From 6377e41ef56f8303ccc58a4ca82f3bf99495018a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 31 Jul 2013 16:31:33 +0200
Subject: [PATCH] Complete client support for session tickets

---
 library/ssl_cli.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index f572cabcc..9b643926d 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -431,7 +431,25 @@ static int ssl_write_client_hello( ssl_context *ssl )
 
     if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || n < 16 || n > 32 ||
         ssl->handshake->resume == 0 )
+    {
         n = 0;
+    }
+
+    /*
+     * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
+     * generate and include a Session ID in the TLS ClientHello."
+     */
+    if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE &&
+        ssl->session_negotiate->ticket != NULL &&
+        ssl->session_negotiate->ticket_len != 0 )
+    {
+        ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 );
+
+        if( ret != 0 )
+            return( ret );
+
+        ssl->session_negotiate->length = n = 32;
+    }
 
     *p++ = (unsigned char) n;