Add conf new session tickets
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 687c5ef..eea7f09 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1579,6 +1579,14 @@
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
/**
+ * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
+ *
+ * Default number of NewSessionTicket. This is not used in TLS 1.2.
+ *
+ */
+#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
+
+/**
* \def MBEDTLS_SSL_PROTO_DTLS
*
* Enable support for DTLS (all available versions).
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 1e0220a..0f008ea 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1329,9 +1329,17 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
uint8_t MBEDTLS_PRIVATE(disable_renegotiation); /*!< disable renegotiation? */
#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_CLI_C)
+ uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_SRV_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_3)
+ uint16_t MBEDTLS_PRIVATE(new_session_tickets); /*!< number of NewSessionTicket */
+#endif
+
#if defined(MBEDTLS_SSL_SRV_C)
uint8_t MBEDTLS_PRIVATE(cert_req_ca_list); /*!< enable sending CA list in
Certificate Request messages? */
@@ -4109,7 +4117,8 @@
void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
#endif /* MBEDTLS_SSL_SRV_C */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_CLI_C)
/**
* \brief Enable / Disable session tickets (client only).
* (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.)
@@ -4121,7 +4130,26 @@
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
*/
void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
-#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
+ MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_SRV_C) && \
+ defined(MBEDTLS_SSL_PROTO_TLS1_3)
+/**
+ * \brief Number of NewSessionTicket message that sent by server.
+ * (Default: MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS)
+ *
+ *
+ * \param conf SSL configuration
+ * \param num_tickets Number of NewSessionTicket.
+ *
+ */
+void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
+ uint16_t num_tickets );
+#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
+ MBEDTLS_SSL_SRV_C &&
+ MBEDTLS_SSL_PROTO_TLS1_3*/
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index af65e6d..065b354 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2611,6 +2611,15 @@
#endif
#if defined(MBEDTLS_SSL_SRV_C)
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
+ uint16_t num_tickets )
+{
+ conf->new_session_tickets = num_tickets;
+}
+#endif
+
void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
mbedtls_ssl_ticket_write_t *f_ticket_write,
mbedtls_ssl_ticket_parse_t *f_ticket_parse,
@@ -4644,6 +4653,10 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#if defined(MBEDTLS_SSL_SRV_C)
+ mbedtls_ssl_conf_new_session_tickets(
+ conf, MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS );
+#endif
/*
* Allow all TLS 1.3 key exchange modes by default.
*/