Botan  2.1.0
Crypto and TLS for C++11
tls_session_manager_sql.h
Go to the documentation of this file.
1 /*
2 * TLS Session Manager storing to encrypted SQL db table
3 * (C) 2012,2014 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_TLS_SQL_SESSION_MANAGER_H__
9 #define BOTAN_TLS_SQL_SESSION_MANAGER_H__
10 
11 #include <botan/tls_session_manager.h>
12 #include <botan/database.h>
13 #include <botan/rng.h>
14 
15 namespace Botan {
16 
17 namespace TLS {
18 
19 /**
20 * An implementation of Session_Manager that saves values in a SQL
21 * database file, with the session data encrypted using a passphrase.
22 *
23 * @warning For clients, the hostnames associated with the saved
24 * sessions are stored in the database in plaintext. This may be a
25 * serious privacy risk in some situations.
26 */
27 class BOTAN_DLL Session_Manager_SQL : public Session_Manager
28  {
29  public:
30  /**
31  * @param db A connection to the database to use
32  The table names botan_tls_sessions and
33  botan_tls_sessions_metadata will be used
34  * @param passphrase used to encrypt the session data
35  * @param rng a random number generator
36  * @param max_sessions a hint on the maximum number of sessions
37  * to keep in memory at any one time. (If zero, don't cap)
38  * @param session_lifetime sessions are expired after this many
39  * seconds have elapsed from initial handshake.
40  */
41  Session_Manager_SQL(std::shared_ptr<SQL_Database> db,
42  const std::string& passphrase,
44  size_t max_sessions = 1000,
45  std::chrono::seconds session_lifetime = std::chrono::seconds(7200));
46 
48 
49  Session_Manager_SQL& operator=(const Session_Manager_SQL&) = delete;
50 
51  bool load_from_session_id(const std::vector<uint8_t>& session_id,
52  Session& session) override;
53 
54  bool load_from_server_info(const Server_Information& info,
55  Session& session) override;
56 
57  void remove_entry(const std::vector<uint8_t>& session_id) override;
58 
59  size_t remove_all() override;
60 
61  void save(const Session& session_data) override;
62 
63  std::chrono::seconds session_lifetime() const override
64  { return m_session_lifetime; }
65 
66  private:
67  void prune_session_cache();
68 
69  std::shared_ptr<SQL_Database> m_db;
70  secure_vector<uint8_t> m_session_key;
72  size_t m_max_sessions;
73  std::chrono::seconds m_session_lifetime;
74  };
75 
76 }
77 
78 }
79 
80 #endif
std::chrono::seconds session_lifetime() const override
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
Definition: alg_id.cpp:13
RandomNumberGenerator & m_rng
Definition: ecdh.cpp:52