Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / b5e4e0a3956a93ce70c0cd7d2bc681312fa85499^! / .
commitb5e4e0a3956a93ce70c0cd7d2bc681312fa85499[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon May 20 11:12:28 2019 +0200
committerJarno Lamsa <jarno.lamsa@arm.com>Fri Aug 23 12:48:41 2019 +0300
tree772a4c14a82bb77f1b189a5c70073dffcf4c6f9f
parent21548638b748aa84ebd6ee3cdbbd06a442076cc7 [diff]
Add mbedtls_ssl_get_session_pointer()

Avoid useless copy with mbedtls_ssl_get_session() before serialising.

Used in ssl_client2 for testing and demonstrating usage, but unfortunately
that means mbedtls_ssl_get_session() is no longer tested, which will be fixed
in the next commit.

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 30fd6ec..0722045 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -2387,7 +2387,7 @@
  *                 of session cache or session tickets.
  *
  * \see            mbedtls_ssl_session_load()
- * \see            mbedtls_ssl_get_session()
+ * \see            mbedtls_ssl_get_session_pointer()
  *
  * \param session  The session structure to be saved.
  * \param buf      The buffer to write the serialized data to. It must be a
@@ -2405,6 +2405,23 @@
                               size_t *olen );
 
 /**
+ * \brief          Get a pointer to the current session structure, for example
+ *                 to serialise it.
+ *
+ * \warning        Ownership of the session remains with the SSL context - the
+ *                 returned pointer must not be kept after the connection has
+ *                 ended or been renegotiated.
+ *
+ * \see            mbedtls_ssl_session_save()
+ *
+ * \param ssl      SSL context
+ *
+ * \return         A pointer to the current session if successful,
+ *                 NULL if no session is active.
+ */
+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
+
+/**
  * \brief               Set the list of allowed ciphersuites and the preference
  *                      order. First in the list has the highest preference.
  *                      (Overrides all version-specific lists)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5a4faa7..f1ba99a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -9834,6 +9834,14 @@
 }
 #endif /* MBEDTLS_SSL_CLI_C */
 
+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL )
+        return( NULL );
+
+    return( ssl->session );
+}
+
 /*
  * Serialize a session in the following format:
  * (in the presentation language of TLS, RFC 8446 section 3)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 342ecdd..36db80d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c

@@ -2442,14 +2442,7 @@
         mbedtls_printf("  . Saving session for reuse..." );
         fflush( stdout );
 
-        if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_session returned -0x%x\n\n",
-                            -ret );
-            goto exit;
-        }
-
-        if( ( ret = mbedtls_ssl_session_save( &saved_session,
+        if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
                                               session_data, sizeof( session_data ),
                                               &session_data_len ) ) != 0 )
         {
@@ -2458,10 +2451,6 @@
             goto exit;
         }
 
-        /* Simulate that serialised state can have a larger lifetime than a
-         * structure: keep the serialised data but not the structure. */
-        mbedtls_ssl_session_free( &saved_session );
-
         mbedtls_printf( " ok\n" );
     }