From 38ba47c32ffd3416865420c0d505b1a1360a6684 Mon Sep 17 00:00:00 2001 From: Aaron Balsara Date: Thu, 22 Jun 2017 11:26:36 -0700 Subject: [PATCH] AsyncSSLSocket connect without SSL Summary: Currently when calling connect with AsyncSSLSocket in unencrypted mode it still attempts to perform a SSL handshake. Add check to not do SSL. Calling sslConnect will always run the SSL handshake Reviewed By: jrahman Differential Revision: D5153456 fbshipit-source-id: 4d9164115be72c8ee76e383535561e3083a327e3 --- folly/io/async/AsyncSSLSocket.cpp | 14 +++++----- folly/io/async/test/AsyncSSLSocketTest.cpp | 31 ++++++++++++++++++++++ 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/folly/io/async/AsyncSSLSocket.cpp b/folly/io/async/AsyncSSLSocket.cpp index 5c9ee683..bb2452e6 100644 --- a/folly/io/async/AsyncSSLSocket.cpp +++ b/folly/io/async/AsyncSSLSocket.cpp @@ -454,8 +454,8 @@ void AsyncSSLSocket::sslAccept( verifyPeer_ = verifyPeer; // Make sure we're in the uninitialized state - if (!server_ || (sslState_ != STATE_UNINIT && - sslState_ != STATE_UNENCRYPTED) || + if (!server_ || + (sslState_ != STATE_UNINIT && sslState_ != STATE_UNENCRYPTED) || handshakeCallback_ != nullptr) { return invalidState(callback); } @@ -697,13 +697,15 @@ void AsyncSSLSocket::connect( const folly::SocketAddress& bindAddr) noexcept { assert(!server_); assert(state_ == StateEnum::UNINIT); - assert(sslState_ == STATE_UNINIT); + assert(sslState_ == STATE_UNINIT || sslState_ == STATE_UNENCRYPTED); noTransparentTls_ = true; totalConnectTimeout_ = totalConnectTimeout; - AsyncSSLSocketConnector* connector = new AsyncSSLSocketConnector( - this, callback, int(totalConnectTimeout.count())); + if (sslState_ != STATE_UNENCRYPTED) { + callback = new AsyncSSLSocketConnector( + this, callback, int(totalConnectTimeout.count())); + } AsyncSocket::connect( - connector, address, int(connectTimeout.count()), options, bindAddr); + callback, address, int(connectTimeout.count()), options, bindAddr); } bool AsyncSSLSocket::needsPeerVerification() const { diff --git a/folly/io/async/test/AsyncSSLSocketTest.cpp b/folly/io/async/test/AsyncSSLSocketTest.cpp index 1ad8caa6..47e09024 100644 --- a/folly/io/async/test/AsyncSSLSocketTest.cpp +++ b/folly/io/async/test/AsyncSSLSocketTest.cpp @@ -1633,6 +1633,37 @@ TEST(AsyncSSLSocketTest, UnencryptedTest) { EXPECT_EQ(AsyncSSLSocket::STATE_ESTABLISHED, client->getSSLState()); } +TEST(AsyncSSLSocketTest, ConnectUnencryptedTest) { + auto clientCtx = std::make_shared(); + auto serverCtx = std::make_shared(); + getctx(clientCtx, serverCtx); + + WriteCallbackBase writeCallback; + ReadCallback readCallback(&writeCallback); + HandshakeCallback handshakeCallback(&readCallback); + SSLServerAcceptCallback acceptCallback(&handshakeCallback); + TestSSLServer server(&acceptCallback); + + EventBase evb; + std::shared_ptr socket = + AsyncSSLSocket::newSocket(clientCtx, &evb, true); + socket->connect(nullptr, server.getAddress(), 0); + + evb.loop(); + + EXPECT_EQ(AsyncSSLSocket::STATE_UNENCRYPTED, socket->getSSLState()); + socket->sslConn(nullptr); + evb.loop(); + EXPECT_EQ(AsyncSSLSocket::STATE_ESTABLISHED, socket->getSSLState()); + + // write() + std::array buf; + memset(buf.data(), 'a', buf.size()); + socket->write(nullptr, buf.data(), buf.size()); + + socket->close(); +} + TEST(AsyncSSLSocketTest, ConnResetErrorString) { // Start listening on a local port WriteCallbackBase writeCallback; -- 2.34.1