1 //
2 //
3 // Copyright 2018 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #include <grpc/support/port_platform.h>
20 
21 #include "src/core/tsi/ssl/session_cache/ssl_session.h"
22 
23 #ifdef OPENSSL_IS_BORINGSSL
24 
25 #include "absl/memory/memory.h"
26 
27 // BoringSSL allows SSL_SESSION to outlive SSL and SSL_CTX objects which are
28 // re-created by gRPC on every certificate rotation or subchannel creation.
29 // BoringSSL guarantees that SSL_SESSION is immutable so it's safe to share
30 // the same original session object between different threads and connections.
31 
32 namespace tsi {
33 namespace {
34 
35 class BoringSslCachedSession : public SslCachedSession {
36  public:
BoringSslCachedSession(SslSessionPtr session)37   explicit BoringSslCachedSession(SslSessionPtr session)
38       : session_(std::move(session)) {}
39 
CopySession() const40   SslSessionPtr CopySession() const override {
41     // SslSessionPtr will dereference on destruction.
42     SSL_SESSION_up_ref(session_.get());
43     return SslSessionPtr(session_.get());
44   }
45 
46  private:
47   SslSessionPtr session_;
48 };
49 
50 }  // namespace
51 
Create(SslSessionPtr session)52 std::unique_ptr<SslCachedSession> SslCachedSession::Create(
53     SslSessionPtr session) {
54   return std::make_unique<BoringSslCachedSession>(std::move(session));
55 }
56 
57 }  // namespace tsi
58 
59 #endif  // OPENSSL_IS_BORINGSSL
60