Documentation error in `mbedtls_ssl_get_session`
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
diff --git a/ChangeLog b/ChangeLog
index 44533d2..10f0773 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,9 @@
return value. Found by @davidwu2000. #839
* Fix a memory leak in mbedtls_x509_csr_parse(), found by catenacyber,
Philippe Antoine. Fixes #1623.
+ * Remove wrong documentation for `mbedtls_ssl_get_session`.
+ This API has deep copy of the session, and the peer
+ certificate is not lost. #926
Changes
* Change the shebang line in Perl scripts to look up perl in the PATH.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 39b7f29..ac9a3f3 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2737,7 +2737,6 @@
* \brief Save session in order to resume it later (client-side only)
* Session data is copied to presented session structure.
*
- * \warning Currently, peer certificate is lost in the operation.
*
* \param ssl SSL context
* \param session session context
@@ -2747,6 +2746,11 @@
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
* arguments are otherwise invalid
*
+ * \note Only the server certificate is copied, and not the chain
+ * but this is not a problem because the result of the chain
+ * verification is stored in `verify_result` and can be checked
+ * with \c mbedtls_ssl_get_verify_result()
+ *
* \sa mbedtls_ssl_set_session()
*/
int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session );
