Allow SSLSessionCallbacks to be used on SSL* that isn't attached to AsyncSSLSocket

Summary: The session callbacks assumed that the SSL* was associated with a folly::AsyncSSLSocket when it didn't need to. This enables apps that manage their own SSL* to use these callbacks. Reviewed By: yfeldblum Differential Revision: D2896426 fb-gh-sync-id: c51df6b4cb3f4cc188a6411c1f3e7e89e96e8a67

Allow SSLSessionCallbacks to be used on SSL* that isn't attached to AsyncSSLSocket
Summary: The session callbacks assumed that the SSL* was associated with a folly::AsyncSSLSocket when it didn't need to. This enables apps that manage their own SSL* to use these callbacks. Reviewed By: yfeldblum Differential Revision: D2896426 fb-gh-sync-id: c51df6b4cb3f4cc188a6411c1f3e7e89e96e8a67
47241bf8 · Neel Goyal · facebook-github-bot-0 · 504f7fc5 · 47241bf8 · 47241bf8
Commit 47241bf8 authored Feb 04, 2016 by Neel Goyal Committed by facebook-github-bot-0 Feb 04, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 8 deletions

folly/io/async/AsyncSSLSocket.cpp folly/io/async/AsyncSSLSocket.cpp +15 -8

folly/io/async/AsyncSSLSocket.h folly/io/async/AsyncSSLSocket.h +1 -0

No files found.
--- a/folly/io/async/AsyncSSLSocket.cpp
+++ b/folly/io/async/AsyncSSLSocket.cpp
@@ -840,22 +840,29 @@ const char *AsyncSSLSocket::getNegotiatedCipherName() const {
  return (ssl_ != nullptr) ? SSL_get_cipher_name(ssl_) : nullptr;
 }

+/* static */
+const char* AsyncSSLSocket::getSSLServerNameFromSSL(SSL* ssl) {
+  if (ssl == nullptr) {
+    return nullptr;
+  }
+#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+  return SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+#else
+  return nullptr;
+#endif
+}
+
 const char *AsyncSSLSocket::getSSLServerName() const {
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-  return (ssl_ != nullptr) ? SSL_get_servername(ssl_, TLSEXT_NAMETYPE_host_name)
-        : nullptr;
+  return getSSLServerNameFromSSL(ssl_);
 #else
  throw AsyncSocketException(AsyncSocketException::NOT_SUPPORTED,
-                            "SNI not supported");
+                             "SNI not supported");
 #endif
 }

 const char *AsyncSSLSocket::getSSLServerNameNoThrow() const {
-  try {
-    return getSSLServerName();
-  } catch (AsyncSocketException& ex) {
-    return nullptr;
-  }
+  return getSSLServerNameFromSSL(ssl_);
 }

 int AsyncSSLSocket::getSSLVersion() const {

--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -653,6 +653,7 @@ class AsyncSSLSocket : public virtual AsyncSocket {
  void resetClientHelloParsing(SSL *ssl);
  static void clientHelloParsingCallback(int write_p, int version,
      int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
+  static const char* getSSLServerNameFromSSL(SSL* ssl);

  // http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
  enum class TLSExtension: uint16_t {