virtual std::string getSecurityProtocol() const override { return "TLS"; }
- bool isEorTrackingEnabled() const override;
virtual void setEorTracking(bool track) override;
virtual size_t getRawBytesWritten() const override;
virtual size_t getRawBytesReceived() const override;
void enableClientHelloParsing();
+ void setPreReceivedData(std::unique_ptr<IOBuf> data);
+
/**
* Accept an SSL connection on the socket.
*
static int getSSLExDataIndex();
static AsyncSSLSocket* getFromSSL(const SSL *ssl);
static int bioWrite(BIO* b, const char* in, int inl);
+ static int bioRead(BIO* b, char* out, int outl);
void resetClientHelloParsing(SSL *ssl);
static void clientHelloParsingCallback(int write_p, int version,
int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
return sessionResumptionAttempted_;
}
+ /**
+ * Clears the ERR stack before invoking SSL methods.
+ * This is useful if unrelated code that runs in the same thread
+ * does not properly handle SSL error conditions, in which case
+ * it could cause SSL_* methods to fail with incorrect error codes.
+ */
+ void setClearOpenSSLErrors(bool clearErr) {
+ clearOpenSSLErrors_ = clearErr;
+ }
+
private:
void init();
+ void clearOpenSSLErrors();
protected:
// This virtual wrapper around SSL_write exists solely for testing/mockability
virtual int sslWriteImpl(SSL *ssl, const void *buf, int n) {
+ clearOpenSSLErrors();
return SSL_write(ssl, buf, n);
}
// whether the SSL session was resumed using session ID or not
bool sessionIDResumed_{false};
- // Whether to track EOR or not.
- bool trackEor_{false};
-
// The app byte num that we are tracking for the MSG_EOR
// Only one app EOR byte can be tracked.
size_t appEorByteNo_{0};
std::chrono::steady_clock::time_point handshakeEndTime_;
std::chrono::milliseconds handshakeConnectTimeout_{0};
bool sessionResumptionAttempted_{false};
+
+ std::unique_ptr<IOBuf> preReceivedData_;
+ // Whether or not to clear the err stack before invocation of another
+ // SSL method
+ bool clearOpenSSLErrors_{false};
};
} // namespace