Emeric Brun | 3e541d1 | 2012-09-03 11:14:36 +0200 | [diff] [blame] | 1 | /* |
| 2 | * shctx.h - shared context management functions for SSL |
| 3 | * |
| 4 | * Copyright (C) 2011-2012 EXCELIANCE |
| 5 | * |
| 6 | * Author: Emeric Brun - emeric@exceliance.fr |
| 7 | * |
| 8 | * This program is free software; you can redistribute it and/or |
| 9 | * modify it under the terms of the GNU General Public License |
| 10 | * as published by the Free Software Foundation; either version |
| 11 | * 2 of the License, or (at your option) any later version. |
| 12 | */ |
| 13 | |
| 14 | #ifndef SHCTX_H |
| 15 | #define SHCTX_H |
| 16 | #include <openssl/ssl.h> |
| 17 | #include <stdint.h> |
| 18 | |
| 19 | #ifndef SHSESS_MAX_FOOTER_LEN |
| 20 | #define SHSESS_MAX_FOOTER_LEN sizeof(uint32_t) \ |
| 21 | + EVP_MAX_MD_SIZE |
| 22 | #endif |
| 23 | |
| 24 | #ifndef SHSESS_MAX_DATA_LEN |
| 25 | #define SHSESS_MAX_DATA_LEN 512 |
| 26 | #endif |
| 27 | |
| 28 | #ifndef SHCTX_DEFAULT_SIZE |
| 29 | #define SHCTX_DEFAULT_SIZE 20000 |
| 30 | #endif |
| 31 | |
| 32 | #define SHSESS_MAX_ENCODED_LEN SSL_MAX_SSL_SESSION_ID_LENGTH \ |
| 33 | + SHSESS_MAX_DATA_LEN \ |
| 34 | + SHSESS_MAX_FOOTER_LEN |
| 35 | |
| 36 | |
| 37 | |
| 38 | /* Callback called on a new session event: |
| 39 | * session contains the sessionid zeros padded to SSL_MAX_SSL_SESSION_ID_LENGTH |
| 40 | * followed by ASN1 session encoding. |
| 41 | * len is set to SSL_MAX_SSL_SESSION_ID_LENGTH + ASN1 session length |
| 42 | * len is always less than SSL_MAX_SSL_SESSION_ID_LENGTH + SHSESS_MAX_DATA_LEN. |
| 43 | * Remaining Bytes from len to SHSESS_MAX_ENCODED_LEN can be used to add a footer. |
| 44 | * cdate is the creation date timestamp. |
| 45 | */ |
| 46 | void shsess_set_new_cbk(void (*func)(unsigned char *session, unsigned int len, long cdate)); |
| 47 | |
| 48 | /* Add a session into the cache, |
| 49 | * session contains the sessionid zeros padded to SSL_MAX_SSL_SESSION_ID_LENGTH |
| 50 | * followed by ASN1 session encoding. |
| 51 | * len is set to SSL_MAX_SSL_SESSION_ID_LENGTH + ASN1 data length. |
| 52 | * if len greater than SHSESS_MAX_ENCODED_LEN, session is not added. |
| 53 | * if cdate not 0, on get events session creation date will be reset to cdate */ |
| 54 | void shctx_sess_add(const unsigned char *session, unsigned int session_len, long cdate); |
| 55 | |
| 56 | /* Allocate shared memory context. |
| 57 | * size is maximum cached sessions. |
| 58 | * if set less or equal to 0, SHCTX_DEFAULT_SIZE is used. |
| 59 | * Returns: -1 on alloc failure, size if it performs context alloc, |
| 60 | * and 0 if cache is already allocated */ |
| 61 | int shared_context_init(int size); |
| 62 | |
| 63 | /* Set shared cache callbacks on an ssl context. |
| 64 | * Set session cache mode to server and disable openssl internal cache. |
| 65 | * Shared context MUST be firstly initialized */ |
| 66 | void shared_context_set_cache(SSL_CTX *ctx); |
| 67 | |
| 68 | #endif /* SHCTX_H */ |
| 69 | |