Skip to content

F
folly
Commit 12466d5f authored by Jason Rahman's avatar Jason Rahman Committed by Facebook GitHub Bot
Browse files
Options

Disable zero copy when performing SSL handshake 

Summary:
If zero copy starts out enabled on a unencrypted connection, disable
it when the SSL handshake begins. Otherwise, AsyncSocket will receive send
notifications for buffers that it did not pre-register.

Reviewed By: yfeldblum

Differential Revision: D27145232

fbshipit-source-id: f07d006d095e1e6839eb2f4adb07d7c284786572
parent 916d7d93
Hide whitespace changes
Inline Side-by-side
Showing with 20 additions and 1 deletion
folly/io/async/AsyncSSLSocket.cpp
View file @ 12466d5f
...@@ -514,6 +514,10 @@ void AsyncSSLSocket::sslAccept( ...@@ -514,6 +514,10 @@ void AsyncSSLSocket::sslAccept(
cacheAddresses(); cacheAddresses();
} }
// AsyncSSLSocket will leak memory if zero copy if left enabled after
// the TLS handshake
setZeroCopy(false);
handshakeStartTime_ = std::chrono::steady_clock::now(); handshakeStartTime_ = std::chrono::steady_clock::now();
// Make end time at least >= start time. // Make end time at least >= start time.
handshakeEndTime_ = handshakeStartTime_; handshakeEndTime_ = handshakeStartTime_;
...@@ -865,6 +869,10 @@ void AsyncSSLSocket::sslConn( ...@@ -865,6 +869,10 @@ void AsyncSSLSocket::sslConn(
return failHandshake(__func__, *ex); return failHandshake(__func__, *ex);
} }
// AsyncSSLSocket will leak memory if zero copy if left enabled after
// the TLS handshake
setZeroCopy(false);
SSLSessionUniquePtr sessionPtr = sslSessionManager_.getRawSession(); SSLSessionUniquePtr sessionPtr = sslSessionManager_.getRawSession();
if (sessionPtr) { if (sessionPtr) {
sessionResumptionAttempted_ = true; sessionResumptionAttempted_ = true;
......
folly/io/async/AsyncSSLSocket.h
View file @ 12466d5f
...@@ -832,8 +832,14 @@ class AsyncSSLSocket : public AsyncSocket { ...@@ -832,8 +832,14 @@ class AsyncSSLSocket : public AsyncSocket {
asyncOperationFinishCallback_ = std::move(cb); asyncOperationFinishCallback_ = std::move(cb);
} }
// Only enable if security negotiation is deferred
// zero copy is not supported by openssl. // zero copy is not supported by openssl.
bool setZeroCopy(bool /*enable*/) override { return false; } bool setZeroCopy(bool enable) override {
if (sslState_ == STATE_UNENCRYPTED) {
return AsyncSocket::setZeroCopy(enable);
}
return false;
}
private: private:
/** /**
......
folly/io/async/AsyncSocket.cpp
View file @ 12466d5f
...@@ -1153,6 +1153,11 @@ bool AsyncSocket::setZeroCopy(bool enable) { ...@@ -1153,6 +1153,11 @@ bool AsyncSocket::setZeroCopy(bool enable) {
return false; return false;
} }
// No-op, bail out early
if (enable == zeroCopyEnabled_) {
return true;
}
int val = enable ? 1 : 0; int val = enable ? 1 : 0;
int ret = int ret =
netops_->setsockopt(fd_, SOL_SOCKET, SO_ZEROCOPY, &val, sizeof(val)); netops_->setsockopt(fd_, SOL_SOCKET, SO_ZEROCOPY, &val, sizeof(val));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment