Botan
1.11.15
|
00001 /* 00002 * TLS Session Manager 00003 * (C) 2011 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #ifndef BOTAN_TLS_SESSION_MANAGER_H__ 00009 #define BOTAN_TLS_SESSION_MANAGER_H__ 00010 00011 #include <botan/tls_session.h> 00012 #include <mutex> 00013 #include <chrono> 00014 #include <map> 00015 00016 namespace Botan { 00017 00018 namespace TLS { 00019 00020 /** 00021 * Session_Manager is an interface to systems which can save 00022 * session parameters for supporting session resumption. 00023 * 00024 * Saving sessions is done on a best-effort basis; an implementation is 00025 * allowed to drop sessions due to space constraints. 00026 * 00027 * Implementations should strive to be thread safe 00028 */ 00029 class BOTAN_DLL Session_Manager 00030 { 00031 public: 00032 /** 00033 * Try to load a saved session (using session ID) 00034 * @param session_id the session identifier we are trying to resume 00035 * @param session will be set to the saved session data (if found), 00036 or not modified if not found 00037 * @return true if session was modified 00038 */ 00039 virtual bool load_from_session_id(const std::vector<byte>& session_id, 00040 Session& session) = 0; 00041 00042 /** 00043 * Try to load a saved session (using info about server) 00044 * @param info the information about the server 00045 * @param session will be set to the saved session data (if found), 00046 or not modified if not found 00047 * @return true if session was modified 00048 */ 00049 virtual bool load_from_server_info(const Server_Information& info, 00050 Session& session) = 0; 00051 00052 /** 00053 * Remove this session id from the cache, if it exists 00054 */ 00055 virtual void remove_entry(const std::vector<byte>& session_id) = 0; 00056 00057 /** 00058 * Save a session on a best effort basis; the manager may not in 00059 * fact be able to save the session for whatever reason; this is 00060 * not an error. Caller cannot assume that calling save followed 00061 * immediately by load_from_* will result in a successful lookup. 00062 * 00063 * @param session to save 00064 */ 00065 virtual void save(const Session& session) = 0; 00066 00067 /** 00068 * Return the allowed lifetime of a session; beyond this time, 00069 * sessions are not resumed. Returns 0 if unknown/no explicit 00070 * expiration policy. 00071 */ 00072 virtual std::chrono::seconds session_lifetime() const = 0; 00073 00074 virtual ~Session_Manager() {} 00075 }; 00076 00077 /** 00078 * An implementation of Session_Manager that does not save sessions at 00079 * all, preventing session resumption. 00080 */ 00081 class BOTAN_DLL Session_Manager_Noop : public Session_Manager 00082 { 00083 public: 00084 bool load_from_session_id(const std::vector<byte>&, Session&) override 00085 { return false; } 00086 00087 bool load_from_server_info(const Server_Information&, Session&) override 00088 { return false; } 00089 00090 void remove_entry(const std::vector<byte>&) override {} 00091 00092 void save(const Session&) override {} 00093 00094 std::chrono::seconds session_lifetime() const override 00095 { return std::chrono::seconds(0); } 00096 }; 00097 00098 /** 00099 * An implementation of Session_Manager that saves values in memory. 00100 */ 00101 class BOTAN_DLL Session_Manager_In_Memory : public Session_Manager 00102 { 00103 public: 00104 /** 00105 * @param max_sessions a hint on the maximum number of sessions 00106 * to keep in memory at any one time. (If zero, don't cap) 00107 * @param session_lifetime sessions are expired after this many 00108 * seconds have elapsed from initial handshake. 00109 */ 00110 Session_Manager_In_Memory(RandomNumberGenerator& rng, 00111 size_t max_sessions = 1000, 00112 std::chrono::seconds session_lifetime = 00113 std::chrono::seconds(7200)); 00114 00115 bool load_from_session_id(const std::vector<byte>& session_id, 00116 Session& session) override; 00117 00118 bool load_from_server_info(const Server_Information& info, 00119 Session& session) override; 00120 00121 void remove_entry(const std::vector<byte>& session_id) override; 00122 00123 void save(const Session& session_data) override; 00124 00125 std::chrono::seconds session_lifetime() const override 00126 { return m_session_lifetime; } 00127 00128 private: 00129 bool load_from_session_str(const std::string& session_str, 00130 Session& session); 00131 00132 std::mutex m_mutex; 00133 00134 size_t m_max_sessions; 00135 00136 std::chrono::seconds m_session_lifetime; 00137 00138 RandomNumberGenerator& m_rng; 00139 SymmetricKey m_session_key; 00140 00141 std::map<std::string, std::vector<byte>> m_sessions; // hex(session_id) -> session 00142 std::map<Server_Information, std::string> m_info_sessions; 00143 }; 00144 00145 } 00146 00147 } 00148 00149 #endif