aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_messages.h
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-04-16 19:00:49 +0000
committerlloyd <[email protected]>2012-04-16 19:00:49 +0000
commitb224e899c8846f17a36dc41c53dd94ba037ada79 (patch)
tree81e2b0391b436b7620ffbeaa15252c75ae3c9039 /src/tls/tls_messages.h
parentc09b208d5d3ead81ef7ad662f71f55f1e00f61bc (diff)
Add support for TLS heartbeats (RFC 6520). Heartbeat initiations from
the peer are automatically responded to. TLS::Channel::heartbeat can initiate a new heartbeat if the peer allows it. Heartbeat replies are passed back to the application processing function with an Alert value of HEARTBEAT_PAYLOAD (a 'fake' value, 256, which is out of range of the valid TLS alert space), along with the sent payload. The RFC requires us to have no more than one heartbeat 'in flight' at a time, ie without getting a response (or a timeout in the case of DTLS). Currently we do not prevent an application from requesting more.
Diffstat (limited to 'src/tls/tls_messages.h')
-rw-r--r--src/tls/tls_messages.h37
1 files changed, 22 insertions, 15 deletions
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index c8a9382d6..4c2b1b797 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -73,15 +73,10 @@ class Client_Hello : public Handshake_Message
{
public:
Handshake_Type type() const { return CLIENT_HELLO; }
+
Protocol_Version version() const { return m_version; }
- const MemoryVector<byte>& session_id() const { return m_session_id; }
- std::vector<byte> session_id_vector() const
- {
- std::vector<byte> v;
- v.insert(v.begin(), &m_session_id[0], &m_session_id[m_session_id.size()]);
- return v;
- }
+ const MemoryVector<byte>& session_id() const { return m_session_id; }
const std::vector<std::pair<std::string, std::string> >& supported_algos() const
{ return m_supported_algos; }
@@ -114,6 +109,10 @@ class Client_Hello : public Handshake_Message
const MemoryRegion<byte>& session_ticket() const
{ return m_session_ticket; }
+ bool supports_heartbeats() const { return m_supports_heartbeats; }
+
+ bool peer_can_send_heartbeats() const { return m_peer_can_send_heartbeats; }
+
Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
const Policy& policy,
@@ -155,6 +154,9 @@ class Client_Hello : public Handshake_Message
bool m_supports_session_ticket;
MemoryVector<byte> m_session_ticket;
+
+ bool m_supports_heartbeats;
+ bool m_peer_can_send_heartbeats;
};
/**
@@ -164,17 +166,16 @@ class Server_Hello : public Handshake_Message
{
public:
Handshake_Type type() const { return SERVER_HELLO; }
+
Protocol_Version version() { return m_version; }
+
+ const MemoryVector<byte>& random() const { return m_random; }
+
const MemoryVector<byte>& session_id() const { return m_session_id; }
+
u16bit ciphersuite() const { return m_ciphersuite; }
- byte compression_method() const { return m_comp_method; }
- std::vector<byte> session_id_vector() const
- {
- std::vector<byte> v;
- v.insert(v.begin(), &m_session_id[0], &m_session_id[m_session_id.size()]);
- return v;
- }
+ byte compression_method() const { return m_comp_method; }
bool secure_renegotiation() const { return m_secure_renegotiation; }
@@ -190,7 +191,9 @@ class Server_Hello : public Handshake_Message
const MemoryVector<byte>& renegotiation_info()
{ return m_renegotiation_info; }
- const MemoryVector<byte>& random() const { return m_random; }
+ bool supports_heartbeats() const { return m_supports_heartbeats; }
+
+ bool peer_can_send_heartbeats() const { return m_peer_can_send_heartbeats; }
Server_Hello(Record_Writer& writer,
Handshake_Hash& hash,
@@ -204,6 +207,7 @@ class Server_Hello : public Handshake_Message
bool offer_session_ticket,
bool client_has_npn,
const std::vector<std::string>& next_protocols,
+ bool client_has_heartbeat,
RandomNumberGenerator& rng);
Server_Hello(const MemoryRegion<byte>& buf);
@@ -222,6 +226,9 @@ class Server_Hello : public Handshake_Message
bool m_next_protocol;
std::vector<std::string> m_next_protocols;
bool m_supports_session_ticket;
+
+ bool m_supports_heartbeats;
+ bool m_peer_can_send_heartbeats;
};
/**