Merge remote-tracking branch 'restricted/pr/601' into baremetal-proposed

* restricted/pr/601: (27 commits)
  Fix compile-time guard for optional field in struct
  Move code to reduce probability of conflicts
  Fix typos caught by check-names.sh
  Clarify conditions related to resumption in client
  Introduce getter function for renego_status
  Add getter function for handshake->resume
  Remove now-redundant code
  Remove cache callbacks from config on client
  Fix a few style issues
  Expand documentation of new options a bit
  Fix renaming oversight in documentation
  Remove backticks in doxygen in config.h
  Declare dependency on tickets for two ssl-opt.sh tests
  Exclude new negative options from config.pl full
  Restore config.h defaults
  Address review comments
  Fix ssl_cli resumption guards
  Fix check-files, check-names and check-generated-features
  Add test to all.sh
  Add changelog entry
  ...

programs/ssl/dtls_server.c

@@ -236,11 +236,11 @@ int main( void )
     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 
-#if defined(MBEDTLS_SSL_CACHE_C)
+#if defined(MBEDTLS_SSL_CACHE_C) && !defined(MBEDTLS_SSL_NO_SESSION_CACHE)
     mbedtls_ssl_conf_session_cache( &conf, &cache,
                                    mbedtls_ssl_cache_get,
                                    mbedtls_ssl_cache_set );
-#endif
+#endif /* MBEDTLS_SSL_CACHE_C && !MBEDTLS_SSL_NO_SESSION_CACHE */
 
     mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )

programs/ssl/query_config.c

@@ -1410,6 +1410,22 @@ int query_config( const char *config )
     }
 #endif /* MBEDTLS_SSL_SESSION_TICKETS */
 
+#if defined(MBEDTLS_SSL_NO_SESSION_CACHE)
+    if( strcmp( "MBEDTLS_SSL_NO_SESSION_CACHE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_NO_SESSION_CACHE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_NO_SESSION_CACHE */
+
+#if defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
+    if( strcmp( "MBEDTLS_SSL_NO_SESSION_RESUMPTION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_NO_SESSION_RESUMPTION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_NO_SESSION_RESUMPTION */
+
 #if defined(MBEDTLS_SSL_EXPORT_KEYS)
     if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 )
     {

programs/ssl/ssl_client2.c

@@ -2545,12 +2545,14 @@ reconnect:
             }
         }
 
+#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
         if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session returned -0x%x\n\n",
                             -ret );
             goto exit;
         }
+#endif /* !MBEDTLS_SSL_NO_SESSION_RESUMPTION */
 
         if( ( ret = mbedtls_net_connect( &server_fd,
                         opt.server_addr, opt.server_port,

programs/ssl/ssl_server.c

@@ -224,11 +224,11 @@ int main( void )
     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 
-#if defined(MBEDTLS_SSL_CACHE_C)
+#if defined(MBEDTLS_SSL_CACHE_C) && !defined(MBEDTLS_SSL_NO_SESSION_CACHE)
     mbedtls_ssl_conf_session_cache( &conf, &cache,
                                    mbedtls_ssl_cache_get,
                                    mbedtls_ssl_cache_set );
-#endif
+#endif /* MBEDTLS_SSL_CACHE_C && !MBEDTLS_SSL_NO_SESSION_CACHE */
 
     mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
     if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )

programs/ssl/ssl_server2.c

@@ -2542,9 +2542,11 @@ int main( int argc, char *argv[] )
     if( opt.cache_timeout != -1 )
         mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
 
+#if !defined(MBEDTLS_SSL_NO_SESSION_CACHE)
     mbedtls_ssl_conf_session_cache( &conf, &cache,
                                    mbedtls_ssl_cache_get,
                                    mbedtls_ssl_cache_set );
+#endif /* !MBEDTLS_SSL_NO_SESSION_CACHE */
 #endif
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)