]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/security/Session.h
2 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_SRC_SECURITY_SESSION_H
10 #define SQUID_SRC_SECURITY_SESSION_H
12 #include "base/HardFun.h"
13 #include "comm/forward.h"
14 #include "security/LockingPointer.h"
19 #if HAVE_OPENSSL_SSL_H
20 #include <openssl/ssl.h>
25 #if HAVE_GNUTLS_GNUTLS_H
26 #include <gnutls/gnutls.h>
32 /// Creates TLS Client connection structure (aka 'session' state) and initializes TLS/SSL I/O (Comm and BIO).
33 /// On errors, emits DBG_IMPORTANT with details and returns false.
34 bool CreateClientSession(const Security::ContextPointer
&, const Comm::ConnectionPointer
&, const char *squidCtx
);
36 /// Creates TLS Server connection structure (aka 'session' state) and initializes TLS/SSL I/O (Comm and BIO).
37 /// On errors, emits DBG_IMPORTANT with details and returns false.
38 bool CreateServerSession(const Security::ContextPointer
&, const Comm::ConnectionPointer
&, const char *squidCtx
);
41 typedef std::shared_ptr
<SSL
> SessionPointer
;
43 typedef std::unique_ptr
<SSL_SESSION
, HardFun
<void, SSL_SESSION
*, &SSL_SESSION_free
>> SessionStatePointer
;
46 typedef std::shared_ptr
<struct gnutls_session_int
> SessionPointer
;
48 // wrapper function to get around gnutls_free being a typedef
49 inline void squid_gnutls_free(void *d
) {gnutls_free(d
);}
50 typedef std::unique_ptr
<gnutls_datum_t
, HardFun
<void, void*, &Security::squid_gnutls_free
>> SessionStatePointer
;
53 typedef std::shared_ptr
<void> SessionPointer
;
55 typedef std::unique_ptr
<int> SessionStatePointer
;
59 /// close an active TLS session.
60 /// set fdOnError to the connection FD when the session is being closed
61 /// due to an encryption error, otherwise omit.
62 void SessionClose(const Security::SessionPointer
&, int fdOnError
= -1);
64 /// whether the session is a resumed one
65 bool SessionIsResumed(const Security::SessionPointer
&);
68 * When the session is not a resumed session, retrieve the details needed to
69 * resume a later connection and store them in 'data'. This may result in 'data'
70 * becoming a nil Pointer if no details exist or an error occurs.
72 * When the session is already a resumed session, do nothing and leave 'data'
74 * XXX: is this latter behaviour always correct?
76 void MaybeGetSessionResumeData(const Security::SessionPointer
&, Security::SessionStatePointer
&data
);
78 /// Set the data for resuming a previous session.
79 /// Needs to be done before using the SessionPointer for a handshake.
80 void SetSessionResumeData(const Security::SessionPointer
&, const Security::SessionStatePointer
&);
82 } // namespace Security
84 #endif /* SQUID_SRC_SECURITY_SESSION_H */