Skip to content

F
folly
Commit dd280141 authored by Dave Watson's avatar Dave Watson
Browse files
Options

Move Acceptor to wangle 

Summary:
Initial pass at moving acceptor to wangle.  Involves moving most of the config stuff from proxygen/lib/services, and *all* of the ssl stuff from proxygen/lib/ssl.

Only minor changes:
* Acceptor can be overriden to use thrift socket types, so I don't have to change TTransportException everywhere just yet
* proxygen::Exception to std::runtime_exception in a few spots - looks like it is entirely bad config exceptions, so it should be okay
* Just used std::chrono directly instead of stuff in Time.h (which is just typedefs and simple helpers)

Test Plan:
used in D1539327

fbconfig -r proxygen/httpserver; fbmake runtests

Probably other projects are broken, will iterate to fix

None of the failling tests look related

Reviewed By: dcsommer@fb.com

Subscribers: oleksandr, netego-diffs@, hphp-diffs@, ps, trunkagent, doug, fugalh, alandau, bmatheny, njormrod, mshneer, folly-diffs@

FB internal diff: D1638358

Tasks: 5002353

Signature: t1:1638358:1414526683:87a405e3c24711078707c00b62a50b0e960bf126
parent 81fa7fd7
Expand all Show whitespace changes
Inline Side-by-side
Showing with 4595 additions and 1 deletion
folly/Makefile.am
View file @ dd280141
...@@ -88,6 +88,26 @@ nobase_follyinclude_HEADERS = \ ...@@ -88,6 +88,26 @@ nobase_follyinclude_HEADERS = \
experimental/wangle/rx/types.h \ experimental/wangle/rx/types.h \
experimental/wangle/ConnectionManager.h \ experimental/wangle/ConnectionManager.h \
experimental/wangle/ManagedConnection.h \ experimental/wangle/ManagedConnection.h \
experimental/wangle/acceptor/Acceptor.h \
experimental/wangle/acceptor/ConnectionCounter.h \
experimental/wangle/acceptor/SocketOptions.h \
experimental/wangle/acceptor/DomainNameMisc.h \
experimental/wangle/acceptor/LoadShedConfiguration.h \
experimental/wangle/acceptor/NetworkAddress.h \
experimental/wangle/acceptor/ServerSocketConfig.h \
experimental/wangle/acceptor/TransportInfo.h \
experimental/wangle/ssl/ClientHelloExtStats.h \
experimental/wangle/ssl/DHParam.h \
experimental/wangle/ssl/PasswordInFile.h \
experimental/wangle/ssl/SSLCacheOptions.h \
experimental/wangle/ssl/SSLCacheProvider.h \
experimental/wangle/ssl/SSLContextConfig.h \
experimental/wangle/ssl/SSLContextManager.h \
experimental/wangle/ssl/SSLSessionCacheManager.h \
experimental/wangle/ssl/SSLStats.h \
experimental/wangle/ssl/SSLUtil.h \
experimental/wangle/ssl/TLSTicketKeyManager.h \
experimental/wangle/ssl/TLSTicketKeySeeds.h \
FBString.h \ FBString.h \
FBVector.h \ FBVector.h \
File.h \ File.h \
...@@ -301,7 +321,16 @@ libfolly_la_SOURCES = \ ...@@ -301,7 +321,16 @@ libfolly_la_SOURCES = \
experimental/wangle/concurrent/IOThreadPoolExecutor.cpp \ experimental/wangle/concurrent/IOThreadPoolExecutor.cpp \
experimental/wangle/concurrent/ThreadPoolExecutor.cpp \ experimental/wangle/concurrent/ThreadPoolExecutor.cpp \
experimental/wangle/ConnectionManager.cpp \ experimental/wangle/ConnectionManager.cpp \
experimental/wangle/ManagedConnection.cpp experimental/wangle/ManagedConnection.cpp \
experimental/wangle/acceptor/Acceptor.cpp \
experimental/wangle/acceptor/SocketOptions.cpp \
experimental/wangle/acceptor/LoadShedConfiguration.cpp \
experimental/wangle/acceptor/TransportInfo.cpp \
experimental/wangle/ssl/PasswordInFile.cpp \
experimental/wangle/ssl/SSLContextManager.cpp \
experimental/wangle/ssl/SSLSessionCacheManager.cpp \
experimental/wangle/ssl/SSLUtil.cpp \
experimental/wangle/ssl/TLSTicketKeyManager.cpp
if HAVE_LINUX if HAVE_LINUX
nobase_follyinclude_HEADERS += \ nobase_follyinclude_HEADERS += \
......
folly/experimental/wangle/acceptor/Acceptor.cpp 0 → 100644
View file @ dd280141
This diff is collapsed.
folly/experimental/wangle/acceptor/Acceptor.h 0 → 100644
View file @ dd280141
This diff is collapsed.
folly/experimental/wangle/acceptor/ConnectionCounter.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
namespace folly {
class IConnectionCounter {
public:
virtual uint64_t getNumConnections() const = 0;
/**
* Get the maximum number of non-whitelisted client-side connections
* across all Acceptors managed by this. A value
* of zero means "unlimited."
*/
virtual uint64_t getMaxConnections() const = 0;
/**
* Increment the count of client-side connections.
*/
virtual void onConnectionAdded() = 0;
/**
* Decrement the count of client-side connections.
*/
virtual void onConnectionRemoved() = 0;
virtual ~IConnectionCounter() {}
};
class SimpleConnectionCounter: public IConnectionCounter {
public:
uint64_t getNumConnections() const override { return numConnections_; }
uint64_t getMaxConnections() const override { return maxConnections_; }
void setMaxConnections(uint64_t maxConnections) {
maxConnections_ = maxConnections;
}
void onConnectionAdded() override { numConnections_++; }
void onConnectionRemoved() override { numConnections_--; }
virtual ~SimpleConnectionCounter() {}
protected:
uint64_t maxConnections_{0};
uint64_t numConnections_{0};
};
}
folly/experimental/wangle/acceptor/DomainNameMisc.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <string>
namespace folly {
struct dn_char_traits : public std::char_traits<char> {
static bool eq(char c1, char c2) {
return ::tolower(c1) == ::tolower(c2);
}
static bool ne(char c1, char c2) {
return ::tolower(c1) != ::tolower(c2);
}
static bool lt(char c1, char c2) {
return ::tolower(c1) < ::tolower(c2);
}
static int compare(const char* s1, const char* s2, size_t n) {
while (n--) {
if(::tolower(*s1) < ::tolower(*s2) ) {
return -1;
}
if(::tolower(*s1) > ::tolower(*s2) ) {
return 1;
}
++s1;
++s2;
}
return 0;
}
static const char* find(const char* s, size_t n, char a) {
char la = ::tolower(a);
while (n--) {
if(::tolower(*s) == la) {
return s;
} else {
++s;
}
}
return nullptr;
}
};
// Case insensitive string
typedef std::basic_string<char, dn_char_traits> DNString;
struct DNStringHash : public std::hash<std::string> {
size_t operator()(const DNString& s) const noexcept {
size_t h = static_cast<size_t>(0xc70f6907UL);
const char* d = s.data();
for (size_t i = 0; i < s.length(); ++i) {
char a = ::tolower(*d++);
h = std::_Hash_impl::hash(&a, sizeof(a), h);
}
return h;
}
};
} // namespace
folly/experimental/wangle/acceptor/LoadShedConfiguration.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/acceptor/LoadShedConfiguration.h>
#include <folly/Conv.h>
#include <openssl/ssl.h>
using std::string;
namespace folly {
void LoadShedConfiguration::addWhitelistAddr(folly::StringPiece input) {
auto addr = input.str();
size_t separator = addr.find_first_of('/');
if (separator == string::npos) {
whitelistAddrs_.insert(SocketAddress(addr, 0));
} else {
unsigned prefixLen = folly::to<unsigned>(addr.substr(separator + 1));
addr.erase(separator);
whitelistNetworks_.insert(NetworkAddress(SocketAddress(addr, 0), prefixLen));
}
}
bool LoadShedConfiguration::isWhitelisted(const SocketAddress& address) const {
if (whitelistAddrs_.find(address) != whitelistAddrs_.end()) {
return true;
}
for (auto& network : whitelistNetworks_) {
if (network.contains(address)) {
return true;
}
}
return false;
}
}
folly/experimental/wangle/acceptor/LoadShedConfiguration.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <chrono>
#include <folly/Range.h>
#include <folly/SocketAddress.h>
#include <glog/logging.h>
#include <list>
#include <set>
#include <string>
#include <folly/experimental/wangle/acceptor/NetworkAddress.h>
namespace folly {
/**
* Class that holds an LoadShed configuration for a service
*/
class LoadShedConfiguration {
public:
// Comparison function for SocketAddress that disregards the port
struct AddressOnlyCompare {
bool operator()(
const SocketAddress& addr1,
const SocketAddress& addr2) const {
return addr1.getIPAddress() < addr2.getIPAddress();
}
};
typedef std::set<SocketAddress, AddressOnlyCompare> AddressSet;
typedef std::set<NetworkAddress> NetworkSet;
LoadShedConfiguration() {}
~LoadShedConfiguration() {}
void addWhitelistAddr(folly::StringPiece);
/**
* Set/get the set of IPs that should be whitelisted through even when we're
* trying to shed load.
*/
void setWhitelistAddrs(const AddressSet& addrs) { whitelistAddrs_ = addrs; }
const AddressSet& getWhitelistAddrs() const { return whitelistAddrs_; }
/**
* Set/get the set of networks that should be whitelisted through even
* when we're trying to shed load.
*/
void setWhitelistNetworks(const NetworkSet& networks) {
whitelistNetworks_ = networks;
}
const NetworkSet& getWhitelistNetworks() const { return whitelistNetworks_; }
/**
* Set/get the maximum number of downstream connections across all VIPs.
*/
void setMaxConnections(uint64_t maxConns) { maxConnections_ = maxConns; }
uint64_t getMaxConnections() const { return maxConnections_; }
/**
* Set/get the maximum cpu usage.
*/
void setMaxMemUsage(double max) {
CHECK(max >= 0);
CHECK(max <= 1);
maxMemUsage_ = max;
}
double getMaxMemUsage() const { return maxMemUsage_; }
/**
* Set/get the maximum memory usage.
*/
void setMaxCpuUsage(double max) {
CHECK(max >= 0);
CHECK(max <= 1);
maxCpuUsage_ = max;
}
double getMaxCpuUsage() const { return maxCpuUsage_; }
void setLoadUpdatePeriod(std::chrono::milliseconds period) {
period_ = period;
}
std::chrono::milliseconds getLoadUpdatePeriod() const { return period_; }
bool isWhitelisted(const SocketAddress& addr) const;
private:
AddressSet whitelistAddrs_;
NetworkSet whitelistNetworks_;
uint64_t maxConnections_{0};
double maxMemUsage_;
double maxCpuUsage_;
std::chrono::milliseconds period_;
};
}
folly/experimental/wangle/acceptor/NetworkAddress.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/SocketAddress.h>
namespace folly {
/**
* A simple wrapper around SocketAddress that represents
* a network in CIDR notation
*/
class NetworkAddress {
public:
/**
* Create a NetworkAddress for an addr/prefixLen
* @param addr IPv4 or IPv6 address of the network
* @param prefixLen Prefix length, in bits
*/
NetworkAddress(const folly::SocketAddress& addr,
unsigned prefixLen):
addr_(addr), prefixLen_(prefixLen) {}
/** Get the network address */
const folly::SocketAddress& getAddress() const {
return addr_;
}
/** Get the prefix length in bits */
unsigned getPrefixLength() const { return prefixLen_; }
/** Check whether a given address lies within the network */
bool contains(const folly::SocketAddress& addr) const {
return addr_.prefixMatch(addr, prefixLen_);
}
/** Comparison operator to enable use in ordered collections */
bool operator<(const NetworkAddress& other) const {
if (addr_ < other.addr_) {
return true;
} else if (other.addr_ < addr_) {
return false;
} else {
return (prefixLen_ < other.prefixLen_);
}
}
private:
folly::SocketAddress addr_;
unsigned prefixLen_;
};
} // namespace
folly/experimental/wangle/acceptor/ServerSocketConfig.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/experimental/wangle/ssl/SSLCacheOptions.h>
#include <folly/experimental/wangle/ssl/SSLContextConfig.h>
#include <folly/experimental/wangle/ssl/TLSTicketKeySeeds.h>
#include <folly/experimental/wangle/ssl/SSLUtil.h>
#include <folly/experimental/wangle/acceptor/SocketOptions.h>
#include <boost/optional.hpp>
#include <chrono>
#include <fcntl.h>
#include <folly/Random.h>
#include <folly/SocketAddress.h>
#include <folly/String.h>
#include <folly/io/async/SSLContext.h>
#include <list>
#include <string>
#include <sys/stat.h>
#include <sys/types.h>
#include <folly/io/async/AsyncSocket.h>
#include <folly/io/async/SSLContext.h>
#include <folly/SocketAddress.h>
namespace folly {
/**
* Configuration for a single Acceptor.
*
* This configures not only accept behavior, but also some types of SSL
* behavior that may make sense to configure on a per-VIP basis (e.g. which
* cert(s) we use, etc).
*/
struct ServerSocketConfig {
ServerSocketConfig() {
// generate a single random current seed
uint8_t seed[32];
folly::Random::secureRandom(seed, sizeof(seed));
initialTicketSeeds.currentSeeds.push_back(
SSLUtil::hexlify(std::string((char *)seed, sizeof(seed))));
}
bool isSSL() const { return !(sslContextConfigs.empty()); }
/**
* Set/get the socket options to apply on all downstream connections.
*/
void setSocketOptions(
const AsyncSocket::OptionMap& opts) {
socketOptions_ = filterIPSocketOptions(opts, bindAddress.getFamily());
}
AsyncSocket::OptionMap&
getSocketOptions() {
return socketOptions_;
}
const AsyncSocket::OptionMap&
getSocketOptions() const {
return socketOptions_;
}
bool hasExternalPrivateKey() const {
for (const auto& cfg : sslContextConfigs) {
if (!cfg.isLocalPrivateKey) {
return true;
}
}
return false;
}
/**
* The name of this acceptor; used for stats/reporting purposes.
*/
std::string name;
/**
* The depth of the accept queue backlog.
*/
uint32_t acceptBacklog{1024};
/**
* The number of milliseconds a connection can be idle before we close it.
*/
std::chrono::milliseconds connectionIdleTimeout{600000};
/**
* The address to bind to.
*/
SocketAddress bindAddress;
/**
* Options for controlling the SSL cache.
*/
SSLCacheOptions sslCacheOptions{std::chrono::seconds(600), 20480, 200};
/**
* The initial TLS ticket seeds.
*/
TLSTicketKeySeeds initialTicketSeeds;
/**
* The configs for all the SSL_CTX for use by this Acceptor.
*/
std::vector<SSLContextConfig> sslContextConfigs;
/**
* Determines if the Acceptor does strict checking when loading the SSL
* contexts.
*/
bool strictSSL{true};
/**
* Maximum number of concurrent pending SSL handshakes
*/
uint32_t maxConcurrentSSLHandshakes{30720};
private:
AsyncSocket::OptionMap socketOptions_;
};
} // folly
folly/experimental/wangle/acceptor/SocketOptions.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/acceptor/SocketOptions.h>
#include <netinet/tcp.h>
#include <sys/socket.h>
namespace folly {
AsyncSocket::OptionMap filterIPSocketOptions(
const AsyncSocket::OptionMap& allOptions,
const int addrFamily) {
AsyncSocket::OptionMap opts;
int exclude;
if (addrFamily == AF_INET) {
exclude = IPPROTO_IPV6;
} else if (addrFamily == AF_INET6) {
exclude = IPPROTO_IP;
} else {
LOG(FATAL) << "Address family " << addrFamily << " was not IPv4 or IPv6";
return opts;
}
for (const auto& opt: allOptions) {
if (opt.first.level != exclude) {
opts[opt.first] = opt.second;
}
}
return opts;
}
}
folly/experimental/wangle/acceptor/SocketOptions.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/io/async/AsyncSocket.h>
namespace folly {
/**
* Returns a copy of the socket options excluding options with the given
* level.
*/
AsyncSocket::OptionMap filterIPSocketOptions(
const AsyncSocket::OptionMap& allOptions,
const int addrFamily);
}
folly/experimental/wangle/acceptor/TransportInfo.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/acceptor/TransportInfo.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <folly/io/async/AsyncSocket.h>
using std::chrono::microseconds;
using std::map;
using std::string;
namespace folly {
bool TransportInfo::initWithSocket(const AsyncSocket* sock) {
#if defined(__linux__) || defined(__FreeBSD__)
if (!TransportInfo::readTcpInfo(&tcpinfo, sock)) {
tcpinfoErrno = errno;
return false;
}
rtt = microseconds(tcpinfo.tcpi_rtt);
validTcpinfo = true;
#else
tcpinfoErrno = EINVAL;
rtt = microseconds(-1);
#endif
return true;
}
int64_t TransportInfo::readRTT(const AsyncSocket* sock) {
#if defined(__linux__) || defined(__FreeBSD__)
struct tcp_info tcpinfo;
if (!TransportInfo::readTcpInfo(&tcpinfo, sock)) {
return -1;
}
return tcpinfo.tcpi_rtt;
#else
return -1;
#endif
}
#if defined(__linux__) || defined(__FreeBSD__)
bool TransportInfo::readTcpInfo(struct tcp_info* tcpinfo,
const AsyncSocket* sock) {
socklen_t len = sizeof(struct tcp_info);
if (!sock) {
return false;
}
if (getsockopt(sock->getFd(), IPPROTO_TCP,
TCP_INFO, (void*) tcpinfo, &len) < 0) {
VLOG(4) << "Error calling getsockopt(): " << strerror(errno);
return false;
}
return true;
}
#endif
} // folly
folly/experimental/wangle/acceptor/TransportInfo.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/experimental/wangle/ssl/SSLUtil.h>
#include <chrono>
#include <netinet/tcp.h>
#include <string>
namespace folly {
class AsyncSocket;
/**
* A structure that encapsulates byte counters related to the HTTP headers.
*/
struct HTTPHeaderSize {
/**
* The number of bytes used to represent the header after compression or
* before decompression. If header compression is not supported, the value
* is set to 0.
*/
uint32_t compressed{0};
/**
* The number of bytes used to represent the serialized header before
* compression or after decompression, in plain-text format.
*/
uint32_t uncompressed{0};
};
struct TransportInfo {
/*
* timestamp of when the connection handshake was completed
*/
std::chrono::steady_clock::time_point acceptTime{};
/*
* connection RTT (Round-Trip Time)
*/
std::chrono::microseconds rtt{0};
#if defined(__linux__) || defined(__FreeBSD__)
/*
* TCP information as fetched from getsockopt(2)
*/
tcp_info tcpinfo {
#if __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 17
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 // 32
#else
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 // 29
#endif // __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 17
};
#endif // defined(__linux__) || defined(__FreeBSD__)
/*
* time for setting the connection, from the moment in was accepted until it
* is established.
*/
std::chrono::milliseconds setupTime{0};
/*
* time for setting up the SSL connection or SSL handshake
*/
std::chrono::milliseconds sslSetupTime{0};
/*
* The name of the SSL ciphersuite used by the transaction's
* transport. Returns null if the transport is not SSL.
*/
const char* sslCipher{nullptr};
/*
* The SSL server name used by the transaction's
* transport. Returns null if the transport is not SSL.
*/
const char* sslServerName{nullptr};
/*
* list of ciphers sent by the client
*/
std::string sslClientCiphers{};
/*
* list of compression methods sent by the client
*/
std::string sslClientComprMethods{};
/*
* list of TLS extensions sent by the client
*/
std::string sslClientExts{};
/*
* hash of all the SSL parameters sent by the client
*/
std::string sslSignature{};
/*
* list of ciphers supported by the server
*/
std::string sslServerCiphers{};
/*
* guessed "(os) (browser)" based on SSL Signature
*/
std::string guessedUserAgent{};
/**
* The result of SSL NPN negotiation.
*/
std::string sslNextProtocol{};
/*
* total number of bytes sent over the connection
*/
int64_t totalBytes{0};
/**
* header bytes read
*/
HTTPHeaderSize ingressHeader;
/*
* header bytes written
*/
HTTPHeaderSize egressHeader;
/*
* Here is how the timeToXXXByte variables are planned out:
* 1. All timeToXXXByte variables are measuring the ByteEvent from reqStart_
* 2. You can get the timing between two ByteEvents by calculating their
* differences. For example:
* timeToLastBodyByteAck - timeToFirstByte
* => Total time to deliver the body
* 3. The calculation in point (2) is typically done outside acceptor
*
* Future plan:
* We should log the timestamps (TimePoints) and allow
* the consumer to calculate the latency whatever it
* wants instead of calculating them in wangle, for the sake of flexibility.
* For example:
* 1. TimePoint reqStartTimestamp;
* 2. TimePoint firstHeaderByteSentTimestamp;
* 3. TimePoint firstBodyByteTimestamp;
* 3. TimePoint lastBodyByteTimestamp;
* 4. TimePoint lastBodyByteAckTimestamp;
*/
/*
* time to first header byte written to the kernel send buffer
* NOTE: It is not 100% accurate since TAsyncSocket does not do
* do callback on partial write.
*/
int32_t timeToFirstHeaderByte{-1};
/*
* time to first body byte written to the kernel send buffer
*/
int32_t timeToFirstByte{-1};
/*
* time to last body byte written to the kernel send buffer
*/
int32_t timeToLastByte{-1};
/*
* time to TCP Ack received for the last written body byte
*/
int32_t timeToLastBodyByteAck{-1};
/*
* time it took the client to ACK the last byte, from the moment when the
* kernel sent the last byte to the client and until it received the ACK
* for that byte
*/
int32_t lastByteAckLatency{-1};
/*
* time spent inside wangle
*/
int32_t proxyLatency{-1};
/*
* time between connection accepted and client message headers completed
*/
int32_t clientLatency{-1};
/*
* latency for communication with the server
*/
int32_t serverLatency{-1};
/*
* time used to get a usable connection.
*/
int32_t connectLatency{-1};
/*
* body bytes written
*/
uint32_t egressBodySize{0};
/*
* value of errno in case of getsockopt() error
*/
int tcpinfoErrno{0};
/*
* bytes read & written during SSL Setup
*/
uint32_t sslSetupBytesWritten{0};
uint32_t sslSetupBytesRead{0};
/**
* SSL error detail
*/
uint32_t sslError{0};
/**
* body bytes read
*/
uint32_t ingressBodySize{0};
/*
* The SSL version used by the transaction's transport, in
* OpenSSL's format: 4 bits for the major version, followed by 4 bits
* for the minor version. Returns zero for non-SSL.
*/
uint16_t sslVersion{0};
/*
* The SSL certificate size.
*/
uint16_t sslCertSize{0};
/**
* response status code
*/
uint16_t statusCode{0};
/*
* The SSL mode for the transaction's transport: new session,
* resumed session, or neither (non-SSL).
*/
SSLResumeEnum sslResume{SSLResumeEnum::NA};
/*
* true if the tcpinfo was successfully read from the kernel
*/
bool validTcpinfo{false};
/*
* true if the connection is SSL, false otherwise
*/
bool ssl{false};
/*
* get the RTT value in milliseconds
*/
std::chrono::milliseconds getRttMs() const {
return std::chrono::duration_cast<std::chrono::milliseconds>(rtt);
}
/*
* initialize the fields related with tcp_info
*/
bool initWithSocket(const AsyncSocket* sock);
/*
* Get the kernel's estimate of round-trip time (RTT) to the transport's peer
* in microseconds. Returns -1 on error.
*/
static int64_t readRTT(const AsyncSocket* sock);
#if defined(__linux__) || defined(__FreeBSD__)
/*
* perform the getsockopt(2) syscall to fetch TCP info for a given socket
*/
static bool readTcpInfo(struct tcp_info* tcpinfo,
const AsyncSocket* sock);
#endif
};
} // folly
folly/experimental/wangle/ssl/ClientHelloExtStats.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
namespace folly {
class ClientHelloExtStats {
public:
virtual ~ClientHelloExtStats() noexcept {}
// client hello
virtual void recordAbsentHostname() noexcept = 0;
virtual void recordMatch() noexcept = 0;
virtual void recordNotMatch() noexcept = 0;
};
}
folly/experimental/wangle/ssl/DHParam.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <openssl/dh.h>
// The following was auto-generated by
// openssl dhparam -C 2048
DH *get_dh2048()
{
static unsigned char dh2048_p[]={
0xF8,0x87,0xA5,0x15,0x98,0x35,0x20,0x1E,0xF5,0x81,0xE5,0x95,
0x1B,0xE4,0x54,0xEA,0x53,0xF5,0xE7,0x26,0x30,0x03,0x06,0x79,
0x3C,0xC1,0x0B,0xAD,0x3B,0x59,0x3C,0x61,0x13,0x03,0x7B,0x02,
0x70,0xDE,0xC1,0x20,0x11,0x9E,0x94,0x13,0x50,0xF7,0x62,0xFC,
0x99,0x0D,0xC1,0x12,0x6E,0x03,0x95,0xA3,0x57,0xC7,0x3C,0xB8,
0x6B,0x40,0x56,0x65,0x70,0xFB,0x7A,0xE9,0x02,0xEC,0xD2,0xB6,
0x54,0xD7,0x34,0xAD,0x3D,0x9E,0x11,0x61,0x53,0xBE,0xEA,0xB8,
0x17,0x48,0xA8,0xDC,0x70,0xAE,0x65,0x99,0x3F,0x82,0x4C,0xFF,
0x6A,0xC9,0xFA,0xB1,0xFA,0xE4,0x4F,0x5D,0xA4,0x05,0xC2,0x8E,
0x55,0xC0,0xB1,0x1D,0xCC,0x17,0xF3,0xFA,0x65,0xD8,0x6B,0x09,
0x13,0x01,0x2A,0x39,0xF1,0x86,0x73,0xE3,0x7A,0xC8,0xDB,0x7D,
0xDA,0x1C,0xA1,0x2D,0xBA,0x2C,0x00,0x6B,0x2C,0x55,0x28,0x2B,
0xD5,0xF5,0x3C,0x9F,0x50,0xA7,0xB7,0x28,0x9F,0x22,0xD5,0x3A,
0xC4,0x53,0x01,0xC9,0xF3,0x69,0xB1,0x8D,0x01,0x36,0xF8,0xA8,
0x89,0xCA,0x2E,0x72,0xBC,0x36,0x3A,0x42,0xC1,0x06,0xD6,0x0E,
0xCB,0x4D,0x5C,0x1F,0xE4,0xA1,0x17,0xBF,0x55,0x64,0x1B,0xB4,
0x52,0xEC,0x15,0xED,0x32,0xB1,0x81,0x07,0xC9,0x71,0x25,0xF9,
0x4D,0x48,0x3D,0x18,0xF4,0x12,0x09,0x32,0xC4,0x0B,0x7A,0x4E,
0x83,0xC3,0x10,0x90,0x51,0x2E,0xBE,0x87,0xF9,0xDE,0xB4,0xE6,
0x3C,0x29,0xB5,0x32,0x01,0x9D,0x95,0x04,0xBD,0x42,0x89,0xFD,
0x21,0xEB,0xE9,0x88,0x5A,0x27,0xBB,0x31,0xC4,0x26,0x99,0xAB,
0x8C,0xA1,0x76,0xDB,
};
static unsigned char dh2048_g[]={
0x02,
};
DH *dh;
if ((dh=DH_new()) == nullptr) return(nullptr);
dh->p=BN_bin2bn(dh2048_p,(int)sizeof(dh2048_p),nullptr);
dh->g=BN_bin2bn(dh2048_g,(int)sizeof(dh2048_g),nullptr);
if ((dh->p == nullptr) || (dh->g == nullptr))
{ DH_free(dh); return(nullptr); }
return(dh);
}
folly/experimental/wangle/ssl/PasswordInFile.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/ssl/PasswordInFile.h>
#include <folly/FileUtil.h>
using namespace std;
namespace folly {
PasswordInFile::PasswordInFile(const string& file)
: fileName_(file) {
folly::readFile(file.c_str(), password_);
auto p = password_.find('\0');
if (p != std::string::npos) {
password_.erase(p);
}
}
PasswordInFile::~PasswordInFile() {
OPENSSL_cleanse((char *)password_.data(), password_.length());
}
}
folly/experimental/wangle/ssl/PasswordInFile.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/io/async/SSLContext.h> // PasswordCollector
namespace folly {
class PasswordInFile: public folly::PasswordCollector {
public:
explicit PasswordInFile(const std::string& file);
~PasswordInFile();
void getPassword(std::string& password, int size) override {
password = password_;
}
const char* getPasswordStr() const {
return password_.c_str();
}
std::string describe() const override {
return fileName_;
}
protected:
std::string fileName_;
std::string password_;
};
}
folly/experimental/wangle/ssl/SSLCacheOptions.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <chrono>
#include <cstdint>
namespace folly {
struct SSLCacheOptions {
std::chrono::seconds sslCacheTimeout;
uint64_t maxSSLCacheSize;
uint64_t sslCacheFlushSize;
};
}
folly/experimental/wangle/ssl/SSLCacheProvider.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/io/async/AsyncSSLSocket.h>
namespace folly {
class SSLSessionCacheManager;
/**
* Interface to be implemented by providers of external session caches
*/
class SSLCacheProvider {
public:
/**
* Context saved during an external cache request that is used to
* resume the waiting client.
*/
typedef struct {
std::string sessionId;
SSL_SESSION* session;
SSLSessionCacheManager* manager;
AsyncSSLSocket* sslSocket;
std::unique_ptr<
folly::DelayedDestruction::DestructorGuard> guard;
} CacheContext;
virtual ~SSLCacheProvider() {}
/**
* Store a session in the external cache.
* @param sessionId Identifier that can be used later to fetch the
* session with getAsync()
* @param value Serialized session to store
* @param expiration Relative expiration time: seconds from now
* @return true if the storing of the session is initiated successfully
* (though not necessarily completed; the completion may
* happen either before or after this method returns), or
* false if the storing cannot be initiated due to an error.
*/
virtual bool setAsync(const std::string& sessionId,
const std::string& value,
std::chrono::seconds expiration) = 0;
/**
* Retrieve a session from the external cache. When done, call
* the cache manager's onGetSuccess() or onGetFailure() callback.
* @param sessionId Session ID to fetch
* @param context Data to pass back to the SSLSessionCacheManager
* in the completion callback
* @return true if the lookup of the session is initiated successfully
* (though not necessarily completed; the completion may
* happen either before or after this method returns), or
* false if the lookup cannot be initiated due to an error.
*/
virtual bool getAsync(const std::string& sessionId,
CacheContext* context) = 0;
};
}
folly/experimental/wangle/ssl/SSLContextConfig.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <string>
#include <folly/io/async/SSLContext.h>
#include <vector>
/**
* SSLContextConfig helps to describe the configs/options for
* a SSL_CTX. For example:
*
* 1. Filename of X509, private key and its password.
* 2. ciphers list
* 3. NPN list
* 4. Is session cache enabled?
* 5. Is it the default X509 in SNI operation?
* 6. .... and a few more
*/
namespace folly {
struct SSLContextConfig {
SSLContextConfig() {}
~SSLContextConfig() {}
struct CertificateInfo {
std::string certPath;
std::string keyPath;
std::string passwordPath;
};
/**
* Helpers to set/add a certificate
*/
void setCertificate(const std::string& certPath,
const std::string& keyPath,
const std::string& passwordPath) {
certificates.clear();
addCertificate(certPath, keyPath, passwordPath);
}
void addCertificate(const std::string& certPath,
const std::string& keyPath,
const std::string& passwordPath) {
certificates.emplace_back(CertificateInfo{certPath, keyPath, passwordPath});
}
/**
* Set the optional list of protocols to advertise via TLS
* Next Protocol Negotiation. An empty list means NPN is not enabled.
*/
void setNextProtocols(const std::list<std::string>& inNextProtocols) {
nextProtocols.clear();
nextProtocols.push_back({1, inNextProtocols});
}
typedef std::function<bool(char const* server_name)> SNINoMatchFn;
std::vector<CertificateInfo> certificates;
folly::SSLContext::SSLVersion sslVersion{
folly::SSLContext::TLSv1};
bool sessionCacheEnabled{true};
bool sessionTicketEnabled{true};
bool clientHelloParsingEnabled{false};
std::string sslCiphers{
"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:"
"ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:"
"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:"
"AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:"
"ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5:"
"ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA"};
std::string eccCurveName;
// Ciphers to negotiate if TLS version >= 1.1
std::string tls11Ciphers{""};
// Weighted lists of NPN strings to advertise
std::list<folly::SSLContext::NextProtocolsItem>
nextProtocols;
bool isLocalPrivateKey{true};
// Should this SSLContextConfig be the default for SNI purposes
bool isDefault{false};
// Callback function to invoke when there are no matching certificates
// (will only be invoked once)
SNINoMatchFn sniNoMatchFn;
// File containing trusted CA's to validate client certificates
std::string clientCAFile;
};
}
folly/experimental/wangle/ssl/SSLContextManager.cpp 0 → 100644
View file @ dd280141
This diff is collapsed.
folly/experimental/wangle/ssl/SSLContextManager.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/io/async/EventBase.h>
#include <folly/io/async/SSLContext.h>
#include <glog/logging.h>
#include <list>
#include <memory>
#include <folly/experimental/wangle/ssl/SSLContextConfig.h>
#include <folly/experimental/wangle/ssl/SSLSessionCacheManager.h>
#include <folly/experimental/wangle/ssl/TLSTicketKeySeeds.h>
#include <folly/experimental/wangle/acceptor/DomainNameMisc.h>
#include <vector>
namespace folly {
class SocketAddress;
class SSLContext;
class ClientHelloExtStats;
class SSLCacheOptions;
class SSLStats;
class TLSTicketKeyManager;
class TLSTicketKeySeeds;
class SSLContextManager {
public:
explicit SSLContextManager(EventBase* eventBase,
const std::string& vipName, bool strict,
SSLStats* stats);
virtual ~SSLContextManager();
/**
* Add a new X509 to SSLContextManager. The details of a X509
* is passed as a SSLContextConfig object.
*
* @param ctxConfig Details of a X509, its private key, password, etc.
* @param cacheOptions Options for how to do session caching.
* @param ticketSeeds If non-null, the initial ticket key seeds to use.
* @param vipAddress Which VIP are the X509(s) used for? It is only for
* for user friendly log message
* @param externalCache Optional external provider for the session cache;
* may be null
*/
void addSSLContextConfig(
const SSLContextConfig& ctxConfig,
const SSLCacheOptions& cacheOptions,
const TLSTicketKeySeeds* ticketSeeds,
const folly::SocketAddress& vipAddress,
const std::shared_ptr<SSLCacheProvider> &externalCache);
/**
* Get the default SSL_CTX for a VIP
*/
std::shared_ptr<SSLContext>
getDefaultSSLCtx() const;
/**
* Search by the _one_ level up subdomain
*/
std::shared_ptr<SSLContext>
getSSLCtxBySuffix(const DNString& dnstr) const;
/**
* Search by the full-string domain name
*/
std::shared_ptr<SSLContext>
getSSLCtx(const DNString& dnstr) const;
/**
* Insert a SSLContext by domain name.
*/
void insertSSLCtxByDomainName(
const char* dn,
size_t len,
std::shared_ptr<SSLContext> sslCtx);
void insertSSLCtxByDomainNameImpl(
const char* dn,
size_t len,
std::shared_ptr<SSLContext> sslCtx);
void reloadTLSTicketKeys(const std::vector<std::string>& oldSeeds,
const std::vector<std::string>& currentSeeds,
const std::vector<std::string>& newSeeds);
/**
* SSLContextManager only collects SNI stats now
*/
void setClientHelloExtStats(ClientHelloExtStats* stats) {
clientHelloTLSExtStats_ = stats;
}
protected:
virtual void enableAsyncCrypto(
const std::shared_ptr<SSLContext>& sslCtx) {
LOG(FATAL) << "Unsupported in base SSLContextManager";
}
SSLStats* stats_{nullptr};
private:
SSLContextManager(const SSLContextManager&) = delete;
void ctxSetupByOpensslFeature(
std::shared_ptr<SSLContext> sslCtx,
const SSLContextConfig& ctxConfig);
/**
* Callback function from openssl to find the right X509 to
* use during SSL handshake
*/
#if OPENSSL_VERSION_NUMBER >= 0x1000105fL && \
!defined(OPENSSL_NO_TLSEXT) && \
defined(SSL_CTRL_SET_TLSEXT_SERVERNAME_CB)
# define PROXYGEN_HAVE_SERVERNAMECALLBACK
SSLContext::ServerNameCallbackResult
serverNameCallback(SSL* ssl);
#endif
/**
* The following functions help to maintain the data structure for
* domain name matching in SNI. Some notes:
*
* 1. It is a best match.
*
* 2. It allows wildcard CN and wildcard subject alternative name in a X509.
* The wildcard name must be _prefixed_ by '*.'. It errors out whenever
* it sees '*' in any other locations.
*
* 3. It uses one std::unordered_map<DomainName, SSL_CTX> object to
* do this. For wildcard name like "*.facebook.com", ".facebook.com"
* is used as the key.
*
* 4. After getting tlsext_hostname from the client hello message, it
* will do a full string search first and then try one level up to
* match any wildcard name (if any) in the X509.
* [Note, browser also only looks one level up when matching the requesting
* domain name with the wildcard name in the server X509].
*/
void insert(
std::shared_ptr<SSLContext> sslCtx,
std::unique_ptr<SSLSessionCacheManager> cmanager,
std::unique_ptr<TLSTicketKeyManager> tManager,
bool defaultFallback);
/**
* Container to own the SSLContext, SSLSessionCacheManager and
* TLSTicketKeyManager.
*/
std::vector<std::shared_ptr<SSLContext>> ctxs_;
std::vector<std::unique_ptr<SSLSessionCacheManager>>
sessionCacheManagers_;
std::vector<std::unique_ptr<TLSTicketKeyManager>> ticketManagers_;
std::shared_ptr<SSLContext> defaultCtx_;
/**
* Container to store the (DomainName -> SSL_CTX) mapping
*/
std::unordered_map<
DNString,
std::shared_ptr<SSLContext>,
DNStringHash> dnMap_;
EventBase* eventBase_;
ClientHelloExtStats* clientHelloTLSExtStats_{nullptr};
SSLContextConfig::SNINoMatchFn noMatchFn_;
bool strict_{true};
};
} // namespace
folly/experimental/wangle/ssl/SSLSessionCacheManager.cpp 0 → 100644
View file @ dd280141
This diff is collapsed.
folly/experimental/wangle/ssl/SSLSessionCacheManager.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/experimental/wangle/ssl/SSLCacheProvider.h>
#include <folly/experimental/wangle/ssl/SSLStats.h>
#include <folly/EvictingCacheMap.h>
#include <mutex>
#include <folly/io/async/AsyncSSLSocket.h>
namespace folly {
class SSLStats;
/**
* Basic SSL session cache map: Maps session id -> session
*/
typedef folly::EvictingCacheMap<std::string, SSL_SESSION*> SSLSessionCacheMap;
/**
* Holds an SSLSessionCacheMap and associated lock
*/
class LocalSSLSessionCache: private boost::noncopyable {
public:
LocalSSLSessionCache(uint32_t maxCacheSize, uint32_t cacheCullSize);
~LocalSSLSessionCache() {
std::lock_guard<std::mutex> g(lock);
// EvictingCacheMap dtor doesn't free values
sessionCache.clear();
}
SSLSessionCacheMap sessionCache;
std::mutex lock;
uint32_t removedSessions_{0};
private:
void pruneSessionCallback(const std::string& sessionId,
SSL_SESSION* session);
};
/**
* A sharded LRU for SSL sessions. The sharding is inteneded to reduce
* contention for the LRU locks. Assuming uniform distribution, two workers
* will contend for the same lock with probability 1 / n_buckets^2.
*/
class ShardedLocalSSLSessionCache : private boost::noncopyable {
public:
ShardedLocalSSLSessionCache(uint32_t n_buckets, uint32_t maxCacheSize,
uint32_t cacheCullSize) {
CHECK(n_buckets > 0);
maxCacheSize = (uint32_t)(((double)maxCacheSize) / n_buckets);
cacheCullSize = (uint32_t)(((double)cacheCullSize) / n_buckets);
if (maxCacheSize == 0) {
maxCacheSize = 1;
}
if (cacheCullSize == 0) {
cacheCullSize = 1;
}
for (uint32_t i = 0; i < n_buckets; i++) {
caches_.push_back(
std::unique_ptr<LocalSSLSessionCache>(
new LocalSSLSessionCache(maxCacheSize, cacheCullSize)));
}
}
SSL_SESSION* lookupSession(const std::string& sessionId) {
size_t bucket = hash(sessionId);
SSL_SESSION* session = nullptr;
std::lock_guard<std::mutex> g(caches_[bucket]->lock);
auto itr = caches_[bucket]->sessionCache.find(sessionId);
if (itr != caches_[bucket]->sessionCache.end()) {
session = itr->second;
}
if (session) {
CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
}
return session;
}
void storeSession(const std::string& sessionId, SSL_SESSION* session,
SSLStats* stats) {
size_t bucket = hash(sessionId);
SSL_SESSION* oldSession = nullptr;
std::lock_guard<std::mutex> g(caches_[bucket]->lock);
auto itr = caches_[bucket]->sessionCache.find(sessionId);
if (itr != caches_[bucket]->sessionCache.end()) {
oldSession = itr->second;
}
if (oldSession) {
// LRUCacheMap doesn't free on overwrite, so 2x the work for us
// This can happen in race conditions
SSL_SESSION_free(oldSession);
}
caches_[bucket]->removedSessions_ = 0;
caches_[bucket]->sessionCache.set(sessionId, session, true);
if (stats) {
stats->recordSSLSessionFree(caches_[bucket]->removedSessions_);
}
}
void removeSession(const std::string& sessionId) {
size_t bucket = hash(sessionId);
std::lock_guard<std::mutex> g(caches_[bucket]->lock);
caches_[bucket]->sessionCache.erase(sessionId);
}
private:
/* SSL session IDs are 32 bytes of random data, hash based on first 16 bits */
size_t hash(const std::string& key) {
CHECK(key.length() >= 2);
return (key[0] << 8 | key[1]) % caches_.size();
}
std::vector< std::unique_ptr<LocalSSLSessionCache> > caches_;
};
/* A socket/DestructorGuard pair */
typedef std::pair<AsyncSSLSocket *,
std::unique_ptr<DelayedDestruction::DestructorGuard>>
AttachedLookup;
/**
* PendingLookup structure
*
* Keeps track of clients waiting for an SSL session to be retrieved from
* the external cache provider.
*/
struct PendingLookup {
bool request_in_progress;
SSL_SESSION* session;
std::list<AttachedLookup> waiters;
PendingLookup() {
request_in_progress = true;
session = nullptr;
}
};
/* Maps SSL session id to a PendingLookup structure */
typedef std::map<std::string, PendingLookup> PendingLookupMap;
/**
* SSLSessionCacheManager handles all stateful session caching. There is an
* instance of this object per SSL VIP per thread, with a 1:1 correlation with
* SSL_CTX. The cache can work locally or in concert with an external cache
* to share sessions across instances.
*
* There is a single in memory session cache shared by all VIPs. The cache is
* split into N buckets (currently 16) with a separate lock per bucket. The
* VIP ID is hashed and stored as part of the session to handle the
* (very unlikely) case of session ID collision.
*
* When a new SSL session is created, it is added to the LRU cache and
* sent to the external cache to be stored. The external cache
* expiration is equal to the SSL session's expiration.
*
* When a resume request is received, SSLSessionCacheManager first looks in the
* local LRU cache for the VIP. If there is a miss there, an asynchronous
* request for this session is dispatched to the external cache. When the
* external cache query returns, the LRU cache is updated if the session was
* found, and the SSL_accept call is resumed.
*
* If additional resume requests for the same session ID arrive in the same
* thread while the request is pending, the 2nd - Nth callers attach to the
* original external cache requests and are resumed when it comes back. No
* attempt is made to coalesce external cache requests for the same session
* ID in different worker threads. Previous work did this, but the
* complexity was deemed to outweigh the potential savings.
*
*/
class SSLSessionCacheManager : private boost::noncopyable {
public:
/**
* Constructor. SSL session related callbacks will be set on the underlying
* SSL_CTX. vipId is assumed to a unique string identifying the VIP and must
* be the same on all servers that wish to share sessions via the same
* external cache.
*/
SSLSessionCacheManager(
uint32_t maxCacheSize,
uint32_t cacheCullSize,
SSLContext* ctx,
const folly::SocketAddress& sockaddr,
const std::string& context,
EventBase* eventBase,
SSLStats* stats,
const std::shared_ptr<SSLCacheProvider>& externalCache);
virtual ~SSLSessionCacheManager();
/**
* Call this on shutdown to release the global instance of the
* ShardedLocalSSLSessionCache.
*/
static void shutdown();
/**
* Callback for ExternalCache to call when an async get succeeds
* @param context The context that was passed to the async get request
* @param value Serialized session
*/
void onGetSuccess(SSLCacheProvider::CacheContext* context,
const std::string& value);
/**
* Callback for ExternalCache to call when an async get fails, either
* because the requested session is not in the external cache or because
* of an error.
* @param context The context that was passed to the async get request
*/
void onGetFailure(SSLCacheProvider::CacheContext* context);
private:
SSLContext* ctx_;
std::shared_ptr<ShardedLocalSSLSessionCache> localCache_;
PendingLookupMap pendingLookups_;
SSLStats* stats_{nullptr};
std::shared_ptr<SSLCacheProvider> externalCache_;
/**
* Invoked by openssl when a new SSL session is created
*/
int newSession(SSL* ssl, SSL_SESSION* session);
/**
* Invoked by openssl when an SSL session is ejected from its internal cache.
* This can't be invoked in the current implementation because SSL's internal
* caching is disabled.
*/
void removeSession(SSL_CTX* ctx, SSL_SESSION* session);
/**
* Invoked by openssl when a client requests a stateful session resumption.
* Triggers a lookup in our local cache and potentially an asynchronous
* request to an external cache.
*/
SSL_SESSION* getSession(SSL* ssl, unsigned char* session_id,
int id_len, int* copyflag);
/**
* Store a new session record in the external cache
*/
bool storeCacheRecord(const std::string& sessionId, SSL_SESSION* session);
/**
* Lookup a session in the external cache for the specified SSL socket.
*/
bool lookupCacheRecord(const std::string& sessionId,
AsyncSSLSocket* sslSock);
/**
* Restart all clients waiting for the answer to an external cache query
*/
void restartSSLAccept(const SSLCacheProvider::CacheContext* cacheCtx);
/**
* Get or create the LRU cache for the given VIP ID
*/
static std::shared_ptr<ShardedLocalSSLSessionCache> getLocalCache(
uint32_t maxCacheSize, uint32_t cacheCullSize);
/**
* static functions registered as callbacks to openssl via
* SSL_CTX_sess_set_new/get/remove_cb
*/
static int newSessionCallback(SSL* ssl, SSL_SESSION* session);
static void removeSessionCallback(SSL_CTX* ctx, SSL_SESSION* session);
static SSL_SESSION* getSessionCallback(SSL* ssl, unsigned char* session_id,
int id_len, int* copyflag);
static int32_t sExDataIndex_;
static std::shared_ptr<ShardedLocalSSLSessionCache> sCache_;
static std::mutex sCacheLock_;
};
}
folly/experimental/wangle/ssl/SSLStats.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
namespace folly {
class SSLStats {
public:
virtual ~SSLStats() noexcept {}
// downstream
virtual void recordSSLAcceptLatency(int64_t latency) noexcept = 0;
virtual void recordTLSTicket(bool ticketNew, bool ticketHit) noexcept = 0;
virtual void recordSSLSession(bool sessionNew, bool sessionHit, bool foreign)
noexcept = 0;
virtual void recordSSLSessionRemove() noexcept = 0;
virtual void recordSSLSessionFree(uint32_t freed) noexcept = 0;
virtual void recordSSLSessionSetError(uint32_t err) noexcept = 0;
virtual void recordSSLSessionGetError(uint32_t err) noexcept = 0;
virtual void recordClientRenegotiation() noexcept = 0;
// upstream
virtual void recordSSLUpstreamConnection(bool handshake) noexcept = 0;
virtual void recordSSLUpstreamConnectionError(bool verifyError) noexcept = 0;
virtual void recordCryptoSSLExternalAttempt() noexcept = 0;
virtual void recordCryptoSSLExternalConnAlreadyClosed() noexcept = 0;
virtual void recordCryptoSSLExternalApplicationException() noexcept = 0;
virtual void recordCryptoSSLExternalSuccess() noexcept = 0;
virtual void recordCryptoSSLExternalDuration(uint64_t duration) noexcept = 0;
virtual void recordCryptoSSLLocalAttempt() noexcept = 0;
virtual void recordCryptoSSLLocalSuccess() noexcept = 0;
};
}
folly/experimental/wangle/ssl/SSLUtil.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/ssl/SSLUtil.h>
#include <folly/Memory.h>
#if OPENSSL_VERSION_NUMBER >= 0x1000105fL
#define OPENSSL_GE_101 1
#include <openssl/asn1.h>
#include <openssl/x509v3.h>
#else
#undef OPENSSL_GE_101
#endif
namespace folly {
std::mutex SSLUtil::sIndexLock_;
std::unique_ptr<std::string> SSLUtil::getCommonName(const X509* cert) {
X509_NAME* subject = X509_get_subject_name((X509*)cert);
if (!subject) {
return nullptr;
}
char cn[ub_common_name + 1];
int res = X509_NAME_get_text_by_NID(subject, NID_commonName,
cn, ub_common_name);
if (res <= 0) {
return nullptr;
} else {
cn[ub_common_name] = '\0';
return folly::make_unique<std::string>(cn);
}
}
std::unique_ptr<std::list<std::string>> SSLUtil::getSubjectAltName(
const X509* cert) {
#ifdef OPENSSL_GE_101
auto nameList = folly::make_unique<std::list<std::string>>();
GENERAL_NAMES* names = (GENERAL_NAMES*)X509_get_ext_d2i(
(X509*)cert, NID_subject_alt_name, nullptr, nullptr);
if (names) {
auto guard = folly::makeGuard([names] { GENERAL_NAMES_free(names); });
size_t count = sk_GENERAL_NAME_num(names);
CHECK(count < std::numeric_limits<int>::max());
for (int i = 0; i < (int)count; ++i) {
GENERAL_NAME* generalName = sk_GENERAL_NAME_value(names, i);
if (generalName->type == GEN_DNS) {
ASN1_STRING* s = generalName->d.dNSName;
const char* name = (const char*)ASN1_STRING_data(s);
// I can't find any docs on what a negative return value here
// would mean, so I'm going to ignore it.
auto len = ASN1_STRING_length(s);
DCHECK(len >= 0);
if (size_t(len) != strlen(name)) {
// Null byte(s) in the name; return an error rather than depending on
// the caller to safely handle this case.
return nullptr;
}
nameList->emplace_back(name);
}
}
}
return nameList;
#else
return nullptr;
#endif
}
}
folly/experimental/wangle/ssl/SSLUtil.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/String.h>
#include <mutex>
#include <folly/io/async/AsyncSSLSocket.h>
namespace folly {
/**
* SSL session establish/resume status
*
* changing these values will break logging pipelines
*/
enum class SSLResumeEnum : uint8_t {
HANDSHAKE = 0,
RESUME_SESSION_ID = 1,
RESUME_TICKET = 3,
NA = 2
};
enum class SSLErrorEnum {
NO_ERROR,
TIMEOUT,
DROPPED
};
class SSLUtil {
private:
static std::mutex sIndexLock_;
public:
/**
* Ensures only one caller will allocate an ex_data index for a given static
* or global.
*/
static void getSSLCtxExIndex(int* pindex) {
std::lock_guard<std::mutex> g(sIndexLock_);
if (*pindex < 0) {
*pindex = SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
}
}
static void getRSAExIndex(int* pindex) {
std::lock_guard<std::mutex> g(sIndexLock_);
if (*pindex < 0) {
*pindex = RSA_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
}
}
static inline std::string hexlify(const std::string& binary) {
std::string hex;
folly::hexlify<std::string, std::string>(binary, hex);
return hex;
}
static inline const std::string& hexlify(const std::string& binary,
std::string& hex) {
folly::hexlify<std::string, std::string>(binary, hex);
return hex;
}
/**
* Return the SSL resume type for the given socket.
*/
static inline SSLResumeEnum getResumeState(
AsyncSSLSocket* sslSocket) {
return sslSocket->getSSLSessionReused() ?
(sslSocket->sessionIDResumed() ?
SSLResumeEnum::RESUME_SESSION_ID :
SSLResumeEnum::RESUME_TICKET) :
SSLResumeEnum::HANDSHAKE;
}
/**
* Get the Common Name from an X.509 certificate
* @param cert certificate to inspect
* @return common name, or null if an error occurs
*/
static std::unique_ptr<std::string> getCommonName(const X509* cert);
/**
* Get the Subject Alternative Name value(s) from an X.509 certificate
* @param cert certificate to inspect
* @return set of zero or more alternative names, or null if
* an error occurs
*/
static std::unique_ptr<std::list<std::string>> getSubjectAltName(
const X509* cert);
};
}
folly/experimental/wangle/ssl/TLSTicketKeyManager.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/experimental/wangle/ssl/TLSTicketKeyManager.h>
#include <folly/experimental/wangle/ssl/SSLStats.h>
#include <folly/experimental/wangle/ssl/SSLUtil.h>
#include <folly/String.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <folly/io/async/AsyncTimeout.h>
#ifdef SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB
using std::string;
namespace {
const int kTLSTicketKeyNameLen = 4;
const int kTLSTicketKeySaltLen = 12;
}
namespace folly {
// TLSTicketKeyManager Implementation
int32_t TLSTicketKeyManager::sExDataIndex_ = -1;
TLSTicketKeyManager::TLSTicketKeyManager(SSLContext* ctx, SSLStats* stats)
: ctx_(ctx),
randState_(0),
stats_(stats) {
SSLUtil::getSSLCtxExIndex(&sExDataIndex_);
SSL_CTX_set_ex_data(ctx_->getSSLCtx(), sExDataIndex_, this);
}
TLSTicketKeyManager::~TLSTicketKeyManager() {
}
int
TLSTicketKeyManager::callback(SSL* ssl, unsigned char* keyName,
unsigned char* iv,
EVP_CIPHER_CTX* cipherCtx,
HMAC_CTX* hmacCtx, int encrypt) {
TLSTicketKeyManager* manager = nullptr;
SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
manager = (TLSTicketKeyManager *)SSL_CTX_get_ex_data(ctx, sExDataIndex_);
if (manager == nullptr) {
LOG(FATAL) << "Null TLSTicketKeyManager in callback" ;
return -1;
}
return manager->processTicket(ssl, keyName, iv, cipherCtx, hmacCtx, encrypt);
}
int
TLSTicketKeyManager::processTicket(SSL* ssl, unsigned char* keyName,
unsigned char* iv,
EVP_CIPHER_CTX* cipherCtx,
HMAC_CTX* hmacCtx, int encrypt) {
uint8_t salt[kTLSTicketKeySaltLen];
uint8_t* saltptr = nullptr;
uint8_t output[SHA256_DIGEST_LENGTH];
uint8_t* hmacKey = nullptr;
uint8_t* aesKey = nullptr;
TLSTicketKeySource* key = nullptr;
int result = 0;
if (encrypt) {
key = findEncryptionKey();
if (key == nullptr) {
// no keys available to encrypt
VLOG(2) << "No TLS ticket key found";
return -1;
}
VLOG(4) << "Encrypting new ticket with key name=" <<
SSLUtil::hexlify(key->keyName_);
// Get a random salt and write out key name
RAND_pseudo_bytes(salt, (int)sizeof(salt));
memcpy(keyName, key->keyName_.data(), kTLSTicketKeyNameLen);
memcpy(keyName + kTLSTicketKeyNameLen, salt, kTLSTicketKeySaltLen);
// Create the unique keys by hashing with the salt
makeUniqueKeys(key->keySource_, sizeof(key->keySource_), salt, output);
// This relies on the fact that SHA256 has 32 bytes of output
// and that AES-128 keys are 16 bytes
hmacKey = output;
aesKey = output + SHA256_DIGEST_LENGTH / 2;
// Initialize iv and cipher/mac CTX
RAND_pseudo_bytes(iv, AES_BLOCK_SIZE);
HMAC_Init_ex(hmacCtx, hmacKey, SHA256_DIGEST_LENGTH / 2,
EVP_sha256(), nullptr);
EVP_EncryptInit_ex(cipherCtx, EVP_aes_128_cbc(), nullptr, aesKey, iv);
result = 1;
} else {
key = findDecryptionKey(keyName);
if (key == nullptr) {
// no ticket found for decryption - will issue a new ticket
if (VLOG_IS_ON(4)) {
string skeyName((char *)keyName, kTLSTicketKeyNameLen);
VLOG(4) << "Can't find ticket key with name=" <<
SSLUtil::hexlify(skeyName)<< ", will generate new ticket";
}
result = 0;
} else {
VLOG(4) << "Decrypting ticket with key name=" <<
SSLUtil::hexlify(key->keyName_);
// Reconstruct the unique key via the salt
saltptr = keyName + kTLSTicketKeyNameLen;
makeUniqueKeys(key->keySource_, sizeof(key->keySource_), saltptr, output);
hmacKey = output;
aesKey = output + SHA256_DIGEST_LENGTH / 2;
// Initialize cipher/mac CTX
HMAC_Init_ex(hmacCtx, hmacKey, SHA256_DIGEST_LENGTH / 2,
EVP_sha256(), nullptr);
EVP_DecryptInit_ex(cipherCtx, EVP_aes_128_cbc(), nullptr, aesKey, iv);
result = 1;
}
}
// result records whether a ticket key was found to decrypt this ticket,
// not wether the session was re-used.
if (stats_) {
stats_->recordTLSTicket(encrypt, result);
}
return result;
}
bool
TLSTicketKeyManager::setTLSTicketKeySeeds(
const std::vector<std::string>& oldSeeds,
const std::vector<std::string>& currentSeeds,
const std::vector<std::string>& newSeeds) {
bool result = true;
activeKeys_.clear();
ticketKeys_.clear();
ticketSeeds_.clear();
const std::vector<string> *seedList = &oldSeeds;
for (uint32_t i = 0; i < 3; i++) {
TLSTicketSeedType type = (TLSTicketSeedType)i;
if (type == SEED_CURRENT) {
seedList = &currentSeeds;
} else if (type == SEED_NEW) {
seedList = &newSeeds;
}
for (const auto& seedInput: *seedList) {
TLSTicketSeed* seed = insertSeed(seedInput, type);
if (seed == nullptr) {
result = false;
continue;
}
insertNewKey(seed, 1, nullptr);
}
}
if (!result) {
VLOG(2) << "One or more seeds failed to decode";
}
if (ticketKeys_.size() == 0 || activeKeys_.size() == 0) {
LOG(WARNING) << "No keys configured, falling back to default";
SSL_CTX_set_tlsext_ticket_key_cb(ctx_->getSSLCtx(), nullptr);
return false;
}
SSL_CTX_set_tlsext_ticket_key_cb(ctx_->getSSLCtx(),
TLSTicketKeyManager::callback);
return true;
}
string
TLSTicketKeyManager::makeKeyName(TLSTicketSeed* seed, uint32_t n,
unsigned char* nameBuf) {
SHA256_CTX ctx;
SHA256_Init(&ctx);
SHA256_Update(&ctx, seed->seedName_, sizeof(seed->seedName_));
SHA256_Update(&ctx, &n, sizeof(n));
SHA256_Final(nameBuf, &ctx);
return string((char *)nameBuf, kTLSTicketKeyNameLen);
}
TLSTicketKeyManager::TLSTicketKeySource*
TLSTicketKeyManager::insertNewKey(TLSTicketSeed* seed, uint32_t hashCount,
TLSTicketKeySource* prevKey) {
unsigned char nameBuf[SHA256_DIGEST_LENGTH];
std::unique_ptr<TLSTicketKeySource> newKey(new TLSTicketKeySource);
// This function supports hash chaining but it is not currently used.
if (prevKey != nullptr) {
hashNth(prevKey->keySource_, sizeof(prevKey->keySource_),
newKey->keySource_, 1);
} else {
// can't go backwards or the current is missing, start from the beginning
hashNth((unsigned char *)seed->seed_.data(), seed->seed_.length(),
newKey->keySource_, hashCount);
}
newKey->hashCount_ = hashCount;
newKey->keyName_ = makeKeyName(seed, hashCount, nameBuf);
newKey->type_ = seed->type_;
auto it = ticketKeys_.insert(std::make_pair(newKey->keyName_,
std::move(newKey)));
auto key = it.first->second.get();
if (key->type_ == SEED_CURRENT) {
activeKeys_.push_back(key);
}
VLOG(4) << "Adding key for " << hashCount << " type=" <<
(uint32_t)key->type_ << " Name=" << SSLUtil::hexlify(key->keyName_);
return key;
}
void
TLSTicketKeyManager::hashNth(const unsigned char* input, size_t input_len,
unsigned char* output, uint32_t n) {
assert(n > 0);
for (uint32_t i = 0; i < n; i++) {
SHA256(input, input_len, output);
input = output;
input_len = SHA256_DIGEST_LENGTH;
}
}
TLSTicketKeyManager::TLSTicketSeed *
TLSTicketKeyManager::insertSeed(const string& seedInput,
TLSTicketSeedType type) {
TLSTicketSeed* seed = nullptr;
string seedOutput;
if (!folly::unhexlify<string, string>(seedInput, seedOutput)) {
LOG(WARNING) << "Failed to decode seed type=" << (uint32_t)type <<
" seed=" << seedInput;
return seed;
}
seed = new TLSTicketSeed();
seed->seed_ = seedOutput;
seed->type_ = type;
SHA256((unsigned char *)seedOutput.data(), seedOutput.length(),
seed->seedName_);
ticketSeeds_.push_back(std::unique_ptr<TLSTicketSeed>(seed));
return seed;
}
TLSTicketKeyManager::TLSTicketKeySource *
TLSTicketKeyManager::findEncryptionKey() {
TLSTicketKeySource* result = nullptr;
// call to rand here is a bit hokey since it's not cryptographically
// random, and is predictably seeded with 0. However, activeKeys_
// is probably not going to have very many keys in it, and most
// likely only 1.
size_t numKeys = activeKeys_.size();
if (numKeys > 0) {
result = activeKeys_[rand_r(&randState_) % numKeys];
}
return result;
}
TLSTicketKeyManager::TLSTicketKeySource *
TLSTicketKeyManager::findDecryptionKey(unsigned char* keyName) {
string name((char *)keyName, kTLSTicketKeyNameLen);
TLSTicketKeySource* key = nullptr;
TLSTicketKeyMap::iterator mapit = ticketKeys_.find(name);
if (mapit != ticketKeys_.end()) {
key = mapit->second.get();
}
return key;
}
void
TLSTicketKeyManager::makeUniqueKeys(unsigned char* parentKey,
size_t keyLen,
unsigned char* salt,
unsigned char* output) {
SHA256_CTX hash_ctx;
SHA256_Init(&hash_ctx);
SHA256_Update(&hash_ctx, parentKey, keyLen);
SHA256_Update(&hash_ctx, salt, kTLSTicketKeySaltLen);
SHA256_Final(output, &hash_ctx);
}
} // namespace
#endif
folly/experimental/wangle/ssl/TLSTicketKeyManager.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
#include <folly/io/async/SSLContext.h>
#include <folly/io/async/EventBase.h>
namespace folly {
#ifndef SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB
class TLSTicketKeyManager {};
#else
class SSLStats;
/**
* The TLSTicketKeyManager handles TLS ticket key encryption and decryption in
* a way that facilitates sharing the ticket keys across a range of servers.
* Hash chaining is employed to achieve frequent key rotation with minimal
* configuration change. The scheme is as follows:
*
* The manager is supplied with three lists of seeds (old, current and new).
* The config should be updated with new seeds periodically (e.g., daily).
* 3 config changes are recommended to achieve the smoothest seed rotation
* eg:
* 1. Introduce new seed in the push prior to rotation
* 2. Rotation push
* 3. Remove old seeds in the push following rotation
*
* Multiple seeds are supported but only a single seed is required.
*
* Generating encryption keys from the seed works as follows. For a given
* seed, hash forward N times where N is currently the constant 1.
* This is the base key. The name of the base key is the first 4
* bytes of hash(hash(seed), N). This is copied into the first 4 bytes of the
* TLS ticket key name field.
*
* For each new ticket encryption, the manager generates a random 12 byte salt.
* Hash the salt and the base key together to form the encryption key for
* that ticket. The salt is included in the ticket's 'key name' field so it
* can be used to derive the decryption key. The salt is copied into the second
* 8 bytes of the TLS ticket key name field.
*
* A key is valid for decryption for the lifetime of the instance.
* Sessions will be valid for less time than that, which results in an extra
* symmetric decryption to discover the session is expired.
*
* A TLSTicketKeyManager should be used in only one thread, and should have
* a 1:1 relationship with the SSLContext provided.
*
*/
class TLSTicketKeyManager : private boost::noncopyable {
public:
explicit TLSTicketKeyManager(folly::SSLContext* ctx,
SSLStats* stats);
virtual ~TLSTicketKeyManager();
/**
* SSL callback to set up encryption/decryption context for a TLS Ticket Key.
*
* This will be supplied to the SSL library via
* SSL_CTX_set_tlsext_ticket_key_cb.
*/
static int callback(SSL* ssl, unsigned char* keyName,
unsigned char* iv,
EVP_CIPHER_CTX* cipherCtx,
HMAC_CTX* hmacCtx, int encrypt);
/**
* Initialize the manager with three sets of seeds. There must be at least
* one current seed, or the manager will revert to the default SSL behavior.
*
* @param oldSeeds Seeds previously used which can still decrypt.
* @param currentSeeds Seeds to use for new ticket encryptions.
* @param newSeeds Seeds which will be used soon, can be used to decrypt
* in case some servers in the cluster have already rotated.
*/
bool setTLSTicketKeySeeds(const std::vector<std::string>& oldSeeds,
const std::vector<std::string>& currentSeeds,
const std::vector<std::string>& newSeeds);
private:
enum TLSTicketSeedType {
SEED_OLD = 0,
SEED_CURRENT,
SEED_NEW
};
/* The seeds supplied by the configuration */
struct TLSTicketSeed {
std::string seed_;
TLSTicketSeedType type_;
unsigned char seedName_[SHA256_DIGEST_LENGTH];
};
struct TLSTicketKeySource {
int32_t hashCount_;
std::string keyName_;
TLSTicketSeedType type_;
unsigned char keySource_[SHA256_DIGEST_LENGTH];
};
/**
* Method to setup encryption/decryption context for a TLS Ticket Key
*
* OpenSSL documentation is thin on the return value semantics.
*
* For encrypt=1, return < 0 on error, >= 0 for successfully initialized
* For encrypt=0, return < 0 on error, 0 on key not found
* 1 on key found, 2 renew_ticket
*
* renew_ticket means a new ticket will be issued. We could return this value
* when receiving a ticket encrypted with a key derived from an OLD seed.
* However, session_timeout seconds after deploying with a seed
* rotated from CURRENT -> OLD, there will be no valid tickets outstanding
* encrypted with the old key. This grace period means no unnecessary
* handshakes will be performed. If the seed is believed compromised, it
* should NOT be configured as an OLD seed.
*/
int processTicket(SSL* ssl, unsigned char* keyName,
unsigned char* iv,
EVP_CIPHER_CTX* cipherCtx,
HMAC_CTX* hmacCtx, int encrypt);
// Creates the name for the nth key generated from seed
std::string makeKeyName(TLSTicketSeed* seed, uint32_t n,
unsigned char* nameBuf);
/**
* Creates the key hashCount hashes from the given seed and inserts it in
* ticketKeys. A naked pointer to the key is returned for additional
* processing if needed.
*/
TLSTicketKeySource* insertNewKey(TLSTicketSeed* seed, uint32_t hashCount,
TLSTicketKeySource* prevKeySource);
/**
* hashes input N times placing result in output, which must be at least
* SHA256_DIGEST_LENGTH long.
*/
void hashNth(const unsigned char* input, size_t input_len,
unsigned char* output, uint32_t n);
/**
* Adds the given seed to the manager
*/
TLSTicketSeed* insertSeed(const std::string& seedInput,
TLSTicketSeedType type);
/**
* Locate a key for encrypting a new ticket
*/
TLSTicketKeySource* findEncryptionKey();
/**
* Locate a key for decrypting a ticket with the given keyName
*/
TLSTicketKeySource* findDecryptionKey(unsigned char* keyName);
/**
* Derive a unique key from the parent key and the salt via hashing
*/
void makeUniqueKeys(unsigned char* parentKey, size_t keyLen,
unsigned char* salt, unsigned char* output);
/**
* For standalone decryption utility
*/
friend int decrypt_fb_ticket(folly::TLSTicketKeyManager* manager,
const std::string& testTicket,
SSL_SESSION **psess);
typedef std::vector<std::unique_ptr<TLSTicketSeed>> TLSTicketSeedList;
typedef std::map<std::string, std::unique_ptr<TLSTicketKeySource> >
TLSTicketKeyMap;
typedef std::vector<TLSTicketKeySource *> TLSActiveKeyList;
TLSTicketSeedList ticketSeeds_;
// All key sources that can be used for decryption
TLSTicketKeyMap ticketKeys_;
// Key sources that can be used for encryption
TLSActiveKeyList activeKeys_;
folly::SSLContext* ctx_;
uint32_t randState_;
SSLStats* stats_{nullptr};
static int32_t sExDataIndex_;
};
#endif
}
folly/experimental/wangle/ssl/TLSTicketKeySeeds.h 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#pragma once
namespace folly {
struct TLSTicketKeySeeds {
std::vector<std::string> oldSeeds;
std::vector<std::string> currentSeeds;
std::vector<std::string> newSeeds;
};
}
folly/experimental/wangle/ssl/test/SSLCacheTest.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/Portability.h>
#include <folly/io/async/EventBase.h>
#include <gflags/gflags.h>
#include <iostream>
#include <thread>
#include <folly/io/async/AsyncSSLSocket.h>
#include <folly/io/async/AsyncSocket.h>
#include <vector>
using namespace std;
using namespace folly;
DEFINE_int32(clients, 1, "Number of simulated SSL clients");
DEFINE_int32(threads, 1, "Number of threads to spread clients across");
DEFINE_int32(requests, 2, "Total number of requests per client");
DEFINE_int32(port, 9423, "Server port");
DEFINE_bool(sticky, false, "A given client sends all reqs to one "
"(random) server");
DEFINE_bool(global, false, "All clients in a thread use the same SSL session");
DEFINE_bool(handshakes, false, "Force 100% handshakes");
string f_servers[10];
int f_num_servers = 0;
int tnum = 0;
class ClientRunner {
public:
ClientRunner(): reqs(0), hits(0), miss(0), num(tnum++) {}
void run();
int reqs;
int hits;
int miss;
int num;
};
class SSLCacheClient : public AsyncSocket::ConnectCallback,
public AsyncSSLSocket::HandshakeCB
{
private:
EventBase* eventBase_;
int currReq_;
int serverIdx_;
AsyncSocket* socket_;
AsyncSSLSocket* sslSocket_;
SSL_SESSION* session_;
SSL_SESSION **pSess_;
std::shared_ptr<SSLContext> ctx_;
ClientRunner* cr_;
public:
SSLCacheClient(EventBase* eventBase, SSL_SESSION **pSess, ClientRunner* cr);
~SSLCacheClient() {
if (session_ && !FLAGS_global)
SSL_SESSION_free(session_);
if (socket_ != nullptr) {
if (sslSocket_ != nullptr) {
sslSocket_->destroy();
sslSocket_ = nullptr;
}
socket_->destroy();
socket_ = nullptr;
}
};
void start();
virtual void connectSuccess() noexcept;
virtual void connectErr(const AsyncSocketException& ex)
noexcept ;
virtual void handshakeSuc(AsyncSSLSocket* sock) noexcept;
virtual void handshakeErr(
AsyncSSLSocket* sock,
const AsyncSocketException& ex) noexcept;
};
int
main(int argc, char* argv[])
{
gflags::SetUsageMessage(std::string("\n\n"
"usage: sslcachetest [options] -c <clients> -t <threads> servers\n"
));
gflags::ParseCommandLineFlags(&argc, &argv, true);
int reqs = 0;
int hits = 0;
int miss = 0;
struct timeval start;
struct timeval end;
struct timeval result;
srand((unsigned int)time(nullptr));
for (int i = 1; i < argc; i++) {
f_servers[f_num_servers++] = argv[i];
}
if (f_num_servers == 0) {
cout << "require at least one server\n";
return 1;
}
gettimeofday(&start, nullptr);
if (FLAGS_threads == 1) {
ClientRunner r;
r.run();
gettimeofday(&end, nullptr);
reqs = r.reqs;
hits = r.hits;
miss = r.miss;
}
else {
std::vector<ClientRunner> clients;
std::vector<std::thread> threads;
for (int t = 0; t < FLAGS_threads; t++) {
threads.emplace_back([&] {
clients[t].run();
});
}
for (auto& thr: threads) {
thr.join();
}
gettimeofday(&end, nullptr);
for (const auto& client: clients) {
reqs += client.reqs;
hits += client.hits;
miss += client.miss;
}
}
timersub(&end, &start, &result);
cout << "Requests: " << reqs << endl;
cout << "Handshakes: " << miss << endl;
cout << "Resumes: " << hits << endl;
cout << "Runtime(ms): " << result.tv_sec << "." << result.tv_usec / 1000 <<
endl;
cout << "ops/sec: " << (reqs * 1.0) /
((double)result.tv_sec * 1.0 + (double)result.tv_usec / 1000000.0) << endl;
return 0;
}
void
ClientRunner::run()
{
EventBase eb;
std::list<SSLCacheClient *> clients;
SSL_SESSION* session = nullptr;
for (int i = 0; i < FLAGS_clients; i++) {
SSLCacheClient* c = new SSLCacheClient(&eb, &session, this);
c->start();
clients.push_back(c);
}
eb.loop();
for (auto it = clients.begin(); it != clients.end(); it++) {
delete* it;
}
reqs += hits + miss;
}
SSLCacheClient::SSLCacheClient(EventBase* eb,
SSL_SESSION **pSess,
ClientRunner* cr)
: eventBase_(eb),
currReq_(0),
serverIdx_(0),
socket_(nullptr),
sslSocket_(nullptr),
session_(nullptr),
pSess_(pSess),
cr_(cr)
{
ctx_.reset(new SSLContext());
ctx_->setOptions(SSL_OP_NO_TICKET);
}
void
SSLCacheClient::start()
{
if (currReq_ >= FLAGS_requests) {
cout << "+";
return;
}
if (currReq_ == 0 || !FLAGS_sticky) {
serverIdx_ = rand() % f_num_servers;
}
if (socket_ != nullptr) {
if (sslSocket_ != nullptr) {
sslSocket_->destroy();
sslSocket_ = nullptr;
}
socket_->destroy();
socket_ = nullptr;
}
socket_ = new AsyncSocket(eventBase_);
socket_->connect(this, f_servers[serverIdx_], (uint16_t)FLAGS_port);
}
void
SSLCacheClient::connectSuccess() noexcept
{
sslSocket_ = new AsyncSSLSocket(ctx_, eventBase_, socket_->detachFd(),
false);
if (!FLAGS_handshakes) {
if (session_ != nullptr)
sslSocket_->setSSLSession(session_);
else if (FLAGS_global && pSess_ != nullptr)
sslSocket_->setSSLSession(*pSess_);
}
sslSocket_->sslConn(this);
}
void
SSLCacheClient::connectErr(const AsyncSocketException& ex)
noexcept
{
cout << "connectError: " << ex.what() << endl;
}
void
SSLCacheClient::handshakeSuc(AsyncSSLSocket* socket) noexcept
{
if (sslSocket_->getSSLSessionReused()) {
cr_->hits++;
} else {
cr_->miss++;
if (session_ != nullptr) {
SSL_SESSION_free(session_);
}
session_ = sslSocket_->getSSLSession();
if (FLAGS_global && pSess_ != nullptr && *pSess_ == nullptr) {
*pSess_ = session_;
}
}
if ( ((cr_->hits + cr_->miss) % 100) == ((100 / FLAGS_threads) * cr_->num)) {
cout << ".";
cout.flush();
}
sslSocket_->closeNow();
currReq_++;
this->start();
}
void
SSLCacheClient::handshakeErr(
AsyncSSLSocket* sock,
const AsyncSocketException& ex)
noexcept
{
cout << "handshakeError: " << ex.what() << endl;
}
folly/experimental/wangle/ssl/test/SSLContextManagerTest.cpp 0 → 100644
View file @ dd280141
/*
* Copyright (c) 2014, Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD-style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*
*/
#include <folly/io/async/EventBase.h>
#include <folly/io/async/SSLContext.h>
#include <glog/logging.h>
#include <gtest/gtest.h>
#include <folly/experimental/wangle/ssl/SSLContextManager.h>
#include <folly/experimental/wangle/acceptor/DomainNameMisc.h>
using std::shared_ptr;
namespace folly {
TEST(SSLContextManagerTest, Test1)
{
EventBase eventBase;
SSLContextManager sslCtxMgr(&eventBase, "vip_ssl_context_manager_test_",
true, nullptr);
auto www_facebook_com_ctx = std::make_shared<SSLContext>();
auto start_facebook_com_ctx = std::make_shared<SSLContext>();
auto start_abc_facebook_com_ctx = std::make_shared<SSLContext>();
sslCtxMgr.insertSSLCtxByDomainName(
"www.facebook.com",
strlen("www.facebook.com"),
www_facebook_com_ctx);
sslCtxMgr.insertSSLCtxByDomainName(
"www.facebook.com",
strlen("www.facebook.com"),
www_facebook_com_ctx);
try {
sslCtxMgr.insertSSLCtxByDomainName(
"www.facebook.com",
strlen("www.facebook.com"),
std::make_shared<SSLContext>());
} catch (const std::exception& ex) {
}
sslCtxMgr.insertSSLCtxByDomainName(
"*.facebook.com",
strlen("*.facebook.com"),
start_facebook_com_ctx);
sslCtxMgr.insertSSLCtxByDomainName(
"*.abc.facebook.com",
strlen("*.abc.facebook.com"),
start_abc_facebook_com_ctx);
try {
sslCtxMgr.insertSSLCtxByDomainName(
"*.abc.facebook.com",
strlen("*.abc.facebook.com"),
std::make_shared<SSLContext>());
FAIL();
} catch (const std::exception& ex) {
}
shared_ptr<SSLContext> retCtx;
retCtx = sslCtxMgr.getSSLCtx(DNString("www.facebook.com"));
EXPECT_EQ(retCtx, www_facebook_com_ctx);
retCtx = sslCtxMgr.getSSLCtx(DNString("WWW.facebook.com"));
EXPECT_EQ(retCtx, www_facebook_com_ctx);
EXPECT_FALSE(sslCtxMgr.getSSLCtx(DNString("xyz.facebook.com")));
retCtx = sslCtxMgr.getSSLCtxBySuffix(DNString("xyz.facebook.com"));
EXPECT_EQ(retCtx, start_facebook_com_ctx);
retCtx = sslCtxMgr.getSSLCtxBySuffix(DNString("XYZ.facebook.com"));
EXPECT_EQ(retCtx, start_facebook_com_ctx);
retCtx = sslCtxMgr.getSSLCtxBySuffix(DNString("www.abc.facebook.com"));
EXPECT_EQ(retCtx, start_abc_facebook_com_ctx);
// ensure "facebook.com" does not match "*.facebook.com"
EXPECT_FALSE(sslCtxMgr.getSSLCtxBySuffix(DNString("facebook.com")));
// ensure "Xfacebook.com" does not match "*.facebook.com"
EXPECT_FALSE(sslCtxMgr.getSSLCtxBySuffix(DNString("Xfacebook.com")));
// ensure wildcard name only matches one domain up
EXPECT_FALSE(sslCtxMgr.getSSLCtxBySuffix(DNString("abc.xyz.facebook.com")));
eventBase.loop(); // Clean up events before SSLContextManager is destructed
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment