/src/botan/build/include/botan/tls_session_manager.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * TLS Session Manager |
3 | | * (C) 2011 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #ifndef BOTAN_TLS_SESSION_MANAGER_H_ |
9 | | #define BOTAN_TLS_SESSION_MANAGER_H_ |
10 | | |
11 | | #include <botan/tls_session.h> |
12 | | #include <botan/mutex.h> |
13 | | #include <chrono> |
14 | | #include <map> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | namespace TLS { |
19 | | |
20 | | /** |
21 | | * Session_Manager is an interface to systems which can save |
22 | | * session parameters for supporting session resumption. |
23 | | * |
24 | | * Saving sessions is done on a best-effort basis; an implementation is |
25 | | * allowed to drop sessions due to space constraints. |
26 | | * |
27 | | * Implementations should strive to be thread safe |
28 | | */ |
29 | | class BOTAN_PUBLIC_API(2,0) Session_Manager |
30 | | { |
31 | | public: |
32 | | /** |
33 | | * Try to load a saved session (using session ID) |
34 | | * @param session_id the session identifier we are trying to resume |
35 | | * @param session will be set to the saved session data (if found), |
36 | | or not modified if not found |
37 | | * @return true if session was modified |
38 | | */ |
39 | | virtual bool load_from_session_id(const std::vector<uint8_t>& session_id, |
40 | | Session& session) = 0; |
41 | | |
42 | | /** |
43 | | * Try to load a saved session (using info about server) |
44 | | * @param info the information about the server |
45 | | * @param session will be set to the saved session data (if found), |
46 | | or not modified if not found |
47 | | * @return true if session was modified |
48 | | */ |
49 | | virtual bool load_from_server_info(const Server_Information& info, |
50 | | Session& session) = 0; |
51 | | |
52 | | /** |
53 | | * Remove this session id from the cache, if it exists |
54 | | */ |
55 | | virtual void remove_entry(const std::vector<uint8_t>& session_id) = 0; |
56 | | |
57 | | /** |
58 | | * Remove all sessions from the cache, return number of sessions deleted |
59 | | */ |
60 | | virtual size_t remove_all() = 0; |
61 | | |
62 | | /** |
63 | | * Save a session on a best effort basis; the manager may not in |
64 | | * fact be able to save the session for whatever reason; this is |
65 | | * not an error. Caller cannot assume that calling save followed |
66 | | * immediately by load_from_* will result in a successful lookup. |
67 | | * |
68 | | * @param session to save |
69 | | */ |
70 | | virtual void save(const Session& session) = 0; |
71 | | |
72 | | /** |
73 | | * Return the allowed lifetime of a session; beyond this time, |
74 | | * sessions are not resumed. Returns 0 if unknown/no explicit |
75 | | * expiration policy. |
76 | | */ |
77 | | virtual std::chrono::seconds session_lifetime() const = 0; |
78 | | |
79 | 11.3k | virtual ~Session_Manager() = default; |
80 | | }; |
81 | | |
82 | | /** |
83 | | * An implementation of Session_Manager that does not save sessions at |
84 | | * all, preventing session resumption. |
85 | | */ |
86 | | class BOTAN_PUBLIC_API(2,0) Session_Manager_Noop final : public Session_Manager |
87 | | { |
88 | | public: |
89 | | bool load_from_session_id(const std::vector<uint8_t>&, Session&) override |
90 | 128 | { return false; } |
91 | | |
92 | | bool load_from_server_info(const Server_Information&, Session&) override |
93 | 5.90k | { return false; } |
94 | | |
95 | 324 | void remove_entry(const std::vector<uint8_t>&) override {} |
96 | | |
97 | 0 | size_t remove_all() override { return 0; } |
98 | | |
99 | 161 | void save(const Session&) override {} |
100 | | |
101 | | std::chrono::seconds session_lifetime() const override |
102 | 0 | { return std::chrono::seconds(0); } |
103 | | }; |
104 | | |
105 | | /** |
106 | | * An implementation of Session_Manager that saves values in memory. |
107 | | */ |
108 | | class BOTAN_PUBLIC_API(2,0) Session_Manager_In_Memory final : public Session_Manager |
109 | | { |
110 | | public: |
111 | | /** |
112 | | * @param rng a RNG used for generating session key and for |
113 | | * session encryption |
114 | | * @param max_sessions a hint on the maximum number of sessions |
115 | | * to keep in memory at any one time. (If zero, don't cap) |
116 | | * @param session_lifetime sessions are expired after this many |
117 | | * seconds have elapsed from initial handshake. |
118 | | */ |
119 | | Session_Manager_In_Memory(RandomNumberGenerator& rng, |
120 | | size_t max_sessions = 1000, |
121 | | std::chrono::seconds session_lifetime = |
122 | | std::chrono::seconds(7200)); |
123 | | |
124 | | bool load_from_session_id(const std::vector<uint8_t>& session_id, |
125 | | Session& session) override; |
126 | | |
127 | | bool load_from_server_info(const Server_Information& info, |
128 | | Session& session) override; |
129 | | |
130 | | void remove_entry(const std::vector<uint8_t>& session_id) override; |
131 | | |
132 | | size_t remove_all() override; |
133 | | |
134 | | void save(const Session& session_data) override; |
135 | | |
136 | | std::chrono::seconds session_lifetime() const override |
137 | 0 | { return m_session_lifetime; } |
138 | | |
139 | | private: |
140 | | bool load_from_session_str(const std::string& session_str, |
141 | | Session& session); |
142 | | |
143 | | mutex_type m_mutex; |
144 | | |
145 | | size_t m_max_sessions; |
146 | | |
147 | | std::chrono::seconds m_session_lifetime; |
148 | | |
149 | | RandomNumberGenerator& m_rng; |
150 | | secure_vector<uint8_t> m_session_key; |
151 | | |
152 | | std::map<std::string, std::vector<uint8_t>> m_sessions; // hex(session_id) -> session |
153 | | std::map<Server_Information, std::string> m_info_sessions; |
154 | | }; |
155 | | |
156 | | } |
157 | | |
158 | | } |
159 | | |
160 | | #endif |