mbedtls: disable TLS session tickets

SSL session reuse with TLS session tickets is not supported yet.
Use SSL session IDs instead.

See https://github.com/curl/curl/issues/1109

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 8bcaddd25afe1129fb79173ff5bf5daaaa0f6e5d..213a58fcaaffd35ff46d1ee1f24e2d402bcedf86 100644 (file)
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -373,6 +373,11 @@ mbed_connect_step1(struct connectdata *conn,
   mbedtls_ssl_conf_ciphersuites(&connssl->config,
                                 mbedtls_ssl_list_ciphersuites());
 
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+  mbedtls_ssl_conf_session_tickets(&connssl->config,
+                                   MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
+#endif
+
   /* Check if there's a cached ID we can/should use here! */
   if(data->set.general_ssl.sessionid) {
     void *old_session = NULL;