Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets

TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
2025-07-29 11:41:15 +03:00 · 2022-09-23 15:48:33 +01:00
parent 07ba2be20b ba627bfd0d
commit 2c282c9bd0
8 changed files with 135 additions and 16 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -624,6 +624,9 @@ struct mbedtls_ssl_handshake_params
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
    uint8_t tls13_kex_modes; /*!< Key exchange modes supported by the client */
 #endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    uint16_t new_session_tickets_count;         /*!< number of session tickets */
+#endif
 #endif /* MBEDTLS_SSL_SRV_C */

 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -763,6 +763,13 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl )
    mbedtls_ssl_transform_init( ssl->transform_negotiate );
    ssl_handshake_params_init( ssl->handshake );

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+    defined(MBEDTLS_SSL_SRV_C) && \
+    defined(MBEDTLS_SSL_SESSION_TICKETS)
+    ssl->handshake->new_session_tickets_count =
+        ssl->conf->new_session_tickets_count ;
+#endif
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
    {
@ -2611,6 +2618,15 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
 #endif

 #if defined(MBEDTLS_SSL_SRV_C)
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
+                                           uint16_t num_tickets )
+{
+    conf->new_session_tickets_count = num_tickets;
+}
+#endif
+
 void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
        mbedtls_ssl_ticket_write_t *f_ticket_write,
        mbedtls_ssl_ticket_parse_t *f_ticket_parse,
@ -4644,6 +4660,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
 #endif

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_conf_new_session_tickets(
+        conf, MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS );
+#endif
    /*
     * Allow all TLS 1.3 key exchange modes by default.
     */
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -2619,7 +2619,21 @@ static int ssl_tls13_write_new_session_ticket_coordinate( mbedtls_ssl_context *s
    /* Check whether the use of session tickets is enabled */
    if( ssl->conf->f_ticket_write == NULL )
    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "new session ticket is not enabled" ) );
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "NewSessionTicket: disabled,"
+                                        " callback is not set" ) );
+        return( SSL_NEW_SESSION_TICKET_SKIP );
+    }
+    if( ssl->conf->new_session_tickets_count == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "NewSessionTicket: disabled,"
+                                        " configured count is zero" ) );
+        return( SSL_NEW_SESSION_TICKET_SKIP );
+    }
+
+    if( ssl->handshake->new_session_tickets_count == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "NewSessionTicket: all tickets have "
+                                        "been sent." ) );
        return( SSL_NEW_SESSION_TICKET_SKIP );
    }

@ -2852,6 +2866,15 @@ static int ssl_tls13_write_new_session_ticket( mbedtls_ssl_context *ssl )
        MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg(
                                  ssl, buf_len, msg_len ) );

+        /* Limit session tickets count to one when resumption connection.
+         *
+         * See document of mbedtls_ssl_conf_new_session_tickets.
+         */
+        if( ssl->handshake->resume == 1 )
+            ssl->handshake->new_session_tickets_count = 0;
+        else
+            ssl->handshake->new_session_tickets_count--;
+
        mbedtls_ssl_handshake_set_state( ssl,
                                         MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH );
    }
@ -3002,7 +3025,11 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
             * as part of ssl_prepare_handshake_step.
             */
            ret = 0;
-            mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER );
+
+            if( ssl->handshake->new_session_tickets_count == 0 )
+                mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER );
+            else
+                mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_NEW_SESSION_TICKET );
            break;

 #endif /* MBEDTLS_SSL_SESSION_TICKETS */