Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / modules / DnsResolver / b9da5e9a8c17c3ca2af6c0c941200abbe29be0f5 / . / DnsTlsSessionCache.cpp
blob: b88b2ddae41a74ec4853735ab65c7692a23898c7 [file] [log] [blame]
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]1/*
2 * Copyright (C) 2018 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Bernie Innocentiec4219b2019-01-30 11:16:36 +0900[diff] [blame]17#include "DnsTlsSessionCache.h"
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]18
Ken Chen5471dca2019-04-15 15:25:35 +0800[diff] [blame]19#define LOG_TAG "resolv"
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]20
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]21#include <android-base/logging.h>
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]22
23namespace android {
24namespace net {
25
26bool DnsTlsSessionCache::prepareSsl(SSL* ssl) {
27 // Add this cache as the 0-index extra data for the socket.
28 // This is used by newSessionCallback.
29 int ret = SSL_set_ex_data(ssl, 0, this);
30 return ret == 1;
31}
32
33void DnsTlsSessionCache::prepareSslContext(SSL_CTX* ssl_ctx) {
34 SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_CLIENT);
35 SSL_CTX_sess_set_new_cb(ssl_ctx, &DnsTlsSessionCache::newSessionCallback);
36}
37
38// static
39int DnsTlsSessionCache::newSessionCallback(SSL* ssl, SSL_SESSION* session) {
40 if (!ssl || !session) {
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]41 LOG(ERROR) << "Null SSL object in new session callback";
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]42 return 0;
43 }
44 DnsTlsSessionCache* cache = reinterpret_cast<DnsTlsSessionCache*>(
45 SSL_get_ex_data(ssl, 0));
46 if (!cache) {
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]47 LOG(ERROR) << "null transport in new session callback";
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]48 return 0;
49 }
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]50 LOG(DEBUG) << "Recording session";
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]51 cache->recordSession(session);
52 return 1; // Increment the refcount of session.
53}
54
55void DnsTlsSessionCache::recordSession(SSL_SESSION* session) {
56 std::lock_guard guard(mLock);
57 mSessions.emplace_front(session);
58 if (mSessions.size() > kMaxSize) {
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]59 LOG(DEBUG) << "Too many sessions; trimming";
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]60 mSessions.pop_back();
61 }
62}
63
64bssl::UniquePtr<SSL_SESSION> DnsTlsSessionCache::getSession() {
65 std::lock_guard guard(mLock);
66 if (mSessions.size() == 0) {
chenbruceaff85842019-05-31 15:46:42 +0800[diff] [blame]67 LOG(DEBUG) << "No known sessions";
Mike Yubab3daa2018-10-19 22:11:43 +0800[diff] [blame]68 return nullptr;
69 }
70 bssl::UniquePtr<SSL_SESSION> ret = std::move(mSessions.front());
71 mSessions.pop_front();
72 return ret;
73}
74
75} // end of namespace net
76} // end of namespace android