Botan
1.11.15
|
00001 /* 00002 * TLS Session Manager storing to encrypted SQL db table 00003 * (C) 2012,2014 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #ifndef BOTAN_TLS_SQL_SESSION_MANAGER_H__ 00009 #define BOTAN_TLS_SQL_SESSION_MANAGER_H__ 00010 00011 #include <botan/tls_session_manager.h> 00012 #include <botan/database.h> 00013 #include <botan/rng.h> 00014 00015 namespace Botan { 00016 00017 namespace TLS { 00018 00019 /** 00020 * An implementation of Session_Manager that saves values in a SQL 00021 * database file, with the session data encrypted using a passphrase. 00022 * 00023 * @warning For clients, the hostnames associated with the saved 00024 * sessions are stored in the database in plaintext. This may be a 00025 * serious privacy risk in some situations. 00026 */ 00027 class BOTAN_DLL Session_Manager_SQL : public Session_Manager 00028 { 00029 public: 00030 /** 00031 * @param db A connection to the database to use 00032 The table names botan_tls_sessions and 00033 botan_tls_sessions_metadata will be used 00034 * @param passphrase used to encrypt the session data 00035 * @param rng a random number generator 00036 * @param max_sessions a hint on the maximum number of sessions 00037 * to keep in memory at any one time. (If zero, don't cap) 00038 * @param session_lifetime sessions are expired after this many 00039 * seconds have elapsed from initial handshake. 00040 */ 00041 Session_Manager_SQL(std::shared_ptr<SQL_Database> db, 00042 const std::string& passphrase, 00043 RandomNumberGenerator& rng, 00044 size_t max_sessions = 1000, 00045 std::chrono::seconds session_lifetime = std::chrono::seconds(7200)); 00046 00047 Session_Manager_SQL(const Session_Manager_SQL&) = delete; 00048 00049 Session_Manager_SQL& operator=(const Session_Manager_SQL&) = delete; 00050 00051 bool load_from_session_id(const std::vector<byte>& session_id, 00052 Session& session) override; 00053 00054 bool load_from_server_info(const Server_Information& info, 00055 Session& session) override; 00056 00057 void remove_entry(const std::vector<byte>& session_id) override; 00058 00059 void save(const Session& session_data) override; 00060 00061 std::chrono::seconds session_lifetime() const override 00062 { return m_session_lifetime; } 00063 00064 private: 00065 void prune_session_cache(); 00066 00067 std::shared_ptr<SQL_Database> m_db; 00068 SymmetricKey m_session_key; 00069 RandomNumberGenerator& m_rng; 00070 size_t m_max_sessions; 00071 std::chrono::seconds m_session_lifetime; 00072 }; 00073 00074 } 00075 00076 } 00077 00078 #endif