[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 98/173: mbedtls: disable TLS session tickets
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 98/173: mbedtls: disable TLS session tickets |
Date: |
Fri, 24 Feb 2017 14:02:00 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.
commit ab08d82648f6deed7e698f1e11b5e3151e8f2f79
Author: Michael Kaufmann <address@hidden>
AuthorDate: Sat Jan 28 20:14:54 2017 +0100
mbedtls: disable TLS session tickets
SSL session reuse with TLS session tickets is not supported yet.
Use SSL session IDs instead.
See https://github.com/curl/curl/issues/1109
---
lib/vtls/mbedtls.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 8bcaddd25..213a58fca 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -373,6 +373,11 @@ mbed_connect_step1(struct connectdata *conn,
mbedtls_ssl_conf_ciphersuites(&connssl->config,
mbedtls_ssl_list_ciphersuites());
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+ mbedtls_ssl_conf_session_tickets(&connssl->config,
+ MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
+#endif
+
/* Check if there's a cached ID we can/should use here! */
if(data->set.general_ssl.sessionid) {
void *old_session = NULL;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 45/173: rand: make it work without TLS backing, (continued)
- [GNUnet-SVN] [gnurl] 45/173: rand: make it work without TLS backing, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 73/173: bump: next release will be 7.53.0, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 105/173: OS400: Fix symbols, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 55/173: IDN: Use TR46 non-transitional, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 97/173: gnutls: disable TLS session tickets, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 48/173: docs: FAQ MAIL-ETIQUETTE language fixes, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 75/173: openssl: Fix random generation, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 74/173: TODO: share OpenSSL contexts, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 99/173: RELEASE-NOTES; synced with ab08d82648, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 79/173: docs: non-blocking SSL handshake is now supported with NSS, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 98/173: mbedtls: disable TLS session tickets,
gnunet <=
- [GNUnet-SVN] [gnurl] 132/173: smb: code indent, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 135/173: axtls: adapt to API changes, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 106/173: docs: Add more HTTPS proxy documentation, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 57/173: docs: Add note about libcurl copying strings to CURLOPT_* manpages, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 119/173: test1139: Added the --manual keyword since the manual is required, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 124/173: nss: make FTPS work with --proxytunnel, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 93/173: INTERNALS.md: language improvements, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 110/173: CHANGES: spell fix, use correct path to script, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 78/173: CURLOPT_CONNECT_TO: Fix compile warnings, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 88/173: vtls: source indentation fix, gnunet, 2017/02/24