static void SSLInfoCallback(const SSL* ssl, int where, int ret) {
(void)ret;
SocketUniquePtr s;
SocketId id = (SocketId)SSL_get_app_data((SSL*)ssl);
if (Socket::Address(id, &s) != 0) {
// Already failed
return;
}
if (where & SSL_CB_HANDSHAKE_START) {
if (s->ssl_state() == SSL_CONNECTING) {
s->set_ssl_state(SSL_CONNECTED);
} else if (s->ssl_state() == SSL_CONNECTED) {
// Disable renegotiation (CVE-2009-3555)
LOG(ERROR) << "Close " << *s << " due to insecure "
<< "renegotiation detected (CVE-2009-3555)";
s->SetFailed();
}
}
}
int ChannelBalancer::AddChannel(ChannelBase* sub_channel,
SelectiveChannel::ChannelHandle* handle) {
if (NULL == sub_channel) {
LOG(ERROR) << "Parameter[sub_channel] is NULL";
return -1;
}
BAIDU_SCOPED_LOCK(_mutex);
if (_chan_map.find(sub_channel) != _chan_map.end()) {
LOG(ERROR) << "Duplicated sub_channel=" << sub_channel;
return -1;
}
SubChannel* sub_chan = new (std::nothrow) SubChannel;
if (sub_chan == NULL) {
LOG(FATAL) << "Fail to to new SubChannel";
return -1;
}
sub_chan->chan = sub_channel;
SocketId sock_id;
SocketOptions options;
options.user = sub_chan;
options.health_check_interval_s = FLAGS_channel_check_interval;
if (Socket::Create(options, &sock_id) != 0) {
delete sub_chan;
LOG(ERROR) << "Fail to create fake socket for sub channel";
return -1;
}
SocketUniquePtr ptr;
CHECK_EQ(0, Socket::Address(sock_id, &ptr));
if (!AddServer(ServerId(sock_id))) {
LOG(ERROR) << "Duplicated sub_channel=" << sub_channel;
// sub_chan will be deleted when the socket is recycled.
ptr->SetFailed();
return -1;
}
_chan_map[sub_channel]= ptr.release(); // Add reference.
if (handle) {
*handle = sock_id;
}
return 0;
}
