From 6c999e6fb5cae0a24145d8df319a9e6bf8819b84 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Thu, 28 Apr 2016 22:57:34 +0900
Subject: [PATCH] nghttpx: Enable TLS session cache again in memcached
 connection

---
 src/shrpx_memcached_connection.cc | 16 +++++++++++++++-
 src/shrpx_memcached_connection.h  |  3 ++-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/shrpx_memcached_connection.cc b/src/shrpx_memcached_connection.cc
index 0b494ba8..d19feb6d 100644
--- a/src/shrpx_memcached_connection.cc
+++ b/src/shrpx_memcached_connection.cc
@@ -141,7 +141,7 @@ void MemcachedConnection::disconnect() {
 int MemcachedConnection::initiate_connection() {
   assert(conn_.fd == -1);
 
-  if (ssl_ctx_ && !conn_.tls.ssl) {
+  if (ssl_ctx_) {
     auto ssl = ssl::create_ssl(ssl_ctx_);
     if (!ssl) {
       return -1;
@@ -175,6 +175,12 @@ int MemcachedConnection::initiate_connection() {
       SSL_set_tlsext_host_name(conn_.tls.ssl, sni_name_.c_str());
     }
 
+    auto session = ssl::reuse_tls_session(tls_session_cache_);
+    if (session) {
+      SSL_set_session(conn_.tls.ssl, session);
+      SSL_SESSION_free(session);
+    }
+
     conn_.prepare_client_handshake();
   }
 
@@ -256,6 +262,14 @@ int MemcachedConnection::tls_handshake() {
     return -1;
   }
 
+  if (!SSL_session_reused(conn_.tls.ssl)) {
+    auto tls_session = SSL_get0_session(conn_.tls.ssl);
+    if (tls_session) {
+      ssl::try_cache_tls_session(tls_session_cache_, *addr_, tls_session,
+                                 ev_now(conn_.loop));
+    }
+  }
+
   do_read_ = &MemcachedConnection::read_tls;
   do_write_ = &MemcachedConnection::write_tls;
 
diff --git a/src/shrpx_memcached_connection.h b/src/shrpx_memcached_connection.h
index a093589a..290442f0 100644
--- a/src/shrpx_memcached_connection.h
+++ b/src/shrpx_memcached_connection.h
@@ -33,8 +33,8 @@
 #include <ev.h>
 
 #include "shrpx_connection.h"
+#include "shrpx_ssl.h"
 #include "buffer.h"
-
 #include "network.h"
 
 using namespace nghttp2;
@@ -133,6 +133,7 @@ private:
   std::deque<MemcachedSendbuf> sendbufv_;
   std::function<int(MemcachedConnection &)> do_read_, do_write_;
   std::string sni_name_;
+  ssl::TLSSessionCache tls_session_cache_;
   MemcachedParseState parse_state_;
   const Address *addr_;
   SSL_CTX *ssl_ctx_;