Disable zero copy when performing SSL handshake

Summary: If zero copy starts out enabled on a unencrypted connection, disable it when the SSL handshake begins. Otherwise, AsyncSocket will receive send notifications for buffers that it did not pre-register. Reviewed By: yfeldblum Differential Revision: D27145232 fbshipit-source-id: f07d006d095e1e6839eb2f4adb07d7c284786572

Disable zero copy when performing SSL handshake
Summary: If zero copy starts out enabled on a unencrypted connection, disable it when the SSL handshake begins. Otherwise, AsyncSocket will receive send notifications for buffers that it did not pre-register. Reviewed By: yfeldblum Differential Revision: D27145232 fbshipit-source-id: f07d006d095e1e6839eb2f4adb07d7c284786572
12466d5f · Jason Rahman · Facebook GitHub Bot · 916d7d93 · 12466d5f · 12466d5f
Commit 12466d5f authored Apr 01, 2021 by Jason Rahman Committed by Facebook GitHub Bot Apr 01, 2021
Showing with 20 additions and 1 deletion

folly/io/async/AsyncSSLSocket.cpp folly/io/async/AsyncSSLSocket.cpp +8 -0

folly/io/async/AsyncSSLSocket.h folly/io/async/AsyncSSLSocket.h +7 -1

folly/io/async/AsyncSocket.cpp folly/io/async/AsyncSocket.cpp +5 -0

No files found.
--- a/folly/io/async/AsyncSSLSocket.cpp
+++ b/folly/io/async/AsyncSSLSocket.cpp
@@ -514,6 +514,10 @@ void AsyncSSLSocket::sslAccept(
    cacheAddresses();
  }

+  // AsyncSSLSocket will leak memory if zero copy if left enabled after
+  // the TLS handshake
+  setZeroCopy(false);
+
  handshakeStartTime_ = std::chrono::steady_clock::now();
  // Make end time at least >= start time.
  handshakeEndTime_ = handshakeStartTime_;
@@ -865,6 +869,10 @@ void AsyncSSLSocket::sslConn(
    return failHandshake(__func__, *ex);
  }

+  // AsyncSSLSocket will leak memory if zero copy if left enabled after
+  // the TLS handshake
+  setZeroCopy(false);
+
  SSLSessionUniquePtr sessionPtr = sslSessionManager_.getRawSession();
  if (sessionPtr) {
    sessionResumptionAttempted_ = true;

--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -832,8 +832,14 @@ class AsyncSSLSocket : public AsyncSocket {
    asyncOperationFinishCallback_ = std::move(cb);
  }

+  // Only enable if security negotiation is deferred
  // zero copy is not supported by openssl.
-  bool setZeroCopy(bool /*enable*/) override { return false; }
+  bool setZeroCopy(bool enable) override {
+    if (sslState_ == STATE_UNENCRYPTED) {
+      return AsyncSocket::setZeroCopy(enable);
+    }
+    return false;
+  }

 private:
  /**

--- a/folly/io/async/AsyncSocket.cpp
+++ b/folly/io/async/AsyncSocket.cpp
@@ -1153,6 +1153,11 @@ bool AsyncSocket::setZeroCopy(bool enable) {
      return false;
    }

+    // No-op, bail out early
+    if (enable == zeroCopyEnabled_) {
+      return true;
+    }
+
    int val = enable ? 1 : 0;
    int ret =
        netops_->setsockopt(fd_, SOL_SOCKET, SO_ZEROCOPY, &val, sizeof(val));