File ssl_cache.h

SSL session cache implementation.

Typedefs

typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context

typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry

Functions

void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache)

Initialize an SSL cache context.

Parameters:: cache – SSL cache context

int mbedtls_ssl_cache_get(void *data, unsigned char const *session_id, size_t session_id_len, mbedtls_ssl_session *session)

Cache get callback implementation (Thread-safe if MBEDTLS_THREADING_C is enabled)

Parameters:

data – The SSL cache context to use.
session_id – The pointer to the buffer holding the session ID for the session to load.
session_id_len – The length of session_id in bytes.
session – The address at which to store the session associated with session_id, if present.

Returns:

0 on success.

Returns:

MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND if there is no cache entry with specified session ID found, or any other negative error code for other failures.

int mbedtls_ssl_cache_set(void *data, unsigned char const *session_id, size_t session_id_len, const mbedtls_ssl_session *session)

Cache set callback implementation (Thread-safe if MBEDTLS_THREADING_C is enabled)

Parameters:

data – The SSL cache context to use.
session_id – The pointer to the buffer holding the session ID associated to session.
session_id_len – The length of session_id in bytes.
session – The session to store.

Returns:

0 on success.

Returns:

A negative error code on failure.

int mbedtls_ssl_cache_remove(void *data, unsigned char const *session_id, size_t session_id_len)

Remove the cache entry by the session ID (Thread-safe if MBEDTLS_THREADING_C is enabled)

Parameters:

data – The SSL cache context to use.
session_id – The pointer to the buffer holding the session ID associated to session.
session_id_len – The length of session_id in bytes.

Returns:

0 on success. This indicates the cache entry for the session with provided ID is removed or does not exist.

Returns:

A negative error code on failure.

void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout)

Set the cache timeout (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))

A timeout of 0 indicates no timeout.

Parameters:

cache – SSL cache context
timeout – cache entry timeout in seconds

static inline int mbedtls_ssl_cache_get_timeout(mbedtls_ssl_cache_context *cache)

Get the cache timeout.

            A timeout of 0 indicates no timeout.

Parameters:: cache – SSL cache context
Returns:: cache entry timeout in seconds

void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max)

Set the maximum number of cache entries (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))

Parameters:

cache – SSL cache context
max – cache entry maximum

void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache)

Free referenced items in a cache context and clear memory.

Parameters:: cache – SSL cache context

struct mbedtls_ssl_cache_entry

#include <ssl_cache.h>

This structure is used for storing cache entries.

Public Members

mbedtls_time_t private_timestamp: entry timestamp

unsigned char private_session_id[32]: session ID

size_t private_session_id_len

unsigned char *private_session: serialized session

size_t private_session_len

mbedtls_ssl_cache_entry *private_next: chain pointer

struct mbedtls_ssl_cache_context

#include <ssl_cache.h>

Cache context.

Public Members

mbedtls_ssl_cache_entry *private_chain: start of the chain

int private_timeout: cache entry timeout

int private_max_entries: maximum entries

mbedtls_threading_mutex_t private_mutex: mutex