From: Neel Goyal <ngoyal@fb.com>
Date: Thu, 3 Mar 2016 20:29:48 +0000 (-0800)
Subject: Add service identity to SSL socket and use in ticket cache
X-Git-Tag: deprecate-dynamic-initializer~16
X-Git-Url: http://plrg.eecs.uci.edu/git/?p=folly.git;a=commitdiff_plain;h=41e2f6d405ba7edca693cb3a1ffa5285a24362a4

Add service identity to SSL socket and use in ticket cache

Summary:Allow applications to specify a service identity tied to an SSLSocket
that can be used as a ticket cache key.

Further, add the cache key to the SSL_SESSION object and serialize it.

Reviewed By: siyengar

Differential Revision: D2991005

fb-gh-sync-id: 25a5ddbb66bd9da2084159136cbe4d55b9e00f28
shipit-source-id: 25a5ddbb66bd9da2084159136cbe4d55b9e00f28
---

diff --git a/folly/io/async/AsyncSSLSocket.h b/folly/io/async/AsyncSSLSocket.h
index 732d486f..6cfd24b6 100644
--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -755,6 +755,12 @@ class AsyncSSLSocket : public virtual AsyncSocket {
    */
   void forceCacheAddrOnFailure(bool force) { cacheAddrOnFailure_ = force; }
 
+  const std::string& getServiceIdentity() const { return serviceIdentity_; }
+
+  void setServiceIdentity(std::string serviceIdentity) {
+    serviceIdentity_ = std::move(serviceIdentity);
+  }
+
  private:
 
   void init();
@@ -866,6 +872,10 @@ class AsyncSSLSocket : public virtual AsyncSocket {
   std::shared_ptr<folly::SSLContext> handshakeCtx_;
   std::string tlsextHostname_;
 #endif
+
+  // a service identity that this socket/connection is associated with
+  std::string serviceIdentity_;
+
   folly::SSLContext::SSLVerifyPeerEnum
     verifyPeer_{folly::SSLContext::SSLVerifyPeerEnum::USE_CTX};