Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix sending HelloVerifyRequest, if a fallback to a full-handshake is
required. Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
- Loading branch information
Showing
4 changed files
with
162 additions
and
75 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
...ain/java/org/eclipse/californium/scandium/dtls/resumption/ExtendedResumptionVerifier.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
/******************************************************************************* | ||
* Copyright (c) 2022 Achim Kraus and others. | ||
* | ||
* All rights reserved. This program and the accompanying materials | ||
* are made available under the terms of the Eclipse Public License v2.0 | ||
* and Eclipse Distribution License v1.0 which accompany this distribution. | ||
* | ||
* The Eclipse Public License is available at | ||
* http://www.eclipse.org/legal/epl-v20.html | ||
* and the Eclipse Distribution License is available at | ||
* http://www.eclipse.org/org/documents/edl-v10.html. | ||
* | ||
* Contributors: | ||
* Achim Kraus - initial creation | ||
******************************************************************************/ | ||
package org.eclipse.californium.scandium.dtls.resumption; | ||
|
||
import org.eclipse.californium.scandium.dtls.ClientHello; | ||
import org.eclipse.californium.scandium.dtls.ExtendedMasterSecretMode; | ||
|
||
/** | ||
* Extended Resumption verifier. | ||
* | ||
* An extended resumption verifier checks additionally, if no fallback to a full | ||
* handshake is required. | ||
* | ||
* @since 3.6 | ||
*/ | ||
public interface ExtendedResumptionVerifier extends ResumptionVerifier { | ||
|
||
/** | ||
* Checks, if the session id is matching and no fallback to a full handshake | ||
* is required. If so, the client hello may bypass the cookie validation | ||
* without using a hello verify request. | ||
* | ||
* Note: this function must return immediately. | ||
* | ||
* @param clientHello client hello message | ||
* @param sniEnabled {@code true}, if SNI is enabled, {@code false}, | ||
* otherwise. | ||
* @param extendedMasterSecretMode the extended master secret mode. | ||
* @return {@code true}, if valid and no hello verify request is required, | ||
* {@code false}, otherwise. | ||
*/ | ||
boolean skipRequestHelloVerify(ClientHello clientHello, boolean sniEnabled, | ||
ExtendedMasterSecretMode extendedMasterSecretMode); | ||
} |