OLD | NEW |
| (Empty) |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_SSL_SSL_CLIENT_SESSION_CACHE_OPENSSL_H | |
6 #define NET_SSL_SSL_CLIENT_SESSION_CACHE_OPENSSL_H | |
7 | |
8 #include <openssl/ssl.h> | |
9 #include <stddef.h> | |
10 | |
11 #include <memory> | |
12 #include <string> | |
13 | |
14 #include "base/containers/mru_cache.h" | |
15 #include "base/macros.h" | |
16 #include "base/synchronization/lock.h" | |
17 #include "base/threading/thread_checker.h" | |
18 #include "base/time/time.h" | |
19 #include "net/base/net_export.h" | |
20 #include "net/ssl/scoped_openssl_types.h" | |
21 | |
22 namespace base { | |
23 class Clock; | |
24 } | |
25 | |
26 namespace net { | |
27 | |
28 class NET_EXPORT SSLClientSessionCacheOpenSSL { | |
29 public: | |
30 struct Config { | |
31 // The maximum number of entries in the cache. | |
32 size_t max_entries = 1024; | |
33 // The number of calls to Lookup before a new check for expired sessions. | |
34 size_t expiration_check_count = 256; | |
35 // How long each session should last. | |
36 base::TimeDelta timeout = base::TimeDelta::FromHours(1); | |
37 }; | |
38 | |
39 explicit SSLClientSessionCacheOpenSSL(const Config& config); | |
40 ~SSLClientSessionCacheOpenSSL(); | |
41 | |
42 size_t size() const; | |
43 | |
44 // Returns the session associated with |cache_key| and moves it to the front | |
45 // of the MRU list. Returns nullptr if there is none. | |
46 ScopedSSL_SESSION Lookup(const std::string& cache_key); | |
47 | |
48 // Inserts |session| into the cache at |cache_key|. If there is an existing | |
49 // one, it is released. Every |expiration_check_count| calls, the cache is | |
50 // checked for stale entries. | |
51 void Insert(const std::string& cache_key, SSL_SESSION* session); | |
52 | |
53 // Removes all entries from the cache. | |
54 void Flush(); | |
55 | |
56 void SetClockForTesting(std::unique_ptr<base::Clock> clock); | |
57 | |
58 private: | |
59 struct CacheEntry { | |
60 CacheEntry(); | |
61 ~CacheEntry(); | |
62 | |
63 ScopedSSL_SESSION session; | |
64 // The time at which this entry was created. | |
65 base::Time creation_time; | |
66 }; | |
67 | |
68 using CacheEntryMap = | |
69 base::HashingMRUCache<std::string, std::unique_ptr<CacheEntry>>; | |
70 | |
71 // Returns true if |entry| is expired as of |now|. | |
72 bool IsExpired(CacheEntry* entry, const base::Time& now); | |
73 | |
74 // Removes all expired sessions from the cache. | |
75 void FlushExpiredSessions(); | |
76 | |
77 std::unique_ptr<base::Clock> clock_; | |
78 Config config_; | |
79 CacheEntryMap cache_; | |
80 size_t lookups_since_flush_; | |
81 | |
82 // TODO(davidben): After https://crbug.com/458365 is fixed, replace this with | |
83 // a ThreadChecker. The session cache should be single-threaded like other | |
84 // classes in net. | |
85 base::Lock lock_; | |
86 | |
87 DISALLOW_COPY_AND_ASSIGN(SSLClientSessionCacheOpenSSL); | |
88 }; | |
89 | |
90 } // namespace net | |
91 | |
92 #endif // NET_SSL_SSL_CLIENT_SESSION_CACHE_OPENSSL_H | |
OLD | NEW |