SSLClient
v1.4.6
Add TLS 1.2 functionality to any network library.
|
This class stores values which allow SSLClient to save and resume SSL sessions. More...
#include <SSLSession.h>
Public Member Functions | |
SSLSession (const char *hostname) | |
SSLSession constructor. More... | |
const String & | get_hostname () const |
Get the hostname string associated with this session. More... | |
br_ssl_session_parameters * | to_br_session () |
Returns a pointer to the ::br_ssl_session_parameters component of this class. More... | |
This class stores values which allow SSLClient to save and resume SSL sessions.
This file contains a simple utility class to store parameters about an SSL Session for reuse later.This class was created to extend the values stored in br_ssl_session_parameters, which allow BearSSL to resume an SSL session. When testing BearSSL's session resumption feature, it was observed that BearSSL can only resume a session that was was started with the same server. This becomes an issue when using repeated requests to a domain name which can resolve to multiple IP addresses ("api.github.com"), as the device will switch between two or three servers. Since BearSSL only stores one session at a time, this results in session resumption being few and far between.
To remedy this problem, an SSLSession stores the IPAddress and hostname, along with the parameters in br_ssl_session_parameters struct. Using this data, SSLClient is able to remember which IPAddress is associated with which session, allowing it to reconnect to the last IPAddress, as opposed to any associated with the domain.
|
inline |
SSLSession constructor.
Sets all parameters to zero, and invalidates the session
|
inline |
Get the hostname string associated with this session.
|
inline |
Returns a pointer to the ::br_ssl_session_parameters component of this class.