Remove code for custom OpenSSL 1.0.2 async

Summary: Removes references to custom patches to OpenSSL 1.0.2 for async from AsyncSSLSocket. Reviewed By: anirudhvr Differential Revision: D13908917 fbshipit-source-id: a01c1a8a7523dd7b4b95a7f701cc6b356c645332

Remove code for custom OpenSSL 1.0.2 async
Summary: Removes references to custom patches to OpenSSL 1.0.2 for async from AsyncSSLSocket. Reviewed By: anirudhvr Differential Revision: D13908917 fbshipit-source-id: a01c1a8a7523dd7b4b95a7f701cc6b356c645332
02ddfa11 · Alex Guzman · Facebook Github Bot · 08969df3 · 02ddfa11 · 02ddfa11
Commit 02ddfa11 authored Feb 20, 2019 by Alex Guzman Committed by Facebook Github Bot Feb 20, 2019
4 changed files
--- a/folly/io/async/AsyncSSLSocket.cpp
+++ b/folly/io/async/AsyncSSLSocket.cpp
@@ -608,8 +608,7 @@ void AsyncSSLSocket::setServerName(std::string serverName) noexcept {

 void AsyncSSLSocket::timeoutExpired(
    std::chrono::milliseconds timeout) noexcept {
-  if (state_ == StateEnum::ESTABLISHED &&
-      (sslState_ == STATE_CACHE_LOOKUP || sslState_ == STATE_ASYNC_PENDING)) {
+  if (state_ == StateEnum::ESTABLISHED && sslState_ == STATE_ASYNC_PENDING) {
    sslState_ = STATE_ERROR;
    // We are expecting a callback in restartSSLAccept.  The cache lookup
    // and rsa-call necessarily have pointers to this ssl socket, so delay
@@ -985,36 +984,13 @@ bool AsyncSSLSocket::willBlock(
    // Register for write event if not already.
    updateEventRegistration(EventHandler::WRITE, EventHandler::READ);
    return true;
-#ifdef SSL_ERROR_WANT_SESS_CACHE_LOOKUP
-  } else if (error == SSL_ERROR_WANT_SESS_CACHE_LOOKUP) {
-    // We will block but we can't register our own socket.  The callback that
-    // triggered this code will re-call handleAccept at the appropriate time.
-
-    // We can only get here if the linked libssl.so has support for this feature
-    // as well, otherwise SSL_get_error cannot return our error code.
-    sslState_ = STATE_CACHE_LOOKUP;
-
-    // Unregister for all events while blocked here
-    updateEventRegistration(
-        EventHandler::NONE, EventHandler::READ | EventHandler::WRITE);
-
-    // The timeout (if set) keeps running here
-    return true;
-#endif
  } else if ((false
-#ifdef SSL_ERROR_WANT_RSA_ASYNC_PENDING
-              || error == SSL_ERROR_WANT_RSA_ASYNC_PENDING
-#endif
-#ifdef SSL_ERROR_WANT_ECDSA_ASYNC_PENDING
-              || error == SSL_ERROR_WANT_ECDSA_ASYNC_PENDING
-#endif
 #ifdef SSL_ERROR_WANT_ASYNC // OpenSSL 1.1.0 Async API
              || error == SSL_ERROR_WANT_ASYNC
 #endif
              )) {
-    // Our custom openssl function has kicked off an async request to do
-    // rsa/ecdsa private key operation.  When that call returns, a callback will
-    // be invoked that will re-call handleAccept.
+    // An asynchronous request has been kicked off. On completion, it will
+    // invoke a callback to re-call handleAccept
    sslState_ = STATE_ASYNC_PENDING;

    // Unregister for all events while blocked here
@@ -1087,8 +1063,8 @@ void AsyncSSLSocket::restartSSLAccept() {
          << "sslState=" << sslState_ << ", events=" << eventFlags_;
  DestructorGuard dg(this);
  assert(
-      sslState_ == STATE_CACHE_LOOKUP || sslState_ == STATE_ASYNC_PENDING ||
-      sslState_ == STATE_ERROR || sslState_ == STATE_CLOSED);
+      sslState_ == STATE_ASYNC_PENDING || sslState_ == STATE_ERROR ||
+      sslState_ == STATE_CLOSED);
  if (sslState_ == STATE_CLOSED) {
    // I sure hope whoever closed this socket didn't delete it already,
    // but this is not strictly speaking an error

--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -453,7 +453,6 @@ class AsyncSSLSocket : public virtual AsyncSocket {
    STATE_UNINIT,
    STATE_UNENCRYPTED,
    STATE_ACCEPTING,
-    STATE_CACHE_LOOKUP,
    STATE_ASYNC_PENDING,
    STATE_CONNECTING,
    STATE_ESTABLISHED,

--- a/folly/io/async/test/AsyncSSLSocketTest.cpp
+++ b/folly/io/async/test/AsyncSSLSocketTest.cpp
@@ -105,10 +105,6 @@ int setsockopt(
 #endif

 namespace folly {
-uint32_t TestSSLAsyncCacheServer::asyncCallbacks_ = 0;
-uint32_t TestSSLAsyncCacheServer::asyncLookups_ = 0;
-uint32_t TestSSLAsyncCacheServer::lookupDelay_ = 0;
-
 constexpr size_t SSLClient::kMaxReadBufferSz;
 constexpr size_t SSLClient::kMaxReadsPerEvent;

@@ -768,129 +764,6 @@ TEST(AsyncSSLSocketTest, SSLClientTimeoutTest) {
  cerr << "SSLClientTimeoutTest test completed" << endl;
 }

-// The next 3 tests need an FB-only extension, and will fail without it
-#ifdef SSL_ERROR_WANT_SESS_CACHE_LOOKUP
-/**
- * Test SSL server async cache
- */
-TEST(AsyncSSLSocketTest, SSLServerAsyncCacheTest) {
-  // Start listening on a local port
-  WriteCallbackBase writeCallback;
-  ReadCallback readCallback(&writeCallback);
-  HandshakeCallback handshakeCallback(&readCallback);
-  SSLServerAsyncCacheAcceptCallback acceptCallback(&handshakeCallback);
-  TestSSLAsyncCacheServer server(&acceptCallback);
-
-  // Set up SSL client
-  EventBase eventBase;
-  auto client =
-      std::make_shared<SSLClient>(&eventBase, server.getAddress(), 10, 500);
-
-  client->connect();
-  EventBaseAborter eba(&eventBase, 3000);
-  eventBase.loop();
-
-  EXPECT_EQ(server.getAsyncCallbacks(), 18);
-  EXPECT_EQ(server.getAsyncLookups(), 9);
-  EXPECT_EQ(client->getMiss(), 10);
-  EXPECT_EQ(client->getHit(), 0);
-
-  cerr << "SSLServerAsyncCacheTest test completed" << endl;
-}
-
-/**
- * Test SSL server accept timeout with cache path
- */
-TEST(AsyncSSLSocketTest, SSLServerTimeoutTest) {
-  // Start listening on a local port
-  WriteCallbackBase writeCallback;
-  ReadCallback readCallback(&writeCallback);
-  HandshakeCallback handshakeCallback(&readCallback);
-  SSLServerAcceptCallback acceptCallback(&handshakeCallback, 50);
-  TestSSLAsyncCacheServer server(&acceptCallback);
-
-  // Set up SSL client
-  EventBase eventBase;
-  // only do a TCP connect
-  std::shared_ptr<AsyncSocket> sock = AsyncSocket::newSocket(&eventBase);
-  sock->connect(nullptr, server.getAddress());
-
-  EmptyReadCallback clientReadCallback;
-  clientReadCallback.tcpSocket_ = sock;
-  sock->setReadCB(&clientReadCallback);
-
-  EventBaseAborter eba(&eventBase, 3000);
-  eventBase.loop();
-
-  EXPECT_EQ(readCallback.state, STATE_WAITING);
-
-  cerr << "SSLServerTimeoutTest test completed" << endl;
-}
-
-/**
- * Test SSL server accept timeout with cache path
- */
-TEST(AsyncSSLSocketTest, SSLServerAsyncCacheTimeoutTest) {
-  // Start listening on a local port
-  WriteCallbackBase writeCallback;
-  ReadCallback readCallback(&writeCallback);
-  HandshakeCallback handshakeCallback(&readCallback);
-  SSLServerAsyncCacheAcceptCallback acceptCallback(&handshakeCallback, 50);
-  TestSSLAsyncCacheServer server(&acceptCallback);
-
-  // Set up SSL client
-  EventBase eventBase;
-  auto client = std::make_shared<SSLClient>(&eventBase, server.getAddress(), 2);
-
-  client->connect();
-  EventBaseAborter eba(&eventBase, 3000);
-  eventBase.loop();
-
-  EXPECT_EQ(server.getAsyncCallbacks(), 1);
-  EXPECT_EQ(server.getAsyncLookups(), 1);
-  EXPECT_EQ(client->getErrors(), 1);
-  EXPECT_EQ(client->getMiss(), 1);
-  EXPECT_EQ(client->getHit(), 0);
-
-  cerr << "SSLServerAsyncCacheTimeoutTest test completed" << endl;
-}
-
-/**
- * Test SSL server accept timeout with cache path
- */
-TEST(AsyncSSLSocketTest, SSLServerCacheCloseTest) {
-  // Start listening on a local port
-  WriteCallbackBase writeCallback;
-  ReadCallback readCallback(&writeCallback);
-  HandshakeCallback handshakeCallback(
-      &readCallback, HandshakeCallback::EXPECT_ERROR);
-  SSLServerAsyncCacheAcceptCallback acceptCallback(&handshakeCallback);
-  TestSSLAsyncCacheServer server(&acceptCallback, 500);
-
-  // Set up SSL client
-  EventBase eventBase;
-  auto client =
-      std::make_shared<SSLClient>(&eventBase, server.getAddress(), 2, 100);
-
-  client->connect();
-  EventBaseAborter eba(&eventBase, 3000);
-  eventBase.loop();
-
-  server.getEventBase().runInEventBaseThread(
-      [&handshakeCallback] { handshakeCallback.closeSocket(); });
-  // give time for the cache lookup to come back and find it closed
-  handshakeCallback.waitForHandshake();
-
-  EXPECT_EQ(server.getAsyncCallbacks(), 1);
-  EXPECT_EQ(server.getAsyncLookups(), 1);
-  EXPECT_EQ(client->getErrors(), 1);
-  EXPECT_EQ(client->getMiss(), 1);
-  EXPECT_EQ(client->getHit(), 0);
-
-  cerr << "SSLServerCacheCloseTest test completed" << endl;
-}
-#endif // !SSL_ERROR_WANT_SESS_CACHE_LOOKUP
-
 /**
 * Verify Client Ciphers obtained using SSL MSG Callback.
 */

--- a/folly/io/async/test/AsyncSSLSocketTest.h
+++ b/folly/io/async/test/AsyncSSLSocketTest.h
@@ -610,29 +610,6 @@ class SSLServerAcceptCallbackDelay : public SSLServerAcceptCallback {
  }
 };

-class SSLServerAsyncCacheAcceptCallback : public SSLServerAcceptCallback {
- public:
-  explicit SSLServerAsyncCacheAcceptCallback(
-      HandshakeCallback* hcb,
-      uint32_t timeout = 0)
-      : SSLServerAcceptCallback(hcb, timeout) {}
-
-  void connAccepted(
-      const std::shared_ptr<folly::AsyncSSLSocket>& s) noexcept override {
-    auto sock = std::static_pointer_cast<AsyncSSLSocket>(s);
-
-    std::cerr << "SSLServerAcceptCallback::connAccepted" << std::endl;
-
-    hcb_->setSocket(sock);
-    sock->sslAccept(hcb_, std::chrono::milliseconds(timeout_));
-    ASSERT_TRUE(
-        (sock->getSSLState() == AsyncSSLSocket::STATE_ACCEPTING) ||
-        (sock->getSSLState() == AsyncSSLSocket::STATE_CACHE_LOOKUP));
-
-    state = STATE_SUCCEEDED;
-  }
-};
-
 class HandshakeErrorCallback : public SSLServerAcceptCallbackBase {
 public:
  explicit HandshakeErrorCallback(HandshakeCallback* hcb)
@@ -712,71 +689,6 @@ class ConnectTimeoutCallback : public SSLServerAcceptCallbackBase {
  }
 };

-class TestSSLAsyncCacheServer : public TestSSLServer {
- public:
-  explicit TestSSLAsyncCacheServer(
-      SSLServerAcceptCallbackBase* acb,
-      int lookupDelay = 100)
-      : TestSSLServer(acb) {
-    SSL_CTX* sslCtx = ctx_->getSSLCtx();
-#ifdef SSL_ERROR_WANT_SESS_CACHE_LOOKUP
-    SSL_CTX_sess_set_get_cb(
-        sslCtx, TestSSLAsyncCacheServer::getSessionCallback);
-#endif
-    SSL_CTX_set_session_cache_mode(
-        sslCtx, SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_SERVER);
-    asyncCallbacks_ = 0;
-    asyncLookups_ = 0;
-    lookupDelay_ = lookupDelay;
-  }
-
-  uint32_t getAsyncCallbacks() const {
-    return asyncCallbacks_;
-  }
-  uint32_t getAsyncLookups() const {
-    return asyncLookups_;
-  }
-
- private:
-  static uint32_t asyncCallbacks_;
-  static uint32_t asyncLookups_;
-  static uint32_t lookupDelay_;
-
-  static SSL_SESSION* getSessionCallback(
-      SSL* ssl,
-      unsigned char* /* sess_id */,
-      int /* id_len */,
-      int* copyflag) {
-    *copyflag = 0;
-    asyncCallbacks_++;
-    (void)ssl;
-#ifdef SSL_ERROR_WANT_SESS_CACHE_LOOKUP
-    if (!SSL_want_sess_cache_lookup(ssl)) {
-      // libssl.so mismatch
-      std::cerr << "no async support" << std::endl;
-      return nullptr;
-    }
-
-    AsyncSSLSocket* sslSocket = AsyncSSLSocket::getFromSSL(ssl);
-    assert(sslSocket != nullptr);
-    // Going to simulate an async cache by just running delaying the miss 100ms
-    if (asyncCallbacks_ % 2 == 0) {
-      // This socket is already blocked on lookup, return miss
-      std::cerr << "returning miss" << std::endl;
-    } else {
-      // fresh meat - block it
-      std::cerr << "async lookup" << std::endl;
-      sslSocket->getEventBase()->tryRunAfterDelay(
-          std::bind(&AsyncSSLSocket::restartSSLAccept, sslSocket),
-          lookupDelay_);
-      *copyflag = SSL_SESSION_CB_WOULD_BLOCK;
-      asyncLookups_++;
-    }
-#endif
-    return nullptr;
-  }
-};
-
 void getfds(NetworkSocket fds[2]);

 void getctx(