mbedtls: disable TLS session tickets

SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. See https://github.com/curl/curl/issues/1109
author: Michael Kaufmann <mail@michael-kaufmann.ch> 2017-01-28 20:14:54 +0100
committer: Michael Kaufmann <mail@michael-kaufmann.ch> 2017-01-28 20:15:30 +0100
commit: ab08d82648f6deed7e698f1e11b5e3151e8f2f79 (patch)
tree: 86c674ffaf4585c46662fe259c8293ade080f688
parent: 511674ab279cebe143748920755631539a198d33 (diff)
download: gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.tar.gz
gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.tar.bz2
gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 8bcaddd25..213a58fca 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -373,6 +373,11 @@ mbed_connect_step1(struct connectdata *conn,
   mbedtls_ssl_conf_ciphersuites(&connssl->config,
                                 mbedtls_ssl_list_ciphersuites());
 
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+  mbedtls_ssl_conf_session_tickets(&connssl->config,
+                                   MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
+#endif
+
   /* Check if there's a cached ID we can/should use here! */
   if(data->set.general_ssl.sessionid) {
     void *old_session = NULL;
author	Michael Kaufmann <mail@michael-kaufmann.ch>	2017-01-28 20:14:54 +0100
committer	Michael Kaufmann <mail@michael-kaufmann.ch>	2017-01-28 20:15:30 +0100
commit	ab08d82648f6deed7e698f1e11b5e3151e8f2f79 (patch)
tree	86c674ffaf4585c46662fe259c8293ade080f688
parent	511674ab279cebe143748920755631539a198d33 (diff)
download	gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.tar.gz gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.tar.bz2 gnurl-ab08d82648f6deed7e698f1e11b5e3151e8f2f79.zip