From 058c6afd3ce2cdd354bd7d7e855fc6cb7cec4f4f Mon Sep 17 00:00:00 2001
From: Stephen Bird <sebirdman@gmail.com>
Date: Mon, 15 Oct 2018 17:28:29 -0700
Subject: [PATCH] Add option to disable server side SSL session tickets as well
 as client

Closes https://github.com/espressif/esp-idf/pull/2570
---
 components/mbedtls/Kconfig                          | 13 ++++++++++---
 .../mbedtls/port/include/mbedtls/esp_config.h       |  4 +++-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig
index 5ad419cec5..4d1d527fea 100644
--- a/components/mbedtls/Kconfig
+++ b/components/mbedtls/Kconfig
@@ -330,13 +330,20 @@ menu "mbedTLS"
         help
             Disabling this option will save some code size if it is not needed.
 
-    config MBEDTLS_SSL_SESSION_TICKETS
-        bool "TLS: Support RFC 5077 SSL session tickets"
+    config MBEDTLS_CLIENT_SSL_SESSION_TICKETS
+        bool "TLS: Client Support for RFC 5077 SSL session tickets"
         default y
         depends on MBEDTLS_TLS_ENABLED
         help
-            Support RFC 5077 session tickets. See mbedTLS documentation for more details.
+            Client support for RFC 5077 session tickets. See mbedTLS documentation for more details.
+            Disabling this option will save some code size.
 
+    config MBEDTLS_SERVER_SSL_SESSION_TICKETS
+        bool "TLS: Server Support for RFC 5077 SSL session tickets"
+        default y
+        depends on MBEDTLS_TLS_ENABLED
+        help
+            Server support for RFC 5077 session tickets. See mbedTLS documentation for more details.
             Disabling this option will save some code size.
 
     menu "Symmetric Ciphers"
diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h
index 89cdef8927..40ae3ae368 100644
--- a/components/mbedtls/port/include/mbedtls/esp_config.h
+++ b/components/mbedtls/port/include/mbedtls/esp_config.h
@@ -1308,7 +1308,7 @@
  *
  * Comment this macro to disable support for SSL session tickets
  */
-#ifdef CONFIG_MBEDTLS_SSL_SESSION_TICKETS
+#ifdef CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS
 #define MBEDTLS_SSL_SESSION_TICKETS
 #endif
 
@@ -2340,7 +2340,9 @@
  *
  * Requires: MBEDTLS_CIPHER_C
  */
+#ifdef CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS
 #define MBEDTLS_SSL_TICKET_C
+#endif
 
 /**
  * \def MBEDTLS_SSL_CLI_C
-- 
2.40.0