1 /* 2 * 3 * Copyright 2018 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #ifndef GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H 20 #define GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include "src/core/tsi/grpc_shadow_boringssl.h" 25 26 #include <grpc/slice.h> 27 28 extern "C" { 29 #include <openssl/ssl.h> 30 } 31 32 #include "src/core/lib/gprpp/ref_counted.h" 33 34 // The main purpose of code here is to provide means to cache SSL sessions 35 // in a way that they can be shared between connections. 36 // 37 // SSL_SESSION stands for single instance of session and is not generally safe 38 // to share between SSL contexts with different lifetimes. It happens because 39 // not all SSL implementations guarantee immutability of SSL_SESSION object. 40 // See SSL_SESSION documentation in BoringSSL and OpenSSL for more details. 41 42 namespace tsi { 43 44 struct SslSessionDeleter { operatorSslSessionDeleter45 void operator()(SSL_SESSION* session) { SSL_SESSION_free(session); } 46 }; 47 48 typedef std::unique_ptr<SSL_SESSION, SslSessionDeleter> SslSessionPtr; 49 50 /// SslCachedSession is an immutable thread-safe storage for single session 51 /// representation. It provides means to share SSL session data (e.g. TLS 52 /// ticket) between encrypted connections regardless of SSL context lifetime. 53 class SslCachedSession { 54 public: 55 // Not copyable nor movable. 56 SslCachedSession(const SslCachedSession&) = delete; 57 SslCachedSession& operator=(const SslCachedSession&) = delete; 58 59 /// Create single cached instance of \a session. 60 static grpc_core::UniquePtr<SslCachedSession> Create(SslSessionPtr session); 61 62 virtual ~SslCachedSession() = default; 63 64 /// Returns a copy of previously cached session. 65 virtual SslSessionPtr CopySession() const GRPC_ABSTRACT; 66 67 GRPC_ABSTRACT_BASE_CLASS 68 69 protected: 70 SslCachedSession() = default; 71 }; 72 73 } // namespace tsi 74 75 #endif /* GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H */ 76