SSLClient  1.0
Add TLS 1.2 functionality to any network library.
SSLSession Class Reference

This class stores values which allow SSLClient to save and resume SSL sessions. More...

#include <SSLSession.h>

Inheritance diagram for SSLSession:

Public Member Functions

 SSLSession ()
 SSLSession constructor. More...
 
SSLSessionoperator= (const SSLSession &)=delete
 use clear_parameters or set_parameters instead More...
 
const String & get_hostname () const
 Get the hostname string associated with this session. More...
 
const IPAddress & get_ip () const
 Get ::IPAddress associated with this session. More...
 
bool is_valid_session () const
 
void set_parameters (const IPAddress &ip, const char *hostname=NULL)
 Set the ip address and hostname of the session. More...
 
void clear_parameters ()
 delete the parameters and invalidate the session Roughly equivalent to this_session = SSLSession(), however this function preserves the String object, allowing it to better handle the dynamic memory needed. More...
 
br_ssl_session_parameters * to_br_session ()
 returns a pointer to the ::br_ssl_session_parameters component of this class More...
 

Detailed Description

This class stores values which allow SSLClient to save and resume SSL sessions.

SSLSession.h

This file contains a simple utility class to store parameters about an SSL Session for reuse later.This class was created to extend the values stored in br_ssl_session_parameters, which allow BearSSL to resume an SSL session. When testing BearSSL's session resumption feature, it was observed that BearSSL can only resume a session that was was started with the same server. This becomes an issue when using repeated requests to a domain name which can resolve to multiple IP addresses ("api.github.com"), as the device will switch between two or three servers. Since BearSSL only stores one session at a time, this results in session resumption being few and far between.

To remedy this problem, an SSLSession stores the IPAddress and hostname, along with the parameters in br_ssl_session_parameters struct. Using this data, SSLClient is able to remember which IPAddress is associated with which session, allowing it to reconnect to the last IPAddress, as opposed to any associated with the domain.

Constructor & Destructor Documentation

◆ SSLSession()

SSLSession::SSLSession ( )
inlineexplicit

SSLSession constructor.

Sets all parameters to zero, and invalidates the session

Member Function Documentation

◆ clear_parameters()

void SSLSession::clear_parameters ( )

delete the parameters and invalidate the session Roughly equivalent to this_session = SSLSession(), however this function preserves the String object, allowing it to better handle the dynamic memory needed.

◆ get_hostname()

const String& SSLSession::get_hostname ( ) const
inline

Get the hostname string associated with this session.

Returns
A String object or "" if there is no hostname
Precondition
must check isValidSession before getting this value, as if this session in invalid this value is not guarented to be reset to "".

◆ get_ip()

const IPAddress& SSLSession::get_ip ( ) const
inline

Get ::IPAddress associated with this session.

Returns
A ::IPAddress object, #INADDR_NONE if there is no IP
Precondition
must check isValidSession before getting this value, as if this session in invalid this value is not guarented to be reset to #INADDR_NONE.

◆ is_valid_session()

bool SSLSession::is_valid_session ( ) const
inline

◆ operator=()

SSLSession& SSLSession::operator= ( const SSLSession )
delete

use clear_parameters or set_parameters instead

◆ set_parameters()

void SSLSession::set_parameters ( const IPAddress &  ip,
const char *  hostname = NULL 
)

Set the ip address and hostname of the session.

This function stores the ip Address object and hostname object into the session object. If hostname is not null or ip address is not blank, and the ::br_ssl_session_parameters values are non-zero it then validates the session.

Precondition
You must call ::br_ssl_engine_get_session_parameters with this session before calling this function. This is because there is no way to completly validate the ::br_ssl_session_parameters and the session may end up in a corrupted state if this is not observed.
Parameters
ipThe IP address of the host associated with the session
hostnameThe string hostname ("www.google.com") associated with the session. Take care that this value is corrent, SSLSession performs no validation of the hostname.

◆ to_br_session()

br_ssl_session_parameters* SSLSession::to_br_session ( )
inline

returns a pointer to the ::br_ssl_session_parameters component of this class


The documentation for this class was generated from the following files: