/* * TLS Server * (C) 2004-2011 Jack Lloyd * 2016 Matthias Gierlings * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_TLS_SERVER_H_ #define BOTAN_TLS_SERVER_H_ #include #include #include #include namespace Botan { namespace TLS { class Server_Handshake_State; /** * TLS Server */ class BOTAN_PUBLIC_API(2,0) Server final : public Channel { public: typedef std::function)> next_protocol_fn; /** * Server initialization * * @param callbacks contains a set of callback function references * required by the TLS client. * * @param session_manager manages session state * * @param creds manages application/user credentials * * @param policy specifies other connection policy information * * @param rng a random number generator * * @param is_datagram set to true if this server should expect DTLS * connections. Otherwise TLS connections are expected. * * @param reserved_io_buffer_size This many bytes of memory will * be preallocated for the read and write buffers. Smaller * values just mean reallocations and copies are more likely. */ Server(Callbacks& callbacks, Session_Manager& session_manager, Credentials_Manager& creds, const Policy& policy, RandomNumberGenerator& rng, bool is_datagram = false, size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE ); /** * DEPRECATED. This constructor is only provided for backward * compatibility and should not be used in new implementations. */ BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)") Server(output_fn output, data_cb data_cb, alert_cb alert_cb, handshake_cb handshake_cb, Session_Manager& session_manager, Credentials_Manager& creds, const Policy& policy, RandomNumberGenerator& rng, next_protocol_fn next_proto = next_protocol_fn(), bool is_datagram = false, size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE ); /** * DEPRECATED. This constructor is only provided for backward * compatibility and should not be used in new implementations. */ BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)") Server(output_fn output, data_cb data_cb, alert_cb alert_cb, handshake_cb handshake_cb, handshake_msg_cb hs_msg_cb, Session_Manager& session_manager, Credentials_Manager& creds, const Policy& policy, RandomNumberGenerator& rng, next_protocol_fn next_proto = next_protocol_fn(), bool is_datagram = false ); /** * Return the protocol notification set by the client (using the * NPN extension) for this connection, if any. This value is not * tied to the session and a later renegotiation of the same * session can choose a new protocol. */ std::string next_protocol() const { return m_next_protocol; } private: std::vector get_peer_cert_chain(const Handshake_State& state) const override; void initiate_handshake(Handshake_State& state, bool force_full_renegotiation) override; void process_handshake_msg(const Handshake_State* active_state, Handshake_State& pending_state, Handshake_Type type, const std::vector& contents) override; void process_client_hello_msg(const Handshake_State* active_state, Server_Handshake_State& pending_state, const std::vector& contents); void process_certificate_msg(Server_Handshake_State& pending_state, const std::vector& contents); void process_client_key_exchange_msg(Server_Handshake_State& pending_state, const std::vector& contents); void process_change_cipher_spec_msg(Server_Handshake_State& pending_state); void process_certificate_verify_msg(Server_Handshake_State& pending_state, Handshake_Type type, const std::vector& contents); void process_finished_msg(Server_Handshake_State& pending_state, Handshake_Type type, const std::vector& contents); void session_resume(Server_Handshake_State& pending_state, bool have_session_ticket_key, Session& session_info); void session_create(Server_Handshake_State& pending_state, bool have_session_ticket_key); Handshake_State* new_handshake_state(Handshake_IO* io) override; Credentials_Manager& m_creds; std::string m_next_protocol; // Set by deprecated constructor, Server calls both this fn and Callbacks version next_protocol_fn m_choose_next_protocol; }; } } #endif