src/security/Session.h

   1 /*
   2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_SRC_SECURITY_SESSION_H
  10 #define SQUID_SRC_SECURITY_SESSION_H
  11
  12 #include "security/LockingPointer.h"
  13
  14 #include <memory>
  15
  16 #if USE_OPENSSL
  17 #if HAVE_OPENSSL_SSL_H
  18 #include <openssl/ssl.h>
  19 #endif
  20 #endif
  21
  22 #if USE_GNUTLS
  23 #if HAVE_GNUTLS_GNUTLS_H
  24 #include <gnutls/gnutls.h>
  25 #endif
  26 #endif
  27
  28 namespace Security {
  29
  30 #if USE_OPENSSL
  31 CtoCpp1(SSL_free, SSL *);
  32 #if defined(CRYPTO_LOCK_SSL) // OpenSSL 1.0
  33 inline int SSL_up_ref(SSL *t) {if (t) CRYPTO_add(&t->references, 1, CRYPTO_LOCK_SSL); return 0;}
  34 #endif
  35 typedef Security::LockingPointer<SSL, Security::SSL_free_cpp, HardFun<int, SSL *, SSL_up_ref> > SessionPointer;
  36
  37 typedef std::unique_ptr<SSL_SESSION, HardFun<void, SSL_SESSION*, &SSL_SESSION_free>> SessionStatePointer;
  38
  39 #elif USE_GNUTLS
  40 // Locks can be implemented attaching locks counter to gnutls_session_t
  41 // objects using the gnutls_session_set_ptr()/gnutls_session_get_ptr ()
  42 // library functions
  43 CtoCpp1(gnutls_deinit, gnutls_session_t);
  44 typedef Security::LockingPointer<struct gnutls_session_int, gnutls_deinit_cpp> SessionPointer;
  45
  46 // wrapper function to get around gnutls_free being a typedef
  47 inline void squid_gnutls_free(void *d) {gnutls_free(d);}
  48 typedef std::unique_ptr<gnutls_datum_t, HardFun<void, void*, &Security::squid_gnutls_free>> SessionStatePointer;
  49
  50 #else
  51 // use void* so we can check against NULL
  52 CtoCpp1(xfree, void *);
  53 typedef Security::LockingPointer<void, xfree_cpp> SessionPointer;
  54
  55 typedef std::unique_ptr<int> SessionStatePointer;
  56
  57 #endif
  58
  59 /// whether the session is a resumed one
  60 bool SessionIsResumed(const Security::SessionPointer &);
  61
  62 /**
  63  * When the session is not a resumed session, retrieve the details needed to
  64  * resume a later connection and store them in 'data'. This may result in 'data'
  65  * becoming a nil Pointer if no details exist or an error occurs.
  66  *
  67  * When the session is already a resumed session, do nothing and leave 'data'
  68  * unhanged.
  69  * XXX: is this latter behaviour always correct?
  70  */
  71 void MaybeGetSessionResumeData(const Security::SessionPointer &, Security::SessionStatePointer &data);
  72
  73 /// Set the data for resuming a previous session.
  74 /// Needs to be done before using the SessionPointer for a handshake.
  75 void SetSessionResumeData(const Security::SessionPointer &, const Security::SessionStatePointer &);
  76
  77 } // namespace Security
  78
  79 #endif /* SQUID_SRC_SECURITY_SESSION_H */
  80