#define SSL_SESSION_ID_SIZE 32
#define SSL_SESSION_MAX_SIZE 10*1024
++#if USE_GNUTLS
++void
++squid_datum_free(gnutls_datum_t *D) {
++ gnutls_free(D);
++}
++#endif
++
+ bool
+ Security::SessionIsResumed(const Security::SessionPointer &s)
+ {
+ return
+ #if USE_OPENSSL
+ SSL_session_reused(s.get()) == 1;
+ #elif USE_GNUTLS
+ gnutls_session_is_resumed(s.get()) != 0;
+ #else
+ false;
+ #endif
+ }
+
+ void
+ Security::GetSessionResumeData(const Security::SessionPointer &s, Security::SessionStatePointer &data)
+ {
+ if (!SessionIsResumed(s)) {
+ #if USE_OPENSSL
+ data.reset(SSL_get1_session(s.get()));
+ #elif USE_GNUTLS
+ gnutls_datum_t *tmp = nullptr;
+ (void)gnutls_session_get_data2(s.get(), tmp);
+ data.reset(tmp);
+ #endif
+ }
+ }
+
+ void
+ Security::SetSessionResumeData(const Security::SessionPtr &s, const Security::SessionStatePointer &data)
+ {
+ if (s) {
+ #if USE_OPENSSL
+ (void)SSL_set_session(s, data.get());
+ #elif USE_GNUTLS
+ (void)gnutls_session_set_data(s, data->data, data->size);
+ #endif
+ }
+ }
+
static bool
isTlsServer()
{
CtoCpp1(SSL_free, SSL *);
typedef LockingPointer<SSL, Security::SSL_free_cpp, CRYPTO_LOCK_SSL> SessionPointer;
-typedef SSL_SESSION* SessionStatePtr;
-CtoCpp1(SSL_SESSION_free, SSL_SESSION *);
-typedef LockingPointer<SSL_SESSION, Security::SSL_SESSION_free_cpp, CRYPTO_LOCK_SSL_SESSION> SessionStatePointer;
++typedef std::unique_ptr<SSL_SESSION, std::function<decltype(SSL_SESSION_free)>> SessionStatePointer;
+
#elif USE_GNUTLS
typedef gnutls_session_t SessionPtr;
-CtoCpp1(gnutls_deinit, gnutls_session_t);
--// TODO: Convert to Locking pointer.
// Locks can be implemented attaching locks counter to gnutls_session_t
// objects using the gnutls_session_set_ptr()/gnutls_session_get_ptr ()
// library functions
- //typedef std::unique_ptr<struct gnutls_session_int, std::function<decltype(gnutls_deinit)>> SessionPointer;
-typedef TidyPointer<struct gnutls_session_int, Security::gnutls_deinit_cpp> SessionPointer;
+CtoCpp1(gnutls_deinit, gnutls_session_t);
+typedef LockingPointer<struct gnutls_session_int, gnutls_deinit_cpp, -1> SessionPointer;
-typedef gnutls_datum_t *SessionStatePtr;
-CtoCpp1(gnutls_free, gnutls_datum_t *);
-typedef TidyPointer<gnutls_datum_t, Security::gnutls_free_cpp> SessionStatePointer;
++/// wrapper function to avoid compile errors with gnutls_free() being a typedef.
++void squid_datum_free(gnutls_datum_t *D);
++typedef std::unique_ptr<gnutls_datum_t, std::function<decltype(squid_datum_free)>> SessionStatePointer;
+
#else
// use void* so we can check against NULL
typedef void* SessionPtr;
-typedef TidyPointer<void, nullptr> SessionPointer;
-typedef TidyPointer<void, nullptr> SessionStatePointer;
+CtoCpp1(xfree, SessionPtr);
+typedef LockingPointer<void, xfree_cpp, -1> SessionPointer;
+
++typedef std::unique_ptr<int> SessionStatePointer;
+
#endif
+ /// whether the session is a resumed one
+ bool SessionIsResumed(const Security::SessionPointer &);
+
+ /// Retrieve the data needed to resume this session on a later connection
+ void GetSessionResumeData(const Security::SessionPointer &, Security::SessionStatePointer &);
+
+ /// Set the data for resuming a previous session.
+ /// Needs to be done before using the SessionPointer for a handshake.
+ void SetSessionResumeData(const Security::SessionPtr &, const Security::SessionStatePointer &);
+
} // namespace Security
#endif /* SQUID_SRC_SECURITY_SESSION_H */