Allow SSLSessionCallbacks to be used on SSL* that isn't attached to AsyncSSLSocket

Summary: The session callbacks assumed that the SSL* was associated with a folly::AsyncSSLSocket when it didn't need to.  This enables apps that manage their own SSL* to use these callbacks.

Reviewed By: yfeldblum

Differential Revision: D2896426

fb-gh-sync-id: c51df6b4cb3f4cc188a6411c1f3e7e89e96e8a67

diff --git a/folly/io/async/AsyncSSLSocket.cpp b/folly/io/async/AsyncSSLSocket.cpp
index b0e54e67fd62e6ce1aa4b05bee1f9ee5715a2faa..8e1fdbc54ac48b0a85053151ce4bbe995f789114 100644 (file)
--- a/folly/io/async/AsyncSSLSocket.cpp
+++ b/folly/io/async/AsyncSSLSocket.cpp
@@ -840,22 +840,29 @@ const char *AsyncSSLSocket::getNegotiatedCipherName() const {
   return (ssl_ != nullptr) ? SSL_get_cipher_name(ssl_) : nullptr;
 }
 
   return (ssl_ != nullptr) ? SSL_get_cipher_name(ssl_) : nullptr;
 }
 

+/* static */
+const char* AsyncSSLSocket::getSSLServerNameFromSSL(SSL* ssl) {
+  if (ssl == nullptr) {
+    return nullptr;
+  }
+#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+  return SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+#else
+  return nullptr;
+#endif
+}
+

 const char *AsyncSSLSocket::getSSLServerName() const {
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
 const char *AsyncSSLSocket::getSSLServerName() const {
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB

-  return (ssl_ != nullptr) ? SSL_get_servername(ssl_, TLSEXT_NAMETYPE_host_name)
-        : nullptr;
+  return getSSLServerNameFromSSL(ssl_);

 #else
   throw AsyncSocketException(AsyncSocketException::NOT_SUPPORTED,
 #else
   throw AsyncSocketException(AsyncSocketException::NOT_SUPPORTED,

-                            "SNI not supported");
+                             "SNI not supported");

 #endif
 }
 
 const char *AsyncSSLSocket::getSSLServerNameNoThrow() const {
 #endif
 }
 
 const char *AsyncSSLSocket::getSSLServerNameNoThrow() const {

-  try {
-    return getSSLServerName();
-  } catch (AsyncSocketException& ex) {
-    return nullptr;
-  }
+  return getSSLServerNameFromSSL(ssl_);

 }
 
 int AsyncSSLSocket::getSSLVersion() const {
 }
 
 int AsyncSSLSocket::getSSLVersion() const {

diff --git a/folly/io/async/AsyncSSLSocket.h b/folly/io/async/AsyncSSLSocket.h
index 9dbcf2efa4cbdd8275c0ce35411e53d11cad8a2c..b9a79e106f2aef78e5271b8df70698b6cbe81cab 100644 (file)
--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -653,6 +653,7 @@ class AsyncSSLSocket : public virtual AsyncSocket {
   void resetClientHelloParsing(SSL *ssl);
   static void clientHelloParsingCallback(int write_p, int version,
       int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
   void resetClientHelloParsing(SSL *ssl);
   static void clientHelloParsingCallback(int write_p, int version,
       int content_type, const void *buf, size_t len, SSL *ssl, void *arg);

+  static const char* getSSLServerNameFromSSL(SSL* ssl);

 
   // http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
   enum class TLSExtension: uint16_t {
 
   // http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
   enum class TLSExtension: uint16_t {