Skip to content

F
folly
Commit 17d04308 authored by Neel Goyal's avatar Neel Goyal Committed by facebook-github-bot-4
Browse files
Options

D2741855 broke my wangle. Reverting 

Summary: Revert D2741855

Reviewed By: mzlee

Differential Revision: D2744015

fb-gh-sync-id: b1e9b0a5ab95cb988d2b5c08c86139452b092465
parent 97c7b417
Hide whitespace changes
Inline Side-by-side
Showing with 22 additions and 24 deletions
folly/io/async/SSLContext.cpp
View file @ 17d04308
......@@ -84,10 +84,6 @@ SSLContext::SSLContext(SSLVersion version) {
SSL_CTX_set_tlsext_servername_callback(ctx_, baseServerNameOpenSSLCallback);
SSL_CTX_set_tlsext_servername_arg(ctx_, this);
#endif
#ifdef OPENSSL_NPN_NEGOTIATED
Random::seed(nextProtocolPicker_);
#endif
}
SSLContext::~SSLContext() {
......@@ -378,16 +374,16 @@ bool SSLContext::setRandomizedAdvertisedNextProtocols(
dst += protoLength;
}
total_weight += item.weight;
advertised_item.probability = item.weight;
advertisedNextProtocols_.push_back(advertised_item);
advertisedNextProtocolWeights_.push_back(item.weight);
}
if (total_weight == 0) {
deleteNextProtocolsStrings();
return false;
}
nextProtocolDistribution_ =
std::discrete_distribution<>(advertisedNextProtocolWeights_.begin(),
advertisedNextProtocolWeights_.end());
for (auto& advertised_item : advertisedNextProtocols_) {
advertised_item.probability /= total_weight;
}
if ((uint8_t)protocolType & (uint8_t)NextProtocolType::NPN) {
SSL_CTX_set_next_protos_advertised_cb(
ctx_, advertisedNextProtocolCallback, this);
......@@ -410,7 +406,6 @@ void SSLContext::deleteNextProtocolsStrings() {
delete[] protocols.protocols;
}
advertisedNextProtocols_.clear();
advertisedNextProtocolWeights_.clear();
}
void SSLContext::unsetNextProtocols() {
......@@ -424,8 +419,18 @@ void SSLContext::unsetNextProtocols() {
}
size_t SSLContext::pickNextProtocols() {
CHECK(!advertisedNextProtocols_.empty()) << "Failed to pickNextProtocols";
return nextProtocolDistribution_(nextProtocolPicker_);
unsigned char random_byte;
RAND_bytes(&random_byte, 1);
double random_value = random_byte / 255.0;
double sum = 0;
for (size_t i = 0; i < advertisedNextProtocols_.size(); ++i) {
sum += advertisedNextProtocols_[i].probability;
if (sum < random_value && i + 1 < advertisedNextProtocols_.size()) {
continue;
}
return i;
}
CHECK(false) << "Failed to pickNextProtocols";
}
int SSLContext::advertisedNextProtocolCallback(SSL* ssl,
......
folly/io/async/SSLContext.h
View file @ 17d04308
......@@ -22,7 +22,6 @@
#include <vector>
#include <memory>
#include <string>
#include <random>
#include <openssl/ssl.h>
#include <openssl/tls1.h>
......@@ -36,8 +35,6 @@
#include <folly/folly-config.h>
#endif
#include <folly/Random.h>
namespace folly {
/**
......@@ -90,6 +87,12 @@ class SSLContext {
std::list<std::string> protocols;
};
struct AdvertisedNextProtocolsItem {
unsigned char* protocols;
unsigned length;
double probability;
};
// Function that selects a client protocol given the server's list
using ClientProtocolFilterCallback = bool (*)(unsigned char**, unsigned int*,
const unsigned char*, unsigned int);
......@@ -455,20 +458,10 @@ class SSLContext {
static bool initialized_;
#ifdef OPENSSL_NPN_NEGOTIATED
struct AdvertisedNextProtocolsItem {
unsigned char* protocols;
unsigned length;
};
/**
* Wire-format list of advertised protocols for use in NPN.
*/
std::vector<AdvertisedNextProtocolsItem> advertisedNextProtocols_;
std::vector<int> advertisedNextProtocolWeights_;
std::discrete_distribution<int> nextProtocolDistribution_;
Random::DefaultGenerator nextProtocolPicker_;
static int sNextProtocolsExDataIndex_;
static int advertisedNextProtocolCallback(SSL* ssl,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment