nghttpx: Share TLS session cache between HTTP/2 and HTTP/1 backend

2016-02-27 23:40:04 +09:00 · 2016-02-27 23:40:04 +09:00 · aa892e4d37
parent 8ca3e5f6ba
commit aa892e4d37
1 changed files with 14 additions and 0 deletions
--- a/src/shrpx_http2_session.cc
+++ b/src/shrpx_http2_session.cc
@ -411,6 +411,13 @@ int Http2Session::initiate_connection() {
        // at the time of this writing).
        SSL_set_tlsext_host_name(conn_.tls.ssl, sni_name.c_str());
      }
+
+      auto tls_session = ssl::reuse_tls_session(addr_);
+      if (tls_session) {
+        SSL_set_session(conn_.tls.ssl, tls_session);
+        SSL_SESSION_free(tls_session);
+      }
+
      // If state_ == PROXY_CONNECTED, we has connected to the proxy
      // using conn_.fd and tunnel has been established.
      if (state_ == DISCONNECTED) {
@ -1838,6 +1845,13 @@ int Http2Session::tls_handshake() {
    return -1;
  }

+  if (!SSL_session_reused(conn_.tls.ssl)) {
+    auto tls_session = SSL_get0_session(conn_.tls.ssl);
+    if (tls_session) {
+      ssl::try_cache_tls_session(addr_, tls_session, ev_now(conn_.loop));
+    }
+  }
+
  read_ = &Http2Session::read_tls;
  write_ = &Http2Session::write_tls;