Manages a single connected secure (TLS/SSL) client session on the server side, providing asynchronous encrypted read/write operations. More...

#include <secure_session.h>

Inheritance diagram for kcenon::network::session::secure_session:

Collaboration diagram for kcenon::network::session::secure_session:

Public Member Functions
	secure_session (asio::ip::tcp::socket socket, asio::ssl::context &ssl_context, std::string_view server_id)
	Constructs a secure session with a given `socket`, SSL context, and `server_id`.

	~secure_session () noexcept
	Destructor; calls `stop_session()` if not already stopped.

auto	start_session () -> void
	Starts the session: performs SSL handshake, sets up read/error callbacks, and begins reading data.

auto	stop_session () -> void
	Stops the session by closing the socket and marking the session as inactive.

auto	is_stopped () const noexcept -> bool
	Checks if the session has been stopped.

auto	send_packet (std::vector< uint8_t > &&data) -> void
	Sends data to the connected client with encryption.

auto	set_receive_callback (std::function< void(const std::vector< uint8_t > &)> callback) -> void
	Sets the callback for received data.

auto	set_disconnection_callback (std::function< void(const std::string &)> callback) -> void
	Sets the callback for disconnection.

auto	set_error_callback (std::function< void(std::error_code)> callback) -> void
	Sets the callback for errors.

auto	server_id () const -> const std::string &
	Gets the server identifier.

Private Member Functions
auto	on_receive (const std::vector< uint8_t > &data) -> void
	Callback for when encrypted data arrives from the client.

auto	on_error (std::error_code ec) -> void
	Callback for handling socket errors from `secure_tcp_socket`.

auto	process_next_message () -> void
	Processes pending messages from the queue.

Private Attributes
std::string	server_id_

std::shared_ptr< internal::secure_tcp_socket >	socket_

std::atomic< bool >	is_stopped_

std::deque< std::vector< uint8_t > >	pending_messages_
	Queue of pending received messages awaiting processing.

std::mutex	queue_mutex_
	Mutex protecting access to pending_messages_ queue.

std::function< void(const std::vector< uint8_t > &)>	receive_callback_
	Callbacks for session events.

std::function< void(const std::string &)>	disconnection_callback_

std::function< void(std::error_code)>	error_callback_

std::mutex	callback_mutex_
	Mutex protecting callback access.

Static Private Attributes
static constexpr size_t	max_pending_messages_ = 1000
	Maximum number of pending messages before applying backpressure.

Detailed Description

Manages a single connected secure (TLS/SSL) client session on the server side, providing asynchronous encrypted read/write operations.

Responsibilities

Owns a secure_tcp_socket for non-blocking encrypted I/O.
Performs SSL handshake before data transmission.
Optionally applies compression/encryption via pipeline_ before sending, and can do the reverse upon receiving data (if needed).
Provides callbacks (on_receive, on_error) for data handling and error detection.

Lifecycle

Constructed with an accepted asio::ip::tcp::socket and SSL context.
start_session() performs SSL handshake and begins reading.
stop_session() closes the underlying socket, stopping further I/O.

Thread Safety

All public methods are thread-safe.
Session state (is_stopped_) is protected by atomic operations.
Pipeline mode flags are protected by mode_mutex_.
Socket operations are serialized through ASIO's io_context.

Definition at line 63 of file secure_session.h.

Constructor & Destructor Documentation

◆ secure_session()

kcenon::network::session::secure_session::secure_session	(	asio::ip::tcp::socket	socket,
		asio::ssl::context &	ssl_context,
		std::string_view	server_id )

Constructs a secure session with a given socket, SSL context, and server_id.

Parameters

socket	The `asio::ip::tcp::socket` (already connected).
ssl_context	SSL context for encryption settings.
server_id	An identifier for this server instance or context.

Definition at line 11 of file secure_session.cpp.

    : server_id_(server_id) {
  // Create the secure_tcp_socket wrapper
  socket_ = std::make_shared<internal::secure_tcp_socket>(std::move(socket),
                                                          ssl_context);
}

References socket_.

◆ ~secure_session()

kcenon::network::session::secure_session::~secure_session ( )

noexcept

Destructor; calls stop_session() if not already stopped.

Definition at line 20 of file secure_session.cpp.

                                         {
  try {
    // Call stop_session to clean up resources
    stop_session();
  } catch (...) {
    // Destructor must not throw - swallow all exceptions
  }
}

References stop_session().

Here is the call graph for this function:

Member Function Documentation

◆ is_stopped()

auto kcenon::network::session::secure_session::is_stopped ( ) const -> bool

inlinenodiscardnoexcept

Checks if the session has been stopped.

Returns: true if the session is stopped, false otherwise.

Definition at line 98 of file secure_session.h.

                                                               {
            return is_stopped_.load(std::memory_order_relaxed);
        }

References is_stopped_.

◆ on_error()

auto kcenon::network::session::secure_session::on_error ( std::error_code ec ) -> void

private

Callback for handling socket errors from secure_tcp_socket.

Parameters

ec	The `std::error_code` describing the error.

By default, logs the error and calls stop_session().

Definition at line 145 of file secure_session.cpp.

                                                      {
  NETWORK_LOG_ERROR("[secure_session] Socket error: " + ec.message());
 
  // Invoke error callback if set
  {
    std::lock_guard<std::mutex> lock(callback_mutex_);
    if (error_callback_) {
      try {
        error_callback_(ec);
      } catch (const std::exception &e) {
        NETWORK_LOG_ERROR("[secure_session] Exception in error callback: " +
                          std::string(e.what()));
      }
    }
  }
 
  stop_session();
}

References NETWORK_LOG_ERROR.

◆ on_receive()

auto kcenon::network::session::secure_session::on_receive ( const std::vector< uint8_t > & data ) -> void

private

Callback for when encrypted data arrives from the client.

Parameters

data	A vector containing a chunk of received bytes.

Override or extend the logic here to parse messages, handle commands, etc. If decompression/decryption is needed, apply pipeline_ accordingly.

Definition at line 107 of file secure_session.cpp.

                                                                      {
  if (is_stopped_.load()) {
    return;
  }
 
  NETWORK_LOG_DEBUG("[secure_session] Received " + std::to_string(data.size()) +
                    " bytes.");
 
  // Check queue size before adding
  {
    std::lock_guard<std::mutex> lock(queue_mutex_);
    size_t queue_size = pending_messages_.size();
 
    // Apply backpressure if queue is getting full
    if (queue_size >= max_pending_messages_) {
      NETWORK_LOG_WARN("[secure_session] Queue size (" +
                       std::to_string(queue_size) + ") reached limit (" +
                       std::to_string(max_pending_messages_) +
                       "). Applying backpressure.");
 
      // If queue is severely overflowing, disconnect the session
      if (queue_size >= max_pending_messages_ * 2) {
        NETWORK_LOG_ERROR("[secure_session] Queue overflow (" +
                          std::to_string(queue_size) +
                          "). Disconnecting abusive client.");
        stop_session();
        return;
      }
    }
 
    // Add message to queue
    pending_messages_.push_back(data);
  }
 
  // Process messages from queue
  process_next_message();
}

References NETWORK_LOG_DEBUG, NETWORK_LOG_ERROR, and NETWORK_LOG_WARN.

◆ process_next_message()

auto kcenon::network::session::secure_session::process_next_message ( ) -> void

private

Processes pending messages from the queue.

This method dequeues and processes messages one at a time. Implement actual message handling logic here.

Definition at line 164 of file secure_session.cpp.

                                                  {
  std::vector<uint8_t> message;
 
  // Dequeue one message
  {
    std::lock_guard<std::mutex> lock(queue_mutex_);
    if (pending_messages_.empty()) {
      return;
    }
 
    message = std::move(pending_messages_.front());
    pending_messages_.pop_front();
  }
 
  // Process the message
  NETWORK_LOG_DEBUG(
      "[secure_session] Processing message of " +
      std::to_string(message.size()) +
      " bytes. Queue remaining: " + std::to_string(pending_messages_.size()));
 
  // Invoke receive callback if set
  {
    std::lock_guard<std::mutex> lock(callback_mutex_);
    if (receive_callback_) {
      try {
        receive_callback_(message);
      } catch (const std::exception &e) {
        NETWORK_LOG_ERROR("[secure_session] Exception in receive callback: " +
                          std::string(e.what()));
      }
    }
  }
 
  // If there are more messages, process them asynchronously
  // to avoid blocking the receive thread
  std::lock_guard<std::mutex> lock(queue_mutex_);
  if (!pending_messages_.empty()) {
    // In a production system, you might want to post this to a thread pool
    // or use a work queue to process messages asynchronously
    // For now, we just process one message per call
  }
}

References kcenon::network::message, NETWORK_LOG_DEBUG, and NETWORK_LOG_ERROR.

◆ send_packet()

auto kcenon::network::session::secure_session::send_packet ( std::vector< uint8_t > && data ) -> void

Sends data to the connected client with encryption.

Parameters

data	The raw bytes to transmit (moved for efficiency).

Notes

If compress_mode_ or encrypt_mode_ is true, the data will be processed by the pipeline's compress/encrypt functions before writing.
Data is moved (not copied) to avoid memory allocation overhead.
After calling this function, the original vector will be empty.

Definition at line 90 of file secure_session.cpp.

                                                                  {
  if (is_stopped_.load()) {
    return;
  }
 
  // Send data directly over the secure connection
  socket_->async_send(
      std::move(data), [](std::error_code ec, std::size_t bytes_transferred) {
        if (ec) {
          NETWORK_LOG_ERROR("[secure_session] Send error: " + ec.message());
        } else {
          NETWORK_LOG_DEBUG("[secure_session] Sent " +
                            std::to_string(bytes_transferred) + " bytes");
        }
      });
}

References NETWORK_LOG_DEBUG, and NETWORK_LOG_ERROR.

◆ server_id()

auto kcenon::network::session::secure_session::server_id ( ) const -> const std::string&

inlinenodiscard

Gets the server identifier.

Returns: The server_id string.

Definition at line 140 of file secure_session.h.

                                                                 {
            return server_id_;
        }

References server_id_.

◆ set_disconnection_callback()

auto kcenon::network::session::secure_session::set_disconnection_callback ( std::function< void(const std::string &)> callback ) -> void

Sets the callback for disconnection.

Parameters

callback Function called when the session stops.

Definition at line 213 of file secure_session.cpp.

                                                           {
  std::lock_guard<std::mutex> lock(callback_mutex_);
  disconnection_callback_ = std::move(callback);
}

◆ set_error_callback()

auto kcenon::network::session::secure_session::set_error_callback ( std::function< void(std::error_code)> callback ) -> void

Sets the callback for errors.

Parameters

callback Function called when an error occurs.

Definition at line 219 of file secure_session.cpp.

                                                       {
  std::lock_guard<std::mutex> lock(callback_mutex_);
  error_callback_ = std::move(callback);
}

◆ set_receive_callback()

auto kcenon::network::session::secure_session::set_receive_callback ( std::function< void(const std::vector< uint8_t > &)> callback ) -> void

Sets the callback for received data.

Parameters

callback Function called when data is received.

Definition at line 207 of file secure_session.cpp.

                                                                    {
  std::lock_guard<std::mutex> lock(callback_mutex_);
  receive_callback_ = std::move(callback);
}

◆ start_session()

auto kcenon::network::session::secure_session::start_session ( ) -> void

Starts the session: performs SSL handshake, sets up read/error callbacks, and begins reading data.

Definition at line 29 of file secure_session.cpp.

                                           {
  if (is_stopped_.load()) {
    return;
  }
 
  // Perform SSL handshake first
  auto self = shared_from_this();
  socket_->async_handshake(
      asio::ssl::stream_base::server, [this, self](std::error_code ec) {
        if (ec) {
          NETWORK_LOG_ERROR("[secure_session] SSL handshake failed: " +
                            ec.message());
          stop_session();
          return;
        }
 
        NETWORK_LOG_INFO("[secure_session] SSL handshake completed");
 
        // Set up callbacks after successful handshake
        socket_->set_receive_callback(
            [this, self](const std::vector<uint8_t> &data) {
              on_receive(data);
            });
        socket_->set_error_callback(
            [this, self](std::error_code ec) { on_error(ec); });
 
        // Begin reading
        socket_->start_read();
 
        NETWORK_LOG_INFO("[secure_session] Started secure session on server: " +
                         server_id_);
      });
}

References NETWORK_LOG_ERROR, and NETWORK_LOG_INFO.

◆ stop_session()

auto kcenon::network::session::secure_session::stop_session ( ) -> void

Stops the session by closing the socket and marking the session as inactive.

Definition at line 63 of file secure_session.cpp.

                                          {
  if (is_stopped_.exchange(true)) {
    return;
  }
  // Close socket safely using atomic close() method
  // This prevents data races between close and async read operations
  if (socket_) {
    socket_->close();
  }
 
  // Invoke disconnection callback if set
  {
    std::lock_guard<std::mutex> lock(callback_mutex_);
    if (disconnection_callback_) {
      try {
        disconnection_callback_(server_id_);
      } catch (const std::exception &e) {
        NETWORK_LOG_ERROR(
            "[secure_session] Exception in disconnection callback: " +
            std::string(e.what()));
      }
    }
  }
 
  NETWORK_LOG_INFO("[secure_session] Stopped.");
}

References NETWORK_LOG_ERROR, and NETWORK_LOG_INFO.

Referenced by ~secure_session().

Here is the caller graph for this function:

Member Data Documentation

◆ callback_mutex_

std::mutex kcenon::network::session::secure_session::callback_mutex_

mutableprivate

Mutex protecting callback access.

Definition at line 209 of file secure_session.h.

◆ disconnection_callback_

std::function<void(const std::string&)> kcenon::network::session::secure_session::disconnection_callback_

private

Definition at line 203 of file secure_session.h.

◆ error_callback_

std::function<void(std::error_code)> kcenon::network::session::secure_session::error_callback_

private

Definition at line 204 of file secure_session.h.

◆ is_stopped_

std::atomic<bool> kcenon::network::session::secure_session::is_stopped_

private

Initial value:

{
            false
        }

Indicates whether this session is stopped.

Definition at line 177 of file secure_session.h.

                                   {
            false
        }; 

Referenced by is_stopped().

◆ max_pending_messages_

size_t kcenon::network::session::secure_session::max_pending_messages_ = 1000

staticconstexprprivate

Maximum number of pending messages before applying backpressure.

When this limit is reached, a warning is logged. If doubled, the session is disconnected.

Definition at line 197 of file secure_session.h.

◆ pending_messages_

std::deque<std::vector<uint8_t> > kcenon::network::session::secure_session::pending_messages_

private

Queue of pending received messages awaiting processing.

Definition at line 184 of file secure_session.h.

◆ queue_mutex_

std::mutex kcenon::network::session::secure_session::queue_mutex_

mutableprivate

Mutex protecting access to pending_messages_ queue.

Definition at line 189 of file secure_session.h.

◆ receive_callback_

std::function<void(const std::vector<uint8_t>&)> kcenon::network::session::secure_session::receive_callback_

private

Callbacks for session events.

Definition at line 202 of file secure_session.h.

◆ server_id_

std::string kcenon::network::session::secure_session::server_id_

private

Identifier for the server side.

Definition at line 172 of file secure_session.h.

Referenced by server_id().

◆ socket_

std::shared_ptr<internal::secure_tcp_socket> kcenon::network::session::secure_session::socket_

private

The wrapped secure TCP socket for this session.

Definition at line 175 of file secure_session.h.

Referenced by secure_session().

The documentation for this class was generated from the following files:

include/kcenon/network/detail/session/secure_session.h
src/session/secure_session.cpp

Public Member Functions

Private Member Functions

Private Attributes

Static Private Attributes

Detailed Description

Responsibilities

Lifecycle

Thread Safety

Constructor & Destructor Documentation

◆ secure_session()

◆ ~secure_session()

Member Function Documentation

◆ is_stopped()

◆ on_error()

◆ on_receive()

◆ process_next_message()

◆ send_packet()

Notes

◆ server_id()

◆ set_disconnection_callback()

◆ set_error_callback()

◆ set_receive_callback()

◆ start_session()

◆ stop_session()

Member Data Documentation

◆ callback_mutex_

◆ disconnection_callback_

◆ error_callback_

◆ is_stopped_

◆ max_pending_messages_

◆ pending_messages_

◆ queue_mutex_

◆ receive_callback_

◆ server_id_

◆ socket_