Add session ID as explicit parameter to SSL session cache API
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index ce85157..e0e2177 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -50,7 +50,10 @@
#endif
}
-int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
+int mbedtls_ssl_cache_get( void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ mbedtls_ssl_session *session )
{
int ret = 1;
#if defined(MBEDTLS_HAVE_TIME)
@@ -78,8 +81,8 @@
continue;
#endif
- if( session->id_len != entry->session.id_len ||
- memcmp( session->id, entry->session.id,
+ if( session_id_len != entry->session.id_len ||
+ memcmp( session_id, entry->session.id,
entry->session.id_len ) != 0 )
{
continue;
@@ -135,7 +138,10 @@
return( ret );
}
-int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
+int mbedtls_ssl_cache_set( void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ const mbedtls_ssl_session *session )
{
int ret = 1;
#if defined(MBEDTLS_HAVE_TIME)
@@ -167,8 +173,11 @@
}
#endif
- if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 )
+ if( session_id_len == cur->session.id_len &&
+ memcmp( session_id, cur->session.id, cur->session.id_len ) == 0 )
+ {
break; /* client reconnected, keep timestamp for session id */
+ }
#if defined(MBEDTLS_HAVE_TIME)
if( oldest == 0 || cur->timestamp < oldest )
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 40ad490..784ab2d 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2784,10 +2784,9 @@
return;
#endif
- session_tmp.id_len = session->id_len;
- memcpy( session_tmp.id, session->id, session->id_len );
-
ret = ssl->conf->f_get_cache( ssl->conf->p_cache,
+ session->id,
+ session->id_len,
&session_tmp );
if( ret != 0 )
goto exit;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 67fcebf..c26f68b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3411,7 +3411,10 @@
ssl->session->id_len != 0 &&
resume == 0 )
{
- if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 )
+ if( ssl->conf->f_set_cache( ssl->conf->p_cache,
+ ssl->session->id,
+ ssl->session->id_len,
+ ssl->session ) != 0 )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
}