Update providedCiphersStr_ in one place.

Summary: The function `setCipherList` seems to forget to update the data member `providedCipherString_`. This diff updates `providedCiphersString_` at a single place `setCiphersOrThrow()`, and adds two test cases to make sure the derived `SSL*` uses the desired set of ciphers. Reviewed By: yfeldblum Differential Revision: D5372758 fbshipit-source-id: 8144ab3bc518b2b9fa8090af62f3bd6475bbbece

Update providedCiphersStr_ in one place.
Summary: The function `setCipherList` seems to forget to update the data member `providedCipherString_`. This diff updates `providedCiphersString_` at a single place `setCiphersOrThrow()`, and adds two test cases to make sure the derived `SSL*` uses the desired set of ciphers. Reviewed By: yfeldblum Differential Revision: D5372758 fbshipit-source-id: 8144ab3bc518b2b9fa8090af62f3bd6475bbbece
9d23df15 · Xiangyu Bu · Facebook Github Bot · 9b6eade1 · 9d23df15 · 9d23df15
Commit 9d23df15 authored Jul 11, 2017 by Xiangyu Bu Committed by Facebook Github Bot Jul 11, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 52 additions and 1 deletion

folly/io/async/SSLContext.cpp folly/io/async/SSLContext.cpp +1 -1

folly/io/async/test/SSLContextTest.cpp folly/io/async/test/SSLContextTest.cpp +51 -0

No files found.
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -102,7 +102,6 @@ SSLContext::~SSLContext() {
 }

 void SSLContext::ciphers(const std::string& ciphers) {
-  providedCiphersString_ = ciphers;
  setCiphersOrThrow(ciphers);
 }

@@ -188,6 +187,7 @@ void SSLContext::setCiphersOrThrow(const std::string& ciphers) {
  if (rc == 0) {
    throw std::runtime_error("SSL_CTX_set_cipher_list: " + getErrors());
  }
+  providedCiphersString_ = ciphers;
 }

 void SSLContext::setVerificationOption(const SSLContext::SSLVerifyPeerEnum&

--- a/folly/io/async/test/SSLContextTest.cpp
+++ b/folly/io/async/test/SSLContextTest.cpp
+/*
+ * Copyright 2017 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <folly/io/async/SSLContext.h>
+#include <folly/portability/GTest.h>
+
+using namespace std;
+using namespace testing;
+
+namespace folly {
+
+class SSLContextTest : public testing::Test {
+ public:
+  SSLContext ctx;
+  void verifySSLCipherList(const vector<string>& ciphers);
+};
+
+void SSLContextTest::verifySSLCipherList(const vector<string>& ciphers) {
+  int i = 0;
+  SSL* ssl = ctx.createSSL();
+  for (auto& cipher : ciphers) {
+    ASSERT_STREQ(cipher.c_str(), SSL_get_cipher_list(ssl, i++));
+  }
+  ASSERT_EQ(nullptr, SSL_get_cipher_list(ssl, i));
+  SSL_free(ssl);
+}
+
+TEST_F(SSLContextTest, TestSetCipherString) {
+  ctx.ciphers("AES128-SHA:ECDHE-RSA-AES256-SHA384");
+  verifySSLCipherList({"AES128-SHA", "ECDHE-RSA-AES256-SHA384"});
+}
+
+TEST_F(SSLContextTest, TestSetCipherList) {
+  const vector<string> ciphers = {"ECDHE-RSA-AES128-SHA", "AES256-SHA"};
+  ctx.setCipherList(ciphers);
+  verifySSLCipherList(ciphers);
+}
+}