From 747180391dc335985fe8f70aabdc3fe9f69d9559 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 30 Jul 2013 12:41:56 +0200
Subject: [PATCH] Add ssl_get_session() to save session on client

---
 include/polarssl/ssl.h | 25 ++++++++++++++++++++-----
 library/ssl_tls.c      | 25 +++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index a4634600b..3c8f1e6a5 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -774,13 +774,10 @@ void ssl_set_session_cache( ssl_context *ssl,
  * \brief          Request resumption of session (client-side only)
  *                 Session data is copied from presented session structure.
  *
- *                 Warning: session.peer_cert is cleared by the SSL/TLS layer on
- *                 connection shutdown, so do not cache the pointer! Either set
- *                 it to NULL or make a full copy of the certificate when
- *                 storing the session for use in this function.
- *
  * \param ssl      SSL context
  * \param session  session context
+ *
+ * \sa             ssl_get_session()
  */
 void ssl_set_session( ssl_context *ssl, const ssl_session *session );
 
@@ -1100,6 +1097,24 @@ const char *ssl_get_version( const ssl_context *ssl );
 const x509_cert *ssl_get_peer_cert( const ssl_context *ssl );
 #endif /* POLARSSL_X509_PARSE_C */
 
+/**
+ * \brief          Save session in order to resume it later (client-side only)
+ *                 Session data is copied to presented session structure.
+ *
+ * \warning        Currently, peer certificate is lost in the operation.
+ *
+ * \param ssl      SSL context
+ * \param session  session context
+ *
+ * \return         0 if successful,
+ *                 POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed,
+ *                 POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or
+ *                 arguments are otherwise invalid
+ *
+ * \sa             ssl_set_session()
+ */
+int ssl_get_session( const ssl_context *ssl, ssl_session *session );
+
 /**
  * \brief          Perform the SSL handshake
  *
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b9fca4440..6ecdceb70 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3222,6 +3222,31 @@ const x509_cert *ssl_get_peer_cert( const ssl_context *ssl )
 }
 #endif /* POLARSSL_X509_PARSE_C */
 
+int ssl_get_session( const ssl_context *ssl, ssl_session *dst )
+{
+    ssl_session *src;
+
+    if( ssl == NULL ||
+        dst == NULL ||
+        ssl->session == NULL ||
+        ssl->endpoint != SSL_IS_CLIENT )
+    {
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    src = ssl->session;
+
+    ssl_session_free( dst );
+    memcpy( dst, src, sizeof( ssl_session ) );
+
+    /*
+     * For now, just set peer_cert to NULL, deep-copy not implemented yet
+     */
+    dst->peer_cert = NULL;
+
+    return( 0 );
+}
+
 /*
  * Perform a single step of the SSL handshake
  */