Botan
1.11.15
|
#include <tls_session_manager_sqlite.h>
Public Member Functions | |
bool | load_from_server_info (const Server_Information &info, Session &session) override |
bool | load_from_session_id (const std::vector< byte > &session_id, Session &session) override |
void | remove_entry (const std::vector< byte > &session_id) override |
void | save (const Session &session_data) override |
std::chrono::seconds | session_lifetime () const override |
Session_Manager_SQLite (const std::string &passphrase, RandomNumberGenerator &rng, const std::string &db_filename, size_t max_sessions=1000, std::chrono::seconds session_lifetime=std::chrono::seconds(7200)) |
An implementation of Session_Manager that saves values in a SQLite3 database file, with the session data encrypted using a passphrase.
Definition at line 26 of file tls_session_manager_sqlite.h.
Botan::TLS::Session_Manager_SQLite::Session_Manager_SQLite | ( | const std::string & | passphrase, |
RandomNumberGenerator & | rng, | ||
const std::string & | db_filename, | ||
size_t | max_sessions = 1000 , |
||
std::chrono::seconds | session_lifetime = std::chrono::seconds(7200) |
||
) |
passphrase | used to encrypt the session data |
rng | a random number generator |
db_filename | filename of the SQLite database file. The table names tls_sessions and tls_sessions_metadata will be used |
max_sessions | a hint on the maximum number of sessions to keep in memory at any one time. (If zero, don't cap) |
session_lifetime | sessions are expired after this many seconds have elapsed from initial handshake. |
Definition at line 15 of file tls_session_manager_sqlite.cpp.
: Session_Manager_SQL(std::make_shared<Sqlite3_Database>(db_filename), passphrase, rng, max_sessions, session_lifetime) {}
bool Botan::TLS::Session_Manager_SQL::load_from_server_info | ( | const Server_Information & | info, |
Session & | session | ||
) | [override, virtual, inherited] |
Try to load a saved session (using info about server)
info | the information about the server |
session | will be set to the saved session data (if found), or not modified if not found |
Implements Botan::TLS::Session_Manager.
Definition at line 142 of file tls_session_manager_sql.cpp.
References decrypt, Botan::TLS::Server_Information::hostname(), and Botan::TLS::Server_Information::port().
{ auto stmt = m_db->new_statement("select session from tls_sessions" " where hostname = ?1 and hostport = ?2" " order by session_start desc"); stmt->bind(1, server.hostname()); stmt->bind(2, server.port()); while(stmt->step()) { std::pair<const byte*, size_t> blob = stmt->get_blob(0); try { session = Session::decrypt(blob.first, blob.second, m_session_key); return true; } catch(...) { } } return false; }
bool Botan::TLS::Session_Manager_SQL::load_from_session_id | ( | const std::vector< byte > & | session_id, |
Session & | session | ||
) | [override, virtual, inherited] |
Try to load a saved session (using session ID)
session_id | the session identifier we are trying to resume |
session | will be set to the saved session data (if found), or not modified if not found |
Implements Botan::TLS::Session_Manager.
Definition at line 118 of file tls_session_manager_sql.cpp.
References decrypt, and Botan::hex_encode().
{ auto stmt = m_db->new_statement("select session from tls_sessions where session_id = ?1"); stmt->bind(1, hex_encode(session_id)); while(stmt->step()) { std::pair<const byte*, size_t> blob = stmt->get_blob(0); try { session = Session::decrypt(blob.first, blob.second, m_session_key); return true; } catch(...) { } } return false; }
void Botan::TLS::Session_Manager_SQL::remove_entry | ( | const std::vector< byte > & | session_id | ) | [override, virtual, inherited] |
Remove this session id from the cache, if it exists
Implements Botan::TLS::Session_Manager.
Definition at line 169 of file tls_session_manager_sql.cpp.
References Botan::hex_encode().
{ auto stmt = m_db->new_statement("delete from tls_sessions where session_id = ?1"); stmt->bind(1, hex_encode(session_id)); stmt->spin(); }
void Botan::TLS::Session_Manager_SQL::save | ( | const Session & | session | ) | [override, virtual, inherited] |
Save a session on a best effort basis; the manager may not in fact be able to save the session for whatever reason; this is not an error. Caller cannot assume that calling save followed immediately by load_from_* will result in a successful lookup.
session | to save |
Implements Botan::TLS::Session_Manager.
Definition at line 178 of file tls_session_manager_sql.cpp.
References Botan::TLS::Session::encrypt(), Botan::hex_encode(), Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), Botan::TLS::Session::server_info(), Botan::TLS::Session::session_id(), and Botan::TLS::Session::start_time().
{ auto stmt = m_db->new_statement("insert or replace into tls_sessions" " values(?1, ?2, ?3, ?4, ?5)"); stmt->bind(1, hex_encode(session.session_id())); stmt->bind(2, session.start_time()); stmt->bind(3, session.server_info().hostname()); stmt->bind(4, session.server_info().port()); stmt->bind(5, session.encrypt(m_session_key, m_rng)); stmt->spin(); prune_session_cache(); }
std::chrono::seconds Botan::TLS::Session_Manager_SQL::session_lifetime | ( | ) | const [inline, override, virtual, inherited] |
Return the allowed lifetime of a session; beyond this time, sessions are not resumed. Returns 0 if unknown/no explicit expiration policy.
Implements Botan::TLS::Session_Manager.
Definition at line 61 of file tls_session_manager_sql.h.
{ return m_session_lifetime; }