lockTypes() = inLockTypes;
}
+bool SSLContext::isSSLLockDisabled(int lockId) {
+ const auto& sslLocks = lockTypes();
+ const auto it = sslLocks.find(lockId);
+ return it != sslLocks.end() &&
+ it->second == SSLContext::SSLLockType::LOCK_NONE;
+}
+
#if defined(SSL_MODE_HANDSHAKE_CUTTHROUGH)
void SSLContext::enableFalseStart() {
SSL_CTX_set_mode(ctx_, SSL_MODE_HANDSHAKE_CUTTHROUGH);
*/
static void setSSLLockTypes(std::map<int, SSLLockType> lockTypes);
+ /**
+ * Determine if the SSL lock with the specified id (i.e.
+ * CRYPTO_LOCK_SSL_SESSION) is disabled. This should be called after
+ * initializeOpenSSL. This will only check if the specified lock has been
+ * explicitly set to LOCK_NONE.
+ *
+ * This is not safe to call while setSSLLockTypes is being called.
+ */
+ static bool isSSLLockDisabled(int lockId);
+
/**
* Examine OpenSSL's error stack, and return a string description of the
* errors.
EXPECT_TRUE(f.within(std::chrono::seconds(3)).get());
}
+TEST(AsyncSSLSocketTest2, SSLContextLocks) {
+ SSLContext::initializeOpenSSL();
+// these are checks based on the locks that are set in the main below
+#ifdef CRYPTO_LOCK_EVP_PKEY
+ EXPECT_TRUE(SSLContext::isSSLLockDisabled(CRYPTO_LOCK_EVP_PKEY));
+#endif
+#ifdef CRYPTO_LOCK_SSL_SESSION
+ EXPECT_FALSE(SSLContext::isSSLLockDisabled(CRYPTO_LOCK_SSL_SESSION));
+#endif
+#ifdef CRYPTO_LOCK_ERR
+ EXPECT_FALSE(SSLContext::isSSLLockDisabled(CRYPTO_LOCK_ERR));
+#endif
+}
+
} // folly
int main(int argc, char *argv[]) {
projects / folly.git / commitdiff