/src/botan/build/include/botan/tls_server.h

Source (jump to first uncovered line)
/*
* TLS Server
* (C) 2004-2011 Jack Lloyd
*     2016 Matthias Gierlings
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_TLS_SERVER_H_
#define BOTAN_TLS_SERVER_H_

#include <botan/tls_channel.h>
#include <botan/tls_policy.h>
#include <botan/credentials_manager.h>
#include <vector>

namespace Botan {

namespace TLS {

class Server_Handshake_State;

/**
* TLS Server
*/
class BOTAN_PUBLIC_API(2,0) Server final : public Channel
   {
   public:
      typedef std::function<std::string (std::vector<std::string>)> next_protocol_fn;

      /**
      * Server initialization
      *
      * @param callbacks contains a set of callback function references
      *        required by the TLS client.
      *
      * @param session_manager manages session state
      *
      * @param creds manages application/user credentials
      *
      * @param policy specifies other connection policy information
      *
      * @param rng a random number generator
      *
      * @param is_datagram set to true if this server should expect DTLS
      *        connections. Otherwise TLS connections are expected.
      *
      * @param reserved_io_buffer_size This many bytes of memory will
      *        be preallocated for the read and write buffers. Smaller
      *        values just mean reallocations and copies are more likely.
      */
      Server(Callbacks& callbacks,
             Session_Manager& session_manager,
             Credentials_Manager& creds,
             const Policy& policy,
             RandomNumberGenerator& rng,
             bool is_datagram = false,
             size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
         );

      /**
       * DEPRECATED. This constructor is only provided for backward
       * compatibility and should not be used in new implementations.
       * It will be removed in a future release.
       */
      BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
      Server(output_fn output,
             data_cb data_cb,
             alert_cb recv_alert_cb,
             handshake_cb hs_cb,
             Session_Manager& session_manager,
             Credentials_Manager& creds,
             const Policy& policy,
             RandomNumberGenerator& rng,
             next_protocol_fn next_proto = next_protocol_fn(),
             bool is_datagram = false,
             size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
         );

      /**
       * DEPRECATED. This constructor is only provided for backward
       * compatibility and should not be used in new implementations.
       * It will be removed in a future release.
       */
      BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
      Server(output_fn output,
             data_cb data_cb,
             alert_cb recv_alert_cb,
             handshake_cb hs_cb,
             handshake_msg_cb hs_msg_cb,
             Session_Manager& session_manager,
             Credentials_Manager& creds,
             const Policy& policy,
             RandomNumberGenerator& rng,
             next_protocol_fn next_proto = next_protocol_fn(),
             bool is_datagram = false
         );

      /**
      * Return the protocol notification set by the client (using the
      * ALPN extension) for this connection, if any. This value is not
      * tied to the session and a later renegotiation of the same
      * session can choose a new protocol.
      */
      std::string next_protocol() const { return m_next_protocol; }

      /**
      * Return the protocol notification set by the client (using the
      * ALPN extension) for this connection, if any. This value is not
      * tied to the session and a later renegotiation of the same
      * session can choose a new protocol.
      */
      std::string application_protocol() const override { return m_next_protocol; }

   private:
      std::vector<X509_Certificate>
         get_peer_cert_chain(const Handshake_State& state) const override;

      void initiate_handshake(Handshake_State& state,
                              bool force_full_renegotiation) override;

      void process_handshake_msg(const Handshake_State* active_state,
                                 Handshake_State& pending_state,
                                 Handshake_Type type,
                                 const std::vector<uint8_t>& contents,
                                 bool epoch0_restart) override;

      void process_client_hello_msg(const Handshake_State* active_state,
                                    Server_Handshake_State& pending_state,
                                    const std::vector<uint8_t>& contents,
                                    bool epoch0_restart);

      void process_certificate_msg(Server_Handshake_State& pending_state,
                                   const std::vector<uint8_t>& contents);

      void process_client_key_exchange_msg(Server_Handshake_State& pending_state,
                                           const std::vector<uint8_t>& contents);

      void process_change_cipher_spec_msg(Server_Handshake_State& pending_state);

      void process_certificate_verify_msg(Server_Handshake_State& pending_state,
                                          Handshake_Type type,
                                          const std::vector<uint8_t>& contents);

      void process_finished_msg(Server_Handshake_State& pending_state,
                                Handshake_Type type,
                                const std::vector<uint8_t>& contents);

      void session_resume(Server_Handshake_State& pending_state,
                          bool have_session_ticket_key,
                          Session& session_info);

      void session_create(Server_Handshake_State& pending_state,
                          bool have_session_ticket_key);

      Handshake_State* new_handshake_state(Handshake_IO* io) override;

      Credentials_Manager& m_creds;
      std::string m_next_protocol;

      // Set by deprecated constructor, Server calls both this fn and Callbacks version
      next_protocol_fn m_choose_next_protocol;
   };

}

}

#endif

Line	Count	Source (jump to first uncovered line)
1		/*
2		* TLS Server
3		* (C) 2004-2011 Jack Lloyd
4		* 2016 Matthias Gierlings
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#ifndef BOTAN_TLS_SERVER_H_
10		#define BOTAN_TLS_SERVER_H_
11
12		#include <botan/tls_channel.h>
13		#include <botan/tls_policy.h>
14		#include <botan/credentials_manager.h>
15		#include <vector>
16
17		namespace Botan {
18
19		namespace TLS {
20
21		class Server_Handshake_State;
22
23		/**
24		* TLS Server
25		*/
26		class BOTAN_PUBLIC_API(2,0) Server final : public Channel
27		{
28		public:
29		typedef std::function<std::string (std::vector<std::string>)> next_protocol_fn;
30
31		/**
32		* Server initialization
33		*
34		* @param callbacks contains a set of callback function references
35		* required by the TLS client.
36		*
37		* @param session_manager manages session state
38		*
39		* @param creds manages application/user credentials
40		*
41		* @param policy specifies other connection policy information
42		*
43		* @param rng a random number generator
44		*
45		* @param is_datagram set to true if this server should expect DTLS
46		* connections. Otherwise TLS connections are expected.
47		*
48		* @param reserved_io_buffer_size This many bytes of memory will
49		* be preallocated for the read and write buffers. Smaller
50		* values just mean reallocations and copies are more likely.
51		*/
52		Server(Callbacks& callbacks,
53		Session_Manager& session_manager,
54		Credentials_Manager& creds,
55		const Policy& policy,
56		RandomNumberGenerator& rng,
57		bool is_datagram = false,
58		size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
59		);
60
61		/**
62		* DEPRECATED. This constructor is only provided for backward
63		* compatibility and should not be used in new implementations.
64		* It will be removed in a future release.
65		*/
66		BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
67		Server(output_fn output,
68		data_cb data_cb,
69		alert_cb recv_alert_cb,
70		handshake_cb hs_cb,
71		Session_Manager& session_manager,
72		Credentials_Manager& creds,
73		const Policy& policy,
74		RandomNumberGenerator& rng,
75		next_protocol_fn next_proto = next_protocol_fn(),
76		bool is_datagram = false,
77		size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
78		);
79
80		/**
81		* DEPRECATED. This constructor is only provided for backward
82		* compatibility and should not be used in new implementations.
83		* It will be removed in a future release.
84		*/
85		BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
86		Server(output_fn output,
87		data_cb data_cb,
88		alert_cb recv_alert_cb,
89		handshake_cb hs_cb,
90		handshake_msg_cb hs_msg_cb,
91		Session_Manager& session_manager,
92		Credentials_Manager& creds,
93		const Policy& policy,
94		RandomNumberGenerator& rng,
95		next_protocol_fn next_proto = next_protocol_fn(),
96		bool is_datagram = false
97		);
98
99		/**
100		* Return the protocol notification set by the client (using the
101		* ALPN extension) for this connection, if any. This value is not
102		* tied to the session and a later renegotiation of the same
103		* session can choose a new protocol.
104		*/
105	0	std::string next_protocol() const { return m_next_protocol; }
106
107		/**
108		* Return the protocol notification set by the client (using the
109		* ALPN extension) for this connection, if any. This value is not
110		* tied to the session and a later renegotiation of the same
111		* session can choose a new protocol.
112		*/
113	0	std::string application_protocol() const override { return m_next_protocol; }
114
115		private:
116		std::vector<X509_Certificate>
117		get_peer_cert_chain(const Handshake_State& state) const override;
118
119		void initiate_handshake(Handshake_State& state,
120		bool force_full_renegotiation) override;
121
122		void process_handshake_msg(const Handshake_State* active_state,
123		Handshake_State& pending_state,
124		Handshake_Type type,
125		const std::vector<uint8_t>& contents,
126		bool epoch0_restart) override;
127
128		void process_client_hello_msg(const Handshake_State* active_state,
129		Server_Handshake_State& pending_state,
130		const std::vector<uint8_t>& contents,
131		bool epoch0_restart);
132
133		void process_certificate_msg(Server_Handshake_State& pending_state,
134		const std::vector<uint8_t>& contents);
135
136		void process_client_key_exchange_msg(Server_Handshake_State& pending_state,
137		const std::vector<uint8_t>& contents);
138
139		void process_change_cipher_spec_msg(Server_Handshake_State& pending_state);
140
141		void process_certificate_verify_msg(Server_Handshake_State& pending_state,
142		Handshake_Type type,
143		const std::vector<uint8_t>& contents);
144
145		void process_finished_msg(Server_Handshake_State& pending_state,
146		Handshake_Type type,
147		const std::vector<uint8_t>& contents);
148
149		void session_resume(Server_Handshake_State& pending_state,
150		bool have_session_ticket_key,
151		Session& session_info);
152
153		void session_create(Server_Handshake_State& pending_state,
154		bool have_session_ticket_key);
155
156		Handshake_State* new_handshake_state(Handshake_IO* io) override;
157
158		Credentials_Manager& m_creds;
159		std::string m_next_protocol;
160
161		// Set by deprecated constructor, Server calls both this fn and Callbacks version
162		next_protocol_fn m_choose_next_protocol;
163		};
164
165		}
166
167		}
168
169		#endif

Coverage Report

Created: 2020-03-26 13:53