Add session save after got new session ticket
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 2537521..c1f347b 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -657,6 +657,57 @@
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+static int ssl_save_session_serialize( mbedtls_ssl_context *ssl,
+ unsigned char **session_data,
+ size_t *session_data_len )
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ mbedtls_ssl_session exported_session;
+
+ /* free any previously saved data */
+ if( *session_data != NULL )
+ {
+ mbedtls_platform_zeroize( *session_data, *session_data_len );
+ mbedtls_free( *session_data );
+ *session_data = NULL;
+ *session_data_len = 0;
+ }
+
+ mbedtls_ssl_session_init( &exported_session );
+ ret = mbedtls_ssl_get_session( ssl, &exported_session );
+ if( ret != 0 )
+ {
+ mbedtls_printf(
+ "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n",
+ (unsigned) -ret );
+ goto exit;
+ }
+
+ /* get size of the buffer needed */
+ mbedtls_ssl_session_save( &exported_session, NULL, 0, session_data_len );
+ *session_data = mbedtls_calloc( 1, *session_data_len );
+ if( *session_data == NULL )
+ {
+ mbedtls_printf( " failed\n ! alloc %u bytes for session data\n",
+ (unsigned) *session_data_len );
+ ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+ goto exit;
+ }
+
+ /* actually save session data */
+ if( ( ret = mbedtls_ssl_session_save( &exported_session,
+ *session_data, *session_data_len,
+ session_data_len ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+
+exit:
+ mbedtls_ssl_session_free( &exported_session );
+ return( ret );
+}
int main( int argc, char *argv[] )
{
int ret = 0, len, tail_len, i, written, frags, retry_left;
@@ -2360,57 +2411,21 @@
}
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
- if( opt.reconnect != 0 )
+ if( opt.reconnect != 0 && ssl.tls_version != MBEDTLS_SSL_VERSION_TLS1_3 )
{
mbedtls_printf(" . Saving session for reuse..." );
fflush( stdout );
if( opt.reco_mode == 1 )
{
- mbedtls_ssl_session exported_session;
-
- /* free any previously saved data */
- if( session_data != NULL )
+ if( ( ret = ssl_save_session_serialize( &ssl,
+ &session_data, &session_data_len ) ) != 0 )
{
- mbedtls_platform_zeroize( session_data, session_data_len );
- mbedtls_free( session_data );
- session_data = NULL;
- }
-
- mbedtls_ssl_session_init( &exported_session );
- ret = mbedtls_ssl_get_session( &ssl, &exported_session );
- if( ret != 0 )
- {
- mbedtls_printf(
- "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n",
- (unsigned) -ret );
- goto exit;
- }
-
- /* get size of the buffer needed */
- mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len );
- session_data = mbedtls_calloc( 1, session_data_len );
- if( session_data == NULL )
- {
- mbedtls_printf( " failed\n ! alloc %u bytes for session data\n",
- (unsigned) session_data_len );
- mbedtls_ssl_session_free( &exported_session );
- ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
- goto exit;
- }
-
- /* actually save session data */
- if( ( ret = mbedtls_ssl_session_save( &exported_session,
- session_data, session_data_len,
- &session_data_len ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
+ mbedtls_printf( " failed\n ! ssl_save_session_serialize returned -0x%04x\n\n",
(unsigned int) -ret );
- mbedtls_ssl_session_free( &exported_session );
goto exit;
}
- mbedtls_ssl_session_free( &exported_session );
}
else
{
@@ -2700,6 +2715,40 @@
/* We were waiting for application data but got
* a NewSessionTicket instead. */
mbedtls_printf( " got new session ticket.\n" );
+ if( opt.reconnect != 0 )
+ {
+ mbedtls_printf(" . Saving session for reuse..." );
+ fflush( stdout );
+
+ if( opt.reco_mode == 1 )
+ {
+ if( ( ret = ssl_save_session_serialize( &ssl,
+ &session_data, &session_data_len ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! ssl_save_session_serialize returned -0x%04x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+ }
+ else
+ {
+ if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ if( opt.reco_mode == 1 )
+ {
+ mbedtls_printf( " [ Saved %u bytes of session data]\n",
+ (unsigned) session_data_len );
+ }
+ }
+
continue;
#endif /* MBEDTLS_SSL_SESSION_TICKETS */