Botan  2.7.0
Crypto and TLS for C++11
tls_session_manager.h
Go to the documentation of this file.
1 /*
2 * TLS Session Manager
3 * (C) 2011 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_TLS_SESSION_MANAGER_H_
9 #define BOTAN_TLS_SESSION_MANAGER_H_
10 
11 #include <botan/tls_session.h>
12 #include <botan/mutex.h>
13 #include <chrono>
14 #include <map>
15 
16 namespace Botan {
17 
18 namespace TLS {
19 
20 /**
21 * Session_Manager is an interface to systems which can save
22 * session parameters for supporting session resumption.
23 *
24 * Saving sessions is done on a best-effort basis; an implementation is
25 * allowed to drop sessions due to space constraints.
26 *
27 * Implementations should strive to be thread safe
28 */
30  {
31  public:
32  /**
33  * Try to load a saved session (using session ID)
34  * @param session_id the session identifier we are trying to resume
35  * @param session will be set to the saved session data (if found),
36  or not modified if not found
37  * @return true if session was modified
38  */
39  virtual bool load_from_session_id(const std::vector<uint8_t>& session_id,
40  Session& session) = 0;
41 
42  /**
43  * Try to load a saved session (using info about server)
44  * @param info the information about the server
45  * @param session will be set to the saved session data (if found),
46  or not modified if not found
47  * @return true if session was modified
48  */
49  virtual bool load_from_server_info(const Server_Information& info,
50  Session& session) = 0;
51 
52  /**
53  * Remove this session id from the cache, if it exists
54  */
55  virtual void remove_entry(const std::vector<uint8_t>& session_id) = 0;
56 
57  /**
58  * Remove all sessions from the cache, return number of sessions deleted
59  */
60  virtual size_t remove_all() = 0;
61 
62  /**
63  * Save a session on a best effort basis; the manager may not in
64  * fact be able to save the session for whatever reason; this is
65  * not an error. Caller cannot assume that calling save followed
66  * immediately by load_from_* will result in a successful lookup.
67  *
68  * @param session to save
69  */
70  virtual void save(const Session& session) = 0;
71 
72  /**
73  * Return the allowed lifetime of a session; beyond this time,
74  * sessions are not resumed. Returns 0 if unknown/no explicit
75  * expiration policy.
76  */
77  virtual std::chrono::seconds session_lifetime() const = 0;
78 
79  virtual ~Session_Manager() = default;
80  };
81 
82 /**
83 * An implementation of Session_Manager that does not save sessions at
84 * all, preventing session resumption.
85 */
87  {
88  public:
89  bool load_from_session_id(const std::vector<uint8_t>&, Session&) override
90  { return false; }
91 
93  { return false; }
94 
95  void remove_entry(const std::vector<uint8_t>&) override {}
96 
97  size_t remove_all() override { return 0; }
98 
99  void save(const Session&) override {}
100 
101  std::chrono::seconds session_lifetime() const override
102  { return std::chrono::seconds(0); }
103  };
104 
105 /**
106 * An implementation of Session_Manager that saves values in memory.
107 */
109  {
110  public:
111  /**
112  * @param rng a RNG used for generating session key and for
113  * session encryption
114  * @param max_sessions a hint on the maximum number of sessions
115  * to keep in memory at any one time. (If zero, don't cap)
116  * @param session_lifetime sessions are expired after this many
117  * seconds have elapsed from initial handshake.
118  */
120  size_t max_sessions = 1000,
121  std::chrono::seconds session_lifetime =
122  std::chrono::seconds(7200));
123 
124  bool load_from_session_id(const std::vector<uint8_t>& session_id,
125  Session& session) override;
126 
127  bool load_from_server_info(const Server_Information& info,
128  Session& session) override;
129 
130  void remove_entry(const std::vector<uint8_t>& session_id) override;
131 
132  size_t remove_all() override;
133 
134  void save(const Session& session_data) override;
135 
136  std::chrono::seconds session_lifetime() const override
137  { return m_session_lifetime; }
138 
139  private:
140  bool load_from_session_str(const std::string& session_str,
141  Session& session);
142 
143  mutex_type m_mutex;
144 
145  size_t m_max_sessions;
146 
147  std::chrono::seconds m_session_lifetime;
148 
149  RandomNumberGenerator& m_rng;
150  secure_vector<uint8_t> m_session_key;
151 
152  std::map<std::string, std::vector<uint8_t>> m_sessions; // hex(session_id) -> session
153  std::map<Server_Information, std::string> m_info_sessions;
154  };
155 
156 }
157 
158 }
159 
160 #endif
bool load_from_server_info(const Server_Information &, Session &) override
std::chrono::seconds session_lifetime() const override
void save(const Session &) override
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
Definition: alg_id.cpp:13
bool load_from_session_id(const std::vector< uint8_t > &, Session &) override
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
std::chrono::seconds session_lifetime() const override
void remove_entry(const std::vector< uint8_t > &) override