Actually reset the context on save as advertised
Also fix some wording in the documentation while at it.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 56b5677..1bbae3f 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -3908,10 +3908,10 @@
* \note When this function succeeds, it calls
* mbedtls_ssl_session_reset() on \p ssl which as a result is
* no longer associated with the connection that has been
- * serialized. This avoids creating copies of the session
+ * serialized. This avoids creating copies of the connection
* state. You're then free to either re-use the context
* structure for a different connection, or call
- * mbedtls_ssl_session_free() on it. See the documentation of
+ * mbedtls_ssl_free() on it. See the documentation of
* mbedtls_ssl_session_reset() for more details.
*
* \param ssl The SSL context to save. On success, it is no longer
@@ -3934,6 +3934,8 @@
*
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
+ * \return #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed
+ * while reseting the context.
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if a handshake is in
* progress, or there is pending data for reading or sending,
* or the connection does not use DTLS 1.2 with an AEAD
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b80fc34..d96038a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -10957,7 +10957,7 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "saved context", buf, used );
- return( 0 );
+ return( ssl_session_reset_int( ssl, 0 ) );
}
/*
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 77bab8d..81480b0 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2527,16 +2527,8 @@
if( opt.serialize == 1 )
{
- mbedtls_printf( " . Reseting context..." );
-
- if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned "
- "-0x%x\n\n", -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
+ /* nothing to do here, done by context_save() already */
+ mbedtls_printf( " . Context has been reset... ok" );
}
if( opt.serialize == 2 )
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index b2c140f..996d7f6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -3550,16 +3550,8 @@
*/
if( opt.serialize == 1 )
{
- mbedtls_printf( " . Reseting context..." );
-
- if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned "
- "-0x%x\n\n", -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
+ /* nothing to do here, done by context_save() already */
+ mbedtls_printf( " . Context has been reset... ok" );
}
/*