OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_session_cache_openssl.h" | 5 #include "net/socket/ssl_session_cache_openssl.h" |
6 | 6 |
7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
8 | 8 |
9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/strings/stringprintf.h" | 11 #include "base/strings/stringprintf.h" |
12 #include "crypto/openssl_util.h" | 12 #include "crypto/openssl_util.h" |
| 13 #include "crypto/scoped_openssl_types.h" |
13 | 14 |
14 #include "testing/gtest/include/gtest/gtest.h" | 15 #include "testing/gtest/include/gtest/gtest.h" |
15 | 16 |
16 // This is an internal OpenSSL function that can be used to create a new | 17 // This is an internal OpenSSL function that can be used to create a new |
17 // session for an existing SSL object. This shall force a call to the | 18 // session for an existing SSL object. This shall force a call to the |
18 // 'generate_session_id' callback from the SSL's session context. | 19 // 'generate_session_id' callback from the SSL's session context. |
19 // |s| is the target SSL connection handle. | 20 // |s| is the target SSL connection handle. |
20 // |session| is non-0 to ask for the creation of a new session. If 0, | 21 // |session| is non-0 to ask for the creation of a new session. If 0, |
21 // this will set an empty session with no ID instead. | 22 // this will set an empty session with no ID instead. |
22 extern "C" int ssl_get_new_session(SSL* s, int session); | 23 extern "C" int ssl_get_new_session(SSL* s, int session); |
23 | 24 |
24 // This is an internal OpenSSL function which is used internally to add | 25 // This is an internal OpenSSL function which is used internally to add |
25 // a new session to the cache. It is normally triggered by a succesful | 26 // a new session to the cache. It is normally triggered by a succesful |
26 // connection. However, this unit test does not use the network at all. | 27 // connection. However, this unit test does not use the network at all. |
27 extern "C" void ssl_update_cache(SSL* s, int mode); | 28 extern "C" void ssl_update_cache(SSL* s, int mode); |
28 | 29 |
29 namespace net { | 30 namespace net { |
30 | 31 |
31 namespace { | 32 namespace { |
32 | 33 |
33 typedef crypto::ScopedOpenSSL<SSL, SSL_free> ScopedSSL; | 34 typedef crypto::ScopedOpenSSL<SSL, SSL_free>::Type ScopedSSL; |
| 35 typedef crypto::ScopedOpenSSL<SSL_CTX, SSL_CTX_free>::Type ScopedSSL_CTX; |
34 | 36 |
35 // Helper class used to associate arbitrary std::string keys with SSL objects. | 37 // Helper class used to associate arbitrary std::string keys with SSL objects. |
36 class SSLKeyHelper { | 38 class SSLKeyHelper { |
37 public: | 39 public: |
38 // Return the string associated with a given SSL handle |ssl|, or the | 40 // Return the string associated with a given SSL handle |ssl|, or the |
39 // empty string if none exists. | 41 // empty string if none exists. |
40 static std::string Get(const SSL* ssl) { | 42 static std::string Get(const SSL* ssl) { |
41 return GetInstance()->GetValue(ssl); | 43 return GetInstance()->GetValue(ssl); |
42 } | 44 } |
43 | 45 |
(...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
135 static void ResetSessionID(SSL* ssl) { ssl_get_new_session(ssl, 1); } | 137 static void ResetSessionID(SSL* ssl) { ssl_get_new_session(ssl, 1); } |
136 | 138 |
137 // Add a given SSL object and its session to the cache. | 139 // Add a given SSL object and its session to the cache. |
138 void AddToCache(SSL* ssl) { | 140 void AddToCache(SSL* ssl) { |
139 ssl_update_cache(ssl, ctx_.get()->session_cache_mode); | 141 ssl_update_cache(ssl, ctx_.get()->session_cache_mode); |
140 } | 142 } |
141 | 143 |
142 static const SSLSessionCacheOpenSSL::Config kDefaultConfig; | 144 static const SSLSessionCacheOpenSSL::Config kDefaultConfig; |
143 | 145 |
144 protected: | 146 protected: |
145 crypto::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ctx_; | 147 ScopedSSL_CTX ctx_; |
146 // |cache_| must be destroyed before |ctx_| and thus appears after it. | 148 // |cache_| must be destroyed before |ctx_| and thus appears after it. |
147 SSLSessionCacheOpenSSL cache_; | 149 SSLSessionCacheOpenSSL cache_; |
148 }; | 150 }; |
149 | 151 |
150 // static | 152 // static |
151 const SSLSessionCacheOpenSSL::Config | 153 const SSLSessionCacheOpenSSL::Config |
152 SSLSessionCacheOpenSSLTest::kDefaultConfig = { | 154 SSLSessionCacheOpenSSLTest::kDefaultConfig = { |
153 &SSLKeyHelper::Get, // key_func | 155 &SSLKeyHelper::Get, // key_func |
154 1024, // max_entries | 156 1024, // max_entries |
155 256, // expiration_check_count | 157 256, // expiration_check_count |
(...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
369 | 371 |
370 // Call SetSSLSession another time, this shall expire all sessions except | 372 // Call SetSSLSession another time, this shall expire all sessions except |
371 // the last one. | 373 // the last one. |
372 ScopedSSL bad_ssl(NewSSL("unknown-key")); | 374 ScopedSSL bad_ssl(NewSSL("unknown-key")); |
373 cache_.SetSSLSession(bad_ssl.get()); | 375 cache_.SetSSLSession(bad_ssl.get()); |
374 bad_ssl.reset(NULL); | 376 bad_ssl.reset(NULL); |
375 EXPECT_EQ(1U, cache_.size()); | 377 EXPECT_EQ(1U, cache_.size()); |
376 } | 378 } |
377 | 379 |
378 } // namespace net | 380 } // namespace net |
OLD | NEW |