diff options
-rw-r--r-- | src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp | 18 | ||||
-rw-r--r-- | src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h | 5 | ||||
-rw-r--r-- | src/tls/tls_session.cpp | 31 |
3 files changed, 29 insertions, 25 deletions
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp index 4d78a5365..175adad6c 100644 --- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp +++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp @@ -9,9 +9,9 @@ #include <botan/internal/assert.h> #include <botan/lookup.h> #include <botan/hex.h> -#include <botan/time.h> #include <botan/loadstor.h> #include <memory> +#include <chrono> #include <sqlite3.h> @@ -29,28 +29,29 @@ class sqlite3_statement int rc = sqlite3_prepare_v2(db, base_sql.c_str(), -1, &m_stmt, 0); if(rc != SQLITE_OK) - throw std::runtime_error("sqlite3_prepare failed " + base_sql + ", code " + to_string(rc)); + throw std::runtime_error("sqlite3_prepare failed " + base_sql + + ", code " + std::to_string(rc)); } void bind(int column, const std::string& val) { int rc = sqlite3_bind_text(m_stmt, column, val.c_str(), -1, SQLITE_TRANSIENT); if(rc != SQLITE_OK) - throw std::runtime_error("sqlite3_bind_text failed, code " + to_string(rc)); + throw std::runtime_error("sqlite3_bind_text failed, code " + std::to_string(rc)); } void bind(int column, int val) { int rc = sqlite3_bind_int(m_stmt, column, val); if(rc != SQLITE_OK) - throw std::runtime_error("sqlite3_bind_int failed, code " + to_string(rc)); + throw std::runtime_error("sqlite3_bind_int failed, code " + std::to_string(rc)); } void bind(int column, const MemoryRegion<byte>& val) { int rc = sqlite3_bind_blob(m_stmt, column, &val[0], val.size(), SQLITE_TRANSIENT); if(rc != SQLITE_OK) - throw std::runtime_error("sqlite3_bind_text failed, code " + to_string(rc)); + throw std::runtime_error("sqlite3_bind_text failed, code " + std::to_string(rc)); } std::pair<const byte*, size_t> get_blob(int column) @@ -145,7 +146,7 @@ Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase, RandomNumberGenerator& rng, const std::string& db_filename, size_t max_sessions, - size_t session_lifetime) : + std::chrono::seconds session_lifetime) : m_rng(rng), m_max_sessions(max_sessions), m_session_lifetime(session_lifetime) @@ -308,7 +309,7 @@ void Session_Manager_SQLite::save(const Session& session) " values(?1, ?2, ?3, ?4, ?5)"); stmt.bind(1, hex_encode(session.session_id())); - stmt.bind(2, session.start_time()); + stmt.bind(2, std::chrono::system_clock::to_time_t(session.start_time())); stmt.bind(3, session.sni_hostname()); stmt.bind(4, 0); stmt.bind(5, session.encrypt(m_session_key, m_rng)); @@ -322,7 +323,8 @@ void Session_Manager_SQLite::prune_session_cache() { sqlite3_statement remove_expired(m_db, "delete from tls_sessions where session_start <= ?1"); - remove_expired.bind(1, system_time() - m_session_lifetime); + remove_expired.bind(1, std::chrono::system_clock::to_time_t( + std::chrono::system_clock::now() - m_session_lifetime)); remove_expired.spin(); diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h index 424db24e5..1d12b71cd 100644 --- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h +++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h @@ -36,7 +36,7 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager RandomNumberGenerator& rng, const std::string& db_filename, size_t max_sessions = 1000, - size_t session_lifetime = 7200); + std::chrono::seconds session_lifetime = std::chrono::seconds(7200)); ~Session_Manager_SQLite(); @@ -57,7 +57,8 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager SymmetricKey m_session_key; RandomNumberGenerator& m_rng; - size_t m_max_sessions, m_session_lifetime; + size_t m_max_sessions; + std::chrono::seconds m_session_lifetime; class sqlite3* m_db; }; diff --git a/src/tls/tls_session.cpp b/src/tls/tls_session.cpp index 44689b510..cec1c87ae 100644 --- a/src/tls/tls_session.cpp +++ b/src/tls/tls_session.cpp @@ -19,16 +19,17 @@ namespace Botan { namespace TLS { Session::Session(const MemoryRegion<byte>& session_identifier, - const MemoryRegion<byte>& master_secret, - Protocol_Version version, - u16bit ciphersuite, - byte compression_method, - Connection_Side side, - bool secure_renegotiation_supported, - size_t fragment_size, - const std::vector<X509_Certificate>& certs, - const std::string& sni_hostname, - const std::string& srp_identifier) : + const MemoryRegion<byte>& master_secret, + Protocol_Version version, + u16bit ciphersuite, + byte compression_method, + Connection_Side side, + bool secure_renegotiation_supported, + size_t fragment_size, + const std::vector<X509_Certificate>& certs, + const MemoryRegion<byte>& ticket, + const std::string& sni_hostname, + const std::string& srp_identifier) : m_start_time(std::chrono::system_clock::now()), m_identifier(session_identifier), m_session_ticket(ticket), @@ -68,7 +69,7 @@ Session::Session(const byte ber[], size_t ber_len) .start_cons(SEQUENCE) .decode_and_check(static_cast<size_t>(TLS_SESSION_PARAM_STRUCT_VERSION), "Unknown version in session structure") - .decode_integer_type(m_start_time) + .decode_integer_type(start_time) .decode_integer_type(major_version) .decode_integer_type(minor_version) .decode(m_identifier, OCTET_STRING) @@ -151,7 +152,7 @@ MemoryVector<byte> Session::encrypt(const SymmetricKey& master_key, RandomNumberGenerator& rng) const { - std::auto_ptr<KDF> kdf(get_kdf(SESSION_CRYPTO_KDF)); + std::unique_ptr<KDF> kdf(get_kdf(SESSION_CRYPTO_KDF)); SymmetricKey cipher_key = kdf->derive_key(CIPHER_KEY_LENGTH, @@ -165,7 +166,7 @@ Session::encrypt(const SymmetricKey& master_key, InitializationVector cipher_iv(rng, 16); - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(SESSION_CRYPTO_MAC)); + std::unique_ptr<MessageAuthenticationCode> mac(get_mac(SESSION_CRYPTO_MAC)); mac->set_key(mac_key); Pipe pipe(get_cipher(SESSION_CRYPTO_CIPHER, cipher_key, cipher_iv, ENCRYPTION)); @@ -199,14 +200,14 @@ Session Session::decrypt(const byte buf[], size_t buf_len, if(load_be<u32bit>(buf, 0) != SESSION_CRYPTO_MAGIC) throw Decoding_Error("Unknown header value in encrypted session"); - std::auto_ptr<KDF> kdf(get_kdf(SESSION_CRYPTO_KDF)); + std::unique_ptr<KDF> kdf(get_kdf(SESSION_CRYPTO_KDF)); SymmetricKey mac_key = kdf->derive_key(MAC_KEY_LENGTH, master_key.bits_of(), "tls.session.mac-key"); - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(SESSION_CRYPTO_MAC)); + std::unique_ptr<MessageAuthenticationCode> mac(get_mac(SESSION_CRYPTO_MAC)); mac->set_key(mac_key); mac->update(&buf[0], buf_len - MAC_OUTPUT_LENGTH); |