OpenVPN 3 Core Library
Loading...
Searching...
No Matches
psid_cookie.hpp
Go to the documentation of this file.
1// OpenVPN -- An application to securely tunnel IP networks
2// over a single port, with support for SSL/TLS-based
3// session authentication and key exchange,
4// packet encryption, packet authentication, and
5// packet compression.
6//
7// Copyright (C) 2022- OpenVPN Inc.
8//
9// SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception
10//
11
12
38#pragma once
39
40
41#include <openvpn/buffer/buffer.hpp> // includes rc.hpp
42#include <openvpn/ssl/psid.hpp>
43
44namespace openvpn {
45
55class PsidCookieAddrInfoBase
56{
57 public:
58 virtual const unsigned char *get_abstract_cli_addrport(size_t &slab_size) const = 0;
59
60 virtual const void *get_impl_info() const = 0;
61
62 virtual ~PsidCookieAddrInfoBase() = default;
63};
64
72class PsidCookieTransportBase : public RC<thread_unsafe_refcount>
73{
74 public:
75 typedef RCPtr<PsidCookieTransportBase> Ptr;
76
77 virtual bool psid_cookie_send_const(Buffer &send_buf, const PsidCookieAddrInfoBase &pcaib) = 0;
78
79 virtual ~PsidCookieTransportBase() = default;
80};
81
85class PsidCookie : public RC<thread_unsafe_refcount>
86{
87 public:
88 typedef RCPtr<PsidCookie> Ptr;
89
97 enum class Intercept
98 {
99 DECLINE_HANDLING,
100 EARLY_DROP,
101 DROP_1ST,
102 HANDLE_1ST,
103 DROP_2ND,
104 HANDLE_2ND,
105 };
106
119 virtual Intercept intercept(ConstBuffer &pkt_buf, const PsidCookieAddrInfoBase &pcaib) = 0;
120
131 virtual ProtoSessionID get_cookie_psid() = 0;
132
133 // The PsidCookie server implementation owns the transport detail for sending the psid cookie packet that the class implementing this interface creates. The intercept() method will call the derived class' psid_cookie_send_const() function above.
134
144 virtual void provide_psid_cookie_transport(PsidCookieTransportBase::Ptr pctb) = 0;
145
146 virtual ~PsidCookie() = default;
147};
148
149} // namespace openvpn
openvpn::PsidCookieAddrInfoBase
Interface to communicate the server's address semantics.
Definition psid_cookie.hpp:56
openvpn::PsidCookieAddrInfoBase::get_impl_info
virtual const void * get_impl_info() const =0
openvpn::PsidCookieAddrInfoBase::get_abstract_cli_addrport
virtual const unsigned char * get_abstract_cli_addrport(size_t &slab_size) const =0
openvpn::PsidCookieAddrInfoBase::~PsidCookieAddrInfoBase
virtual ~PsidCookieAddrInfoBase()=default
openvpn::PsidCookieTransportBase
Interface to provide access to the server's transport capability.
Definition psid_cookie.hpp:73
openvpn::PsidCookieTransportBase::Ptr
RCPtr< PsidCookieTransportBase > Ptr
Definition psid_cookie.hpp:75
openvpn::PsidCookieTransportBase::psid_cookie_send_const
virtual bool psid_cookie_send_const(Buffer &send_buf, const PsidCookieAddrInfoBase &pcaib)=0
openvpn::PsidCookieTransportBase::~PsidCookieTransportBase
virtual ~PsidCookieTransportBase()=default
openvpn::PsidCookie
Interface to integrate this component into the server implementation.
Definition psid_cookie.hpp:86
openvpn::PsidCookie::provide_psid_cookie_transport
virtual void provide_psid_cookie_transport(PsidCookieTransportBase::Ptr pctb)=0
Give this component the transport needed to send the server's HARD_RESET.
openvpn::PsidCookie::Ptr
RCPtr< PsidCookie > Ptr
Definition psid_cookie.hpp:88
openvpn::PsidCookie::Intercept
Intercept
Values returned by the intercept() function.
Definition psid_cookie.hpp:98
openvpn::PsidCookie::get_cookie_psid
virtual ProtoSessionID get_cookie_psid()=0
Get the cookie psid from client's 2nd packet.
openvpn::PsidCookie::intercept
virtual Intercept intercept(ConstBuffer &pkt_buf, const PsidCookieAddrInfoBase &pcaib)=0
Called when a potential new client session packet is received.
openvpn::PsidCookie::~PsidCookie
virtual ~PsidCookie()=default
openvpn::RCPtr
The smart pointer class.
Definition rc.hpp:119
openvpn::RC
Reference count base class for objects tracked by RCPtr. Disallows copying and assignment.
Definition rc.hpp:912