Add abstract database interface so applications can easily store info

in places other than sqlite3, though sqlite3 remains the only
implementation. The interface is currently limited to precisely the
functionality the TLS session manager needs and will likely expand.

3 files changed, 87 insertions, 0 deletions

diff --git a/src/lib/tls/sessions_sqlite3/info.txt b/src/lib/tls/sessions_sqlite3/info.txt
new file mode 100644
index 000000000..b04b6a9d6
--- /dev/null
+++ b/src/lib/tls/sessions_sqlite3/info.txt
@@ -0,0 +1,6 @@
+define TLS_SQLITE3_SESSION_MANAGER 20131128
+
+<requires>
+sessions_sql
+sqlite3
+</requires>
diff --git a/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.cpp b/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.cpp
new file mode 100644
index 000000000..30af3699f
--- /dev/null
+++ b/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.cpp
@@ -0,0 +1,29 @@
+/*
+* SQLite TLS Session Manager
+* (C) 2012 Jack Lloyd
+*
+* Released under the terms of the Botan license
+*/
+
+#include <botan/tls_session_manager_sqlite.h>
+#include <botan/sqlite3.h>
+
+namespace Botan {
+
+namespace TLS {
+
+Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase,
+                                               RandomNumberGenerator& rng,
+                                               const std::string& db_filename,
+                                               size_t max_sessions,
+                                               std::chrono::seconds session_lifetime) :
+   Session_Manager_SQL(std::make_shared<Sqlite3_Database>(db_filename),
+                       passphrase,
+                       rng,
+                       max_sessions,
+                       session_lifetime)
+   {}
+
+}
+
+}
diff --git a/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.h b/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.h
new file mode 100644
index 000000000..67c1c9e53
--- /dev/null
+++ b/src/lib/tls/sessions_sqlite3/tls_session_manager_sqlite.h
@@ -0,0 +1,52 @@
+/*
+* SQLite3 TLS Session Manager
+* (C) 2012 Jack Lloyd
+*
+* Released under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TLS_SQLITE3_SESSION_MANAGER_H__
+#define BOTAN_TLS_SQLITE3_SESSION_MANAGER_H__
+
+#include <botan/tls_session_manager_sql.h>
+#include <botan/rng.h>
+
+namespace Botan {
+
+namespace TLS {
+
+/**
+* An implementation of Session_Manager that saves values in a SQLite3
+* database file, with the session data encrypted using a passphrase.
+*
+* @warning For clients, the hostnames associated with the saved
+* sessions are stored in the database in plaintext. This may be a
+* serious privacy risk in some situations.
+*/
+class BOTAN_DLL
+Session_Manager_SQLite : public Session_Manager_SQL
+   {
+   public:
+      /**
+      * @param passphrase used to encrypt the session data
+      * @param rng a random number generator
+      * @param db_filename filename of the SQLite database file.
+               The table names tls_sessions and tls_sessions_metadata
+               will be used
+      * @param max_sessions a hint on the maximum number of sessions
+      *        to keep in memory at any one time. (If zero, don't cap)
+      * @param session_lifetime sessions are expired after this many
+      *        seconds have elapsed from initial handshake.
+      */
+      Session_Manager_SQLite(const std::string& passphrase,
+                             RandomNumberGenerator& rng,
+                             const std::string& db_filename,
+                             size_t max_sessions = 1000,
+                             std::chrono::seconds session_lifetime = std::chrono::seconds(7200));
+};
+
+}
+
+}
+
+#endif