From: Joel Goguen <jgoguen@fb.com>
Date: Wed, 1 Apr 2015 15:11:44 +0000 (-0700)
Subject: Move OpenSSL uninitialization to a separate function
X-Git-Tag: v0.33.0~12
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=3fc4180172fb801a2be7522fe64a0f7746ce71b3;p=folly.git

Move OpenSSL uninitialization to a separate function

Summary:
The current behaviour of SSLContext is subject to a bug where an instance going
out of scope at the wrong time can decrement the global refcount to 0, causing
the destructor to destroy the SSL context. Instead, this requires callers to
explicitly uninitialize the SSLContext instance and assume the risk of wrongly
destroying the global SSL context.

Test Plan:
Tested with mcrouter

Reviewed By: subodh@fb.com

Subscribers: afrind, ssl-diffs@, folly-diffs@, yfeldblum, chalfant, dihde, melitam

FB internal diff: D1949649

Tasks: 6358211

Signature: t1:1949649:1427854689:aea2dc801f63256ff64188b0f7a15121dcecee69
---

diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp
index 895e7a39..c05fe330 100644
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -40,17 +40,10 @@ std::mutex    SSLContext::mutex_;
 int SSLContext::sNextProtocolsExDataIndex_ = -1;
 #endif
 
-#ifndef SSLCONTEXT_NO_REFCOUNT
-uint64_t SSLContext::count_ = 0;
-#endif
-
 // SSLContext implementation
 SSLContext::SSLContext(SSLVersion version) {
   {
     std::lock_guard<std::mutex> g(mutex_);
-#ifndef SSLCONTEXT_NO_REFCOUNT
-    count_++;
-#endif
     initializeOpenSSLLocked();
   }
 
@@ -93,15 +86,6 @@ SSLContext::~SSLContext() {
 #ifdef OPENSSL_NPN_NEGOTIATED
   deleteNextProtocolsStrings();
 #endif
-
-#ifndef SSLCONTEXT_NO_REFCOUNT
-  {
-    std::lock_guard<std::mutex> g(mutex_);
-    if (!--count_) {
-      cleanupOpenSSLLocked();
-    }
-  }
-#endif
 }
 
 void SSLContext::ciphers(const std::string& ciphers) {
diff --git a/folly/io/async/SSLContext.h b/folly/io/async/SSLContext.h
index 3cabea22..6947ac7f 100644
--- a/folly/io/async/SSLContext.h
+++ b/folly/io/async/SSLContext.h
@@ -425,10 +425,6 @@ class SSLContext {
   static std::mutex mutex_;
   static bool initialized_;
 
-#ifndef SSLCONTEXT_NO_REFCOUNT
-  static uint64_t count_;
-#endif
-
 #ifdef OPENSSL_NPN_NEGOTIATED
   /**
    * Wire-format list of advertised protocols for use in NPN.