From ab68048011dee644262fd0190a83a13162c14140 Mon Sep 17 00:00:00 2001
From: Thomas Pornin <pornin@bolet.org>
Date: Sun, 20 Nov 2016 20:14:48 +0100
Subject: [PATCH] Added API to save and restore session parameters (for
 controllable session resumption on the client side).

---
 inc/bearssl_ssl.h        |  32 +++-
 src/ssl/ssl_hs_server.c  | 325 ++++++++++++++++++++-------------------
 src/ssl/ssl_hs_server.t0 |   1 +
 tools/sslio.c            |  30 ++++
 4 files changed, 219 insertions(+), 169 deletions(-)

diff --git a/inc/bearssl_ssl.h b/inc/bearssl_ssl.h
index 3faf1be..0876ff9 100644
--- a/inc/bearssl_ssl.h
+++ b/inc/bearssl_ssl.h
@@ -544,13 +544,6 @@ typedef struct {
 	 */
 	unsigned char client_random[32];
 	unsigned char server_random[32];
-	/* obsolete
-	unsigned char session_id[32];
-	unsigned char session_id_len;
-	uint16_t version;
-	uint16_t cipher_suite;
-	unsigned char master_secret[48];
-	*/
 	br_ssl_session_parameters session;
 
 	/*
@@ -926,6 +919,31 @@ br_ssl_engine_get_server_name(br_ssl_engine_context *cc)
 	return cc->server_name;
 }
 
+/*
+ * Get a copy of the session parameters. The session parameters are
+ * filled during the handshake, so this function shall not be called
+ * before completion of the handshake.
+ */
+static inline void
+br_ssl_engine_get_session_parameters(const br_ssl_engine_context *cc,
+	br_ssl_session_parameters *pp)
+{
+	memcpy(pp, &cc->session, sizeof *pp);
+}
+
+/*
+ * Set the session parameters to the provided value. This function
+ * is meant to be used in the client, before doing a new handshake;
+ * a session resumption will be attempted with these parameters. In
+ * the server, this function has no effect.
+ */
+static inline void
+br_ssl_engine_set_session_parameters(br_ssl_engine_context *cc,
+	const br_ssl_session_parameters *pp)
+{
+	memcpy(&cc->session, pp, sizeof *pp);
+}
+
 /*
  * An SSL engine (client or server) has, at any time, a state which is
  * the combination of zero, one or more of these flags:
diff --git a/src/ssl/ssl_hs_server.c b/src/ssl/ssl_hs_server.c
index 1f7cace..a46734d 100644
--- a/src/ssl/ssl_hs_server.c
+++ b/src/ssl/ssl_hs_server.c
@@ -467,128 +467,129 @@ static const uint8_t t0_codeblock[] = {
 	0x04, 0x01, 0x28, 0x81, 0x03, 0x3A, 0x21, 0x01, 0x82, 0x01, 0x07, 0x64,
 	0x25, 0x12, 0x22, 0x64, 0x36, 0x45, 0x03, 0x09, 0x60, 0x26, 0x39, 0x12,
 	0x22, 0x60, 0x37, 0x05, 0x04, 0x01, 0x00, 0x03, 0x09, 0x02, 0x01, 0x06,
-	0x03, 0x01, 0x7F, 0x00, 0x6F, 0x01, 0x20, 0x2B, 0x5D, 0x22, 0x03, 0x05,
-	0x22, 0x02, 0x04, 0x0A, 0x06, 0x80, 0x47, 0x22, 0x25, 0x22, 0x7C, 0x02,
-	0x09, 0x05, 0x13, 0x22, 0x01, 0x0C, 0x11, 0x22, 0x01, 0x01, 0x0E, 0x3B,
-	0x01, 0x02, 0x0E, 0x30, 0x06, 0x04, 0x4B, 0x01, 0x00, 0x22, 0x02, 0x08,
-	0x05, 0x0E, 0x22, 0x01, 0x81, 0x70, 0x12, 0x01, 0x20, 0x0D, 0x06, 0x04,
-	0x4B, 0x01, 0x00, 0x22, 0x22, 0x06, 0x10, 0x02, 0x05, 0x4A, 0x36, 0x02,
-	0x05, 0x36, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03, 0x05, 0x04, 0x01, 0x4B,
-	0x01, 0x04, 0x08, 0x04, 0xFF, 0x32, 0x21, 0x02, 0x05, 0x5D, 0x09, 0x01,
-	0x02, 0x11, 0x22, 0x05, 0x04, 0x01, 0x28, 0x81, 0x03, 0x5E, 0x38, 0x15,
-	0x05, 0x04, 0x01, 0x28, 0x81, 0x03, 0x01, 0x00, 0x00, 0x04, 0x81, 0x12,
-	0x01, 0x10, 0x0E, 0x05, 0x02, 0x56, 0x23, 0x5A, 0x25, 0x81, 0x24, 0x06,
-	0x19, 0x81, 0x17, 0x22, 0x01, 0x84, 0x00, 0x0F, 0x06, 0x02, 0x53, 0x23,
-	0x22, 0x03, 0x00, 0x67, 0x3B, 0x81, 0x0E, 0x02, 0x00, 0x5A, 0x25, 0x81,
-	0x07, 0x20, 0x5A, 0x25, 0x22, 0x81, 0x22, 0x3B, 0x81, 0x21, 0x03, 0x01,
-	0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x30, 0x06, 0x17, 0x81, 0x19, 0x22,
-	0x03, 0x03, 0x67, 0x3B, 0x81, 0x0E, 0x02, 0x03, 0x5A, 0x25, 0x81, 0x07,
-	0x02, 0x02, 0x06, 0x03, 0x1F, 0x04, 0x01, 0x1D, 0x7D, 0x00, 0x00, 0x7E,
-	0x81, 0x12, 0x01, 0x14, 0x0D, 0x06, 0x02, 0x56, 0x23, 0x67, 0x01, 0x0C,
-	0x08, 0x01, 0x0C, 0x81, 0x0E, 0x7D, 0x67, 0x22, 0x01, 0x0C, 0x08, 0x01,
-	0x0C, 0x29, 0x05, 0x02, 0x4D, 0x23, 0x00, 0x02, 0x03, 0x00, 0x03, 0x01,
-	0x02, 0x00, 0x7A, 0x02, 0x01, 0x02, 0x00, 0x32, 0x22, 0x01, 0x00, 0x0E,
-	0x06, 0x02, 0x4B, 0x00, 0x81, 0x27, 0x04, 0x73, 0x00, 0x81, 0x17, 0x01,
-	0x01, 0x0D, 0x06, 0x02, 0x4E, 0x23, 0x81, 0x19, 0x22, 0x22, 0x46, 0x3B,
-	0x01, 0x05, 0x10, 0x30, 0x06, 0x02, 0x4E, 0x23, 0x01, 0x08, 0x08, 0x22,
-	0x66, 0x27, 0x0A, 0x06, 0x0D, 0x22, 0x01, 0x01, 0x3B, 0x0B, 0x35, 0x22,
-	0x66, 0x38, 0x68, 0x38, 0x04, 0x01, 0x21, 0x00, 0x00, 0x81, 0x17, 0x6B,
-	0x27, 0x01, 0x00, 0x31, 0x0E, 0x06, 0x14, 0x21, 0x01, 0x01, 0x0E, 0x05,
-	0x02, 0x51, 0x23, 0x81, 0x19, 0x06, 0x02, 0x51, 0x23, 0x01, 0x02, 0x6B,
-	0x38, 0x04, 0x2A, 0x01, 0x02, 0x31, 0x0E, 0x06, 0x21, 0x21, 0x01, 0x0D,
-	0x0E, 0x05, 0x02, 0x51, 0x23, 0x81, 0x19, 0x01, 0x0C, 0x0E, 0x05, 0x02,
-	0x51, 0x23, 0x67, 0x01, 0x0C, 0x81, 0x0E, 0x6C, 0x67, 0x01, 0x0C, 0x29,
-	0x05, 0x02, 0x51, 0x23, 0x04, 0x03, 0x51, 0x23, 0x21, 0x00, 0x00, 0x81,
-	0x17, 0x81, 0x06, 0x81, 0x17, 0x81, 0x06, 0x22, 0x06, 0x22, 0x81, 0x19,
-	0x06, 0x04, 0x81, 0x14, 0x04, 0x18, 0x81, 0x17, 0x22, 0x01, 0x81, 0x7F,
-	0x0C, 0x06, 0x0D, 0x22, 0x6D, 0x08, 0x01, 0x00, 0x3B, 0x38, 0x6D, 0x3B,
-	0x81, 0x0E, 0x04, 0x02, 0x81, 0x1F, 0x04, 0x5B, 0x7D, 0x7D, 0x00, 0x00,
-	0x81, 0x13, 0x22, 0x46, 0x06, 0x07, 0x21, 0x06, 0x02, 0x4F, 0x23, 0x04,
-	0x73, 0x00, 0x00, 0x81, 0x1A, 0x01, 0x03, 0x81, 0x18, 0x3B, 0x21, 0x3B,
-	0x00, 0x00, 0x81, 0x17, 0x81, 0x1F, 0x00, 0x02, 0x81, 0x17, 0x81, 0x06,
-	0x01, 0x00, 0x64, 0x36, 0x81, 0x17, 0x81, 0x06, 0x22, 0x06, 0x34, 0x81,
-	0x19, 0x03, 0x00, 0x81, 0x19, 0x03, 0x01, 0x02, 0x00, 0x01, 0x02, 0x10,
-	0x02, 0x00, 0x01, 0x06, 0x0C, 0x12, 0x02, 0x01, 0x01, 0x01, 0x0E, 0x02,
-	0x01, 0x01, 0x03, 0x0E, 0x30, 0x12, 0x06, 0x11, 0x64, 0x25, 0x01, 0x01,
-	0x02, 0x01, 0x49, 0x01, 0x02, 0x0B, 0x02, 0x00, 0x08, 0x0B, 0x30, 0x64,
-	0x36, 0x04, 0x49, 0x7D, 0x7D, 0x00, 0x00, 0x81, 0x17, 0x81, 0x06, 0x81,
-	0x17, 0x81, 0x06, 0x01, 0x00, 0x60, 0x37, 0x22, 0x06, 0x16, 0x81, 0x17,
-	0x22, 0x01, 0x20, 0x0A, 0x06, 0x0B, 0x01, 0x01, 0x3B, 0x0B, 0x60, 0x26,
-	0x30, 0x60, 0x37, 0x04, 0x01, 0x21, 0x04, 0x67, 0x7D, 0x7D, 0x00, 0x00,
-	0x01, 0x02, 0x7A, 0x81, 0x1A, 0x01, 0x08, 0x0B, 0x81, 0x1A, 0x08, 0x00,
-	0x00, 0x01, 0x03, 0x7A, 0x81, 0x1A, 0x01, 0x08, 0x0B, 0x81, 0x1A, 0x08,
-	0x01, 0x08, 0x0B, 0x81, 0x1A, 0x08, 0x00, 0x00, 0x01, 0x01, 0x7A, 0x81,
-	0x1A, 0x00, 0x00, 0x33, 0x22, 0x44, 0x05, 0x01, 0x00, 0x21, 0x81, 0x27,
-	0x04, 0x75, 0x02, 0x03, 0x00, 0x74, 0x27, 0x03, 0x01, 0x01, 0x00, 0x22,
-	0x02, 0x01, 0x0A, 0x06, 0x10, 0x22, 0x01, 0x01, 0x0B, 0x73, 0x08, 0x25,
-	0x02, 0x00, 0x0E, 0x06, 0x01, 0x00, 0x48, 0x04, 0x6A, 0x21, 0x01, 0x7F,
-	0x00, 0x00, 0x24, 0x16, 0x2F, 0x06, 0x05, 0x81, 0x25, 0x21, 0x04, 0x77,
-	0x01, 0x16, 0x6A, 0x38, 0x01, 0x00, 0x81, 0x33, 0x01, 0x00, 0x81, 0x32,
-	0x24, 0x01, 0x17, 0x6A, 0x38, 0x00, 0x00, 0x01, 0x15, 0x6A, 0x38, 0x3B,
-	0x43, 0x21, 0x43, 0x21, 0x24, 0x00, 0x00, 0x01, 0x01, 0x3B, 0x81, 0x1D,
-	0x00, 0x00, 0x3B, 0x31, 0x7A, 0x3B, 0x22, 0x06, 0x06, 0x81, 0x1A, 0x21,
-	0x49, 0x04, 0x77, 0x21, 0x00, 0x02, 0x03, 0x00, 0x5A, 0x25, 0x7C, 0x03,
-	0x01, 0x02, 0x01, 0x01, 0x0F, 0x12, 0x02, 0x01, 0x01, 0x04, 0x11, 0x01,
-	0x0F, 0x12, 0x02, 0x01, 0x01, 0x08, 0x11, 0x01, 0x0F, 0x12, 0x01, 0x00,
-	0x31, 0x0E, 0x06, 0x10, 0x21, 0x01, 0x00, 0x01, 0x18, 0x02, 0x00, 0x06,
-	0x03, 0x3E, 0x04, 0x01, 0x3F, 0x04, 0x80, 0x56, 0x01, 0x01, 0x31, 0x0E,
-	0x06, 0x10, 0x21, 0x01, 0x01, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x3E,
-	0x04, 0x01, 0x3F, 0x04, 0x80, 0x40, 0x01, 0x02, 0x31, 0x0E, 0x06, 0x0F,
-	0x21, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00, 0x06, 0x03, 0x3E, 0x04, 0x01,
-	0x3F, 0x04, 0x2B, 0x01, 0x03, 0x31, 0x0E, 0x06, 0x0E, 0x21, 0x21, 0x01,
-	0x10, 0x02, 0x00, 0x06, 0x03, 0x3C, 0x04, 0x01, 0x3D, 0x04, 0x17, 0x01,
-	0x04, 0x31, 0x0E, 0x06, 0x0E, 0x21, 0x21, 0x01, 0x20, 0x02, 0x00, 0x06,
-	0x03, 0x3C, 0x04, 0x01, 0x3D, 0x04, 0x03, 0x50, 0x23, 0x21, 0x00, 0x00,
-	0x7C, 0x01, 0x0C, 0x11, 0x01, 0x02, 0x0F, 0x00, 0x00, 0x7C, 0x01, 0x0C,
-	0x11, 0x22, 0x47, 0x3B, 0x01, 0x03, 0x0A, 0x12, 0x00, 0x00, 0x7C, 0x01,
-	0x0C, 0x11, 0x01, 0x01, 0x0E, 0x00, 0x00, 0x7C, 0x01, 0x0C, 0x11, 0x46,
-	0x00, 0x00, 0x18, 0x01, 0x00, 0x57, 0x27, 0x22, 0x06, 0x20, 0x01, 0x01,
-	0x31, 0x0E, 0x06, 0x07, 0x21, 0x01, 0x00, 0x81, 0x00, 0x04, 0x11, 0x01,
-	0x02, 0x31, 0x0E, 0x06, 0x0A, 0x21, 0x59, 0x27, 0x06, 0x03, 0x01, 0x10,
-	0x30, 0x04, 0x01, 0x21, 0x04, 0x01, 0x21, 0x5F, 0x27, 0x05, 0x35, 0x28,
-	0x06, 0x32, 0x69, 0x27, 0x01, 0x14, 0x31, 0x0E, 0x06, 0x06, 0x21, 0x01,
-	0x02, 0x30, 0x04, 0x24, 0x01, 0x15, 0x31, 0x0E, 0x06, 0x0B, 0x21, 0x81,
-	0x09, 0x06, 0x04, 0x01, 0x7F, 0x81, 0x00, 0x04, 0x13, 0x01, 0x16, 0x31,
-	0x0E, 0x06, 0x06, 0x21, 0x01, 0x01, 0x30, 0x04, 0x07, 0x21, 0x01, 0x04,
-	0x30, 0x01, 0x00, 0x21, 0x16, 0x06, 0x03, 0x01, 0x08, 0x30, 0x00, 0x00,
-	0x18, 0x22, 0x05, 0x10, 0x28, 0x06, 0x0D, 0x69, 0x27, 0x01, 0x15, 0x0E,
-	0x06, 0x05, 0x21, 0x81, 0x09, 0x04, 0x01, 0x1C, 0x00, 0x00, 0x81, 0x25,
-	0x01, 0x07, 0x12, 0x01, 0x01, 0x0F, 0x06, 0x02, 0x56, 0x23, 0x00, 0x01,
-	0x03, 0x00, 0x24, 0x16, 0x06, 0x05, 0x02, 0x00, 0x6A, 0x38, 0x00, 0x81,
-	0x25, 0x21, 0x04, 0x73, 0x00, 0x01, 0x14, 0x81, 0x28, 0x01, 0x01, 0x81,
-	0x33, 0x24, 0x22, 0x01, 0x00, 0x81, 0x20, 0x01, 0x16, 0x81, 0x28, 0x81,
-	0x2B, 0x24, 0x00, 0x00, 0x01, 0x0B, 0x81, 0x33, 0x40, 0x22, 0x01, 0x03,
-	0x08, 0x81, 0x32, 0x81, 0x32, 0x13, 0x22, 0x44, 0x06, 0x02, 0x21, 0x00,
-	0x81, 0x32, 0x1A, 0x22, 0x06, 0x06, 0x67, 0x3B, 0x81, 0x2F, 0x04, 0x76,
-	0x21, 0x04, 0x6A, 0x00, 0x7E, 0x01, 0x14, 0x81, 0x33, 0x01, 0x0C, 0x81,
-	0x32, 0x67, 0x01, 0x0C, 0x81, 0x2F, 0x00, 0x03, 0x03, 0x00, 0x01, 0x02,
-	0x81, 0x33, 0x01, 0x80, 0x46, 0x6B, 0x27, 0x01, 0x02, 0x0E, 0x06, 0x0C,
-	0x02, 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02, 0x01, 0x1D, 0x04, 0x02,
-	0x01, 0x00, 0x03, 0x01, 0x68, 0x27, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02,
-	0x01, 0x00, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x08, 0x22, 0x06, 0x03,
-	0x01, 0x02, 0x08, 0x08, 0x81, 0x32, 0x75, 0x25, 0x81, 0x31, 0x6E, 0x01,
-	0x04, 0x14, 0x6E, 0x01, 0x04, 0x08, 0x01, 0x1C, 0x2B, 0x6E, 0x01, 0x20,
-	0x81, 0x2F, 0x01, 0x20, 0x81, 0x33, 0x6F, 0x01, 0x20, 0x81, 0x2F, 0x5A,
-	0x25, 0x81, 0x31, 0x01, 0x00, 0x81, 0x33, 0x02, 0x01, 0x02, 0x02, 0x08,
-	0x22, 0x06, 0x30, 0x81, 0x31, 0x02, 0x01, 0x22, 0x06, 0x13, 0x01, 0x83,
-	0xFE, 0x01, 0x81, 0x31, 0x01, 0x04, 0x09, 0x22, 0x81, 0x31, 0x49, 0x6C,
-	0x3B, 0x81, 0x30, 0x04, 0x01, 0x21, 0x02, 0x02, 0x06, 0x0F, 0x01, 0x01,
-	0x81, 0x31, 0x01, 0x01, 0x81, 0x31, 0x68, 0x27, 0x01, 0x08, 0x09, 0x81,
-	0x33, 0x04, 0x01, 0x21, 0x00, 0x00, 0x01, 0x0E, 0x81, 0x33, 0x01, 0x00,
-	0x81, 0x32, 0x00, 0x03, 0x5A, 0x25, 0x81, 0x22, 0x05, 0x01, 0x00, 0x60,
-	0x26, 0x01, 0x00, 0x81, 0x02, 0x11, 0x01, 0x01, 0x12, 0x46, 0x06, 0x03,
-	0x48, 0x04, 0x74, 0x03, 0x00, 0x21, 0x02, 0x00, 0x1E, 0x22, 0x44, 0x06,
-	0x02, 0x2E, 0x23, 0x03, 0x01, 0x75, 0x25, 0x01, 0x86, 0x03, 0x10, 0x03,
-	0x02, 0x01, 0x0C, 0x81, 0x33, 0x02, 0x01, 0x62, 0x27, 0x08, 0x02, 0x02,
-	0x01, 0x02, 0x12, 0x08, 0x01, 0x06, 0x08, 0x81, 0x32, 0x01, 0x03, 0x81,
-	0x33, 0x02, 0x00, 0x81, 0x31, 0x61, 0x62, 0x27, 0x81, 0x30, 0x02, 0x02,
-	0x06, 0x10, 0x72, 0x27, 0x81, 0x33, 0x5A, 0x25, 0x81, 0x23, 0x01, 0x01,
-	0x0B, 0x01, 0x03, 0x08, 0x81, 0x33, 0x02, 0x01, 0x81, 0x31, 0x67, 0x02,
-	0x01, 0x81, 0x2F, 0x00, 0x00, 0x42, 0x22, 0x01, 0x00, 0x0E, 0x06, 0x02,
-	0x4B, 0x00, 0x81, 0x25, 0x21, 0x04, 0x72, 0x00, 0x22, 0x81, 0x33, 0x81,
-	0x2F, 0x00, 0x00, 0x22, 0x01, 0x08, 0x41, 0x81, 0x33, 0x81, 0x33, 0x00,
-	0x00, 0x22, 0x01, 0x10, 0x41, 0x81, 0x33, 0x81, 0x31, 0x00, 0x00, 0x22,
-	0x43, 0x06, 0x02, 0x21, 0x00, 0x81, 0x25, 0x21, 0x04, 0x75
+	0x03, 0x01, 0x7F, 0x00, 0x6F, 0x01, 0x20, 0x2B, 0x01, 0x20, 0x70, 0x38,
+	0x5D, 0x22, 0x03, 0x05, 0x22, 0x02, 0x04, 0x0A, 0x06, 0x80, 0x47, 0x22,
+	0x25, 0x22, 0x7C, 0x02, 0x09, 0x05, 0x13, 0x22, 0x01, 0x0C, 0x11, 0x22,
+	0x01, 0x01, 0x0E, 0x3B, 0x01, 0x02, 0x0E, 0x30, 0x06, 0x04, 0x4B, 0x01,
+	0x00, 0x22, 0x02, 0x08, 0x05, 0x0E, 0x22, 0x01, 0x81, 0x70, 0x12, 0x01,
+	0x20, 0x0D, 0x06, 0x04, 0x4B, 0x01, 0x00, 0x22, 0x22, 0x06, 0x10, 0x02,
+	0x05, 0x4A, 0x36, 0x02, 0x05, 0x36, 0x02, 0x05, 0x01, 0x04, 0x08, 0x03,
+	0x05, 0x04, 0x01, 0x4B, 0x01, 0x04, 0x08, 0x04, 0xFF, 0x32, 0x21, 0x02,
+	0x05, 0x5D, 0x09, 0x01, 0x02, 0x11, 0x22, 0x05, 0x04, 0x01, 0x28, 0x81,
+	0x03, 0x5E, 0x38, 0x15, 0x05, 0x04, 0x01, 0x28, 0x81, 0x03, 0x01, 0x00,
+	0x00, 0x04, 0x81, 0x12, 0x01, 0x10, 0x0E, 0x05, 0x02, 0x56, 0x23, 0x5A,
+	0x25, 0x81, 0x24, 0x06, 0x19, 0x81, 0x17, 0x22, 0x01, 0x84, 0x00, 0x0F,
+	0x06, 0x02, 0x53, 0x23, 0x22, 0x03, 0x00, 0x67, 0x3B, 0x81, 0x0E, 0x02,
+	0x00, 0x5A, 0x25, 0x81, 0x07, 0x20, 0x5A, 0x25, 0x22, 0x81, 0x22, 0x3B,
+	0x81, 0x21, 0x03, 0x01, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02, 0x30, 0x06,
+	0x17, 0x81, 0x19, 0x22, 0x03, 0x03, 0x67, 0x3B, 0x81, 0x0E, 0x02, 0x03,
+	0x5A, 0x25, 0x81, 0x07, 0x02, 0x02, 0x06, 0x03, 0x1F, 0x04, 0x01, 0x1D,
+	0x7D, 0x00, 0x00, 0x7E, 0x81, 0x12, 0x01, 0x14, 0x0D, 0x06, 0x02, 0x56,
+	0x23, 0x67, 0x01, 0x0C, 0x08, 0x01, 0x0C, 0x81, 0x0E, 0x7D, 0x67, 0x22,
+	0x01, 0x0C, 0x08, 0x01, 0x0C, 0x29, 0x05, 0x02, 0x4D, 0x23, 0x00, 0x02,
+	0x03, 0x00, 0x03, 0x01, 0x02, 0x00, 0x7A, 0x02, 0x01, 0x02, 0x00, 0x32,
+	0x22, 0x01, 0x00, 0x0E, 0x06, 0x02, 0x4B, 0x00, 0x81, 0x27, 0x04, 0x73,
+	0x00, 0x81, 0x17, 0x01, 0x01, 0x0D, 0x06, 0x02, 0x4E, 0x23, 0x81, 0x19,
+	0x22, 0x22, 0x46, 0x3B, 0x01, 0x05, 0x10, 0x30, 0x06, 0x02, 0x4E, 0x23,
+	0x01, 0x08, 0x08, 0x22, 0x66, 0x27, 0x0A, 0x06, 0x0D, 0x22, 0x01, 0x01,
+	0x3B, 0x0B, 0x35, 0x22, 0x66, 0x38, 0x68, 0x38, 0x04, 0x01, 0x21, 0x00,
+	0x00, 0x81, 0x17, 0x6B, 0x27, 0x01, 0x00, 0x31, 0x0E, 0x06, 0x14, 0x21,
+	0x01, 0x01, 0x0E, 0x05, 0x02, 0x51, 0x23, 0x81, 0x19, 0x06, 0x02, 0x51,
+	0x23, 0x01, 0x02, 0x6B, 0x38, 0x04, 0x2A, 0x01, 0x02, 0x31, 0x0E, 0x06,
+	0x21, 0x21, 0x01, 0x0D, 0x0E, 0x05, 0x02, 0x51, 0x23, 0x81, 0x19, 0x01,
+	0x0C, 0x0E, 0x05, 0x02, 0x51, 0x23, 0x67, 0x01, 0x0C, 0x81, 0x0E, 0x6C,
+	0x67, 0x01, 0x0C, 0x29, 0x05, 0x02, 0x51, 0x23, 0x04, 0x03, 0x51, 0x23,
+	0x21, 0x00, 0x00, 0x81, 0x17, 0x81, 0x06, 0x81, 0x17, 0x81, 0x06, 0x22,
+	0x06, 0x22, 0x81, 0x19, 0x06, 0x04, 0x81, 0x14, 0x04, 0x18, 0x81, 0x17,
+	0x22, 0x01, 0x81, 0x7F, 0x0C, 0x06, 0x0D, 0x22, 0x6D, 0x08, 0x01, 0x00,
+	0x3B, 0x38, 0x6D, 0x3B, 0x81, 0x0E, 0x04, 0x02, 0x81, 0x1F, 0x04, 0x5B,
+	0x7D, 0x7D, 0x00, 0x00, 0x81, 0x13, 0x22, 0x46, 0x06, 0x07, 0x21, 0x06,
+	0x02, 0x4F, 0x23, 0x04, 0x73, 0x00, 0x00, 0x81, 0x1A, 0x01, 0x03, 0x81,
+	0x18, 0x3B, 0x21, 0x3B, 0x00, 0x00, 0x81, 0x17, 0x81, 0x1F, 0x00, 0x02,
+	0x81, 0x17, 0x81, 0x06, 0x01, 0x00, 0x64, 0x36, 0x81, 0x17, 0x81, 0x06,
+	0x22, 0x06, 0x34, 0x81, 0x19, 0x03, 0x00, 0x81, 0x19, 0x03, 0x01, 0x02,
+	0x00, 0x01, 0x02, 0x10, 0x02, 0x00, 0x01, 0x06, 0x0C, 0x12, 0x02, 0x01,
+	0x01, 0x01, 0x0E, 0x02, 0x01, 0x01, 0x03, 0x0E, 0x30, 0x12, 0x06, 0x11,
+	0x64, 0x25, 0x01, 0x01, 0x02, 0x01, 0x49, 0x01, 0x02, 0x0B, 0x02, 0x00,
+	0x08, 0x0B, 0x30, 0x64, 0x36, 0x04, 0x49, 0x7D, 0x7D, 0x00, 0x00, 0x81,
+	0x17, 0x81, 0x06, 0x81, 0x17, 0x81, 0x06, 0x01, 0x00, 0x60, 0x37, 0x22,
+	0x06, 0x16, 0x81, 0x17, 0x22, 0x01, 0x20, 0x0A, 0x06, 0x0B, 0x01, 0x01,
+	0x3B, 0x0B, 0x60, 0x26, 0x30, 0x60, 0x37, 0x04, 0x01, 0x21, 0x04, 0x67,
+	0x7D, 0x7D, 0x00, 0x00, 0x01, 0x02, 0x7A, 0x81, 0x1A, 0x01, 0x08, 0x0B,
+	0x81, 0x1A, 0x08, 0x00, 0x00, 0x01, 0x03, 0x7A, 0x81, 0x1A, 0x01, 0x08,
+	0x0B, 0x81, 0x1A, 0x08, 0x01, 0x08, 0x0B, 0x81, 0x1A, 0x08, 0x00, 0x00,
+	0x01, 0x01, 0x7A, 0x81, 0x1A, 0x00, 0x00, 0x33, 0x22, 0x44, 0x05, 0x01,
+	0x00, 0x21, 0x81, 0x27, 0x04, 0x75, 0x02, 0x03, 0x00, 0x74, 0x27, 0x03,
+	0x01, 0x01, 0x00, 0x22, 0x02, 0x01, 0x0A, 0x06, 0x10, 0x22, 0x01, 0x01,
+	0x0B, 0x73, 0x08, 0x25, 0x02, 0x00, 0x0E, 0x06, 0x01, 0x00, 0x48, 0x04,
+	0x6A, 0x21, 0x01, 0x7F, 0x00, 0x00, 0x24, 0x16, 0x2F, 0x06, 0x05, 0x81,
+	0x25, 0x21, 0x04, 0x77, 0x01, 0x16, 0x6A, 0x38, 0x01, 0x00, 0x81, 0x33,
+	0x01, 0x00, 0x81, 0x32, 0x24, 0x01, 0x17, 0x6A, 0x38, 0x00, 0x00, 0x01,
+	0x15, 0x6A, 0x38, 0x3B, 0x43, 0x21, 0x43, 0x21, 0x24, 0x00, 0x00, 0x01,
+	0x01, 0x3B, 0x81, 0x1D, 0x00, 0x00, 0x3B, 0x31, 0x7A, 0x3B, 0x22, 0x06,
+	0x06, 0x81, 0x1A, 0x21, 0x49, 0x04, 0x77, 0x21, 0x00, 0x02, 0x03, 0x00,
+	0x5A, 0x25, 0x7C, 0x03, 0x01, 0x02, 0x01, 0x01, 0x0F, 0x12, 0x02, 0x01,
+	0x01, 0x04, 0x11, 0x01, 0x0F, 0x12, 0x02, 0x01, 0x01, 0x08, 0x11, 0x01,
+	0x0F, 0x12, 0x01, 0x00, 0x31, 0x0E, 0x06, 0x10, 0x21, 0x01, 0x00, 0x01,
+	0x18, 0x02, 0x00, 0x06, 0x03, 0x3E, 0x04, 0x01, 0x3F, 0x04, 0x80, 0x56,
+	0x01, 0x01, 0x31, 0x0E, 0x06, 0x10, 0x21, 0x01, 0x01, 0x01, 0x10, 0x02,
+	0x00, 0x06, 0x03, 0x3E, 0x04, 0x01, 0x3F, 0x04, 0x80, 0x40, 0x01, 0x02,
+	0x31, 0x0E, 0x06, 0x0F, 0x21, 0x01, 0x01, 0x01, 0x20, 0x02, 0x00, 0x06,
+	0x03, 0x3E, 0x04, 0x01, 0x3F, 0x04, 0x2B, 0x01, 0x03, 0x31, 0x0E, 0x06,
+	0x0E, 0x21, 0x21, 0x01, 0x10, 0x02, 0x00, 0x06, 0x03, 0x3C, 0x04, 0x01,
+	0x3D, 0x04, 0x17, 0x01, 0x04, 0x31, 0x0E, 0x06, 0x0E, 0x21, 0x21, 0x01,
+	0x20, 0x02, 0x00, 0x06, 0x03, 0x3C, 0x04, 0x01, 0x3D, 0x04, 0x03, 0x50,
+	0x23, 0x21, 0x00, 0x00, 0x7C, 0x01, 0x0C, 0x11, 0x01, 0x02, 0x0F, 0x00,
+	0x00, 0x7C, 0x01, 0x0C, 0x11, 0x22, 0x47, 0x3B, 0x01, 0x03, 0x0A, 0x12,
+	0x00, 0x00, 0x7C, 0x01, 0x0C, 0x11, 0x01, 0x01, 0x0E, 0x00, 0x00, 0x7C,
+	0x01, 0x0C, 0x11, 0x46, 0x00, 0x00, 0x18, 0x01, 0x00, 0x57, 0x27, 0x22,
+	0x06, 0x20, 0x01, 0x01, 0x31, 0x0E, 0x06, 0x07, 0x21, 0x01, 0x00, 0x81,
+	0x00, 0x04, 0x11, 0x01, 0x02, 0x31, 0x0E, 0x06, 0x0A, 0x21, 0x59, 0x27,
+	0x06, 0x03, 0x01, 0x10, 0x30, 0x04, 0x01, 0x21, 0x04, 0x01, 0x21, 0x5F,
+	0x27, 0x05, 0x35, 0x28, 0x06, 0x32, 0x69, 0x27, 0x01, 0x14, 0x31, 0x0E,
+	0x06, 0x06, 0x21, 0x01, 0x02, 0x30, 0x04, 0x24, 0x01, 0x15, 0x31, 0x0E,
+	0x06, 0x0B, 0x21, 0x81, 0x09, 0x06, 0x04, 0x01, 0x7F, 0x81, 0x00, 0x04,
+	0x13, 0x01, 0x16, 0x31, 0x0E, 0x06, 0x06, 0x21, 0x01, 0x01, 0x30, 0x04,
+	0x07, 0x21, 0x01, 0x04, 0x30, 0x01, 0x00, 0x21, 0x16, 0x06, 0x03, 0x01,
+	0x08, 0x30, 0x00, 0x00, 0x18, 0x22, 0x05, 0x10, 0x28, 0x06, 0x0D, 0x69,
+	0x27, 0x01, 0x15, 0x0E, 0x06, 0x05, 0x21, 0x81, 0x09, 0x04, 0x01, 0x1C,
+	0x00, 0x00, 0x81, 0x25, 0x01, 0x07, 0x12, 0x01, 0x01, 0x0F, 0x06, 0x02,
+	0x56, 0x23, 0x00, 0x01, 0x03, 0x00, 0x24, 0x16, 0x06, 0x05, 0x02, 0x00,
+	0x6A, 0x38, 0x00, 0x81, 0x25, 0x21, 0x04, 0x73, 0x00, 0x01, 0x14, 0x81,
+	0x28, 0x01, 0x01, 0x81, 0x33, 0x24, 0x22, 0x01, 0x00, 0x81, 0x20, 0x01,
+	0x16, 0x81, 0x28, 0x81, 0x2B, 0x24, 0x00, 0x00, 0x01, 0x0B, 0x81, 0x33,
+	0x40, 0x22, 0x01, 0x03, 0x08, 0x81, 0x32, 0x81, 0x32, 0x13, 0x22, 0x44,
+	0x06, 0x02, 0x21, 0x00, 0x81, 0x32, 0x1A, 0x22, 0x06, 0x06, 0x67, 0x3B,
+	0x81, 0x2F, 0x04, 0x76, 0x21, 0x04, 0x6A, 0x00, 0x7E, 0x01, 0x14, 0x81,
+	0x33, 0x01, 0x0C, 0x81, 0x32, 0x67, 0x01, 0x0C, 0x81, 0x2F, 0x00, 0x03,
+	0x03, 0x00, 0x01, 0x02, 0x81, 0x33, 0x01, 0x80, 0x46, 0x6B, 0x27, 0x01,
+	0x02, 0x0E, 0x06, 0x0C, 0x02, 0x00, 0x06, 0x04, 0x01, 0x05, 0x04, 0x02,
+	0x01, 0x1D, 0x04, 0x02, 0x01, 0x00, 0x03, 0x01, 0x68, 0x27, 0x06, 0x04,
+	0x01, 0x05, 0x04, 0x02, 0x01, 0x00, 0x03, 0x02, 0x02, 0x01, 0x02, 0x02,
+	0x08, 0x22, 0x06, 0x03, 0x01, 0x02, 0x08, 0x08, 0x81, 0x32, 0x75, 0x25,
+	0x81, 0x31, 0x6E, 0x01, 0x04, 0x14, 0x6E, 0x01, 0x04, 0x08, 0x01, 0x1C,
+	0x2B, 0x6E, 0x01, 0x20, 0x81, 0x2F, 0x01, 0x20, 0x81, 0x33, 0x6F, 0x01,
+	0x20, 0x81, 0x2F, 0x5A, 0x25, 0x81, 0x31, 0x01, 0x00, 0x81, 0x33, 0x02,
+	0x01, 0x02, 0x02, 0x08, 0x22, 0x06, 0x30, 0x81, 0x31, 0x02, 0x01, 0x22,
+	0x06, 0x13, 0x01, 0x83, 0xFE, 0x01, 0x81, 0x31, 0x01, 0x04, 0x09, 0x22,
+	0x81, 0x31, 0x49, 0x6C, 0x3B, 0x81, 0x30, 0x04, 0x01, 0x21, 0x02, 0x02,
+	0x06, 0x0F, 0x01, 0x01, 0x81, 0x31, 0x01, 0x01, 0x81, 0x31, 0x68, 0x27,
+	0x01, 0x08, 0x09, 0x81, 0x33, 0x04, 0x01, 0x21, 0x00, 0x00, 0x01, 0x0E,
+	0x81, 0x33, 0x01, 0x00, 0x81, 0x32, 0x00, 0x03, 0x5A, 0x25, 0x81, 0x22,
+	0x05, 0x01, 0x00, 0x60, 0x26, 0x01, 0x00, 0x81, 0x02, 0x11, 0x01, 0x01,
+	0x12, 0x46, 0x06, 0x03, 0x48, 0x04, 0x74, 0x03, 0x00, 0x21, 0x02, 0x00,
+	0x1E, 0x22, 0x44, 0x06, 0x02, 0x2E, 0x23, 0x03, 0x01, 0x75, 0x25, 0x01,
+	0x86, 0x03, 0x10, 0x03, 0x02, 0x01, 0x0C, 0x81, 0x33, 0x02, 0x01, 0x62,
+	0x27, 0x08, 0x02, 0x02, 0x01, 0x02, 0x12, 0x08, 0x01, 0x06, 0x08, 0x81,
+	0x32, 0x01, 0x03, 0x81, 0x33, 0x02, 0x00, 0x81, 0x31, 0x61, 0x62, 0x27,
+	0x81, 0x30, 0x02, 0x02, 0x06, 0x10, 0x72, 0x27, 0x81, 0x33, 0x5A, 0x25,
+	0x81, 0x23, 0x01, 0x01, 0x0B, 0x01, 0x03, 0x08, 0x81, 0x33, 0x02, 0x01,
+	0x81, 0x31, 0x67, 0x02, 0x01, 0x81, 0x2F, 0x00, 0x00, 0x42, 0x22, 0x01,
+	0x00, 0x0E, 0x06, 0x02, 0x4B, 0x00, 0x81, 0x25, 0x21, 0x04, 0x72, 0x00,
+	0x22, 0x81, 0x33, 0x81, 0x2F, 0x00, 0x00, 0x22, 0x01, 0x08, 0x41, 0x81,
+	0x33, 0x81, 0x33, 0x00, 0x00, 0x22, 0x01, 0x10, 0x41, 0x81, 0x33, 0x81,
+	0x31, 0x00, 0x00, 0x22, 0x43, 0x06, 0x02, 0x21, 0x00, 0x81, 0x25, 0x21,
+	0x04, 0x75
 };
 
 static const uint16_t t0_caddr[] = {
@@ -664,46 +665,46 @@ static const uint16_t t0_caddr[] = {
 	637,
 	657,
 	710,
-	1263,
-	1348,
-	1381,
-	1406,
-	1454,
-	1528,
-	1577,
-	1592,
-	1603,
-	1609,
-	1680,
-	1721,
-	1734,
-	1753,
-	1760,
-	1772,
-	1807,
-	1836,
-	1848,
-	1855,
-	1871,
-	2009,
-	2018,
-	2031,
-	2040,
-	2047,
-	2153,
-	2175,
-	2189,
-	2206,
-	2229,
-	2265,
-	2281,
-	2435,
-	2445,
-	2554,
-	2569,
-	2576,
-	2586,
-	2596
+	1267,
+	1352,
+	1385,
+	1410,
+	1458,
+	1532,
+	1581,
+	1596,
+	1607,
+	1613,
+	1684,
+	1725,
+	1738,
+	1757,
+	1764,
+	1776,
+	1811,
+	1840,
+	1852,
+	1859,
+	1875,
+	2013,
+	2022,
+	2035,
+	2044,
+	2051,
+	2157,
+	2179,
+	2193,
+	2210,
+	2233,
+	2269,
+	2285,
+	2439,
+	2449,
+	2558,
+	2573,
+	2580,
+	2590,
+	2600
 };
 
 #define T0_INTERPRETED   68
diff --git a/src/ssl/ssl_hs_server.t0 b/src/ssl/ssl_hs_server.t0
index 206e4ee..8176429 100644
--- a/src/ssl/ssl_hs_server.t0
+++ b/src/ssl/ssl_hs_server.t0
@@ -685,6 +685,7 @@ cc: save-session ( -- ) {
 
 	\ We are not resuming, so a new session ID should be generated.
 	addr-session_id 32 mkrand
+	32 addr-session_id_len set8
 
 	\ Translate common cipher suites, then squeeze out holes: there
 	\ may be holes because of the way we fill the list when the
diff --git a/tools/sslio.c b/tools/sslio.c
index 0c35aa4..7fb73ea 100644
--- a/tools/sslio.c
+++ b/tools/sslio.c
@@ -67,6 +67,14 @@ dump_blob(const char *name, const void *data, size_t len)
 static int
 run_command(br_ssl_engine_context *cc, unsigned char *buf, size_t len)
 {
+	/*
+	 * A single static slot for saving session parameters.
+	 */
+	static br_ssl_session_parameters slot;
+	static int slot_used = 0;
+
+	size_t u;
+
 	if (len < 2 || len > 3) {
 		return 0;
 	}
@@ -99,6 +107,28 @@ run_command(br_ssl_engine_context *cc, unsigned char *buf, size_t len)
 		fprintf(stderr, "forgetting session...\n");
 		br_ssl_client_forget_session((br_ssl_client_context *)cc);
 		return 1;
+	case 'S':
+		fprintf(stderr, "saving session parameters...\n");
+		br_ssl_engine_get_session_parameters(cc, &slot);
+		fprintf(stderr, "  id = ");
+		for (u = 0; u < slot.session_id_len; u ++) {
+			fprintf(stderr, "%02X", slot.session_id[u]);
+		}
+		fprintf(stderr, "\n");
+		slot_used = 1;
+		return 1;
+	case 'P':
+		if (slot_used) {
+			fprintf(stderr, "restoring session parameters...\n");
+			fprintf(stderr, "  id = ");
+			for (u = 0; u < slot.session_id_len; u ++) {
+				fprintf(stderr, "%02X", slot.session_id[u]);
+			}
+			fprintf(stderr, "\n");
+			br_ssl_engine_set_session_parameters(cc, &slot);
+			return 1;
+		}
+		return 0;
 	default:
 		return 0;
 	}
-- 
2.17.1