Botan  1.11.15
src/lib/tls/tls_session_manager.h
Go to the documentation of this file.
00001 /*
00002 * TLS Session Manager
00003 * (C) 2011 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #ifndef BOTAN_TLS_SESSION_MANAGER_H__
00009 #define BOTAN_TLS_SESSION_MANAGER_H__
00010 
00011 #include <botan/tls_session.h>
00012 #include <mutex>
00013 #include <chrono>
00014 #include <map>
00015 
00016 namespace Botan {
00017 
00018 namespace TLS {
00019 
00020 /**
00021 * Session_Manager is an interface to systems which can save
00022 * session parameters for supporting session resumption.
00023 *
00024 * Saving sessions is done on a best-effort basis; an implementation is
00025 * allowed to drop sessions due to space constraints.
00026 *
00027 * Implementations should strive to be thread safe
00028 */
00029 class BOTAN_DLL Session_Manager
00030    {
00031    public:
00032       /**
00033       * Try to load a saved session (using session ID)
00034       * @param session_id the session identifier we are trying to resume
00035       * @param session will be set to the saved session data (if found),
00036                or not modified if not found
00037       * @return true if session was modified
00038       */
00039       virtual bool load_from_session_id(const std::vector<byte>& session_id,
00040                                         Session& session) = 0;
00041 
00042       /**
00043       * Try to load a saved session (using info about server)
00044       * @param info the information about the server
00045       * @param session will be set to the saved session data (if found),
00046                or not modified if not found
00047       * @return true if session was modified
00048       */
00049       virtual bool load_from_server_info(const Server_Information& info,
00050                                          Session& session) = 0;
00051 
00052       /**
00053       * Remove this session id from the cache, if it exists
00054       */
00055       virtual void remove_entry(const std::vector<byte>& session_id) = 0;
00056 
00057       /**
00058       * Save a session on a best effort basis; the manager may not in
00059       * fact be able to save the session for whatever reason; this is
00060       * not an error. Caller cannot assume that calling save followed
00061       * immediately by load_from_* will result in a successful lookup.
00062       *
00063       * @param session to save
00064       */
00065       virtual void save(const Session& session) = 0;
00066 
00067       /**
00068       * Return the allowed lifetime of a session; beyond this time,
00069       * sessions are not resumed. Returns 0 if unknown/no explicit
00070       * expiration policy.
00071       */
00072       virtual std::chrono::seconds session_lifetime() const = 0;
00073 
00074       virtual ~Session_Manager() {}
00075    };
00076 
00077 /**
00078 * An implementation of Session_Manager that does not save sessions at
00079 * all, preventing session resumption.
00080 */
00081 class BOTAN_DLL Session_Manager_Noop : public Session_Manager
00082    {
00083    public:
00084       bool load_from_session_id(const std::vector<byte>&, Session&) override
00085          { return false; }
00086 
00087       bool load_from_server_info(const Server_Information&, Session&) override
00088          { return false; }
00089 
00090       void remove_entry(const std::vector<byte>&) override {}
00091 
00092       void save(const Session&) override {}
00093 
00094       std::chrono::seconds session_lifetime() const override
00095          { return std::chrono::seconds(0); }
00096    };
00097 
00098 /**
00099 * An implementation of Session_Manager that saves values in memory.
00100 */
00101 class BOTAN_DLL Session_Manager_In_Memory : public Session_Manager
00102    {
00103    public:
00104       /**
00105       * @param max_sessions a hint on the maximum number of sessions
00106       *        to keep in memory at any one time. (If zero, don't cap)
00107       * @param session_lifetime sessions are expired after this many
00108       *        seconds have elapsed from initial handshake.
00109       */
00110       Session_Manager_In_Memory(RandomNumberGenerator& rng,
00111                                 size_t max_sessions = 1000,
00112                                 std::chrono::seconds session_lifetime =
00113                                    std::chrono::seconds(7200));
00114 
00115       bool load_from_session_id(const std::vector<byte>& session_id,
00116                                 Session& session) override;
00117 
00118       bool load_from_server_info(const Server_Information& info,
00119                                  Session& session) override;
00120 
00121       void remove_entry(const std::vector<byte>& session_id) override;
00122 
00123       void save(const Session& session_data) override;
00124 
00125       std::chrono::seconds session_lifetime() const override
00126          { return m_session_lifetime; }
00127 
00128    private:
00129       bool load_from_session_str(const std::string& session_str,
00130                                  Session& session);
00131 
00132       std::mutex m_mutex;
00133 
00134       size_t m_max_sessions;
00135 
00136       std::chrono::seconds m_session_lifetime;
00137 
00138       RandomNumberGenerator& m_rng;
00139       SymmetricKey m_session_key;
00140 
00141       std::map<std::string, std::vector<byte>> m_sessions; // hex(session_id) -> session
00142       std::map<Server_Information, std::string> m_info_sessions;
00143    };
00144 
00145 }
00146 
00147 }
00148 
00149 #endif