diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b9b2e045f3..98b873beae 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2433,7 +2433,6 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, * of session cache or session tickets. * * \see mbedtls_ssl_session_load() - * \see mbedtls_ssl_get_session_pointer() * * \param session The session structure to be saved. * \param buf The buffer to write the serialized data to. It must be a @@ -2456,23 +2455,6 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, size_t buf_len, size_t *olen ); -/** - * \brief Get a pointer to the current session structure, for example - * to serialize it. - * - * \warning Ownership of the session remains with the SSL context, and - * the returned pointer is only guaranteed to be valid until - * the next API call operating on the same \p ssl context. - * - * \see mbedtls_ssl_session_save() - * - * \param ssl The SSL context. - * - * \return A pointer to the current session if successful. - * \return \c NULL if no session is active. - */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); - /** * \brief Set the list of allowed ciphersuites and the preference * order. First in the list has the highest preference. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..1decc9fce5 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4801,14 +4801,6 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_CLI_C */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ) -{ - if( ssl == NULL ) - return( NULL ); - - return( ssl->session ); -} - /* * Define ticket header determining Mbed TLS version * and structure of the ticket. diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 24c859e388..eac6356255 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2224,6 +2224,8 @@ int main( int argc, char *argv[] ) if( opt.reco_mode == 1 ) { + mbedtls_ssl_session exported_session; + /* free any previously saved data */ if( session_data != NULL ) { @@ -2232,27 +2234,40 @@ int main( int argc, char *argv[] ) session_data = NULL; } + mbedtls_ssl_session_init( &exported_session ); + ret = mbedtls_ssl_get_session( &ssl, &exported_session ); + if( ret != 0 ) + { + mbedtls_printf( + "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n", + (unsigned) -ret ); + goto exit; + } + /* get size of the buffer needed */ - mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - NULL, 0, &session_data_len ); + mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len ); session_data = mbedtls_calloc( 1, session_data_len ); if( session_data == NULL ) { mbedtls_printf( " failed\n ! alloc %u bytes for session data\n", (unsigned) session_data_len ); + mbedtls_ssl_session_free( &exported_session ); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } /* actually save session data */ - if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), + if( ( ret = mbedtls_ssl_session_save( &exported_session, session_data, session_data_len, &session_data_len ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", (unsigned int) -ret ); + mbedtls_ssl_session_free( &exported_session ); goto exit; } + + mbedtls_ssl_session_free( &exported_session ); } else {