Merge pull request #616 from mpg/context-s11n

[baremetal] Implement context serialization
2026-04-06 06:55:11 +00:00 · 2019-07-30 00:07:23 +02:00 · 2019-07-30 00:07:23 +02:00 · cdb83e7c88
commit cdb83e7c88
parent d04850507d 69a3e417d8
6 changed files with 818 additions and 115 deletions
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -807,6 +807,10 @@ int main( int argc, char *argv[] )
 #endif
    char *p, *q;
    const int *list;
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    unsigned char *context_buf = NULL;
+    size_t context_buf_len;
+#endif

    /*
     * Make sure memory references are valid.
@ -2493,16 +2497,11 @@ send_request:
    if( opt.serialize != 0 )
    {
        size_t buf_len;
-        unsigned char *context_buf = NULL;

-        opt.serialize = 0;
-        mbedtls_printf( " Serializing live connection..." );
+        mbedtls_printf( "  . Serializing live connection..." );

        ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
-
-        /* Allow stub implementation returning 0 for now */
-        if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL &&
-            ret != 0 )
+        if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
                            "-0x%x\n\n", -ret );
@ -2517,18 +2516,29 @@ send_request:

            goto exit;
        }
+        context_buf_len = buf_len;

        if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
                                              buf_len, &buf_len ) ) != 0 )
        {
-            mbedtls_printf( "failed\n  ! mbedtls_ssl_context_save returned "
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
                            "-0x%x\n\n", -ret );

            goto exit;
        }

+        mbedtls_printf( " ok\n" );
+
+        if( opt.serialize == 1 )
+        {
+            /* nothing to do here, done by context_save() already */
+            mbedtls_printf( "  . Context has been reset... ok" );
+        }
+
        if( opt.serialize == 2 )
        {
+            mbedtls_printf( "  . Freeing and reinitializing context..." );
+
            mbedtls_ssl_free( &ssl );

            mbedtls_ssl_init( &ssl );
@ -2536,7 +2546,7 @@ send_request:
            if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
            {
                mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned "
-                                " -0x%x\n\n", -ret );
+                                "-0x%x\n\n", -ret );
                goto exit;
            }

@ -2544,26 +2554,25 @@ send_request:
                mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv,
                                     NULL );
            else
-                mbedtls_ssl_set_bio( &ssl, &server_fd,
-                            mbedtls_net_send, mbedtls_net_recv,
+                mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send,
+                            mbedtls_net_recv,
                            opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );

 #if defined(MBEDTLS_TIMING_C)
-            if( opt.nbio != 0 && opt.read_timeout != 0 )
-            {
 #if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
    !defined(MBEDTLS_SSL_CONF_GET_TIMER)
-                mbedtls_ssl_set_timer_cb( &ssl, &timer,
-                                          mbedtls_timing_set_delay,
-                                          mbedtls_timing_get_delay );
+            mbedtls_ssl_set_timer_cb( &ssl, &timer,
+                                      mbedtls_timing_set_delay,
+                                      mbedtls_timing_get_delay );
 #else
-                mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
+            mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
 #endif
-            }
 #endif /* MBEDTLS_TIMING_C */
+
+            mbedtls_printf( " ok\n" );
        }

-        mbedtls_printf( " Deserializing connection..." );
+        mbedtls_printf( "  . Deserializing connection..." );

        if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
                                              buf_len ) ) != 0 )
@ -2573,6 +2582,12 @@ send_request:

            goto exit;
        }
+
+        mbedtls_free( context_buf );
+        context_buf = NULL;
+        context_buf_len = 0;
+
+        mbedtls_printf( " ok\n" );
    }
 #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */

@ -2711,6 +2726,11 @@ exit:
    if( session_data != NULL )
        mbedtls_platform_zeroize( session_data, session_data_len );
    mbedtls_free( session_data );
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if( context_buf != NULL )
+        mbedtls_platform_zeroize( context_buf, context_buf_len );
+    mbedtls_free( context_buf );
+#endif

 #if defined(_WIN32)
    mbedtls_printf( "  + Press Enter to exit this program.\n" );