Add ssl_get_session() to save session on client

This commit is contained in:
Manuel Pégourié-Gonnard 2013-07-30 12:41:56 +02:00 committed by Paul Bakker
parent a8342398c8
commit 747180391d
2 changed files with 45 additions and 5 deletions

View file

@ -774,13 +774,10 @@ void ssl_set_session_cache( ssl_context *ssl,
* \brief Request resumption of session (client-side only)
* Session data is copied from presented session structure.
*
* Warning: session.peer_cert is cleared by the SSL/TLS layer on
* connection shutdown, so do not cache the pointer! Either set
* it to NULL or make a full copy of the certificate when
* storing the session for use in this function.
*
* \param ssl SSL context
* \param session session context
*
* \sa ssl_get_session()
*/
void ssl_set_session( ssl_context *ssl, const ssl_session *session );
@ -1100,6 +1097,24 @@ const char *ssl_get_version( const ssl_context *ssl );
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl );
#endif /* POLARSSL_X509_PARSE_C */
/**
* \brief Save session in order to resume it later (client-side only)
* Session data is copied to presented session structure.
*
* \warning Currently, peer certificate is lost in the operation.
*
* \param ssl SSL context
* \param session session context
*
* \return 0 if successful,
* POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or
* arguments are otherwise invalid
*
* \sa ssl_set_session()
*/
int ssl_get_session( const ssl_context *ssl, ssl_session *session );
/**
* \brief Perform the SSL handshake
*

View file

@ -3222,6 +3222,31 @@ const x509_cert *ssl_get_peer_cert( const ssl_context *ssl )
}
#endif /* POLARSSL_X509_PARSE_C */
int ssl_get_session( const ssl_context *ssl, ssl_session *dst )
{
ssl_session *src;
if( ssl == NULL ||
dst == NULL ||
ssl->session == NULL ||
ssl->endpoint != SSL_IS_CLIENT )
{
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
}
src = ssl->session;
ssl_session_free( dst );
memcpy( dst, src, sizeof( ssl_session ) );
/*
* For now, just set peer_cert to NULL, deep-copy not implemented yet
*/
dst->peer_cert = NULL;
return( 0 );
}
/*
* Perform a single step of the SSL handshake
*/