openssl_session_cache.h 2.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
  1. /*
  2. * Copyright 2018 The WebRTC Project Authors. All rights reserved.
  3. *
  4. * Use of this source code is governed by a BSD-style license
  5. * that can be found in the LICENSE file in the root of the source
  6. * tree. An additional intellectual property rights grant can be found
  7. * in the file PATENTS. All contributing project authors may
  8. * be found in the AUTHORS file in the root of the source tree.
  9. */
  10. #ifndef RTC_BASE_OPENSSL_SESSION_CACHE_H_
  11. #define RTC_BASE_OPENSSL_SESSION_CACHE_H_
  12. #include <openssl/ossl_typ.h>
  13. #include <map>
  14. #include <string>
  15. #include "rtc_base/constructor_magic.h"
  16. #include "rtc_base/ssl_stream_adapter.h"
  17. #ifndef OPENSSL_IS_BORINGSSL
  18. typedef struct ssl_session_st SSL_SESSION;
  19. #endif
  20. namespace rtc {
  21. // The OpenSSLSessionCache maps hostnames to SSL_SESSIONS. This cache is
  22. // owned by the OpenSSLAdapterFactory and is passed down to each OpenSSLAdapter
  23. // created with the factory.
  24. class OpenSSLSessionCache final {
  25. public:
  26. // Creates a new OpenSSLSessionCache using the provided the SSL_CTX and
  27. // the ssl_mode. The SSL_CTX will be up_refed. ssl_ctx cannot be nullptr,
  28. // the constructor immediately dchecks this.
  29. OpenSSLSessionCache(SSLMode ssl_mode, SSL_CTX* ssl_ctx);
  30. // Frees the cached SSL_SESSIONS and then frees the SSL_CTX.
  31. ~OpenSSLSessionCache();
  32. // Looks up a session by hostname. The returned SSL_SESSION is not up_refed.
  33. SSL_SESSION* LookupSession(const std::string& hostname) const;
  34. // Adds a session to the cache, and up_refs it. Any existing session with the
  35. // same hostname is replaced.
  36. void AddSession(const std::string& hostname, SSL_SESSION* session);
  37. // Returns the true underlying SSL Context that holds these cached sessions.
  38. SSL_CTX* GetSSLContext() const;
  39. // The SSL Mode tht the OpenSSLSessionCache was constructed with. This cannot
  40. // be changed after launch.
  41. SSLMode GetSSLMode() const;
  42. private:
  43. // Holds the SSL Mode that the OpenSSLCache was initialized with. This is
  44. // immutable after creation and cannot change.
  45. const SSLMode ssl_mode_;
  46. /// SSL Context for all shared cached sessions. This SSL_CTX is initialized
  47. // with SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT); Meaning
  48. // all client sessions will be added to the cache internal to the context.
  49. SSL_CTX* ssl_ctx_ = nullptr;
  50. // Map of hostnames to SSL_SESSIONs; holds references to the SSL_SESSIONs,
  51. // which are cleaned up when the factory is destroyed.
  52. // TODO(juberti): Add LRU eviction to keep the cache from growing forever.
  53. std::map<std::string, SSL_SESSION*> sessions_;
  54. // The cache should never be copied or assigned directly.
  55. RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLSessionCache);
  56. };
  57. } // namespace rtc
  58. #endif // RTC_BASE_OPENSSL_SESSION_CACHE_H_