1 files changed, 160 insertions, 0 deletions
diff --git a/comm/third_party/botan/src/lib/tls/tls_session_manager.h b/comm/third_party/botan/src/lib/tls/tls_session_manager.h
new file mode 100644
index 0000000000..40ca48f719
--- /dev/null
+++ b/comm/third_party/botan/src/lib/tls/tls_session_manager.h
@@ -0,0 +1,160 @@
+/*
+* TLS Session Manager
+* (C) 2011 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_TLS_SESSION_MANAGER_H_
+#define BOTAN_TLS_SESSION_MANAGER_H_
+
+#include <botan/tls_session.h>
+#include <botan/mutex.h>
+#include <chrono>
+#include <map>
+
+namespace Botan {
+
+namespace TLS {
+
+/**
+* Session_Manager is an interface to systems which can save
+* session parameters for supporting session resumption.
+*
+* Saving sessions is done on a best-effort basis; an implementation is
+* allowed to drop sessions due to space constraints.
+*
+* Implementations should strive to be thread safe
+*/
+class BOTAN_PUBLIC_API(2,0) Session_Manager
+   {
+   public:
+      /**
+      * Try to load a saved session (using session ID)
+      * @param session_id the session identifier we are trying to resume
+      * @param session will be set to the saved session data (if found),
+               or not modified if not found
+      * @return true if session was modified
+      */
+      virtual bool load_from_session_id(const std::vector<uint8_t>& session_id,
+                                        Session& session) = 0;
+
+      /**
+      * Try to load a saved session (using info about server)
+      * @param info the information about the server
+      * @param session will be set to the saved session data (if found),
+               or not modified if not found
+      * @return true if session was modified
+      */
+      virtual bool load_from_server_info(const Server_Information& info,
+                                         Session& session) = 0;
+
+      /**
+      * Remove this session id from the cache, if it exists
+      */
+      virtual void remove_entry(const std::vector<uint8_t>& session_id) = 0;
+
+      /**
+      * Remove all sessions from the cache, return number of sessions deleted
+      */
+      virtual size_t remove_all() = 0;
+
+      /**
+      * Save a session on a best effort basis; the manager may not in
+      * fact be able to save the session for whatever reason; this is
+      * not an error. Caller cannot assume that calling save followed
+      * immediately by load_from_* will result in a successful lookup.
+      *
+      * @param session to save
+      */
+      virtual void save(const Session& session) = 0;
+
+      /**
+      * Return the allowed lifetime of a session; beyond this time,
+      * sessions are not resumed. Returns 0 if unknown/no explicit
+      * expiration policy.
+      */
+      virtual std::chrono::seconds session_lifetime() const = 0;
+
+      virtual ~Session_Manager() = default;
+   };
+
+/**
+* An implementation of Session_Manager that does not save sessions at
+* all, preventing session resumption.
+*/
+class BOTAN_PUBLIC_API(2,0) Session_Manager_Noop final : public Session_Manager
+   {
+   public:
+      bool load_from_session_id(const std::vector<uint8_t>&, Session&) override
+         { return false; }
+
+      bool load_from_server_info(const Server_Information&, Session&) override
+         { return false; }
+
+      void remove_entry(const std::vector<uint8_t>&) override {}
+
+      size_t remove_all() override { return 0; }
+
+      void save(const Session&) override {}
+
+      std::chrono::seconds session_lifetime() const override
+         { return std::chrono::seconds(0); }
+   };
+
+/**
+* An implementation of Session_Manager that saves values in memory.
+*/
+class BOTAN_PUBLIC_API(2,0) Session_Manager_In_Memory final : public Session_Manager
+   {
+   public:
+      /**
+      * @param rng a RNG used for generating session key and for
+      *        session encryption
+      * @param max_sessions a hint on the maximum number of sessions
+      *        to keep in memory at any one time. (If zero, don't cap)
+      * @param session_lifetime sessions are expired after this many
+      *        seconds have elapsed from initial handshake.
+      */
+      Session_Manager_In_Memory(RandomNumberGenerator& rng,
+                                size_t max_sessions = 1000,
+                                std::chrono::seconds session_lifetime =
+                                   std::chrono::seconds(7200));
+
+      bool load_from_session_id(const std::vector<uint8_t>& session_id,
+                                Session& session) override;
+
+      bool load_from_server_info(const Server_Information& info,
+                                 Session& session) override;
+
+      void remove_entry(const std::vector<uint8_t>& session_id) override;
+
+      size_t remove_all() override;
+
+      void save(const Session& session_data) override;
+
+      std::chrono::seconds session_lifetime() const override
+         { return m_session_lifetime; }
+
+   private:
+      bool load_from_session_str(const std::string& session_str,
+                                 Session& session);
+
+      mutex_type m_mutex;
+
+      size_t m_max_sessions;
+
+      std::chrono::seconds m_session_lifetime;
+
+      RandomNumberGenerator& m_rng;
+      secure_vector<uint8_t> m_session_key;
+
+      std::map<std::string, std::vector<uint8_t>> m_sessions; // hex(session_id) -> session
+      std::map<Server_Information, std::string> m_info_sessions;
+   };
+
+}
+
+}
+
+#endif