Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets

TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
2025-07-29 11:41:15 +03:00 · 2022-09-23 15:48:33 +01:00
parent 07ba2be20b ba627bfd0d
commit 2c282c9bd0
8 changed files with 135 additions and 16 deletions
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -1997,7 +1997,7 @@ int main( int argc, char *argv[] )
        else if( strcmp( p, "tickets" ) == 0 )
        {
            opt.tickets = atoi( q );
-            if( opt.tickets < 0 || opt.tickets > 1 )
+            if( opt.tickets < 0 )
                goto usage;
        }
        else if( strcmp( p, "ticket_rotate" ) == 0 )
@ -2915,7 +2915,7 @@ int main( int argc, char *argv[] )
 #endif

 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
+    if( opt.tickets != MBEDTLS_SSL_SESSION_TICKETS_DISABLED )
    {
        if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
                        rng_get, &rng,
@ -2930,7 +2930,9 @@ int main( int argc, char *argv[] )
                mbedtls_ssl_ticket_write,
                mbedtls_ssl_ticket_parse,
                &ticket_ctx );
-
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        mbedtls_ssl_conf_new_session_tickets( &conf, opt.tickets );
+#endif
        /* exercise manual ticket rotation (not required for typical use)
         * (used for external synchronization of session ticket encryption keys)
         */