Actually reset the context on save as advertised

Also fix some wording in the documentation while at it.
2019-07-23 14:51:09 +02:00 · 2019-07-23 14:51:09 +02:00 · 9df5a82079
commit 9df5a82079
parent 142ba736d9
4 changed files with 9 additions and 23 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -3894,10 +3894,10 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
 * \note           When this function succeeds, it calls
 *                 mbedtls_ssl_session_reset() on \p ssl which as a result is
 *                 no longer associated with the connection that has been
- *                 serialized. This avoids creating copies of the session
+ *                 serialized. This avoids creating copies of the connection
 *                 state. You're then free to either re-use the context
 *                 structure for a different connection, or call
- *                 mbedtls_ssl_session_free() on it. See the documentation of
+ *                 mbedtls_ssl_free() on it. See the documentation of
 *                 mbedtls_ssl_session_reset() for more details.
 *
 * \param ssl      The SSL context to save. On success, it is no longer
@ -3920,6 +3920,8 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
 *
 * \return         \c 0 if successful.
 * \return         #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
+ * \return         #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed
+ *                 while reseting the context.
 * \return         #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if a handshake is in
 *                 progress, or there is pending data for reading or sending,
 *                 or the connection does not use DTLS 1.2 with an AEAD
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -11522,7 +11522,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,

    MBEDTLS_SSL_DEBUG_BUF( 4, "saved context", buf, used );

-    return( 0 );
+    return( ssl_session_reset_int( ssl, 0 ) );
 }

 /*
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -2960,16 +2960,8 @@ send_request:

        if( opt.serialize == 1 )
        {
-            mbedtls_printf( "  . Reseting context..." );
-
-            if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned "
-                                "-0x%x\n\n", -ret );
-                goto exit;
-            }
-
-            mbedtls_printf( " ok\n" );
+            /* nothing to do here, done by context_save() already */
+            mbedtls_printf( "  . Context has been reset... ok" );
        }

        if( opt.serialize == 2 )
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -3978,16 +3978,8 @@ data_exchange:
         */
        if( opt.serialize == 1 )
        {
-            mbedtls_printf( "  . Reseting context..." );
-
-            if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned "
-                                "-0x%x\n\n", -ret );
-                goto exit;
-            }
-
-            mbedtls_printf( " ok\n" );
+            /* nothing to do here, done by context_save() already */
+            mbedtls_printf( "  . Context has been reset... ok" );
        }

        /*