1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #include <grpc/support/port_platform.h>
20 
21 #include "src/core/tsi/ssl/session_cache/ssl_session.h"
22 
23 #ifdef OPENSSL_IS_BORINGSSL
24 
25 // BoringSSL allows SSL_SESSION to outlive SSL and SSL_CTX objects which are
26 // re-created by gRPC on every certificate rotation or subchannel creation.
27 // BoringSSL guarantees that SSL_SESSION is immutable so it's safe to share
28 // the same original session object between different threads and connections.
29 
30 namespace tsi {
31 namespace {
32 
33 class BoringSslCachedSession : public SslCachedSession {
34  public:
BoringSslCachedSession(SslSessionPtr session)35   BoringSslCachedSession(SslSessionPtr session)
36       : session_(std::move(session)) {}
37 
CopySession() const38   SslSessionPtr CopySession() const override {
39     // SslSessionPtr will dereference on destruction.
40     SSL_SESSION_up_ref(session_.get());
41     return SslSessionPtr(session_.get());
42   }
43 
44  private:
45   SslSessionPtr session_;
46 };
47 
48 }  // namespace
49 
Create(SslSessionPtr session)50 grpc_core::UniquePtr<SslCachedSession> SslCachedSession::Create(
51     SslSessionPtr session) {
52   return grpc_core::UniquePtr<SslCachedSession>(
53       grpc_core::New<BoringSslCachedSession>(std::move(session)));
54 }
55 
56 }  // namespace tsi
57 
58 #endif /* OPENSSL_IS_BORINGSSL */
59