#include <folly/io/async/AsyncTimeout.h>
#include <folly/io/async/SSLContext.h>
#include <folly/io/async/TimeoutManager.h>
-#include <folly/io/async/ssl/OpenSSLPtrTypes.h>
+#include <folly/ssl/OpenSSLPtrTypes.h>
#include <folly/io/async/ssl/OpenSSLUtils.h>
#include <folly/io/async/ssl/SSLErrors.h>
#include <folly/io/async/ssl/TLSDefinitions.h>
return timeout_;
}
- virtual void timeoutExpired() noexcept override {
+ void timeoutExpired() noexcept override {
sslSocket_->timeoutExpired(timeout_);
}
* @param deferSecurityNegotiation
* unencrypted data can be sent before sslConn/Accept
*/
- AsyncSSLSocket(const std::shared_ptr<folly::SSLContext>& ctx,
- EventBase* evb, int fd,
- bool server = true, bool deferSecurityNegotiation = false);
+ AsyncSSLSocket(
+ const std::shared_ptr<folly::SSLContext>& ctx,
+ EventBase* evb,
+ int fd,
+ bool server = true,
+ bool deferSecurityNegotiation = false);
+ /**
+ * Create a server/client AsyncSSLSocket from an already connected
+ * AsyncSocket.
+ */
+ AsyncSSLSocket(
+ const std::shared_ptr<folly::SSLContext>& ctx,
+ AsyncSocket::UniquePtr oldAsyncSocket,
+ bool server = true,
+ bool deferSecurityNegotiation = false);
/**
* Helper function to create a server/client shared_ptr<AsyncSSLSocket>.
* @param fd File descriptor to take over (should be a connected socket).
* @param serverName tlsext_hostname that will be sent in ClientHello.
*/
- AsyncSSLSocket(const std::shared_ptr<folly::SSLContext>& ctx,
- EventBase* evb,
- int fd,
- const std::string& serverName,
- bool deferSecurityNegotiation = false);
+ AsyncSSLSocket(
+ const std::shared_ptr<folly::SSLContext>& ctx,
+ EventBase* evb,
+ int fd,
+ const std::string& serverName,
+ bool deferSecurityNegotiation = false);
static std::shared_ptr<AsyncSSLSocket> newSocket(
const std::shared_ptr<folly::SSLContext>& ctx,
// See the documentation in TAsyncTransport.h
// TODO: implement graceful shutdown in close()
// TODO: implement detachSSL() that returns the SSL connection
- virtual void closeNow() override;
- virtual void shutdownWrite() override;
- virtual void shutdownWriteNow() override;
- virtual bool good() const override;
- virtual bool connecting() const override;
- virtual std::string getApplicationProtocol() noexcept override;
-
- virtual std::string getSecurityProtocol() const override { return "TLS"; }
-
- virtual void setEorTracking(bool track) override;
- virtual size_t getRawBytesWritten() const override;
- virtual size_t getRawBytesReceived() const override;
- void enableClientHelloParsing();
+ void closeNow() override;
+ void shutdownWrite() override;
+ void shutdownWriteNow() override;
+ bool good() const override;
+ bool connecting() const override;
+ std::string getApplicationProtocol() noexcept override;
+
+ std::string getSecurityProtocol() const override {
+ return "TLS";
+ }
- void setPreReceivedData(std::unique_ptr<IOBuf> data);
+ void setEorTracking(bool track) override;
+ size_t getRawBytesWritten() const override;
+ size_t getRawBytesReceived() const override;
+ void enableClientHelloParsing();
/**
* Accept an SSL connection on the socket.
/**
* Get the certificate used for this SSL connection. May be null
*/
- virtual const X509* getSelfCert() const override;
+ const X509* getSelfCert() const override;
- virtual void attachEventBase(EventBase* eventBase) override {
+ void attachEventBase(EventBase* eventBase) override {
AsyncSocket::attachEventBase(eventBase);
handshakeTimeout_.attachEventBase(eventBase);
connectionTimeout_.attachEventBase(eventBase);
}
- virtual void detachEventBase() override {
+ void detachEventBase() override {
AsyncSocket::detachEventBase();
handshakeTimeout_.detachEventBase();
connectionTimeout_.detachEventBase();
}
- virtual bool isDetachable() const override {
+ bool isDetachable() const override {
return AsyncSocket::isDetachable() && !handshakeTimeout_.isScheduled();
}
/**
* Returns the peer certificate, or nullptr if no peer certificate received.
*/
- virtual ssl::X509UniquePtr getPeerCert() const override {
+ ssl::X509UniquePtr getPeerCert() const override {
if (!ssl_) {
return nullptr;
}
* destroy() instead. (See the documentation in DelayedDestruction.h for
* more details.)
*/
- ~AsyncSSLSocket();
+ ~AsyncSSLSocket() override;
// Inherit event notification methods from AsyncSocket except
// the following.
int* sslErrorOut,
unsigned long* errErrorOut) noexcept;
- virtual void checkForImmediateRead() noexcept override;
+ void checkForImmediateRead() noexcept override;
// AsyncSocket calls this at the wrong time for SSL
void handleInitialReadWrite() noexcept override {}
void invokeConnectSuccess() override;
void scheduleConnectTimeout() override;
- void cacheLocalPeerAddr();
-
void startSSLConnect();
static void sslInfoCallback(const SSL *ssl, int type, int val);
bool sessionResumptionAttempted_{false};
std::chrono::milliseconds totalConnectTimeout_{0};
- std::unique_ptr<IOBuf> preReceivedData_;
std::string sslVerificationAlert_;
};