From 1e9f346577617277df9d866d908acc1e2baf7709 Mon Sep 17 00:00:00 2001 From: Subodh Iyengar Date: Thu, 17 Mar 2016 13:06:21 -0700 Subject: [PATCH] Allow override of session context Summary:We currently set the session context to the default of common name, this allows session context to be set to a different value for different applications Reviewed By: ngoyal Differential Revision: D3059769 fb-gh-sync-id: 185afeb487c2c62dcf44f96076bd05871692c7ab shipit-source-id: 185afeb487c2c62dcf44f96076bd05871692c7ab --- folly/io/async/SSLContext.cpp | 8 ++++++++ folly/io/async/SSLContext.h | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp index 4706ac6d..5232b681 100644 --- a/folly/io/async/SSLContext.cpp +++ b/folly/io/async/SSLContext.cpp @@ -556,6 +556,14 @@ SSL* SSLContext::createSSL() const { return ssl; } +void SSLContext::setSessionCacheContext(const std::string& context) { + SSL_CTX_set_session_id_context( + ctx_, + reinterpret_cast(context.data()), + std::min( + static_cast(context.length()), SSL_MAX_SSL_SESSION_ID_LENGTH)); +} + /** * Match a name with a pattern. The pattern may include wildcard. A single * wildcard "*" can match up to one component in the domain name. diff --git a/folly/io/async/SSLContext.h b/folly/io/async/SSLContext.h index d63031a2..65b572cf 100644 --- a/folly/io/async/SSLContext.h +++ b/folly/io/async/SSLContext.h @@ -309,6 +309,11 @@ class SSLContext { */ SSL* createSSL() const; + /** + * Sets the namespace to use for sessions created from this context. + */ + void setSessionCacheContext(const std::string& context); + /** * Set the options on the SSL_CTX object. */ @@ -373,6 +378,7 @@ class SSLContext { ClientProtocolFilterCallback getClientProtocolFilterCallback() { return clientProtoFilter_; } + /** * Disables NPN on this SSL context. */ -- 2.34.1