Allow configuation of the number of TLSv1.3 session tickets via SSL_CONF
Also allows the apps to set it.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5227)
diff --git a/apps/apps.h b/apps/apps.h
index b45a31a..5b98d27 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -281,8 +281,8 @@
"Block size to pad TLS 1.3 records to."}, \
{"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
"Perform all sorts of protocol violations for testing purposes"}, \
- {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', "Disable TLSv1.3 middlebox compat mode" }
-
+ {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
+ "Disable TLSv1.3 middlebox compat mode" }
# define OPT_S_CASES \
OPT_S__FIRST: case OPT_S__LAST: break; \
diff --git a/apps/s_server.c b/apps/s_server.c
index b0e9659..5d53250 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -747,7 +747,7 @@
OPT_ID_PREFIX, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,
OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
- OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_EARLY_DATA,
+ OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_EARLY_DATA, OPT_S_NUM_TICKETS,
OPT_R_ENUM,
OPT_S_ENUM,
OPT_V_ENUM,
@@ -955,6 +955,8 @@
{"max_early_data", OPT_MAX_EARLY, 'n',
"The maximum number of bytes of early data"},
{"early_data", OPT_EARLY_DATA, '-', "Attempt to read early data"},
+ {"num_tickets", OPT_S_NUM_TICKETS, 'n',
+ "The number of TLSv1.3 session tickets that a server will automatically issue" },
{NULL, OPT_EOF, 0, NULL}
};
@@ -1252,6 +1254,7 @@
goto opthelp;
break;
case OPT_S_CASES:
+ case OPT_S_NUM_TICKETS:
if (ssl_args == NULL)
ssl_args = sk_OPENSSL_STRING_new_null();
if (ssl_args == NULL
diff --git a/doc/man3/SSL_CTX_set_options.pod b/doc/man3/SSL_CTX_set_options.pod
index 0d51077..552de07 100644
--- a/doc/man3/SSL_CTX_set_options.pod
+++ b/doc/man3/SSL_CTX_set_options.pod
@@ -151,6 +151,8 @@
If this option is set this functionality is disabled and tickets will
not be used by clients or servers.
+This option only applies to TLSv1.2 and below. It is ignored for TLSv1.3.
+
=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index f1e8200..758f012 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -570,6 +570,21 @@
return rv;
}
+
+static int cmd_NumTickets(SSL_CONF_CTX *cctx, const char *value)
+{
+ int rv = 0;
+ int num_tickets = atoi(value);
+
+ if (num_tickets >= 0) {
+ if (cctx->ctx)
+ rv = SSL_CTX_set_num_tickets(cctx->ctx, num_tickets);
+ if (cctx->ssl)
+ rv = SSL_set_num_tickets(cctx->ssl, num_tickets);
+ }
+ return rv;
+}
+
typedef struct {
int (*cmd) (SSL_CONF_CTX *cctx, const char *value);
const char *str_file;
@@ -655,7 +670,8 @@
SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE,
SSL_CONF_TYPE_FILE),
#endif
- SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0)
+ SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0),
+ SSL_CONF_CMD_STRING(NumTickets, "num_tickets", SSL_CONF_FLAG_SERVER)
};
/* Supported switches: must match order of switches in ssl_conf_cmds */
