Add new config MBEDTLS_SSL_SESSION_RESUMPTION

Add a new configuration option MBEDTLS_SSL_SESSION_RESUMPTION to enable/disable the session resumption feature including ticket and cache based session resumption.
2026-04-19 13:25:17 +00:00 · 2019-06-18 13:49:02 +03:00 · 2019-06-18 13:49:02 +03:00 · 59bd12bf14
commit 59bd12bf14
parent 590bf51cbb
7 changed files with 44 additions and 0 deletions
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -671,6 +671,12 @@
 #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
 #endif

+#if ( defined(MBEDTLS_SSL_SESSION_TICKETS) ||  \
+      defined(MBEDTLS_SSL_SESSION_CACHE) ) &&  \
+      !defined(MBEDTLS_SSL_SESSION_RESUMPTION)
+#error "MBEDTLS_SSL_SESSION_TICKETS/MBEDTLS_SESSION_CACHE cannot be defined without MBEDTLS_SSL_SESSION_RESUMPTION"
+#endif
+
 #if defined(MBEDTLS_THREADING_PTHREAD)
 #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
 #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -1676,6 +1676,14 @@
 */
 #define MBEDTLS_SSL_SESSION_CACHE

+/**
+ * \def MBEDTLS_SSL_SESSION_RESUMPTION
+ *
+ *
+ * Comment this macro to disable support for SSL session resumption
+ */
+#define MBEDTLS_SSL_SESSION_RESUMPTION
+
 /**
 * \def MBEDTLS_SSL_EXPORT_KEYS
 *
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -509,7 +509,9 @@ struct mbedtls_ssl_handshake_params
    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
                                        /*!<  premaster secret        */

+#if defined(MBEDTLS_SSL_SESSION_RESUMPTION)
    int resume;                         /*!<  session resume indicator*/
+#endif /* MBEDTLS_SSL_SESSION_RESUMPTION */
    int max_major_ver;                  /*!< max. major version client*/
    int max_minor_ver;                  /*!< max. minor version client*/
    int cli_exts;                       /*!< client extension presence*/