Enable TLS 1.3 ticket handling in resumption tests Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 23303a47f4f02fb4ff71aa2b006a83383901aebd [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Tue Aug 27 09:27:28 2024 +0200
committer: Ronald Cron <ronald.cron@arm.com> Tue Aug 27 16:20:40 2024 +0200
tree: 2f318515a1791a9cfc72d7e28dfba8e59c8f92b7
parent: b675b2ba5dfc9223b610d066557bf81db077b479 [diff] [blame]
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index cd839c1..cf21569 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c

@@ -82,6 +82,7 @@
 #define DFL_CID_VALUE_RENEGO    NULL
 #define DFL_RECONNECT_HARD      0
 #define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
+#define DFL_NEW_SESSION_TICKETS MBEDTLS_SSL_ENABLE_NEW_SESSION_TICKETS_ENABLED
 #define DFL_ALPN_STRING         NULL
 #define DFL_GROUPS              NULL
 #define DFL_SIG_ALGS            NULL
@@ -198,7 +199,8 @@
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
 #define USAGE_TICKETS                                       \
-    "    tickets=%%d          default: 1 (enabled)\n"
+    "    tickets=%%d              default: 1 (enabled)\n"    \
+    "    new_session_tickets=%%d  default: 1 (enabled)\n"
 #else
 #define USAGE_TICKETS ""
 #endif /* MBEDTLS_SSL_SESSION_TICKETS */
@@ -514,7 +516,8 @@
     int reco_delay;             /* delay in seconds before resuming session */
     int reco_mode;              /* how to keep the session around           */
     int reconnect_hard;         /* unexpectedly reconnect from the same port */
-    int tickets;                /* enable / disable session tickets         */
+    int tickets;                /* enable / disable session tickets (TLS 1.2) */
+    int new_session_tickets;    /* enable / disable new session tickets (TLS 1.3) */
     const char *groups;         /* list of supported groups                 */
     const char *sig_algs;       /* supported TLS 1.3 signature algorithms   */
     const char *alpn_string;    /* ALPN supported protocols                 */
@@ -969,6 +972,7 @@
     opt.reco_mode           = DFL_RECO_MODE;
     opt.reconnect_hard      = DFL_RECONNECT_HARD;
     opt.tickets             = DFL_TICKETS;
+    opt.new_session_tickets = DFL_NEW_SESSION_TICKETS;
     opt.alpn_string         = DFL_ALPN_STRING;
     opt.groups              = DFL_GROUPS;
     opt.sig_algs            = DFL_SIG_ALGS;
@@ -1226,6 +1230,11 @@
             if (opt.tickets < 0) {
                 goto usage;
             }
+        } else if (strcmp(p, "new_session_tickets") == 0) {
+            opt.tickets = atoi(q);
+            if (opt.new_session_tickets < 0) {
+                goto usage;
+            }
         } else if (strcmp(p, "alpn") == 0) {
             opt.alpn_string = q;
         } else if (strcmp(p, "extended_ms") == 0) {
@@ -1936,7 +1945,10 @@
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
     mbedtls_ssl_conf_session_tickets(&conf, opt.tickets);
-#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+    mbedtls_ssl_conf_enable_new_session_tickets(&conf, opt.new_session_tickets);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
 
     if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
         mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
commit	23303a47f4f02fb4ff71aa2b006a83383901aebd	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Tue Aug 27 09:27:28 2024 +0200
committer	Ronald Cron <ronald.cron@arm.com>	Tue Aug 27 16:20:40 2024 +0200
tree	2f318515a1791a9cfc72d7e28dfba8e59c8f92b7
parent	b675b2ba5dfc9223b610d066557bf81db077b479 [diff] [blame]