diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 9029078566..7c3a3d9433 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1669,6 +1669,12 @@ struct mbedtls_ssl_context { * Miscellaneous */ int MBEDTLS_PRIVATE(state); /*!< SSL handshake: current state */ + + /** Mask of `MBEDTLS_SSL_CONTEXT_FLAG_XXX`. + * This field is not saved by mbedtls_ssl_session_save(). + */ + uint32_t MBEDTLS_PRIVATE(flags); + #if defined(MBEDTLS_SSL_RENEGOTIATION) int MBEDTLS_PRIVATE(renego_status); /*!< Initial, in progress, pending? */ int MBEDTLS_PRIVATE(renego_records_seen); /*!< Records since renego request, or with DTLS, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 60f2e1cd6d..4744db3d49 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1411,6 +1411,7 @@ int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + ssl->flags = 0; ssl->tls_version = ssl->conf->max_tls_version; mbedtls_ssl_session_reset_msg_layer(ssl, partial);