server/tiers/badge.svg)](https://opencollective.com/srs-server/contribute) [![](https://img.shields.io/docker/pulls/ossrs/srs)](https://hub.docker.com/r/ossrs/srs/tags) -[![](https://ossrs.net/wiki/images/do-btn-srs-125x20.svg)](https://cloud.digitalocean.com/droplets/new?appId=104916642&size=s-1vcpu-1gb®ion=sgp1&image=ossrs-srs&type=applications) +[![](https://ossrs.net/wiki/images/do-btn-srs-125x20.svg)](https://cloud.digitalocean.com/droplets/new?appId=133468816&size=s-1vcpu-512mb-10gb®ion=sgp1&image=ossrs-srs&type=applications) SRS/5.0([Bee](https://ossrs.net/lts/zh-cn/product#release50)) is a simple, high efficiency and realtime video server, supports RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH and GB28181. diff --git a/trunk/doc/CHANGELOG.md b/trunk/doc/CHANGELOG.md index dd3f2b559..d46e6e71c 100644 --- a/trunk/doc/CHANGELOG.md +++ b/trunk/doc/CHANGELOG.md @@ -8,6 +8,7 @@ The changelog for SRS. ## SRS 5.0 Changelog +* v5.0, 2023-05-29, Merge [#3513](https://github.com/ossrs/srs/pull/3513): SSL: Fix SSL_get_error get the error of other coroutine. v5.0.156 (#3513) * v5.0, 2023-05-14, Support the publishing of RTP plaintext packets using WHIP. v5.0.155 * v5.0, 2023-05-13, Merge [#3541](https://github.com/ossrs/srs/pull/3541): asan: Fix memory leak in asan by releasing global IPs when run_directly_or_daemon fails. v5.0.154 (#3541) * v5.0, 2023-05-12, Merge [#3539](https://github.com/ossrs/srs/pull/3539): WHIP: Improve HTTP DELETE for notifying server unpublish event. v5.0.153 (#3539) diff --git a/trunk/src/app/srs_app_conn.cpp b/trunk/src/app/srs_app_conn.cpp index 8200db26b..34b54020f 100644 --- a/trunk/src/app/srs_app_conn.cpp +++ b/trunk/src/app/srs_app_conn.cpp @@ -798,7 +798,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file) return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -840,7 +840,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file) return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 == 1 && r1 == SSL_ERROR_NONE) { break; } @@ -908,7 +908,7 @@ srs_error_t SrsSslConnection::read(void* plaintext, size_t nn_plaintext, ssize_t srs_error_t err = srs_success; while (true) { - int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl); // OK, got data. @@ -966,7 +966,7 @@ srs_error_t SrsSslConnection::write(void* plaintext, size_t nn_plaintext, ssize_ for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) { int left = (int)nn_plaintext - (p - (char*)plaintext); int r0 = SSL_write(ssl, (const void*)p, left); - int r1 = SSL_get_error(ssl, r0); + int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 <= 0) { return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1); } diff --git a/trunk/src/app/srs_app_conn.hpp b/trunk/src/app/srs_app_conn.hpp index e06d648b0..2154cc6f9 100644 --- a/trunk/src/app/srs_app_conn.hpp +++ b/trunk/src/app/srs_app_conn.hpp @@ -14,6 +14,7 @@ #include #include +#include #include #include diff --git a/trunk/src/app/srs_app_rtc_dtls.cpp b/trunk/src/app/srs_app_rtc_dtls.cpp index 2eb0827ad..31c0a5465 100644 --- a/trunk/src/app/srs_app_rtc_dtls.cpp +++ b/trunk/src/app/srs_app_rtc_dtls.cpp @@ -77,7 +77,7 @@ void ssl_on_info(const SSL* dtls, int where, int ret) method = "undefined"; } - int r1 = SSL_get_error(dtls, ret); + int r1 = SSL_get_error(dtls, ret); ERR_clear_error(); if (where & SSL_CB_LOOP) { srs_info("DTLS: method=%s state=%s(%s), where=%d, ret=%d, r1=%d", method, SSL_state_string(dtls), SSL_state_string_long(dtls), where, ret, r1); @@ -525,7 +525,7 @@ srs_error_t SrsDtlsImpl::do_on_dtls(char* data, int nb_data) for (int i = 0; i < 1024 && BIO_ctrl_pending(bio_in) > 0; i++) { char buf[8092]; int r0 = SSL_read(dtls, buf, sizeof(buf)); - int r1 = SSL_get_error(dtls, r0); + int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 <= 0) { // SSL_ERROR_ZERO_RETURN @@ -577,7 +577,7 @@ srs_error_t SrsDtlsImpl::do_handshake() // Do handshake and get the result. int r0 = SSL_do_handshake(dtls); - int r1 = SSL_get_error(dtls, r0); + int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); // Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2. if (r0 < 0 && (r1 != SSL_ERROR_NONE && r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE)) { @@ -861,7 +861,7 @@ srs_error_t SrsDtlsClientImpl::cycle() } // The timeout is 0, so there must be a ARQ packet to transmit in openssl. - r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0); + r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 != 1) { return srs_error_new(ERROR_OpenSslBIOReset, "BIO_reset r0=%d, r1=%d", r0, r1); } @@ -870,7 +870,7 @@ srs_error_t SrsDtlsClientImpl::cycle() // had expired, it returns 0. Otherwise, it retransmits the previous flight of handshake // messages and returns 1. If too many timeouts had expired without progress or an error // occurs, it returns -1. - r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0); + r0 = DTLSv1_handle_timeout(dtls); r1 = SSL_get_error(dtls, r0); ERR_clear_error(); if (r0 == 0) { continue; // No timeout had expired. } diff --git a/trunk/src/core/srs_core_version5.hpp b/trunk/src/core/srs_core_version5.hpp index fe7b6beeb..982777dba 100644 --- a/trunk/src/core/srs_core_version5.hpp +++ b/trunk/src/core/srs_core_version5.hpp @@ -9,6 +9,6 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 0 -#define VERSION_REVISION 155 +#define VERSION_REVISION 156 #endif diff --git a/trunk/src/protocol/srs_protocol_http_client.cpp b/trunk/src/protocol/srs_protocol_http_client.cpp index 627888a96..b5deb3559 100644 --- a/trunk/src/protocol/srs_protocol_http_client.cpp +++ b/trunk/src/protocol/srs_protocol_http_client.cpp @@ -90,7 +90,7 @@ srs_error_t SrsSslClient::handshake() SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE); // Send ClientHello. - int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -121,7 +121,8 @@ srs_error_t SrsSslClient::handshake() return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - if ((r0 = SSL_do_handshake(ssl)) != -1 || (r1 = SSL_get_error(ssl, r0)) != SSL_ERROR_WANT_READ) { + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); + if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) { return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1); } @@ -159,7 +160,7 @@ srs_error_t SrsSslClient::handshake() return srs_error_new(ERROR_HTTPS_HANDSHAKE, "BIO_write r0=%d, data=%p, size=%d", r0, buf, nn); } - r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); + r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 == 1 && r1 == SSL_ERROR_NONE) { break; } @@ -180,7 +181,7 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr srs_error_t err = srs_success; while (true) { - int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); + int r0 = SSL_read(ssl, plaintext, nn_plaintext); int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); int r2 = BIO_ctrl_pending(bio_in); int r3 = SSL_is_init_finished(ssl); // OK, got data. @@ -228,7 +229,7 @@ srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* n for (char* p = (char*)plaintext; p < (char*)plaintext + nn_plaintext;) { int left = (int)nn_plaintext - (p - (char*)plaintext); int r0 = SSL_write(ssl, (const void*)p, left); - int r1 = SSL_get_error(ssl, r0); + int r1 = SSL_get_error(ssl, r0); ERR_clear_error(); if (r0 <= 0) { return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1); } diff --git a/trunk/src/protocol/srs_protocol_http_client.hpp b/trunk/src/protocol/srs_protocol_http_client.hpp index c0719b5d3..2da110813 100644 --- a/trunk/src/protocol/srs_protocol_http_client.hpp +++ b/trunk/src/protocol/srs_protocol_http_client.hpp @@ -13,6 +13,7 @@ #include #include +#include #include #include