Botan 3.4.0
Crypto and TLS for C&
|
#include <tls_server.h>
Public Member Functions | |
std::string | application_protocol () const override |
void | close () override |
std::optional< std::string > | external_psk_identity () const override |
size_t | from_peer (std::span< const uint8_t > data) override |
bool | is_active () const override |
bool | is_closed () const override |
bool | is_closed_for_reading () const override |
bool | is_closed_for_writing () const override |
bool | is_handshake_complete () const override |
SymmetricKey | key_material_export (std::string_view label, std::string_view context, size_t length) const override |
bool | new_session_ticket_supported () const |
std::vector< X509_Certificate > | peer_cert_chain () const override |
std::shared_ptr< const Public_Key > | peer_raw_public_key () const override |
size_t | received_data (const uint8_t buf[], size_t buf_size) |
size_t | received_data (std::span< const uint8_t > data) |
void | renegotiate (bool force_full_renegotiation=false) override |
bool | secure_renegotiation_supported () const override |
void | send (const uint8_t buf[], size_t buf_size) |
void | send (std::span< const uint8_t > data) |
void | send (std::string_view val) |
void | send_alert (const Alert &alert) override |
void | send_fatal_alert (Alert::Type type) override |
size_t | send_new_session_tickets (size_t tickets=1) |
void | send_warning_alert (Alert::Type type) override |
Server (const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< Credentials_Manager > &creds, const std::shared_ptr< const Policy > &policy, const std::shared_ptr< RandomNumberGenerator > &rng, bool is_datagram=false, size_t reserved_io_buffer_size=TLS::Channel::IO_BUF_DEFAULT_SIZE) | |
bool | timeout_check () override |
void | to_peer (std::span< const uint8_t > data) override |
void | update_traffic_keys (bool request_peer_update=false) override |
~Server () override | |
Static Public Attributes | |
static constexpr size_t | IO_BUF_DEFAULT_SIZE = 10 * 1024 |
Definition at line 26 of file tls_server.h.
Botan::TLS::Server::Server | ( | const std::shared_ptr< Callbacks > & | callbacks, |
const std::shared_ptr< Session_Manager > & | session_manager, | ||
const std::shared_ptr< Credentials_Manager > & | creds, | ||
const std::shared_ptr< const Policy > & | policy, | ||
const std::shared_ptr< RandomNumberGenerator > & | rng, | ||
bool | is_datagram = false, | ||
size_t | reserved_io_buffer_size = TLS::Channel::IO_BUF_DEFAULT_SIZE ) |
Server initialization
callbacks | contains a set of callback function references required by the TLS server. |
session_manager | manages session state |
creds | manages application/user credentials |
policy | specifies other connection policy information |
rng | a random number generator |
is_datagram | set to true if this server should expect DTLS connections. Otherwise TLS connections are expected. |
reserved_io_buffer_size | This many bytes of memory will be preallocated for the read and write buffers. Smaller values just mean reallocations and copies are more likely. |
Definition at line 28 of file tls_server.cpp.
|
overridedefault |
|
overridevirtual |
Return the protocol notification set by the client (using the ALPN extension) for this connection, if any. This value is not tied to the session and a later renegotiation of the same session can choose a new protocol.
Implements Botan::TLS::Channel.
Definition at line 148 of file tls_server.cpp.
|
overridevirtual |
Send a close notification alert
Implements Botan::TLS::Channel.
Definition at line 140 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 96 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 54 of file tls_server.cpp.
|
overridevirtual |
Check whether the connection is ready to send application data. Note that a TLS 1.3 server MAY send data before receiving the client's Finished message. Only after receiving the client's Finished, can the server be sure about the client's liveness and (optional) identity.
Consider using is_handshake_complete() if you need to wait until the handshake if fully complete.
Implements Botan::TLS::Channel.
Definition at line 72 of file tls_server.cpp.
|
overridevirtual |
Note: For TLS 1.3 a connection is closed only after both peers have signaled a "close_notify". While TLS 1.2 automatically responded in suit once the peer had sent "close_notify", TLS 1.3 allows to continue transmitting data even if the peer closed their writing end.
Implements Botan::TLS::Channel.
Definition at line 76 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 80 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 84 of file tls_server.cpp.
|
overridevirtual |
Becomes true as soon as the TLS handshake is fully complete and all security assurances TLS provides can be guaranteed.
Implements Botan::TLS::Channel.
Definition at line 68 of file tls_server.cpp.
|
overridevirtual |
Key material export (RFC 5705)
label | a disambiguating label string |
context | a per-association context value |
length | the length of the desired key in bytes |
Implements Botan::TLS::Channel.
Definition at line 100 of file tls_server.cpp.
bool Botan::TLS::Server::new_session_ticket_supported | ( | ) | const |
Definition at line 108 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 88 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 92 of file tls_server.cpp.
|
inlineinherited |
Definition at line 48 of file tls_channel.h.
|
inlineinherited |
Inject TLS traffic received from counterparty
Definition at line 46 of file tls_channel.h.
|
overridevirtual |
Attempt to renegotiate the session
force_full_renegotiation | if true, require a full renegotiation, otherwise allow session resumption |
Implements Botan::TLS::Channel.
Definition at line 104 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 120 of file tls_server.cpp.
|
inlineinherited |
Definition at line 56 of file tls_channel.h.
|
inlineinherited |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 54 of file tls_channel.h.
|
inlineinherited |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 62 of file tls_channel.h.
References Botan::cast_char_ptr_to_uint8(), and Botan::TLS::Channel::send().
Referenced by Botan::TLS::Channel::send().
|
overridevirtual |
Inject plaintext intended for counterparty Throws an exception if is_active() is false Send a TLS alert message. If the alert is fatal, the internal state (keys, etc) will be reset.
alert | the Alert to send |
Implements Botan::TLS::Channel.
Definition at line 128 of file tls_server.cpp.
|
overridevirtual |
Send a fatal alert
Implements Botan::TLS::Channel.
Definition at line 136 of file tls_server.cpp.
size_t Botan::TLS::Server::send_new_session_tickets | ( | size_t | tickets = 1 | ) |
Definition at line 112 of file tls_server.cpp.
|
overridevirtual |
Send a warning alert
Implements Botan::TLS::Channel.
Definition at line 132 of file tls_server.cpp.
|
overridevirtual |
Perform a handshake timeout check. This does nothing unless this is a DTLS channel with a pending handshake state, in which case we check for timeout and potentially retransmit handshake packets.
Implements Botan::TLS::Channel.
Definition at line 144 of file tls_server.cpp.
|
overridevirtual |
Implements Botan::TLS::Channel.
Definition at line 124 of file tls_server.cpp.
|
overridevirtual |
Attempt to update the session's traffic key material Note that this is possible with a TLS 1.3 channel, only.
request_peer_update | if true, require a reciprocal key update |
Implements Botan::TLS::Channel.
Definition at line 116 of file tls_server.cpp.
|
staticconstexprinherited |
Definition at line 32 of file tls_channel.h.
Referenced by Botan::TLS::Channel_Impl_13::expect_downgrade().