From 2d466553db47cf7c3d7d98837466d3b3d6874bae Mon Sep 17 00:00:00 2001
From: Neel Goyal <ngoyal@fb.com>
Date: Sat, 22 Apr 2017 09:18:55 -0700
Subject: [PATCH] Ignore setSSLLockTypes() calls after SSLContext is
 initialized.

Summary: We set the actual locks on initialization, so attempting to change locks after had no affect, other than making isSSLLockDisabled() report incorrect information.

Reviewed By: yfeldblum

Differential Revision: D4935475

fbshipit-source-id: 7b80cd530801c925ade769163579b86b1a8f0027
---
 folly/io/async/SSLContext.cpp               | 7 +++++++
 folly/io/async/test/AsyncSSLSocketTest2.cpp | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp
index 5550cdbb..3abb5d0b 100644
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -794,6 +794,13 @@ static void dyn_destroy(struct CRYPTO_dynlock_value* lock, const char*, int) {
 }
 
 void SSLContext::setSSLLockTypes(std::map<int, SSLLockType> inLockTypes) {
+  if (initialized_) {
+    // We set the locks on initialization, so if we are already initialized
+    // this would have no affect.
+    LOG(INFO) << "Ignoring setSSLLockTypes after initialization";
+    return;
+  }
+
   lockTypes() = inLockTypes;
 }
 
diff --git a/folly/io/async/test/AsyncSSLSocketTest2.cpp b/folly/io/async/test/AsyncSSLSocketTest2.cpp
index bd85d533..54454c9f 100644
--- a/folly/io/async/test/AsyncSSLSocketTest2.cpp
+++ b/folly/io/async/test/AsyncSSLSocketTest2.cpp
@@ -205,6 +205,14 @@ TEST(AsyncSSLSocketTest2, SSLContextLocks) {
 #endif
 }
 
+TEST(AsyncSSLSocketTest2, SSLContextLocksSetAfterInitIgnored) {
+  SSLContext::initializeOpenSSL();
+  SSLContext::setSSLLockTypes({});
+#ifdef CRYPTO_LOCK_EVP_PKEY
+  EXPECT_TRUE(SSLContext::isSSLLockDisabled(CRYPTO_LOCK_EVP_PKEY));
+#endif
+}
+
 }  // folly
 
 int main(int argc, char *argv[]) {
-- 
2.34.1