From c8008e29b9096f83f58e2cfb945fe1dec98665cf Mon Sep 17 00:00:00 2001
From: Stefan Eissing <stefan.eissing@greenbytes.de>
Date: Thu, 21 Jul 2022 10:52:45 +0200
Subject: [PATCH] Announce TLSX_PSK_KEY_EXCHANGE_MODES in non-resuming
 ClientHello.

- can be reverted to previous style by defining NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
- QUIC interop testing reveals that at least QUIC stacks refrain from
  issuing session tickets unless the ClientHello shows this extension.
---
 src/tls.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/tls.c b/src/tls.c
index 2f10e4b90..888cf0e8c 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -11385,7 +11385,15 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
             }
     #endif /* !NO_PSK */
         #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+
+            #ifndef NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
+            /* Some servers do not generate session tickets unless
+             * the extension is seen in a non-resume client hello */
+            if (1) {
+                (void)usingPSK;
+            #else
             if (usingPSK) {
+            #endif
                 byte modes;
 
                 /* Pre-shared key modes: mandatory extension for resumption. */