SSLClient
1.0
Add TLS 1.2 functionality to any network library.
|
This class stores values which allow SSLClient to save and resume SSL sessions. More...
#include <SSLSession.h>
Public Member Functions | |
SSLSession () | |
SSLSession constructor. More... | |
SSLSession & | operator= (const SSLSession &)=delete |
use clear_parameters or set_parameters instead More... | |
const String & | get_hostname () const |
Get the hostname string associated with this session. More... | |
const IPAddress & | get_ip () const |
Get ::IPAddress associated with this session. More... | |
bool | is_valid_session () const |
void | set_parameters (const IPAddress &ip, const char *hostname=NULL) |
Set the ip address and hostname of the session. More... | |
void | clear_parameters () |
delete the parameters and invalidate the session Roughly equivalent to this_session = SSLSession(), however this function preserves the String object, allowing it to better handle the dynamic memory needed. More... | |
br_ssl_session_parameters * | to_br_session () |
returns a pointer to the ::br_ssl_session_parameters component of this class More... | |
This class stores values which allow SSLClient to save and resume SSL sessions.
This file contains a simple utility class to store parameters about an SSL Session for reuse later.This class was created to extend the values stored in br_ssl_session_parameters, which allow BearSSL to resume an SSL session. When testing BearSSL's session resumption feature, it was observed that BearSSL can only resume a session that was was started with the same server. This becomes an issue when using repeated requests to a domain name which can resolve to multiple IP addresses ("api.github.com"), as the device will switch between two or three servers. Since BearSSL only stores one session at a time, this results in session resumption being few and far between.
To remedy this problem, an SSLSession stores the IPAddress and hostname, along with the parameters in br_ssl_session_parameters struct. Using this data, SSLClient is able to remember which IPAddress is associated with which session, allowing it to reconnect to the last IPAddress, as opposed to any associated with the domain.
|
inlineexplicit |
SSLSession constructor.
Sets all parameters to zero, and invalidates the session
void SSLSession::clear_parameters | ( | ) |
delete the parameters and invalidate the session Roughly equivalent to this_session = SSLSession(), however this function preserves the String object, allowing it to better handle the dynamic memory needed.
|
inline |
Get the hostname string associated with this session.
|
inline |
Get ::IPAddress associated with this session.
|
inline |
|
delete |
use clear_parameters or set_parameters instead
void SSLSession::set_parameters | ( | const IPAddress & | ip, |
const char * | hostname = NULL |
||
) |
Set the ip address and hostname of the session.
This function stores the ip Address object and hostname object into the session object. If hostname is not null or ip address is not blank, and the ::br_ssl_session_parameters values are non-zero it then validates the session.
ip | The IP address of the host associated with the session |
hostname | The string hostname ("www.google.com") associated with the session. Take care that this value is corrent, SSLSession performs no validation of the hostname. |
|
inline |
returns a pointer to the ::br_ssl_session_parameters component of this class