4 * \brief SSL session cache implementation
7 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8 * SPDX-License-Identifier: GPL-2.0
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 * This file is part of mbed TLS (https://tls.mbed.org)
26 #ifndef MBEDTLS_SSL_CACHE_H
27 #define MBEDTLS_SSL_CACHE_H
29 #if !defined(MBEDTLS_CONFIG_FILE)
32 #include MBEDTLS_CONFIG_FILE
37 #if defined(MBEDTLS_THREADING_C)
38 #include "threading.h"
42 * \name SECTION: Module settings
44 * The configuration options you can set for this module are in this section.
45 * Either change them in config.h or define them on the compiler command line.
49 #if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
50 #define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
53 #if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
54 #define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
57 /* \} name SECTION: Module settings */
63 typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context
;
64 typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry
;
67 * \brief This structure is used for storing cache entries
69 struct mbedtls_ssl_cache_entry
71 #if defined(MBEDTLS_HAVE_TIME)
72 mbedtls_time_t timestamp
; /*!< entry timestamp */
74 mbedtls_ssl_session session
; /*!< entry session */
75 #if defined(MBEDTLS_X509_CRT_PARSE_C)
76 mbedtls_x509_buf peer_cert
; /*!< entry peer_cert */
78 mbedtls_ssl_cache_entry
*next
; /*!< chain pointer */
82 * \brief Cache context
84 struct mbedtls_ssl_cache_context
86 mbedtls_ssl_cache_entry
*chain
; /*!< start of the chain */
87 int timeout
; /*!< cache entry timeout */
88 int max_entries
; /*!< maximum entries */
89 #if defined(MBEDTLS_THREADING_C)
90 mbedtls_threading_mutex_t mutex
; /*!< mutex */
95 * \brief Initialize an SSL cache context
97 * \param cache SSL cache context
99 void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context
*cache
);
102 * \brief Cache get callback implementation
103 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
105 * \param data SSL cache context
106 * \param session session to retrieve entry for
108 int mbedtls_ssl_cache_get( void *data
, mbedtls_ssl_session
*session
);
111 * \brief Cache set callback implementation
112 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
114 * \param data SSL cache context
115 * \param session session to store entry for
117 int mbedtls_ssl_cache_set( void *data
, const mbedtls_ssl_session
*session
);
119 #if defined(MBEDTLS_HAVE_TIME)
121 * \brief Set the cache timeout
122 * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
124 * A timeout of 0 indicates no timeout.
126 * \param cache SSL cache context
127 * \param timeout cache entry timeout in seconds
129 void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context
*cache
, int timeout
);
130 #endif /* MBEDTLS_HAVE_TIME */
133 * \brief Set the maximum number of cache entries
134 * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
136 * \param cache SSL cache context
137 * \param max cache entry maximum
139 void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context
*cache
, int max
);
142 * \brief Free referenced items in a cache context and clear memory
144 * \param cache SSL cache context
146 void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context
*cache
);
152 #endif /* ssl_cache.h */