Improve initialization of openssl
Summary:
SSLContext takes it upon itself to
perform initialization of openssl along with
cleaning it up.
However in applications where there are multiple
libraries using openssl, cleanup is not really
desirable. Thus the application should own init
and cleanup of openssl, rather than SSLContext.
This is bad because openssl's init apis are not thread
safe.
This diff modifies SSLContext with 3 changes to
make this possible in the context of apps:
1. Add macro SSLCONTEXT_NO_REFCOUNT, for apps to be
able to disable refcounting
2. Move all steps of init into initializeOpenSSL.
As a result, apps can choose when to call
SSLContext::intitializeOpenSSL and if it has
been called before, openssl will not be reinitialized.
3. Move randomize as a static method to make it a part
of the initialization process.
Test Plan: Unit tests.
Reviewed By: ranjeeth@fb.com
Subscribers: ranjeeth, folly-diffs@, ssl-diffs@, njormrod, seanc, trunkagent, dihde
FB internal diff:
D1686397
Signature: t1:
1686397:
1416270565:
de805794d65af1c164ed334ff7ba93fe60b2b78a
projects / folly.git / commit