From ab08d82648f6deed7e698f1e11b5e3151e8f2f79 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sat, 28 Jan 2017 20:14:54 +0100 Subject: [PATCH] mbedtls: disable TLS session tickets SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. See https://github.com/curl/curl/issues/1109 --- lib/vtls/mbedtls.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 8bcaddd25..213a58fca 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -373,6 +373,11 @@ mbed_connect_step1(struct connectdata *conn, mbedtls_ssl_conf_ciphersuites(&connssl->config, mbedtls_ssl_list_ciphersuites()); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + mbedtls_ssl_conf_session_tickets(&connssl->config, + MBEDTLS_SSL_SESSION_TICKETS_DISABLED); +#endif + /* Check if there's a cached ID we can/should use here! */ if(data->set.general_ssl.sessionid) { void *old_session = NULL;