]> git.ipfire.org Git - thirdparty/squid.git/blame - src/security/Session.h
projects / thirdparty / squid.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Update to options= after audit
[thirdparty/squid.git] / src / security / Session.h
CommitLineData
3aac8c26 1/*
4ac4a490 2 * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3aac8c26
AJ		 3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#ifndef SQUID_SRC_SECURITY_SESSION_H
10#define SQUID_SRC_SECURITY_SESSION_H
11
5d9a65df 12#include "base/HardFun.h"
86f77270 13#include "comm/forward.h"
33cc0629
AJ		 14#include "security/LockingPointer.h"
15
3ec728ac
AJ		 16#include <memory>
17
3aac8c26
AJ		 18#if USE_OPENSSL
19#if HAVE_OPENSSL_SSL_H
20#include <openssl/ssl.h>
21#endif
22#endif
23
24#if USE_GNUTLS
25#if HAVE_GNUTLS_GNUTLS_H
26#include <gnutls/gnutls.h>
27#endif
28#endif
29
30namespace Security {
31
86f77270
AJ		 32/// Creates TLS Client connection structure (aka 'session' state) and initializes TLS/SSL I/O (Comm and BIO).
33/// On errors, emits DBG_IMPORTANT with details and returns false.
34bool CreateClientSession(const Security::ContextPointer &, const Comm::ConnectionPointer &, const char *squidCtx);
35
36/// Creates TLS Server connection structure (aka 'session' state) and initializes TLS/SSL I/O (Comm and BIO).
37/// On errors, emits DBG_IMPORTANT with details and returns false.
38bool CreateServerSession(const Security::ContextPointer &, const Comm::ConnectionPointer &, const char *squidCtx);
39
3aac8c26 40#if USE_OPENSSL
9c8549cf 41typedef std::shared_ptr<SSL> SessionPointer;
3aac8c26 42
5d9a65df
AJ		 43typedef std::unique_ptr<SSL_SESSION, HardFun<void, SSL_SESSION*, &SSL_SESSION_free>> SessionStatePointer;
44
3aac8c26 45#elif USE_GNUTLS
9c8549cf 46typedef std::shared_ptr<struct gnutls_session_int> SessionPointer;
3aac8c26 47
5d9a65df
AJ		 48// wrapper function to get around gnutls_free being a typedef
49inline void squid_gnutls_free(void *d) {gnutls_free(d);}
50typedef std::unique_ptr<gnutls_datum_t, HardFun<void, void*, &Security::squid_gnutls_free>> SessionStatePointer;
51
3aac8c26 52#else
9c8549cf 53typedef std::shared_ptr<void> SessionPointer;
33cc0629 54
5d9a65df
AJ		 55typedef std::unique_ptr<int> SessionStatePointer;
56
3aac8c26
AJ		 57#endif
58
9c8549cf
AJ		 59/// close an active TLS session.
60/// set fdOnError to the connection FD when the session is being closed
61/// due to an encryption error, otherwise omit.
62void SessionClose(const Security::SessionPointer &, int fdOnError = -1);
087b94cb 63
5d9a65df
AJ		 64/// whether the session is a resumed one
65bool SessionIsResumed(const Security::SessionPointer &);
66
67/**
68 * When the session is not a resumed session, retrieve the details needed to
69 * resume a later connection and store them in 'data'. This may result in 'data'
70 * becoming a nil Pointer if no details exist or an error occurs.
71 *
72 * When the session is already a resumed session, do nothing and leave 'data'
73 * unhanged.
74 * XXX: is this latter behaviour always correct?
75 */
76void MaybeGetSessionResumeData(const Security::SessionPointer &, Security::SessionStatePointer &data);
77
78/// Set the data for resuming a previous session.
79/// Needs to be done before using the SessionPointer for a handshake.
80void SetSessionResumeData(const Security::SessionPointer &, const Security::SessionStatePointer &);
81
3aac8c26
AJ		 82} // namespace Security
83
84#endif /* SQUID_SRC_SECURITY_SESSION_H */
85
Mirror of https://github.com/squid-cache/squid.git