From 47241bf82f54365511b514bf83c9895af68fa6ab Mon Sep 17 00:00:00 2001 From: Neel Goyal Date: Thu, 4 Feb 2016 10:43:06 -0800 Subject: [PATCH] Allow SSLSessionCallbacks to be used on SSL* that isn't attached to AsyncSSLSocket Summary: The session callbacks assumed that the SSL* was associated with a folly::AsyncSSLSocket when it didn't need to. This enables apps that manage their own SSL* to use these callbacks. Reviewed By: yfeldblum Differential Revision: D2896426 fb-gh-sync-id: c51df6b4cb3f4cc188a6411c1f3e7e89e96e8a67 --- folly/io/async/AsyncSSLSocket.cpp | 23 +++++++++++++++-------- folly/io/async/AsyncSSLSocket.h | 1 + 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/folly/io/async/AsyncSSLSocket.cpp b/folly/io/async/AsyncSSLSocket.cpp index b0e54e67..8e1fdbc5 100644 --- a/folly/io/async/AsyncSSLSocket.cpp +++ b/folly/io/async/AsyncSSLSocket.cpp @@ -840,22 +840,29 @@ const char *AsyncSSLSocket::getNegotiatedCipherName() const { return (ssl_ != nullptr) ? SSL_get_cipher_name(ssl_) : nullptr; } +/* static */ +const char* AsyncSSLSocket::getSSLServerNameFromSSL(SSL* ssl) { + if (ssl == nullptr) { + return nullptr; + } +#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB + return SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); +#else + return nullptr; +#endif +} + const char *AsyncSSLSocket::getSSLServerName() const { #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB - return (ssl_ != nullptr) ? SSL_get_servername(ssl_, TLSEXT_NAMETYPE_host_name) - : nullptr; + return getSSLServerNameFromSSL(ssl_); #else throw AsyncSocketException(AsyncSocketException::NOT_SUPPORTED, - "SNI not supported"); + "SNI not supported"); #endif } const char *AsyncSSLSocket::getSSLServerNameNoThrow() const { - try { - return getSSLServerName(); - } catch (AsyncSocketException& ex) { - return nullptr; - } + return getSSLServerNameFromSSL(ssl_); } int AsyncSSLSocket::getSSLVersion() const { diff --git a/folly/io/async/AsyncSSLSocket.h b/folly/io/async/AsyncSSLSocket.h index 9dbcf2ef..b9a79e10 100644 --- a/folly/io/async/AsyncSSLSocket.h +++ b/folly/io/async/AsyncSSLSocket.h @@ -653,6 +653,7 @@ class AsyncSSLSocket : public virtual AsyncSocket { void resetClientHelloParsing(SSL *ssl); static void clientHelloParsingCallback(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); + static const char* getSSLServerNameFromSSL(SSL* ssl); // http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml enum class TLSExtension: uint16_t { -- 2.34.1