Add config MBEDTLS_SSL_SESSION_CACHE
Add configuration option MBEDTLS_SSL_SESSION_CACHE to control
enabling/disabling of the cache based session resumption.
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index dd21fbf..799da9a 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -236,11 +236,11 @@
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-#if defined(MBEDTLS_SSL_CACHE_C)
+#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SESSION_CACHE)
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
-#endif
+#endif /* MBEDTLS_SSL_CACHE_C && MBEDTLS_SSL_SESSION_CACHE */
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index d45a663..30b9d79 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c
@@ -1410,6 +1410,14 @@
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_SESSION_CACHE)
+ if( strcmp( "MBEDTLS_SSL_SESSION_CACHE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_CACHE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SESSION_CACHE */
+
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 )
{
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 9828576..a3f5d60 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2545,12 +2545,14 @@
}
}
+#if defined(MBEDTLS_SSL_SESSION_CACHE)
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n",
-ret );
goto exit;
}
+#endif /* MBEDTLS_SSL_SESSION_CACHE */
if( ( ret = mbedtls_net_connect( &server_fd,
opt.server_addr, opt.server_port,
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 9791856..005d3e8 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -224,11 +224,11 @@
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-#if defined(MBEDTLS_SSL_CACHE_C)
+#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SESSION_CACHE)
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
-#endif
+#endif /* MBEDTLS_SSL_CACHE_C && MBEDTLS_SSL_SESSION_CACHE */
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 5d751b6..4049a27 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2527,9 +2527,11 @@
if( opt.cache_timeout != -1 )
mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
+#if defined(MBEDTLS_SSL_SESSION_CACHE)
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
+#endif /* MBEDTLS_SSL_SESSION_CACHE */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)