Coverage Report

Created: 2021-05-04 09:02

/src/botan/build/include/botan/tls_server.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
* TLS Server
3
* (C) 2004-2011 Jack Lloyd
4
*     2016 Matthias Gierlings
5
*
6
* Botan is released under the Simplified BSD License (see license.txt)
7
*/
8
9
#ifndef BOTAN_TLS_SERVER_H_
10
#define BOTAN_TLS_SERVER_H_
11
12
#include <botan/tls_channel.h>
13
#include <botan/tls_policy.h>
14
#include <botan/credentials_manager.h>
15
#include <vector>
16
17
namespace Botan {
18
19
namespace TLS {
20
21
class Server_Handshake_State;
22
23
/**
24
* TLS Server
25
*/
26
class BOTAN_PUBLIC_API(2,0) Server final : public Channel
27
   {
28
   public:
29
      typedef std::function<std::string (std::vector<std::string>)> next_protocol_fn;
30
31
      /**
32
      * Server initialization
33
      *
34
      * @param callbacks contains a set of callback function references
35
      *        required by the TLS client.
36
      *
37
      * @param session_manager manages session state
38
      *
39
      * @param creds manages application/user credentials
40
      *
41
      * @param policy specifies other connection policy information
42
      *
43
      * @param rng a random number generator
44
      *
45
      * @param is_datagram set to true if this server should expect DTLS
46
      *        connections. Otherwise TLS connections are expected.
47
      *
48
      * @param reserved_io_buffer_size This many bytes of memory will
49
      *        be preallocated for the read and write buffers. Smaller
50
      *        values just mean reallocations and copies are more likely.
51
      */
52
      Server(Callbacks& callbacks,
53
             Session_Manager& session_manager,
54
             Credentials_Manager& creds,
55
             const Policy& policy,
56
             RandomNumberGenerator& rng,
57
             bool is_datagram = false,
58
             size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
59
         );
60
61
      /**
62
      * Return the protocol notification set by the client (using the
63
      * ALPN extension) for this connection, if any. This value is not
64
      * tied to the session and a later renegotiation of the same
65
      * session can choose a new protocol.
66
      */
67
0
      std::string next_protocol() const { return m_next_protocol; }
68
69
      /**
70
      * Return the protocol notification set by the client (using the
71
      * ALPN extension) for this connection, if any. This value is not
72
      * tied to the session and a later renegotiation of the same
73
      * session can choose a new protocol.
74
      */
75
0
      std::string application_protocol() const override { return m_next_protocol; }
76
77
   private:
78
      std::vector<X509_Certificate>
79
         get_peer_cert_chain(const Handshake_State& state) const override;
80
81
      void initiate_handshake(Handshake_State& state,
82
                              bool force_full_renegotiation) override;
83
84
      void process_handshake_msg(const Handshake_State* active_state,
85
                                 Handshake_State& pending_state,
86
                                 Handshake_Type type,
87
                                 const std::vector<uint8_t>& contents,
88
                                 bool epoch0_restart) override;
89
90
      void process_client_hello_msg(const Handshake_State* active_state,
91
                                    Server_Handshake_State& pending_state,
92
                                    const std::vector<uint8_t>& contents,
93
                                    bool epoch0_restart);
94
95
      void process_certificate_msg(Server_Handshake_State& pending_state,
96
                                   const std::vector<uint8_t>& contents);
97
98
      void process_client_key_exchange_msg(Server_Handshake_State& pending_state,
99
                                           const std::vector<uint8_t>& contents);
100
101
      void process_change_cipher_spec_msg(Server_Handshake_State& pending_state);
102
103
      void process_certificate_verify_msg(Server_Handshake_State& pending_state,
104
                                          Handshake_Type type,
105
                                          const std::vector<uint8_t>& contents);
106
107
      void process_finished_msg(Server_Handshake_State& pending_state,
108
                                Handshake_Type type,
109
                                const std::vector<uint8_t>& contents);
110
111
      void session_resume(Server_Handshake_State& pending_state,
112
                          bool have_session_ticket_key,
113
                          Session& session_info);
114
115
      void session_create(Server_Handshake_State& pending_state,
116
                          bool have_session_ticket_key);
117
118
      std::unique_ptr<Handshake_State> new_handshake_state(std::unique_ptr<Handshake_IO> io) override;
119
120
      Credentials_Manager& m_creds;
121
      std::string m_next_protocol;
122
123
      // Set by deprecated constructor, Server calls both this fn and Callbacks version
124
      next_protocol_fn m_choose_next_protocol;
125
   };
126
127
}
128
129
}
130
131
#endif