Update contrib/restricted/aws/aws-c-io to 0.13.1

2 files changed, 21 insertions, 9 deletions

diff --git a/contrib/restricted/aws/aws-c-io/README.md b/contrib/restricted/aws/aws-c-io/README.md
index d6b2a97695..12a83d851a 100644
--- a/contrib/restricted/aws/aws-c-io/README.md
+++ b/contrib/restricted/aws/aws-c-io/README.md
@@ -86,7 +86,7 @@ Typical Client API Usage Pattern:
         struct aws_socket_options sock_options = { ... };
         struct aws_socket_endpoint endpoint = { ... };
 
-        if (aws_client_bootstrap_new_tls_socket_channel(&client_bootrap, &endpoint, &sock_options, &tls_options,
+        if (aws_client_bootstrap_new_tls_socket_channel(&client_bootstrap, &endpoint, &sock_options, &tls_options,
                 your_channel_setup_callback, your_channel_shutdown_callback, your_context_data) {
             goto cleanup;
         }
diff --git a/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c b/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
index 2bc9e5aeed..e39cdd729b 100644
--- a/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
+++ b/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
@@ -168,23 +168,32 @@ static const char *s_determine_default_pki_ca_file(void) {
     return NULL;
 }
 
+/* If s2n is already initialized, then we don't call s2n_init() or s2n_cleanup() ourselves */
+static bool s_s2n_initialized_externally = false;
+
 void aws_tls_init_static_state(struct aws_allocator *alloc) {
     (void)alloc;
     AWS_LOGF_INFO(AWS_LS_IO_TLS, "static: Initializing TLS using s2n.");
 
-    setenv("S2N_ENABLE_CLIENT_MODE", "1", 1);
-    setenv("S2N_DONT_MLOCK", "1", 1);
-
     /* Disable atexit behavior, so that s2n_cleanup() fully cleans things up.
      *
      * By default, s2n uses an ataexit handler and doesn't fully clean up until the program exits.
      * This can cause a crash if s2n is compiled into a shared library and
      * that library is unloaded before the appexit handler runs. */
-    s2n_disable_atexit();
+    if (s2n_disable_atexit() != S2N_SUCCESS) {
+        /* If this call fails, then s2n is already initialized
+         * https://github.com/aws/s2n-tls/blob/2ad65c11a96368591fe809cd27fd1e390b2c8ce3/api/s2n.h#L211-L212 */
+        AWS_LOGF_DEBUG(AWS_LS_IO_TLS, "static: s2n is already initialized");
+        s_s2n_initialized_externally = true;
+    }
+
+    if (!s_s2n_initialized_externally) {
+        setenv("S2N_DONT_MLOCK", "1", 1);
 
-    if (s2n_init() != S2N_SUCCESS) {
-        fprintf(stderr, "s2n_init() failed: %d (%s)\n", s2n_errno, s2n_strerror(s2n_errno, "EN"));
-        AWS_FATAL_ASSERT(0 && "s2n_init() failed");
+        if (s2n_init() != S2N_SUCCESS) {
+            fprintf(stderr, "s2n_init() failed: %d (%s)\n", s2n_errno, s2n_strerror(s2n_errno, "EN"));
+            AWS_FATAL_ASSERT(0 && "s2n_init() failed");
+        }
     }
 
     s_default_ca_dir = s_determine_default_pki_dir();
@@ -205,7 +214,10 @@ void aws_tls_init_static_state(struct aws_allocator *alloc) {
 }
 
 void aws_tls_clean_up_static_state(void) {
-    s2n_cleanup();
+    /* only clean up s2n if we were the ones that initialized it */
+    if (!s_s2n_initialized_externally) {
+        s2n_cleanup();
+    }
 }
 
 bool aws_tls_is_alpn_available(void) {