aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/tls/tls_channel.cpp2
-rw-r--r--src/tls/tls_channel.h4
-rw-r--r--src/tls/tls_client.cpp9
-rw-r--r--src/tls/tls_client.h2
-rw-r--r--src/tls/tls_server.cpp14
-rw-r--r--src/tls/tls_server.h2
6 files changed, 16 insertions, 17 deletions
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 1836c1a77..c20ee78f8 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -14,7 +14,7 @@ namespace Botan {
TLS_Channel::TLS_Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_complete) :
+ std::tr1::function<bool (const TLS_Session&)> handshake_complete) :
proc_fn(proc_fn),
handshake_fn(handshake_complete),
writer(socket_output_fn),
diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h
index c1e9e1fda..b102fc790 100644
--- a/src/tls/tls_channel.h
+++ b/src/tls/tls_channel.h
@@ -74,7 +74,7 @@ class BOTAN_DLL TLS_Channel
TLS_Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_complete);
+ std::tr1::function<bool (const TLS_Session&)> handshake_complete);
virtual ~TLS_Channel();
protected:
@@ -85,7 +85,7 @@ class BOTAN_DLL TLS_Channel
const MemoryRegion<byte>& contents) = 0;
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn;
- std::tr1::function<void (const TLS_Session&)> handshake_fn;
+ std::tr1::function<bool (const TLS_Session&)> handshake_fn;
Record_Writer writer;
Record_Reader reader;
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index b7249081b..e0dd3f9dc 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -20,7 +20,7 @@ namespace Botan {
*/
TLS_Client::TLS_Client(std::tr1::function<void (const byte[], size_t)> output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_fn,
+ std::tr1::function<bool (const TLS_Session&)> handshake_fn,
TLS_Session_Manager& session_manager,
Credentials_Manager& creds,
const TLS_Policy& policy,
@@ -384,10 +384,13 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
""
);
- session_manager.save(session_info);
+ bool save_session = true;
if(handshake_fn)
- handshake_fn(session_info);
+ save_session = handshake_fn(session_info);
+
+ if(save_session)
+ session_manager.save(session_info);
secure_renegotiation.update(state->client_finished, state->server_finished);
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index 543dda144..eb2a281f8 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -34,7 +34,7 @@ class BOTAN_DLL TLS_Client : public TLS_Channel
*/
TLS_Client(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_complete,
+ std::tr1::function<bool (const TLS_Session&)> handshake_complete,
TLS_Session_Manager& session_manager,
Credentials_Manager& creds,
const TLS_Policy& policy,
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index b981bdc69..0e26ad31c 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -83,7 +83,7 @@ bool check_for_resume(TLS_Session& session_info,
*/
TLS_Server::TLS_Server(std::tr1::function<void (const byte[], size_t)> output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_fn,
+ std::tr1::function<bool (const TLS_Session&)> handshake_fn,
TLS_Session_Manager& session_manager,
Credentials_Manager& creds,
const TLS_Policy& policy,
@@ -204,8 +204,8 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
state->version, SERVER,
state->keys.master_secret());
- if(handshake_fn)
- handshake_fn(session_info);
+ if(!handshake_fn(session_info))
+ session_manager.remove_entry(session_info.session_id());
state->set_expected_next(HANDSHAKE_CCS);
}
@@ -375,8 +375,6 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
state->version, SERVER,
state->keys.master_secret());
- std::vector<X509_Certificate> peer_certs;
-
if(state->client_certs && state->client_verify)
peer_certs = state->client_certs->cert_chain();
}
@@ -395,10 +393,8 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
""
);
- session_manager.save(session_info);
-
- if(handshake_fn)
- handshake_fn(session_info);
+ if(handshake_fn(session_info))
+ session_manager.save(session_info);
secure_renegotiation.update(state->client_finished,
state->server_finished);
diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h
index e07f89eba..b08d3f7e8 100644
--- a/src/tls/tls_server.h
+++ b/src/tls/tls_server.h
@@ -26,7 +26,7 @@ class BOTAN_DLL TLS_Server : public TLS_Channel
*/
TLS_Server(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
- std::tr1::function<void (const TLS_Session&)> handshake_complete,
+ std::tr1::function<bool (const TLS_Session&)> handshake_complete,
TLS_Session_Manager& session_manager,
Credentials_Manager& creds,
const TLS_Policy& policy,
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 16:43:16 +0000