Commit 6c999e6f authored by Tatsuhiro Tsujikawa's avatar Tatsuhiro Tsujikawa

nghttpx: Enable TLS session cache again in memcached connection

parent 4aa4fe56
...@@ -141,7 +141,7 @@ void MemcachedConnection::disconnect() { ...@@ -141,7 +141,7 @@ void MemcachedConnection::disconnect() {
int MemcachedConnection::initiate_connection() { int MemcachedConnection::initiate_connection() {
assert(conn_.fd == -1); assert(conn_.fd == -1);
if (ssl_ctx_ && !conn_.tls.ssl) { if (ssl_ctx_) {
auto ssl = ssl::create_ssl(ssl_ctx_); auto ssl = ssl::create_ssl(ssl_ctx_);
if (!ssl) { if (!ssl) {
return -1; return -1;
...@@ -175,6 +175,12 @@ int MemcachedConnection::initiate_connection() { ...@@ -175,6 +175,12 @@ int MemcachedConnection::initiate_connection() {
SSL_set_tlsext_host_name(conn_.tls.ssl, sni_name_.c_str()); SSL_set_tlsext_host_name(conn_.tls.ssl, sni_name_.c_str());
} }
auto session = ssl::reuse_tls_session(tls_session_cache_);
if (session) {
SSL_set_session(conn_.tls.ssl, session);
SSL_SESSION_free(session);
}
conn_.prepare_client_handshake(); conn_.prepare_client_handshake();
} }
...@@ -256,6 +262,14 @@ int MemcachedConnection::tls_handshake() { ...@@ -256,6 +262,14 @@ int MemcachedConnection::tls_handshake() {
return -1; return -1;
} }
if (!SSL_session_reused(conn_.tls.ssl)) {
auto tls_session = SSL_get0_session(conn_.tls.ssl);
if (tls_session) {
ssl::try_cache_tls_session(tls_session_cache_, *addr_, tls_session,
ev_now(conn_.loop));
}
}
do_read_ = &MemcachedConnection::read_tls; do_read_ = &MemcachedConnection::read_tls;
do_write_ = &MemcachedConnection::write_tls; do_write_ = &MemcachedConnection::write_tls;
......
...@@ -33,8 +33,8 @@ ...@@ -33,8 +33,8 @@
#include <ev.h> #include <ev.h>
#include "shrpx_connection.h" #include "shrpx_connection.h"
#include "shrpx_ssl.h"
#include "buffer.h" #include "buffer.h"
#include "network.h" #include "network.h"
using namespace nghttp2; using namespace nghttp2;
...@@ -133,6 +133,7 @@ private: ...@@ -133,6 +133,7 @@ private:
std::deque<MemcachedSendbuf> sendbufv_; std::deque<MemcachedSendbuf> sendbufv_;
std::function<int(MemcachedConnection &)> do_read_, do_write_; std::function<int(MemcachedConnection &)> do_read_, do_write_;
std::string sni_name_; std::string sni_name_;
ssl::TLSSessionCache tls_session_cache_;
MemcachedParseState parse_state_; MemcachedParseState parse_state_;
const Address *addr_; const Address *addr_;
SSL_CTX *ssl_ctx_; SSL_CTX *ssl_ctx_;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment