Skip to content

Commit

Permalink
make openssl init routines into no-ops
Browse files Browse the repository at this point in the history 
Summary: We assume openssl >= v1.1.0 which no longer requires the application to call initialization routines. Let folly's wrappers be no-ops.

Reviewed By: Gownta

Differential Revision: D54932863

fbshipit-source-id: 212fa1e1ae7fb696ea4fed15f8f136721128e5cf
  • Loading branch information
@yfeldblum @facebook-github-bot
yfeldblum authored and facebook-github-bot committed Mar 22, 2024
1 parent b8e4bc7 commit 50825b2
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 429 deletions.
148 changes: 0 additions & 148 deletions folly/io/async/test/SSLContextInitializationTest.cpp
View file

This file was deleted.

81 changes: 7 additions & 74 deletions folly/ssl/Init.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,88 +16,21 @@

#include <folly/ssl/Init.h>

#include <mutex>

#include <folly/Indestructible.h>
#include <folly/portability/OpenSSL.h>
#include <folly/ssl/detail/OpenSSLThreading.h>

#include <glog/logging.h>

namespace folly {
namespace ssl {

namespace {
bool initialized_ = false;
void init() {}

std::mutex& initMutex() {
static folly::Indestructible<std::mutex> m;
return *m;
}
void cleanup() {}

void initializeOpenSSLLocked() {
if (initialized_) {
return;
}
if (OPENSSL_init_ssl(0, nullptr) != 1) {
// Fail early if we fail to initialize OpenSSL. Ignoring this means that
// future OpenSSL methods may segfault, since there is an implicit
// precondition that initialization properly initializes internal OpenSSL
// pointers to global resources.
throw std::runtime_error("Failed to initialize OpenSSL.");
}
void markInitialized() {}

// Non-fatal errors may be set during initialization, if OPENSSL_init_ssl
// successfully returned we can safely clear them
ERR_clear_error();
initialized_ = true;
}
void setLockTypesAndInit(LockTypeMapping) {}

void cleanupOpenSSLLocked() {
if (!initialized_) {
return;
}

OPENSSL_cleanup();
initialized_ = false;
}
} // namespace

void init() {
std::lock_guard<std::mutex> g(initMutex());
initializeOpenSSLLocked();
}

void cleanup() {
std::lock_guard<std::mutex> g(initMutex());
cleanupOpenSSLLocked();
}

void markInitialized() {
std::lock_guard<std::mutex> g(initMutex());
initialized_ = true;
}

void setLockTypesAndInit(LockTypeMapping inLockTypes) {
std::lock_guard<std::mutex> g(initMutex());
CHECK(!initialized_) << "OpenSSL is already initialized";
detail::setLockTypes(std::move(inLockTypes));
initializeOpenSSLLocked();
}

void setLockTypes(LockTypeMapping inLockTypes) {
std::lock_guard<std::mutex> g(initMutex());
if (initialized_) {
// We set the locks on initialization, so if we are already initialized
// this would have no affect.
LOG(INFO) << "Ignoring setSSLLockTypes after initialization";
return;
}
detail::setLockTypes(std::move(inLockTypes));
}
void setLockTypes(LockTypeMapping) {}

bool isLockDisabled(int lockId) {
return detail::isSSLLockDisabled(lockId);
bool isLockDisabled(int) {
return false;
}

} // namespace ssl
Expand Down
Loading

0 comments on commit 50825b2

Please sign in to comment.