OpenSSL: send no TLS1.3 session tickets

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d24b44c949aeab7f2e9b5c19b55fbdcd4d598b37..75427d68e3a1f4ae5268a13774dd78e084af7535 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -11,6 +11,10 @@ Exim version 4.93
 JH/01 OpenSSL: With debug enabled output keying information sufficient, server
       side, to decode a TLS 1.3 packet capture.
 
+JH/02 OpenSSL: suppress the sending of (stateful) TLS1.3 session tickets.
+      Previously the default library behaviour applied, sending two, each in
+      its own TCP segment.
+
 
 Exim version 4.92
 -----------------

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 692022063a8f7889c82ab1f0440964f2575890a4..169cf564f3e57a4111ef51be4222addeb4349a21 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -94,6 +94,7 @@ change this guard and punt the issue for a while longer. */
 #ifndef LIBRESSL_VERSION_NUMBER
 # if OPENSSL_VERSION_NUMBER >= 0x010101000L
 #  define OPENSSL_HAVE_KEYLOG_CB
+#  define OPENSSL_HAVE_NUM_TICKETS
 # endif
 #endif
 
@@ -1809,6 +1810,10 @@ if (init_options)
 else
   DEBUG(D_tls) debug_printf("no SSL CTX options to set\n");
 
+#ifdef OPENSSL_HAVE_NUM_TICKETS
+SSL_CTX_set_num_tickets(ctx, 0);       /* send no TLS1.3 stateful-tickets */
+#endif
+
 /* We'd like to disable session cache unconditionally, but foolish Outlook
 Express clients then give up the first TLS connection and make a second one
 (which works).  Only when there is an IMAP service on the same machine.