9#ifndef SQUID_SRC_SECURITY_HANDSHAKE_H
10#define SQUID_SRC_SECURITY_HANDSHAKE_H
17#include <unordered_set>
29 std::ostream &
print(std::ostream &os)
const;
49 typedef std::unordered_set<uint16_t>
Ciphers;
56 return details.
print(os);
#define RefCountable
The locking interface for use on Reference-Counted classes.
ProtocolType protocol
which protocol this version is for
Incremental TLS/SSL Handshake parser.
unsigned int currentContentType
The current TLS/SSL record content type.
SBuf parseSniExtension(const SBuf &extensionData) const
void parseHandshakeMessage()
ParserState state
current parsing state.
void parseSupportedVersionsExtension(const SBuf &extensionData) const
RFC 8446 Section 4.2.1: SupportedVersions extension.
void parseVersion2Record()
void parseServerHelloHandshakeMessage(const SBuf &raw)
RFC 5246 Section 7.4.1.3. Server Hello.
YesNoNone expectingModernRecords
Whether to use TLS parser or a V2 compatible parser.
void parseMessages()
parses one or more "higher-level protocol" frames of currentContentType
bool isSslv2Record(const SBuf &raw) const
MessageSource messageSource
whether we are parsing Server or Client TLS handshake messages
bool parseRecordVersion2Try()
ParserState
The parsing states.
bool parseCompressionMethods(const SBuf &raw)
TlsDetails::Pointer details
TLS handshake meta info. Never nil.
void skipMessage(const char *msgType)
SBuf fragments
concatenated TLSPlaintext.fragments of TLSPlaintext.type
void parseModernRecord()
parses a single TLS Record Layer frame
void parseCiphers(const SBuf &raw)
MessageSource
the originator of the TLS handshake being parsed
void parseClientHelloHandshakeMessage(const SBuf &raw)
bool parseHello(const SBuf &data)
Parser::BinaryTokenizer tkRecords
TLS record layer (parsing uninterpreted data)
const char * done
not nil if we got what we were looking for
void parseChangeCipherCpecMessage()
void parseServerCertificates(const SBuf &raw)
void parseVersion2HandshakeMessage(const SBuf &raw)
bool resumingSession
True if this is a resuming session.
Parser::BinaryTokenizer tkMessages
TLS message layer (parsing fragments)
void parseV23Ciphers(const SBuf &raw)
void parseApplicationDataMessage()
void parseExtensions(const SBuf &raw)
bool compressionSupported
The requested/used compressed method.
SBuf clientRandom
The client random number.
RefCount< TlsDetails > Pointer
AnyP::ProtocolVersion tlsSupportedVersion
SBuf serverName
The SNI hostname, if any.
std::unordered_set< uint16_t > Ciphers
bool tlsStatusRequest
whether the TLS status request extension is set
bool hasTlsTicket
whether a TLS ticket is included
std::ostream & print(std::ostream &os) const
Prints to os stream a human readable form of TlsDetails object.
AnyP::ProtocolVersion tlsVersion
The TLS hello message version.
bool unsupportedExtensions
whether any unsupported by Squid extensions are used
bool tlsTicketsExtension
whether TLS tickets extension is enabled
Network/connection security abstraction layer.
bool Tls1p3orLater(const AnyP::ProtocolVersion &p)
whether the given TLS/SSL protocol is TLS v1.3 or later
bool TlsFamilyProtocol(const AnyP::ProtocolVersion &version)
whether the given protocol belongs to the TLS/SSL group of protocols
bool Tls1p2orEarlier(const AnyP::ProtocolVersion &p)
whether the given TLS/SSL protocol is TLS v1.2 or earlier, including SSL
bool TlsVersionEarlierThan(const AnyP::ProtocolVersion &a, const AnyP::ProtocolVersion &b)
whether TLS/SSL protocol a precedes TLS/SSL protocol b
std::ostream & operator<<(std::ostream &, const EncryptorAnswer &)
1.9.8