1 /* 2 * 3 * Copyright 2018 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 #include <grpc/support/port_platform.h> 20 21 #include "src/core/tsi/ssl/session_cache/ssl_session.h" 22 23 #ifdef OPENSSL_IS_BORINGSSL 24 25 // BoringSSL allows SSL_SESSION to outlive SSL and SSL_CTX objects which are 26 // re-created by gRPC on every certificate rotation or subchannel creation. 27 // BoringSSL guarantees that SSL_SESSION is immutable so it's safe to share 28 // the same original session object between different threads and connections. 29 30 namespace tsi { 31 namespace { 32 33 class BoringSslCachedSession : public SslCachedSession { 34 public: BoringSslCachedSession(SslSessionPtr session)35 BoringSslCachedSession(SslSessionPtr session) 36 : session_(std::move(session)) {} 37 CopySession() const38 SslSessionPtr CopySession() const override { 39 // SslSessionPtr will dereference on destruction. 40 SSL_SESSION_up_ref(session_.get()); 41 return SslSessionPtr(session_.get()); 42 } 43 44 private: 45 SslSessionPtr session_; 46 }; 47 48 } // namespace 49 Create(SslSessionPtr session)50grpc_core::UniquePtr<SslCachedSession> SslCachedSession::Create( 51 SslSessionPtr session) { 52 return grpc_core::UniquePtr<SslCachedSession>( 53 grpc_core::New<BoringSslCachedSession>(std::move(session))); 54 } 55 56 } // namespace tsi 57 58 #endif /* OPENSSL_IS_BORINGSSL */ 59