1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
/*
* TLS Server
* (C) 2004-2011 Jack Lloyd
* 2016 Matthias Gierlings
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#ifndef BOTAN_TLS_SERVER_H__
#define BOTAN_TLS_SERVER_H__
#include <botan/tls_channel.h>
#include <botan/credentials_manager.h>
#include <vector>
namespace Botan {
namespace TLS {
class Server_Handshake_State;
/**
* TLS Server
*/
class BOTAN_DLL Server final : public Channel
{
public:
typedef std::function<std::string (std::vector<std::string>)> next_protocol_fn;
/**
* Server initialization
*/
Server(const Callbacks& callbacks,
Session_Manager& session_manager,
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng,
next_protocol_fn next_proto = next_protocol_fn(),
bool is_datagram = false,
size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
);
/**
* DEPRECATED. This constructor is only provided for backward
* compatibility and should not be used in new implementations.
*/
BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
Server(output_fn output,
data_cb data_cb,
alert_cb alert_cb,
handshake_cb handshake_cb,
Session_Manager& session_manager,
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng,
next_protocol_fn next_proto = next_protocol_fn(),
bool is_datagram = false,
size_t reserved_io_buffer_size = TLS::Server::IO_BUF_DEFAULT_SIZE
);
/**
* DEPRECATED. This constructor is only provided for backward
* compatibility and should not be used in new implementations.
*/
BOTAN_DEPRECATED("Use TLS::Server(TLS::Callbacks ...)")
Server(output_fn output,
data_cb data_cb,
alert_cb alert_cb,
handshake_cb handshake_cb,
handshake_msg_cb hs_msg_cb,
Session_Manager& session_manager,
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng,
next_protocol_fn next_proto = next_protocol_fn(),
bool is_datagram = false
);
/**
* Return the protocol notification set by the client (using the
* NPN extension) for this connection, if any. This value is not
* tied to the session and a later renegotiation of the same
* session can choose a new protocol.
*/
std::string next_protocol() const { return m_next_protocol; }
private:
std::vector<X509_Certificate>
get_peer_cert_chain(const Handshake_State& state) const override;
void initiate_handshake(Handshake_State& state,
bool force_full_renegotiation) override;
void process_handshake_msg(const Handshake_State* active_state,
Handshake_State& pending_state,
Handshake_Type type,
const std::vector<byte>& contents) override;
void process_client_hello_msg(const Handshake_State* active_state,
Server_Handshake_State& pending_state,
const std::vector<byte>& contents);
void process_certificate_msg(Server_Handshake_State& pending_state,
const std::vector<byte>& contents);
void process_client_key_exchange_msg(Server_Handshake_State& pending_state,
const std::vector<byte>& contents);
void process_change_cipher_spec_msg(Server_Handshake_State& pending_state);
void process_certificate_verify_msg(Server_Handshake_State& pending_state,
Handshake_Type type,
const std::vector<byte>& contents);
void process_finished_msg(Server_Handshake_State& pending_state,
Handshake_Type type,
const std::vector<byte>& contents);
void session_resume(Server_Handshake_State& pending_state,
bool have_session_ticket_key,
Session& session_info);
void session_create(Server_Handshake_State& pending_state,
bool have_session_ticket_key);
Handshake_State* new_handshake_state(Handshake_IO* io) override;
Credentials_Manager& m_creds;
next_protocol_fn m_choose_next_protocol;
std::string m_next_protocol;
};
}
}
#endif
|
