TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 59bd12bf141b43a50142398d3b6aff5828face23^! / . / include / mbedtls
commit59bd12bf141b43a50142398d3b6aff5828face23[log] [tgz]
authorJarno Lamsa <jarno.lamsa@arm.com>Tue Jun 18 13:49:02 2019 +0300
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Tue Jul 02 15:12:29 2019 +0200
tree4d9fe25358e7b12e5c9a727fe0e5c3e68d6c16b4
parent590bf51cbbdcd50add14a318daad15f396c6346f [diff]
Add new config MBEDTLS_SSL_SESSION_RESUMPTION

Add a new configuration option MBEDTLS_SSL_SESSION_RESUMPTION
to enable/disable the session resumption feature including
ticket and cache based session resumption.

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 88f4701..e3d13e6 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -671,6 +671,12 @@
 #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
 #endif
 
+#if ( defined(MBEDTLS_SSL_SESSION_TICKETS) ||  \
+      defined(MBEDTLS_SSL_SESSION_CACHE) ) &&  \
+      !defined(MBEDTLS_SSL_SESSION_RESUMPTION)
+#error "MBEDTLS_SSL_SESSION_TICKETS/MBEDTLS_SESSION_CACHE cannot be defined without MBEDTLS_SSL_SESSION_RESUMPTION"
+#endif
+
 #if defined(MBEDTLS_THREADING_PTHREAD)
 #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
 #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 81c1340..7ceccee 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -1677,6 +1677,14 @@
 #define MBEDTLS_SSL_SESSION_CACHE
 
 /**
+ * \def MBEDTLS_SSL_SESSION_RESUMPTION
+ *
+ *
+ * Comment this macro to disable support for SSL session resumption
+ */
+#define MBEDTLS_SSL_SESSION_RESUMPTION
+
+/**
  * \def MBEDTLS_SSL_EXPORT_KEYS
  *
  * Enable support for exporting key block and master secret.

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 7009c4f..4399943 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -509,7 +509,9 @@
     unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
                                         /*!<  premaster secret        */
 
+#if defined(MBEDTLS_SSL_SESSION_RESUMPTION)
     int resume;                         /*!<  session resume indicator*/
+#endif /* MBEDTLS_SSL_SESSION_RESUMPTION */
     int max_major_ver;                  /*!< max. major version client*/
     int max_minor_ver;                  /*!< max. minor version client*/
     int cli_exts;                       /*!< client extension presence*/