Allow override of session context

Summary:We currently set the session context to the
default of common name, this allows session
context to be set to a different value
for different applications

Reviewed By: ngoyal

Differential Revision: D3059769

fb-gh-sync-id: 185afeb487c2c62dcf44f96076bd05871692c7ab
shipit-source-id: 185afeb487c2c62dcf44f96076bd05871692c7ab

diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp
index 4706ac6d8660b6da03e750efc795c9aa1673bbd1..5232b6816fed7a3093c925160e113feb878d617c 100644 (file)
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -556,6 +556,14 @@ SSL* SSLContext::createSSL() const {
   return ssl;
 }
 
+void SSLContext::setSessionCacheContext(const std::string& context) {
+  SSL_CTX_set_session_id_context(
+      ctx_,
+      reinterpret_cast<const unsigned char*>(context.data()),
+      std::min(
+          static_cast<int>(context.length()), SSL_MAX_SSL_SESSION_ID_LENGTH));
+}
+
 /**
  * Match a name with a pattern. The pattern may include wildcard. A single
  * wildcard "*" can match up to one component in the domain name.

diff --git a/folly/io/async/SSLContext.h b/folly/io/async/SSLContext.h
index d63031a211bff130b7cf774d5cd88c9e25829e6e..65b572cfeaa4dcefeea5b3e6eaaebd71f22cb35e 100644 (file)
--- a/folly/io/async/SSLContext.h
+++ b/folly/io/async/SSLContext.h
@@ -309,6 +309,11 @@ class SSLContext {
    */
   SSL* createSSL() const;
 
+  /**
+   * Sets the namespace to use for sessions created from this context.
+   */
+  void setSessionCacheContext(const std::string& context);
+
   /**
    * Set the options on the SSL_CTX object.
    */
@@ -373,6 +378,7 @@ class SSLContext {
   ClientProtocolFilterCallback getClientProtocolFilterCallback() {
     return clientProtoFilter_;
   }
+
   /**
    * Disables NPN on this SSL context.
    */