commit 747180391dc335985fe8f70aabdc3fe9f69d9559
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Jul 30 12:41:56 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Aug 14 14:08:03 2013 +0200
tree 76204ef7a400baaad6def17ebbfc3f53158784a8
parent a8342398c8b104feaa4982926d31d3b4c8abdfff

Add ssl_get_session() to save session on client

include/polarssl/ssl.h

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index a463460..3c8f1e6 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -774,13 +774,10 @@
  * \brief          Request resumption of session (client-side only)
  *                 Session data is copied from presented session structure.
  *
- *                 Warning: session.peer_cert is cleared by the SSL/TLS layer on
- *                 connection shutdown, so do not cache the pointer! Either set
- *                 it to NULL or make a full copy of the certificate when
- *                 storing the session for use in this function.
- *
  * \param ssl      SSL context
  * \param session  session context
+ *
+ * \sa             ssl_get_session()
  */
 void ssl_set_session( ssl_context *ssl, const ssl_session *session );
 
@@ -1101,6 +1098,24 @@
 #endif /* POLARSSL_X509_PARSE_C */
 
 /**
+ * \brief          Save session in order to resume it later (client-side only)
+ *                 Session data is copied to presented session structure.
+ *
+ * \warning        Currently, peer certificate is lost in the operation.
+ *
+ * \param ssl      SSL context
+ * \param session  session context
+ *
+ * \return         0 if successful,
+ *                 POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed,
+ *                 POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or
+ *                 arguments are otherwise invalid
+ *
+ * \sa             ssl_set_session()
+ */
+int ssl_get_session( const ssl_context *ssl, ssl_session *session );
+
+/**
  * \brief          Perform the SSL handshake
  *
  * \param ssl      SSL context

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b9fca44..6ecdceb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3222,6 +3222,31 @@
 }
 #endif /* POLARSSL_X509_PARSE_C */
 
+int ssl_get_session( const ssl_context *ssl, ssl_session *dst )
+{
+    ssl_session *src;
+
+    if( ssl == NULL ||
+        dst == NULL ||
+        ssl->session == NULL ||
+        ssl->endpoint != SSL_IS_CLIENT )
+    {
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    src = ssl->session;
+
+    ssl_session_free( dst );
+    memcpy( dst, src, sizeof( ssl_session ) );
+
+    /*
+     * For now, just set peer_cert to NULL, deep-copy not implemented yet
+     */
+    dst->peer_cert = NULL;
+
+    return( 0 );
+}
+
 /*
  * Perform a single step of the SSL handshake
  */