3
* aria2 - The high speed download utility
5
* Copyright (C) 2013 Nils Maier
7
* This program is free software; you can redistribute it and/or modify
8
* it under the terms of the GNU General Public License as published by
9
* the Free Software Foundation; either version 2 of the License, or
10
* (at your option) any later version.
12
* This program is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
17
* You should have received a copy of the GNU General Public License
18
* along with this program; if not, write to the Free Software
19
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21
* In addition, as a special exception, the copyright holders give
22
* permission to link the code of portions of this program with the
23
* OpenSSL library under certain conditions as described in each
24
* individual source file, and distribute linked combinations
26
* You must obey the GNU General Public License in all respects
27
* for all of the code used other than OpenSSL. If you modify
28
* file(s) with this exception, you may extend this exception to your
29
* version of the file(s), but you are not obligated to do so. If you
30
* do not wish to do so, delete this exception statement from your
31
* version. If you delete this exception statement from all source
32
* files in the program, then also delete it here.
36
#ifndef WIN_TLS_SESSION_H
37
#define WIN_TLS_SESSION_H
42
#include "TLSSession.h"
43
#include "WinTLSContext.h"
50
size_t off_, free_, cap_;
51
std::vector<char> buf_;
54
inline Buffer() : off_(0), free_(0), cap_(0) {}
56
inline size_t size() const {
59
inline size_t free() const {
62
inline void resize(size_t len) {
74
return buf_.data() + off_;
76
inline void eat(size_t len) {
79
memmove(buf_.data(), buf_.data() + len, off_);
86
inline void advance(size_t len) {
90
inline void write(const void* data, size_t len) {
95
memcpy(end(), data, len);
101
class WinTLSSession : public TLSSession {
106
st_handshake_write_last,
116
WinTLSSession(WinTLSContext* ctx);
118
// MUST deallocate all resources
119
virtual ~WinTLSSession();
121
// Initializes SSL/TLS session. The |sockfd| is the underlying
122
// tranport socket. This function returns TLS_ERR_OK if it
123
// succeeds, or TLS_ERR_ERROR.
124
virtual int init(sock_t sockfd) CXX11_OVERRIDE;
126
// Sets |hostname| for TLS SNI extension. This is only meaningful for
127
// client side session. This function returns TLS_ERR_OK if it
128
// succeeds, or TLS_ERR_ERROR.
129
virtual int setSNIHostname(const std::string& hostname) CXX11_OVERRIDE;
131
// Closes the SSL/TLS session. Don't close underlying transport
132
// socket. This function returns TLS_ERR_OK if it succeeds, or
134
virtual int closeConnection() CXX11_OVERRIDE;
136
// Returns TLS_WANT_READ if SSL/TLS session needs more data from
137
// remote endpoint to proceed, or TLS_WANT_WRITE if SSL/TLS session
138
// needs to write more data to proceed. If SSL/TLS session needs
139
// neither read nor write data at the moment, return value is
141
virtual int checkDirection() CXX11_OVERRIDE;
143
// Sends |data| with length |len|. This function returns the number
144
// of bytes sent if it succeeds, or TLS_ERR_WOULDBLOCK if the
145
// underlying tranport blocks, or TLS_ERR_ERROR.
146
virtual ssize_t writeData(const void* data, size_t len) CXX11_OVERRIDE;
148
// Receives data into |data| with length |len|. This function returns
149
// the number of bytes received if it succeeds, or TLS_ERR_WOULDBLOCK
150
// if the underlying tranport blocks, or TLS_ERR_ERROR.
151
virtual ssize_t readData(void* data, size_t len) CXX11_OVERRIDE;
153
// Performs client side handshake. The |hostname| is the hostname of
154
// the remote endpoint and is used to verify its certificate. This
155
// function returns TLS_ERR_OK if it succeeds, or TLS_ERR_WOULDBLOCK
156
// if the underlying transport blocks, or TLS_ERR_ERROR.
157
// When returning TLS_ERR_ERROR, provide certificate validation error
158
// in |handshakeErr|.
159
virtual int tlsConnect(const std::string& hostname, std::string& handshakeErr) CXX11_OVERRIDE;
161
// Performs server side handshake. This function returns TLS_ERR_OK
162
// if it succeeds, or TLS_ERR_WOULDBLOCK if the underlying transport
163
// blocks, or TLS_ERR_ERROR.
164
virtual int tlsAccept() CXX11_OVERRIDE;
166
// Returns last error string
167
virtual std::string getLastErrorString() CXX11_OVERRIDE;
170
std::string hostname_;
172
TLSSessionSide side_;
176
// Buffer for already encrypted writes
177
wintls::Buffer writeBuf_;
178
// While the writeBuf_ holds encrypted messages, writeBuffered_ has the
179
// corresponding size of unencrpted data used to procude the messages.
180
size_t writeBuffered_;
181
// Buffer for still encrypted reads
182
wintls::Buffer readBuf_;
183
// Buffer for already decrypted reads
184
wintls::Buffer decBuf_;
188
SECURITY_STATUS status_;
189
std::unique_ptr<SecPkgContext_StreamSizes> streamSizes_;
194
#endif // TLS_SESSION_H