diff options
| author | lloyd <[email protected]> | 2012-04-04 15:09:51 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-04-04 15:09:51 +0000 |
| commit | f5d35f360a04acef3ad19b0abf9a830b0d52d5d8 (patch) | |
| tree | ca23d42ebea4bdfb716e4b552b7befe1f494a53c /src/tls/sessions_sqlite | |
| parent | 0b7fb2651b187097e9c89e37e2672ff28830371a (diff) | |
Limit the lifetime of tickets to Policy::session_ticket_lifetime()
seconds and report that value to the client in the NewSessionTicket
message. After that point, a session ticket is ignored and a full
renegotiation is forced.
Only send a new session ticket on a new session, or on a resumed
session where the client indicated it supports session tickets but for
whatever reason didn't send one in the hello. Perhaps in this case, we
should also remove the session from the session manager?
Clean up server selection of the ciphersuite a bit, all in an anon
function in tls_server instead of scattered over Server, Policy, and
Server_Hello.
Add Session::session_age and Session_Manager::session_lifetime
Diffstat (limited to 'src/tls/sessions_sqlite')
| -rw-r--r-- | src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp | 2 | ||||
| -rw-r--r-- | src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h | 7 |
2 files changed, 6 insertions, 3 deletions
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp index 4d78a5365..cb831aadf 100644 --- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp +++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp @@ -145,7 +145,7 @@ Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase, RandomNumberGenerator& rng, const std::string& db_filename, size_t max_sessions, - size_t session_lifetime) : + u32bit session_lifetime) : m_rng(rng), m_max_sessions(max_sessions), m_session_lifetime(session_lifetime) diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h index 424db24e5..7ac2caeb2 100644 --- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h +++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h @@ -36,7 +36,7 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager RandomNumberGenerator& rng, const std::string& db_filename, size_t max_sessions = 1000, - size_t session_lifetime = 7200); + u32bit session_lifetime = 7200); ~Session_Manager_SQLite(); @@ -49,6 +49,8 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager void remove_entry(const MemoryRegion<byte>& session_id); void save(const Session& session_data); + + u32bit session_lifetime() const { return m_session_lifetime; } private: Session_Manager_SQLite(const Session_Manager_SQLite&); Session_Manager_SQLite& operator=(const Session_Manager_SQLite&); @@ -57,7 +59,8 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager SymmetricKey m_session_key; RandomNumberGenerator& m_rng; - size_t m_max_sessions, m_session_lifetime; + size_t m_max_sessions; + u32bit m_session_lifetime; class sqlite3* m_db; }; |