diff options
Diffstat (limited to 'comm/third_party/botan/src/lib/tls/tls_client.h')
-rw-r--r-- | comm/third_party/botan/src/lib/tls/tls_client.h | 169 |
1 files changed, 169 insertions, 0 deletions
diff --git a/comm/third_party/botan/src/lib/tls/tls_client.h b/comm/third_party/botan/src/lib/tls/tls_client.h new file mode 100644 index 0000000000..0e08b45953 --- /dev/null +++ b/comm/third_party/botan/src/lib/tls/tls_client.h @@ -0,0 +1,169 @@ +/* +* TLS Client +* (C) 2004-2011 Jack Lloyd +* 2016 Matthias Gierlings +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_TLS_CLIENT_H_ +#define BOTAN_TLS_CLIENT_H_ + +#include <botan/tls_channel.h> +#include <botan/tls_policy.h> +#include <botan/credentials_manager.h> +#include <vector> + +namespace Botan { + +namespace TLS { + +/** +* SSL/TLS Client +*/ +class BOTAN_PUBLIC_API(2,0) Client final : public Channel + { + public: + + /** + * Set up a new TLS client session + * + * @param callbacks contains a set of callback function references + * required by the TLS client. + * + * @param session_manager manages session state + * + * @param creds manages application/user credentials + * + * @param policy specifies other connection policy information + * + * @param rng a random number generator + * + * @param server_info is identifying information about the TLS server + * + * @param offer_version specifies which version we will offer + * to the TLS server. + * + * @param next_protocols specifies protocols to advertise with ALPN + * + * @param reserved_io_buffer_size This many bytes of memory will + * be preallocated for the read and write buffers. Smaller + * values just mean reallocations and copies are more likely. + */ + Client(Callbacks& callbacks, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& server_info = Server_Information(), + const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(), + const std::vector<std::string>& next_protocols = {}, + size_t reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE + ); + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new code. It will be + * removed in a future release. + * + * Set up a new TLS client session + * + * @param data_output_fn is called with data for the outbound socket + * + * @param app_data_cb is called when new application data is received + * + * @param recv_alert_cb is called when a TLS alert is received + * + * @param hs_cb is called when a handshake is completed + * + * @param session_manager manages session state + * + * @param creds manages application/user credentials + * + * @param policy specifies other connection policy information + * + * @param rng a random number generator + * + * @param server_info is identifying information about the TLS server + * + * @param offer_version specifies which version we will offer + * to the TLS server. + * + * @param next_protocols specifies protocols to advertise with ALPN + * + * @param reserved_io_buffer_size This many bytes of memory will + * be preallocated for the read and write buffers. Smaller + * values just mean reallocations and copies are more likely. + */ + BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)") + Client(output_fn data_output_fn, + data_cb app_data_cb, + alert_cb recv_alert_cb, + handshake_cb hs_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& server_info = Server_Information(), + const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(), + const std::vector<std::string>& next_protocols = {}, + size_t reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE + ); + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)") + Client(output_fn out, + data_cb app_data_cb, + alert_cb alert_cb, + handshake_cb hs_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& server_info = Server_Information(), + const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(), + const std::vector<std::string>& next_protocols = {} + ); + + /** + * @return network protocol as advertised by the TLS server, if server sent the ALPN extension + */ + std::string application_protocol() const override { return m_application_protocol; } + private: + void init(const Protocol_Version& protocol_version, + const std::vector<std::string>& next_protocols); + + std::vector<X509_Certificate> + get_peer_cert_chain(const Handshake_State& state) const override; + + void initiate_handshake(Handshake_State& state, + bool force_full_renegotiation) override; + + void send_client_hello(Handshake_State& state, + bool force_full_renegotiation, + Protocol_Version version, + const std::string& srp_identifier = "", + const std::vector<std::string>& next_protocols = {}); + + void process_handshake_msg(const Handshake_State* active_state, + Handshake_State& pending_state, + Handshake_Type type, + const std::vector<uint8_t>& contents, + bool epoch0_restart) override; + + Handshake_State* new_handshake_state(Handshake_IO* io) override; + + Credentials_Manager& m_creds; + const Server_Information m_info; + std::string m_application_protocol; + }; + +} + +} + +#endif |