[PR] Add TLS session caching for faster reconnections [cassandra-python-driver]

[via GitHub]

dkropachev opened a new pull request, #1265:
URL: https://github.com/apache/cassandra-python-driver/pull/1265

   ## Summary
   
   This PR implements TLS session caching (TLS session tickets/resumption) to 
improve connection establishment performance when reconnecting to 
Scylla/Cassandra nodes.
   
   ### Key Features
   
   - **TLS Session Caching**: Caches TLS sessions per endpoint to enable faster 
TLS handshakes on reconnection
   - **Automatic Cache Management**: LRU eviction, TTL-based expiration, and 
periodic cleanup
   - **Multiple Reactor Support**: Works with all connection types including 
asyncio, libev, eventlet, and twisted
   - **SNI Support**: Proper cache key handling for SNI endpoints to prevent 
session collisions
   - **Configurable**: Options for cache size, TTL, and cache-by-host-only mode
   - **Custom Cache Support**: Users can provide custom TLSSessionCache 
implementations
   
   ### Configuration
   
   ```python
   from cassandra.cluster import Cluster
   import ssl
   
   ssl_context = ssl.create_default_context()
   cluster = Cluster(
       ssl_context=ssl_context,
       tls_session_cache_enabled=True,  # default
       tls_session_cache_size=100,      # default
       tls_session_cache_ttl=3600,      # default, 1 hour
   )
   ```
   
   ### Technical Details
   
   - Uses Python's `ssl.SSLSession` API which handles both TLS 1.2 and TLS 1.3 
transparently
   - For eventlet/twisted reactors, uses PyOpenSSL's session API
   - Thread-safe implementation using `RLock`
   - Opportunistic cleanup of expired sessions every 100 operations
   
   ### Testing
   
   - Unit tests for cache operations, thread safety, and endpoint-specific 
behavior
   - Unit tests for eventlet and twisted reactor TLS session caching
   - Integration tests for actual TLS session resumption
   
   ## Test plan
   
   - [x] Unit tests pass: `pytest tests/unit/test_tls_session_cache.py`
   - [x] Endpoint tests pass: `pytest tests/unit/test_endpoints.py`
   - [x] Connection tests pass: `pytest tests/unit/test_connection.py`
   - [x] Cluster tests pass: `pytest tests/unit/test_cluster.py`
   - [x] Eventlet reactor tests pass: `EVENT_LOOP_MANAGER=eventlet pytest 
tests/unit/io/test_eventletreactor.py`
   - [x] Twisted reactor tests pass: `pytest 
tests/unit/io/test_twistedreactor.py`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: pr-unsubscr...@cassandra.apache.org
For additional commands, e-mail: pr-h...@cassandra.apache.org