1 //
2 //
3 // Copyright 2018 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #ifndef GRPC_SRC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H
20 #define GRPC_SRC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <memory>
25 
26 #include <openssl/ssl.h>
27 
28 #include <grpc/slice.h>
29 
30 #include "src/core/lib/gprpp/ref_counted.h"
31 
32 // The main purpose of code here is to provide means to cache SSL sessions
33 // in a way that they can be shared between connections.
34 //
35 // SSL_SESSION stands for single instance of session and is not generally safe
36 // to share between SSL contexts with different lifetimes. It happens because
37 // not all SSL implementations guarantee immutability of SSL_SESSION object.
38 // See SSL_SESSION documentation in BoringSSL and OpenSSL for more details.
39 
40 namespace tsi {
41 
42 struct SslSessionDeleter {
operatorSslSessionDeleter43   void operator()(SSL_SESSION* session) { SSL_SESSION_free(session); }
44 };
45 
46 typedef std::unique_ptr<SSL_SESSION, SslSessionDeleter> SslSessionPtr;
47 
48 /// SslCachedSession is an immutable thread-safe storage for single session
49 /// representation. It provides means to share SSL session data (e.g. TLS
50 /// ticket) between encrypted connections regardless of SSL context lifetime.
51 class SslCachedSession {
52  public:
53   // Not copyable nor movable.
54   SslCachedSession(const SslCachedSession&) = delete;
55   SslCachedSession& operator=(const SslCachedSession&) = delete;
56 
57   /// Create single cached instance of \a session.
58   static std::unique_ptr<SslCachedSession> Create(SslSessionPtr session);
59 
60   virtual ~SslCachedSession() = default;
61 
62   /// Returns a copy of previously cached session.
63   virtual SslSessionPtr CopySession() const = 0;
64 
65  protected:
66   SslCachedSession() = default;
67 };
68 
69 }  // namespace tsi
70 
71 #endif  // GRPC_SRC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_H
72