Skip to content

F
folly
Commit 38ba47c3 authored by Aaron Balsara's avatar Aaron Balsara Committed by Facebook Github Bot
Browse files
Options

AsyncSSLSocket connect without SSL 

Summary:
Currently when calling connect with AsyncSSLSocket in unencrypted
mode it still attempts to perform a SSL handshake. Add check to not
do SSL. Calling sslConnect will always run the SSL handshake

Reviewed By: jrahman

Differential Revision: D5153456

fbshipit-source-id: 4d9164115be72c8ee76e383535561e3083a327e3
parent 00ff5917
Hide whitespace changes
Inline Side-by-side
Showing with 39 additions and 6 deletions
folly/io/async/AsyncSSLSocket.cpp
View file @ 38ba47c3
......@@ -454,8 +454,8 @@ void AsyncSSLSocket::sslAccept(
verifyPeer_ = verifyPeer;
// Make sure we're in the uninitialized state
if (!server_ || (sslState_ != STATE_UNINIT &&
sslState_ != STATE_UNENCRYPTED) ||
if (!server_ ||
(sslState_ != STATE_UNINIT && sslState_ != STATE_UNENCRYPTED) ||
handshakeCallback_ != nullptr) {
return invalidState(callback);
}
......@@ -697,13 +697,15 @@ void AsyncSSLSocket::connect(
const folly::SocketAddress& bindAddr) noexcept {
assert(!server_);
assert(state_ == StateEnum::UNINIT);
assert(sslState_ == STATE_UNINIT);
assert(sslState_ == STATE_UNINIT || sslState_ == STATE_UNENCRYPTED);
noTransparentTls_ = true;
totalConnectTimeout_ = totalConnectTimeout;
AsyncSSLSocketConnector* connector = new AsyncSSLSocketConnector(
this, callback, int(totalConnectTimeout.count()));
if (sslState_ != STATE_UNENCRYPTED) {
callback = new AsyncSSLSocketConnector(
this, callback, int(totalConnectTimeout.count()));
}
AsyncSocket::connect(
connector, address, int(connectTimeout.count()), options, bindAddr);
callback, address, int(connectTimeout.count()), options, bindAddr);
}
bool AsyncSSLSocket::needsPeerVerification() const {
......
folly/io/async/test/AsyncSSLSocketTest.cpp
View file @ 38ba47c3
......@@ -1633,6 +1633,37 @@ TEST(AsyncSSLSocketTest, UnencryptedTest) {
EXPECT_EQ(AsyncSSLSocket::STATE_ESTABLISHED, client->getSSLState());
}
TEST(AsyncSSLSocketTest, ConnectUnencryptedTest) {
auto clientCtx = std::make_shared<folly::SSLContext>();
auto serverCtx = std::make_shared<folly::SSLContext>();
getctx(clientCtx, serverCtx);
WriteCallbackBase writeCallback;
ReadCallback readCallback(&writeCallback);
HandshakeCallback handshakeCallback(&readCallback);
SSLServerAcceptCallback acceptCallback(&handshakeCallback);
TestSSLServer server(&acceptCallback);
EventBase evb;
std::shared_ptr<AsyncSSLSocket> socket =
AsyncSSLSocket::newSocket(clientCtx, &evb, true);
socket->connect(nullptr, server.getAddress(), 0);
evb.loop();
EXPECT_EQ(AsyncSSLSocket::STATE_UNENCRYPTED, socket->getSSLState());
socket->sslConn(nullptr);
evb.loop();
EXPECT_EQ(AsyncSSLSocket::STATE_ESTABLISHED, socket->getSSLState());
// write()
std::array<uint8_t, 128> buf;
memset(buf.data(), 'a', buf.size());
socket->write(nullptr, buf.data(), buf.size());
socket->close();
}
TEST(AsyncSSLSocketTest, ConnResetErrorString) {
// Start listening on a local port
WriteCallbackBase writeCallback;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment