View Source ssl_session_cache_api behaviour (ssl v11.2)
TLS session cache API
Defines the API for the TLS session cache (pre TLS-1.3) so that the data storage scheme can be replaced by defining a new callback module implementing this API.
Summary
Types
The opaque part of the key. Does not need to be handled by the callback.
The session data that is stored for each session.
A key to an entry in the session cache.
Callbacks
Deletes a cache entry. Is only called from the cache handling process.
Calls Fun(Elem, AccIn)
on successive elements of the cache, starting with
AccIn == Acc0
. Fun/2
must return a new accumulator, which is passed to the
next call. The function returns the final value of the accumulator. Acc0
is
returned if the cache is empty.
Includes property {role, client | server}
. Currently this is the only
predefined property, there can also be user-defined properties. See also
application environment variable session_cb_init_args.
Looks up a cache entry. Is to be callable from any process.
Selects sessions that can be reused, that is sessions that include PartialKey
in its key. Is to be callable from any process.
Returns the number of sessions in the cache. If size exceeds the maximum number of sessions, the current cache entries will be invalidated regardless of their remaining lifetime. Is to be callable from any process.
Takes care of possible cleanup that is needed when the cache handling process terminates.
Caches a new session or updates an already cached one. Is only called from the cache handling process.
Types
-opaque partial_key()
The opaque part of the key. Does not need to be handled by the callback.
-opaque session()
The session data that is stored for each session.
-type session_cache_key() :: {partial_key(), ssl:session_id()}.
A key to an entry in the session cache.
-type session_cache_ref() :: any().
Callbacks
-callback delete(session_cache_ref(), session_cache_key()) -> any().
Deletes a cache entry. Is only called from the cache handling process.
-callback foldl(fun(), term(), session_cache_ref()) -> term().
Calls Fun(Elem, AccIn)
on successive elements of the cache, starting with
AccIn == Acc0
. Fun/2
must return a new accumulator, which is passed to the
next call. The function returns the final value of the accumulator. Acc0
is
returned if the cache is empty.
Note
Since OTP-23.3 this functions is only used on the client side and does not need to implemented for a server cache.
-callback init(list()) -> session_cache_ref().
Includes property {role, client | server}
. Currently this is the only
predefined property, there can also be user-defined properties. See also
application environment variable session_cb_init_args.
Performs possible initializations of the cache and returns a reference to it
that is used as parameter to the other API functions. Is called by the cache
handling processes init
function, hence putting the same requirements on it as
a normal process init
function. This function is called twice when starting
the SSL application, once with the role client and once with the role server, as
the SSL application must be prepared to take on both roles.
-callback lookup(session_cache_ref(), session_cache_key()) -> #session{session_id :: term(), internal_id :: term(), peer_certificate :: term(), own_certificates :: term(), private_key :: term(), cipher_suite :: term(), master_secret :: term(), srp_username :: term(), is_resumable :: term(), time_stamp :: term(), ecc :: term(), sign_alg :: term(), dh_public_value :: term()} | undefined.
Looks up a cache entry. Is to be callable from any process.
-callback select_session(session_cache_ref(), {ssl:host(), inet:port_number()} | inet:port_number()) -> [#session{session_id :: term(), internal_id :: term(), peer_certificate :: term(), own_certificates :: term(), private_key :: term(), cipher_suite :: term(), master_secret :: term(), srp_username :: term(), is_resumable :: term(), time_stamp :: term(), ecc :: term(), sign_alg :: term(), dh_public_value :: term()}].
Selects sessions that can be reused, that is sessions that include PartialKey
in its key. Is to be callable from any process.
Note
Since OTP-23.3 This functions is only used on the client side and does not need to implemented for a server cache.
-callback size(session_cache_ref()) -> integer().
Returns the number of sessions in the cache. If size exceeds the maximum number of sessions, the current cache entries will be invalidated regardless of their remaining lifetime. Is to be callable from any process.
-callback terminate(session_cache_ref()) -> any().
Takes care of possible cleanup that is needed when the cache handling process terminates.
-callback update(session_cache_ref(), session_cache_key(), #session{session_id :: term(), internal_id :: term(), peer_certificate :: term(), own_certificates :: term(), private_key :: term(), cipher_suite :: term(), master_secret :: term(), srp_username :: term(), is_resumable :: term(), time_stamp :: term(), ecc :: term(), sign_alg :: term(), dh_public_value :: term()}) -> any().
Caches a new session or updates an already cached one. Is only called from the cache handling process.