diff options
| author | Matthias Gierlings <[email protected]> | 2016-05-16 23:02:58 +0200 |
|---|---|---|
| committer | Matthias Gierlings <[email protected]> | 2016-06-19 18:28:38 +0200 |
| commit | 490d538512b7f732268358b3a3a6fcbfd2bb67c6 (patch) | |
| tree | 200ef15842e924860c33f79d3c8be9c76e47ea39 /src/lib/tls | |
| parent | 93df95db45fa126725808fbd53aa978b00cf08ad (diff) | |
Compatibility patch for TLS::Callback interface
- Added legacy constructor support for TLS::Channel, TLS::Client,
TLS::Server.
Diffstat (limited to 'src/lib/tls')
| -rw-r--r-- | src/lib/tls/tls_callbacks.h | 29 | ||||
| -rw-r--r-- | src/lib/tls/tls_channel.cpp | 28 | ||||
| -rw-r--r-- | src/lib/tls/tls_channel.h | 23 | ||||
| -rw-r--r-- | src/lib/tls/tls_client.cpp | 60 | ||||
| -rw-r--r-- | src/lib/tls/tls_client.h | 43 | ||||
| -rw-r--r-- | src/lib/tls/tls_server.cpp | 38 | ||||
| -rw-r--r-- | src/lib/tls/tls_server.h | 37 |
7 files changed, 242 insertions, 16 deletions
diff --git a/src/lib/tls/tls_callbacks.h b/src/lib/tls/tls_callbacks.h index 854054c2b..216c58ce2 100644 --- a/src/lib/tls/tls_callbacks.h +++ b/src/lib/tls/tls_callbacks.h @@ -49,37 +49,52 @@ class BOTAN_DLL Callbacks * * @param handshake_cb is called when a handshake is completed */ - + BOTAN_DEPRECATED("Use TLS::Callbacks() (virtual interface).") Callbacks(output_fn out, data_cb app_data_cb, alert_cb alert_cb, handshake_cb hs_cb, handshake_msg_cb hs_msg_cb = nullptr) : m_output_function(out), m_app_data_cb(app_data_cb), m_alert_cb(alert_cb), m_hs_cb(hs_cb), m_hs_msg_cb(hs_msg_cb) {} + Callbacks() + : m_output_function(nullptr), m_app_data_cb(nullptr), + m_alert_cb(nullptr), m_hs_cb(nullptr), m_hs_msg_cb(nullptr) {} + + virtual ~Callbacks() {} virtual void out_fn(const byte data[], size_t size) const { - if (m_output_function != nullptr) { m_output_function(data, size); } + BOTAN_ASSERT(m_output_function != nullptr, + "Invalid TLS output function callback."); + m_output_function(data, size); } virtual void app_data(const byte data[], size_t size) const { - if (m_app_data_cb != nullptr) { m_app_data_cb(data, size); } + BOTAN_ASSERT(m_app_data_cb != nullptr, + "Invalid TLS app data callback."); + m_app_data_cb(data, size); } virtual void alert(Alert alert) const { - if (m_alert_cb != nullptr) { m_alert_cb(alert); } + BOTAN_ASSERT(m_alert_cb != nullptr, + "Invalid TLS alert callback."); + m_alert_cb(alert); } virtual bool handshake(const Session& session) const { - if (m_hs_cb != nullptr) { return m_hs_cb(session); } + BOTAN_ASSERT(m_hs_cb != nullptr, + "Invalid TLS handshake callback."); + return m_hs_cb(session); } - virtual void handshake_msg(const Handshake_Message& hmsg) + virtual void handshake_msg(const Handshake_Message& hmsg) const { - if (m_hs_msg_cb != nullptr) { m_hs_msg_cb(hmsg); } + // The handshake message callback is optional so we can + // not assume it has been set. + if(m_hs_msg_cb != nullptr) { m_hs_msg_cb(hmsg); } } private: diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp index 9bd3e5603..b78796536 100644 --- a/src/lib/tls/tls_channel.cpp +++ b/src/lib/tls/tls_channel.cpp @@ -33,12 +33,36 @@ Channel::Channel(const Callbacks& callbacks, m_policy(policy), m_rng(rng) { + init(reserved_io_buffer_size); + } + +Channel::Channel(output_fn out, + data_cb app_data_cb, + alert_cb alert_cb, + handshake_cb hs_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + RandomNumberGenerator& rng, + const Policy& policy, + bool is_datagram, + size_t io_buf_sz) : + m_is_datagram(is_datagram), + m_callbacks(Callbacks(out, app_data_cb, alert_cb, hs_cb, hs_msg_cb)), + m_session_manager(session_manager), + m_policy(policy), + m_rng(rng) + { + init(io_buf_sz); + } + +void Channel::init(size_t io_buf_sz) + { /* epoch 0 is plaintext, thus null cipher state */ m_write_cipher_states[0] = nullptr; m_read_cipher_states[0] = nullptr; - m_writebuf.reserve(reserved_io_buffer_size); - m_readbuf.reserve(reserved_io_buffer_size); + m_writebuf.reserve(io_buf_sz); + m_readbuf.reserve(io_buf_sz); } void Channel::reset_state() diff --git a/src/lib/tls/tls_channel.h b/src/lib/tls/tls_channel.h index d10ac2b6e..7c59e1d6f 100644 --- a/src/lib/tls/tls_channel.h +++ b/src/lib/tls/tls_channel.h @@ -34,6 +34,11 @@ class Handshake_Message; class BOTAN_DLL Channel { public: + typedef std::function<void (const byte[], size_t)> output_fn; + typedef std::function<void (const byte[], size_t)> data_cb; + typedef std::function<void (Alert)> alert_cb; + typedef std::function<bool (const Session&)> handshake_cb; + typedef std::function<void (const Handshake_Message&)> handshake_msg_cb; static size_t IO_BUF_DEFAULT_SIZE; Channel(const Callbacks& callbacks, @@ -43,6 +48,22 @@ class BOTAN_DLL Channel bool is_datagram, size_t io_buf_sz = IO_BUF_DEFAULT_SIZE); + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Channel(TLS::Callbacks ...)") + Channel(output_fn out, + data_cb app_data_cb, + alert_cb alert_cb, + handshake_cb hs_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + RandomNumberGenerator& rng, + const Policy& policy, + bool is_datagram, + size_t io_buf_sz = IO_BUF_DEFAULT_SIZE); + Channel(const Channel&) = delete; Channel& operator=(const Channel&) = delete; @@ -198,6 +219,8 @@ class BOTAN_DLL Channel Callbacks get_callbacks() const { return m_callbacks; } private: + void init(size_t io_buf_sze); + void send_record(byte record_type, const std::vector<byte>& record); void send_record_under_epoch(u16bit epoch, byte record_type, diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp index ab733d7a5..e2f090033 100644 --- a/src/lib/tls/tls_client.cpp +++ b/src/lib/tls/tls_client.cpp @@ -55,19 +55,65 @@ Client::Client(const Callbacks& callbacks, m_creds(creds), m_info(properties.get_server_info()) { + init(properties.get_protocol_version(), properties.get_next_protocols()); + } + +Client::Client(output_fn output_fn, + data_cb proc_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& info, + const Protocol_Version& offer_version, + const std::vector<std::string>& next_protos, + size_t io_buf_sz) : + Channel(output_fn, proc_cb, alert_cb, handshake_cb, Channel::handshake_msg_cb(), + session_manager, rng, policy, offer_version.is_datagram_protocol(), io_buf_sz), + m_creds(creds), + m_info(info) + { + init(offer_version, next_protos); + } + +Client::Client(output_fn output_fn, + data_cb proc_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& info, + const Protocol_Version& offer_version, + const std::vector<std::string>& next_protos) : + Channel(output_fn, proc_cb, alert_cb, handshake_cb, hs_msg_cb, + session_manager, rng, policy, offer_version.is_datagram_protocol()), + m_creds(creds), + m_info(info) + { + init(offer_version, next_protos); + } + +void Client::init(const Protocol_Version& protocol_version, + const std::vector<std::string>& next_protocols) + { const std::string srp_identifier = m_creds.srp_identifier("tls-client", m_info.hostname()); - Handshake_State& state = create_handshake_state(properties.get_protocol_version()); - send_client_hello(state, false, properties.get_protocol_version(), - srp_identifier, properties.get_next_protocols()); + Handshake_State& state = create_handshake_state(protocol_version); + send_client_hello(state, false, protocol_version, + srp_identifier, next_protocols); } Handshake_State* Client::new_handshake_state(Handshake_IO* io) { - return new Client_Handshake_State(io, - std::bind(&TLS::Callbacks::handshake_msg, - get_callbacks(), - std::placeholders::_1)); + return new Client_Handshake_State(io, + std::bind(&TLS::Callbacks::handshake_msg, + get_callbacks(), + std::placeholders::_1)); } std::vector<X509_Certificate> diff --git a/src/lib/tls/tls_client.h b/src/lib/tls/tls_client.h index 7fb4af89a..6bdff8c53 100644 --- a/src/lib/tls/tls_client.h +++ b/src/lib/tls/tls_client.h @@ -89,6 +89,46 @@ class BOTAN_DLL Client final : public Channel const Protocol_Version m_protocol_version; const std::vector<std::string>& m_next_protocols; }; + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)") + Client(output_fn out, + data_cb app_data_cb, + alert_cb alert_cb, + handshake_cb hs_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& server_info = Server_Information(), + const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(), + const std::vector<std::string>& next_protocols = {}, + size_t reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE + ); + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)") + Client(output_fn out, + data_cb app_data_cb, + alert_cb alert_cb, + handshake_cb hs_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + const Server_Information& server_info = Server_Information(), + const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(), + const std::vector<std::string>& next_protocols = {} + ); + + Client(const Callbacks& callbacks, Session_Manager& session_manager, Credentials_Manager& creds, @@ -100,6 +140,9 @@ class BOTAN_DLL Client final : public Channel const std::string& application_protocol() const { return m_application_protocol; } private: + void init(const Protocol_Version& protocol_version, + const std::vector<std::string>& next_protocols); + std::vector<X509_Certificate> get_peer_cert_chain(const Handshake_State& state) const override; diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp index f864df391..39ebe2a59 100644 --- a/src/lib/tls/tls_server.cpp +++ b/src/lib/tls/tls_server.cpp @@ -228,6 +228,44 @@ Server::Server(const Callbacks& callbacks, { } +Server::Server(output_fn output, + data_cb data_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + next_protocol_fn next_proto, + bool is_datagram, + size_t io_buf_sz) : + Channel(output, data_cb, alert_cb, handshake_cb, + Channel::handshake_msg_cb(), session_manager, + rng, policy, is_datagram, io_buf_sz), + m_creds(creds), + m_choose_next_protocol(next_proto) + { + } + + +Server::Server(output_fn output, + data_cb data_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + next_protocol_fn next_proto, + bool is_datagram) : + Channel(output, data_cb, alert_cb, handshake_cb, hs_msg_cb, + session_manager, rng, policy, is_datagram), + m_creds(creds), + m_choose_next_protocol(next_proto) + { + } + Handshake_State* Server::new_handshake_state(Handshake_IO* io) { std::unique_ptr<Handshake_State> state( diff --git a/src/lib/tls/tls_server.h b/src/lib/tls/tls_server.h index a371fd24b..c0960a66e 100644 --- a/src/lib/tls/tls_server.h +++ b/src/lib/tls/tls_server.h @@ -40,6 +40,43 @@ class BOTAN_DLL Server final : public Channel bool is_datagram = false, size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE ); + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)") + Server(output_fn output, + data_cb data_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + next_protocol_fn next_proto = next_protocol_fn(), + bool is_datagram = false, + size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE + ); + + /** + * DEPRECATED. This constructor is only provided for backward + * compatibility and should not be used in new implementations. + */ + BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)") + Server(output_fn output, + data_cb data_cb, + alert_cb alert_cb, + handshake_cb handshake_cb, + handshake_msg_cb hs_msg_cb, + Session_Manager& session_manager, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng, + next_protocol_fn next_proto = next_protocol_fn(), + bool is_datagram = false + ); + /** * Return the protocol notification set by the client (using the * NPN extension) for this connection, if any. This value is not |