Session.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2025 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_SECURITY_SESSION_H
10 #define SQUID_SRC_SECURITY_SESSION_H
11 
12 #include "base/HardFun.h"
13 #include "comm/forward.h"
14 #include "security/Context.h"
15 #include "security/LockingPointer.h"
16 
17 #include <memory>
18 
19 #if USE_OPENSSL
20 #include "compat/openssl.h"
21 #if HAVE_OPENSSL_SSL_H
22 #include <openssl/ssl.h>
23 #endif
24 #endif
25 
26 #if HAVE_LIBGNUTLS
27 #if HAVE_GNUTLS_GNUTLS_H
28 #include <gnutls/gnutls.h>
29 #endif
30 #endif
31 
32 namespace Security {
33 
34 // XXX: Should be only in src/security/forward.h (which should not include us
35 // because that #include creates a circular reference and problems like this).
36 class FuturePeerContext;
37 
40 bool CreateClientSession(FuturePeerContext &, const Comm::ConnectionPointer &, const char *squidCtx);
41 
42 class PeerOptions;
43 
46 bool CreateServerSession(const Security::ContextPointer &, const Comm::ConnectionPointer &, Security::PeerOptions &, const char *squidCtx);
47 
48 #if USE_OPENSSL
49 typedef SSL Connection;
50 
51 using Session = SSL_SESSION;
52 
53 typedef std::shared_ptr<SSL> SessionPointer;
54 
55 typedef std::unique_ptr<SSL_SESSION, HardFun<void, SSL_SESSION*, &SSL_SESSION_free>> SessionStatePointer;
56 
57 #elif HAVE_LIBGNUTLS
58 // to be finalized when it is actually needed/used
59 struct Connection {};
60 
61 // to be finalized when it is actually needed/used
62 struct Session {};
63 
64 typedef std::shared_ptr<struct gnutls_session_int> SessionPointer;
65 
66 // wrapper function to get around gnutls_free being a typedef
67 inline void squid_gnutls_free(void *d) {gnutls_free(d);}
68 typedef std::unique_ptr<gnutls_datum_t, HardFun<void, void*, &Security::squid_gnutls_free>> SessionStatePointer;
69 
70 #else
71 typedef std::nullptr_t Connection;
72 
73 struct Session {};
74 
75 typedef std::shared_ptr<void> SessionPointer;
76 
77 typedef std::unique_ptr<int> SessionStatePointer;
78 
79 #endif
80 
82 void SessionSendGoodbye(const Security::SessionPointer &);
83 
85 bool SessionIsResumed(const Security::SessionPointer &);
86 
96 void MaybeGetSessionResumeData(const Security::SessionPointer &, Security::SessionStatePointer &data);
97 
100 void SetSessionResumeData(const Security::SessionPointer &, const Security::SessionStatePointer &);
101 
102 #if USE_OPENSSL
103 // TODO: remove from public API. It is only public because of Security::ServerOptions::updateContextConfig
105 void SetSessionCacheCallbacks(Security::ContextPointer &);
106 
108 inline Security::ContextPointer
109 GetFrom(Security::SessionPointer &s)
110 {
111  auto *ctx = SSL_get_SSL_CTX(s.get());
112  return Security::ContextPointer(ctx, [](SSL_CTX *) {/* nothing to unlock/free */});
113 }
114 
118 Security::SessionPointer NewSessionObject(const Security::ContextPointer &);
119 #endif
120 
121 } // namespace Security
122 
123 #endif /* SQUID_SRC_SECURITY_SESSION_H */
124 
Security::ContextPointer
std::shared_ptr< SSL_CTX > ContextPointer
Definition: Context.h:29
Security::MaybeGetSessionResumeData
void MaybeGetSessionResumeData(const Security::SessionPointer &, Security::SessionStatePointer &data)
Definition: Session.cc:226
Security::GetFrom
Security::ContextPointer GetFrom(Security::SessionPointer &s)
Helper function to retrieve a (non-locked) ContextPointer from a SessionPointer.
Definition: Session.h:109
Security::SessionSendGoodbye
void SessionSendGoodbye(const Security::SessionPointer &)
send the shutdown/bye notice for an active TLS session.
Definition: Session.cc:200
Security::SessionIsResumed
bool SessionIsResumed(const Security::SessionPointer &)
whether the session is a resumed one
Definition: Session.cc:213
Security::PeerOptions
TLS squid.conf settings for a remote server peer.
Definition: PeerOptions.h:25
Security::SetSessionCacheCallbacks
void SetSessionCacheCallbacks(Security::ContextPointer &)
Setup the given TLS context with callbacks used to manage the session cache.
Definition: Session.cc:376
Security::NewSessionObject
Security::SessionPointer NewSessionObject(const Security::ContextPointer &)
Definition: Session.cc:90
Security::Connection
SSL Connection
Definition: Session.h:49
Security::CreateServerSession
bool CreateServerSession(const Security::ContextPointer &, const Comm::ConnectionPointer &, Security::PeerOptions &, const char *squidCtx)
Definition: Session.cc:194
Security::SessionPointer
std::shared_ptr< SSL > SessionPointer
Definition: Session.h:53
Security::CreateClientSession
bool CreateClientSession(FuturePeerContext &, const Comm::ConnectionPointer &, const char *squidCtx)
Definition: Session.cc:183
Security::SessionStatePointer
std::unique_ptr< SSL_SESSION, HardFun< void, SSL_SESSION *, &SSL_SESSION_free > > SessionStatePointer
Definition: Session.h:55
Security::Session
SSL_SESSION Session
Definition: Session.h:51
Security
Network/connection security abstraction layer.
Definition: Connection.h:33
Security::SetSessionResumeData
void SetSessionResumeData(const Security::SessionPointer &, const Security::SessionStatePointer &)
Definition: Session.cc:247

 

Introduction

Documentation

Support

Miscellaneous