Add mbedtls_ssl_get_session_pointer()

Avoid useless copy with mbedtls_ssl_get_session() before serialising. Used in ssl_client2 for testing and demonstrating usage, but unfortunately that means mbedtls_ssl_get_session() is no longer tested, which will be fixed in the next commit.
2025-11-03 20:22:59 -05:00 · 2019-05-20 11:12:28 +02:00 · 2019-05-20 11:12:28 +02:00 · b5e4e0a395
commit b5e4e0a395
parent 21548638b7
3 changed files with 27 additions and 13 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -2387,7 +2387,7 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
 *                 of session cache or session tickets.
 *
 * \see            mbedtls_ssl_session_load()
- * \see            mbedtls_ssl_get_session()
+ * \see            mbedtls_ssl_get_session_pointer()
 *
 * \param session  The session structure to be saved.
 * \param buf      The buffer to write the serialized data to. It must be a
@ -2404,6 +2404,23 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
                              size_t buf_len,
                              size_t *olen );

+/**
+ * \brief          Get a pointer to the current session structure, for example
+ *                 to serialise it.
+ *
+ * \warning        Ownership of the session remains with the SSL context - the
+ *                 returned pointer must not be kept after the connection has
+ *                 ended or been renegotiated.
+ *
+ * \see            mbedtls_ssl_session_save()
+ *
+ * \param ssl      SSL context
+ *
+ * \return         A pointer to the current session if successful,
+ *                 NULL if no session is active.
+ */
+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
+
 /**
 * \brief               Set the list of allowed ciphersuites and the preference
 *                      order. First in the list has the highest preference.
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -9834,6 +9834,14 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
 }
 #endif /* MBEDTLS_SSL_CLI_C */

+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL )
+        return( NULL );
+
+    return( ssl->session );
+}
+
 /*
 * Serialize a session in the following format:
 * (in the presentation language of TLS, RFC 8446 section 3)
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -2442,14 +2442,7 @@ int main( int argc, char *argv[] )
        mbedtls_printf("  . Saving session for reuse..." );
        fflush( stdout );

-        if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_session returned -0x%x\n\n",
-                            -ret );
-            goto exit;
-        }
-
-        if( ( ret = mbedtls_ssl_session_save( &saved_session,
+        if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
                                              session_data, sizeof( session_data ),
                                              &session_data_len ) ) != 0 )
        {
@ -2458,10 +2451,6 @@ int main( int argc, char *argv[] )
            goto exit;
        }

-        /* Simulate that serialised state can have a larger lifetime than a
-         * structure: keep the serialised data but not the structure. */
-        mbedtls_ssl_session_free( &saved_session );
-
        mbedtls_printf( " ok\n" );
    }