Botan 2.19.1
Crypto and TLS for C&
tls_session_manager.h
Go to the documentation of this file.
1/*
2* TLS Session Manager
3* (C) 2011 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_TLS_SESSION_MANAGER_H_
9#define BOTAN_TLS_SESSION_MANAGER_H_
10
11#include <botan/tls_session.h>
12#include <botan/mutex.h>
13#include <chrono>
14#include <map>
15
16namespace Botan {
17
18namespace TLS {
19
20/**
21* Session_Manager is an interface to systems which can save
22* session parameters for supporting session resumption.
23*
24* Saving sessions is done on a best-effort basis; an implementation is
25* allowed to drop sessions due to space constraints.
26*
27* Implementations should strive to be thread safe
28*/
30 {
31 public:
32 /**
33 * Try to load a saved session (using session ID)
34 * @param session_id the session identifier we are trying to resume
35 * @param session will be set to the saved session data (if found),
36 or not modified if not found
37 * @return true if session was modified
38 */
39 virtual bool load_from_session_id(const std::vector<uint8_t>& session_id,
40 Session& session) = 0;
41
42 /**
43 * Try to load a saved session (using info about server)
44 * @param info the information about the server
45 * @param session will be set to the saved session data (if found),
46 or not modified if not found
47 * @return true if session was modified
48 */
49 virtual bool load_from_server_info(const Server_Information& info,
50 Session& session) = 0;
51
52 /**
53 * Remove this session id from the cache, if it exists
54 */
55 virtual void remove_entry(const std::vector<uint8_t>& session_id) = 0;
56
57 /**
58 * Remove all sessions from the cache, return number of sessions deleted
59 */
60 virtual size_t remove_all() = 0;
61
62 /**
63 * Save a session on a best effort basis; the manager may not in
64 * fact be able to save the session for whatever reason; this is
65 * not an error. Caller cannot assume that calling save followed
66 * immediately by load_from_* will result in a successful lookup.
67 *
68 * @param session to save
69 */
70 virtual void save(const Session& session) = 0;
71
72 /**
73 * Return the allowed lifetime of a session; beyond this time,
74 * sessions are not resumed. Returns 0 if unknown/no explicit
75 * expiration policy.
76 */
77 virtual std::chrono::seconds session_lifetime() const = 0;
78
79 virtual ~Session_Manager() = default;
80 };
81
82/**
83* An implementation of Session_Manager that does not save sessions at
84* all, preventing session resumption.
85*/
87 {
88 public:
89 bool load_from_session_id(const std::vector<uint8_t>&, Session&) override
90 { return false; }
91
93 { return false; }
94
95 void remove_entry(const std::vector<uint8_t>&) override {}
96
97 size_t remove_all() override { return 0; }
98
99 void save(const Session&) override {}
100
101 std::chrono::seconds session_lifetime() const override
102 { return std::chrono::seconds(0); }
103 };
104
105/**
106* An implementation of Session_Manager that saves values in memory.
107*/
109 {
110 public:
111 /**
112 * @param rng a RNG used for generating session key and for
113 * session encryption
114 * @param max_sessions a hint on the maximum number of sessions
115 * to keep in memory at any one time. (If zero, don't cap)
116 * @param session_lifetime sessions are expired after this many
117 * seconds have elapsed from initial handshake.
118 */
120 size_t max_sessions = 1000,
121 std::chrono::seconds session_lifetime =
122 std::chrono::seconds(7200));
123
124 bool load_from_session_id(const std::vector<uint8_t>& session_id,
125 Session& session) override;
126
127 bool load_from_server_info(const Server_Information& info,
128 Session& session) override;
129
130 void remove_entry(const std::vector<uint8_t>& session_id) override;
131
132 size_t remove_all() override;
133
134 void save(const Session& session_data) override;
135
136 std::chrono::seconds session_lifetime() const override
137 { return m_session_lifetime; }
138
139 private:
140 bool load_from_session_str(const std::string& session_str,
141 Session& session);
142
143 mutex_type m_mutex;
144
145 size_t m_max_sessions;
146
147 std::chrono::seconds m_session_lifetime;
148
150 secure_vector<uint8_t> m_session_key;
151
152 std::map<std::string, std::vector<uint8_t>> m_sessions; // hex(session_id) -> session
153 std::map<Server_Information, std::string> m_info_sessions;
154 };
155
156}
157
158}
159
160#endif
std::chrono::seconds session_lifetime() const override
void remove_entry(const std::vector< uint8_t > &) override
std::chrono::seconds session_lifetime() const override
bool load_from_server_info(const Server_Information &, Session &) override
bool load_from_session_id(const std::vector< uint8_t > &, Session &) override
void save(const Session &) override
virtual bool load_from_session_id(const std::vector< uint8_t > &session_id, Session &session)=0
virtual ~Session_Manager()=default
virtual bool load_from_server_info(const Server_Information &info, Session &session)=0
virtual void remove_entry(const std::vector< uint8_t > &session_id)=0
virtual void save(const Session &session)=0
virtual std::chrono::seconds session_lifetime() const =0
virtual size_t remove_all()=0
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65