| Hanno Becker | 9039303 | 2021-05-18 05:27:18 +0100 | [diff] [blame] | 1 | Session Cache API Change |
| 2 | ----------------------------------------------------------------- |
| 3 | |
| 4 | This affects users who use `mbedtls_ssl_conf_session_cache()` |
| 5 | to configure a custom session cache implementation different |
| 6 | from the one Mbed TLS implements in `library/ssl_cache.c`. |
| 7 | |
| 8 | Those users will need to modify the API of their session cache |
| 9 | implementation to that of a key-value store with keys being |
| 10 | session IDs and values being instances of `mbedtls_ssl_session`: |
| 11 | |
| 12 | ``` |
| 13 | typedef int mbedtls_ssl_cache_get_t( void *data, |
| 14 | unsigned char const *session_id, |
| 15 | size_t session_id_len, |
| 16 | mbedtls_ssl_session *session ); |
| 17 | typedef int mbedtls_ssl_cache_set_t( void *data, |
| 18 | unsigned char const *session_id, |
| 19 | size_t session_id_len, |
| 20 | const mbedtls_ssl_session *session ); |
| 21 | ``` |
| 22 | |
| 23 | Since the structure of `mbedtls_ssl_session` is no longer public from 3.0 |
| 24 | onwards, portable session cache implementations must not access fields of |
| 25 | `mbedtls_ssl_session`. See the corresponding migration guide. Users that |
| 26 | find themselves unable to migrate their session cache functionality without |
| 27 | accessing fields of `mbedtls_ssl_session` should describe their usecase |
| 28 | on the Mbed TLS mailing list. |