Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

expires a session after 3 unsuccessful attempts at connecting to the cloud #1776

Merged
merged 2 commits into from May 16, 2019

Conversation

@m-mcgowan
Copy link
Contributor

commented May 14, 2019

Problem

The device and cloud may get out of sync when reusing a session. For instance, session data may become corrupted on the device, or session caches on the cloud expired.

When this occurs the device presently retries indefinitely to use the current session.

Solution

The number of times the session is used is counted - each time the session is restored as part of the main handshake, the use count is incremented. When the use count reaches the expiration count (presently 3), the session is considered invalid, forcing it to be discarded and performing a full handshake.

The use count is reset after successfully decrypting a message from the cloud. This validates the session data.

Steps to Test

  • Apply the randbytes hack, but rather than invert, we increment the data (or the session becomes valid every 2nd attempt.)
  • Allow the device to connect to the cloud and then reset. Every 3rd try the device does a full handshake.

References


Completeness

  • User is totes amazing for contributing!
  • Contributor has signed CLA (Info here)
  • Problem and Solution clearly stated
  • Run unit/integration/application tests on device
  • Added documentation
  • Added to CHANGELOG.md after merging (add links to docs and issues)

  • [enhancement] expires a session after 3 unsuccessful attempts at connecting to the cloud #1776

@m-mcgowan m-mcgowan requested a review from sergeuz May 14, 2019

@m-mcgowan m-mcgowan added this to the 1.2.0-rc.1 milestone May 14, 2019

@sergeuz sergeuz added the enhancement label May 15, 2019

int use_count() { return use_counter; }
bool has_expired() { return use_counter >= maximumSessionUses; }

static const int maximumSessionUses = 3;

This comment has been minimized.

Copy link
@sergeuz

sergeuz May 15, 2019

Member

Let's use all caps for constant names: MAXIMUM_SESSION_USES

communication/src/dtls_message_channel.cpp Outdated Show resolved Hide resolved
communication/src/dtls_message_channel.cpp Outdated Show resolved Hide resolved
communication/src/dtls_message_channel.cpp Outdated Show resolved Hide resolved
sergeuz added a commit that referenced this pull request May 16, 2019
m-mcgowan added 2 commits May 14, 2019
uppercase constant, counter incremented after testing, When the sessi…
…on is expired it is cleared to prevent reuse. This is not necessary but a precaution.

@m-mcgowan m-mcgowan force-pushed the feature/expire_session branch from 05a4d66 to 302856f May 16, 2019

@m-mcgowan m-mcgowan removed the needs review label May 16, 2019

@m-mcgowan m-mcgowan merged commit 3b85c0e into develop May 16, 2019

1 check passed

continuous-integration/travis-ci/push The Travis CI build passed
Details

@sergeuz sergeuz deleted the feature/expire_session branch May 16, 2019

sergeuz added a commit that referenced this pull request May 16, 2019
sergeuz added a commit that referenced this pull request May 16, 2019
sergeuz added a commit that referenced this pull request May 16, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.