Botan  2.1.0
Crypto and TLS for C++11
tls_session_manager_memory.cpp
Go to the documentation of this file.
1 /*
2 * TLS Session Management
3 * (C) 2011,2012 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/tls_session_manager.h>
9 #include <botan/hex.h>
10 #include <chrono>
11 
12 namespace Botan {
13 
14 namespace TLS {
15 
18  size_t max_sessions,
19  std::chrono::seconds session_lifetime) :
20  m_max_sessions(max_sessions),
21  m_session_lifetime(session_lifetime),
22  m_rng(rng),
23  m_session_key(m_rng.random_vec(32))
24  {}
25 
26 bool Session_Manager_In_Memory::load_from_session_str(
27  const std::string& session_str, Session& session)
28  {
29  // assert(lock is held)
30 
31  auto i = m_sessions.find(session_str);
32 
33  if(i == m_sessions.end())
34  return false;
35 
36  try
37  {
38  session = Session::decrypt(i->second, m_session_key);
39  }
40  catch(...)
41  {
42  return false;
43  }
44 
45  // if session has expired, remove it
46  const auto now = std::chrono::system_clock::now();
47 
48  if(session.start_time() + session_lifetime() < now)
49  {
50  m_sessions.erase(i);
51  return false;
52  }
53 
54  return true;
55  }
56 
58  const std::vector<uint8_t>& session_id, Session& session)
59  {
60  lock_guard_type<mutex_type> lock(m_mutex);
61 
62  return load_from_session_str(hex_encode(session_id), session);
63  }
64 
66  const Server_Information& info, Session& session)
67  {
68  lock_guard_type<mutex_type> lock(m_mutex);
69 
70  auto i = m_info_sessions.find(info);
71 
72  if(i == m_info_sessions.end())
73  return false;
74 
75  if(load_from_session_str(i->second, session))
76  return true;
77 
78  /*
79  * It existed at one point but was removed from the sessions map,
80  * remove m_info_sessions entry as well
81  */
82  m_info_sessions.erase(i);
83 
84  return false;
85  }
86 
88  const std::vector<uint8_t>& session_id)
89  {
90  lock_guard_type<mutex_type> lock(m_mutex);
91 
92  auto i = m_sessions.find(hex_encode(session_id));
93 
94  if(i != m_sessions.end())
95  m_sessions.erase(i);
96  }
97 
99  {
100  const size_t removed = m_sessions.size();
101  m_info_sessions.clear();
102  m_sessions.clear();
103  m_session_key = m_rng.random_vec(32);
104  return removed;
105  }
106 
108  {
109  lock_guard_type<mutex_type> lock(m_mutex);
110 
111  if(m_max_sessions != 0)
112  {
113  /*
114  We generate new session IDs with the first 4 bytes being a
115  timestamp, so this actually removes the oldest sessions first.
116  */
117  while(m_sessions.size() >= m_max_sessions)
118  m_sessions.erase(m_sessions.begin());
119  }
120 
121  const std::string session_id_str = hex_encode(session.session_id());
122 
123  m_sessions[session_id_str] = session.encrypt(m_session_key, m_rng);
124 
125  if(session.side() == CLIENT && !session.server_info().empty())
126  m_info_sessions[session.server_info()] = session_id_str;
127  }
128 
129 }
130 
131 }
static Session decrypt(const uint8_t ctext[], size_t ctext_size, const SymmetricKey &key)
std::chrono::system_clock::time_point start_time() const
Definition: tls_session.h:175
secure_vector< uint8_t > random_vec(size_t bytes)
Definition: rng.h:133
Connection_Side side() const
Definition: tls_session.h:141
const Server_Information & server_info() const
Definition: tls_session.h:190
std::vector< uint8_t > encrypt(const SymmetricKey &key, RandomNumberGenerator &rng) const
const std::vector< uint8_t > & session_id() const
Definition: tls_session.h:156
void save(const Session &session_data) override
bool load_from_server_info(const Server_Information &info, Session &session) override
Session_Manager_In_Memory(RandomNumberGenerator &rng, size_t max_sessions=1000, std::chrono::seconds session_lifetime=std::chrono::seconds(7200))
Definition: alg_id.cpp:13
RandomNumberGenerator & m_rng
Definition: ecdh.cpp:52
bool load_from_session_id(const std::vector< uint8_t > &session_id, Session &session) override
void remove_entry(const std::vector< uint8_t > &session_id) override
void hex_encode(char output[], const uint8_t input[], size_t input_length, bool uppercase)
Definition: hex.cpp:14
std::chrono::seconds session_lifetime() const override