nodemcu-firmware/app/include/mbedtls/ssl_cache.h

151 lines
4.2 KiB
C
Raw Normal View History

/**
* \file ssl_cache.h
*
* \brief SSL session cache implementation
*/
/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_SSL_CACHE_H
#define MBEDTLS_SSL_CACHE_H
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "ssl.h"
#if defined(MBEDTLS_THREADING_C)
#include "threading.h"
#endif
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
#endif
#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
#endif
/* \} name SECTION: Module settings */
#ifdef __cplusplus
extern "C" {
#endif
typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
/**
* \brief This structure is used for storing cache entries
*/
struct mbedtls_ssl_cache_entry
{
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t timestamp; /*!< entry timestamp */
#endif
mbedtls_ssl_session session; /*!< entry session */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_buf peer_cert; /*!< entry peer_cert */
#endif
mbedtls_ssl_cache_entry *next; /*!< chain pointer */
};
/**
* \brief Cache context
*/
struct mbedtls_ssl_cache_context
{
mbedtls_ssl_cache_entry *chain; /*!< start of the chain */
int timeout; /*!< cache entry timeout */
int max_entries; /*!< maximum entries */
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t mutex; /*!< mutex */
#endif
};
/**
* \brief Initialize an SSL cache context
*
* \param cache SSL cache context
*/
void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
/**
* \brief Cache get callback implementation
* (Thread-safe if MBEDTLS_THREADING_C is enabled)
*
* \param data SSL cache context
* \param session session to retrieve entry for
*/
int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
/**
* \brief Cache set callback implementation
* (Thread-safe if MBEDTLS_THREADING_C is enabled)
*
* \param data SSL cache context
* \param session session to store entry for
*/
int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
#if defined(MBEDTLS_HAVE_TIME)
/**
* \brief Set the cache timeout
* (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
*
* A timeout of 0 indicates no timeout.
*
* \param cache SSL cache context
* \param timeout cache entry timeout in seconds
*/
void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
#endif /* MBEDTLS_HAVE_TIME */
/**
* \brief Set the maximum number of cache entries
* (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
*
* \param cache SSL cache context
* \param max cache entry maximum
*/
void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
/**
* \brief Free referenced items in a cache context and clear memory
*
* \param cache SSL cache context
*/
void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
#ifdef __cplusplus
}
#endif
#endif /* ssl_cache.h */