Enable TLS session resumption across CustomTLSDial calls

psiphon/meekConn.go

@@ -249,6 +249,7 @@ func DialMeek(
 			SkipVerify:                    true,
 			TLSProfile:                    meekConfig.TLSProfile,
 			TrustedCACertificatesFilename: dialConfig.TrustedCACertificatesFilename,
+			ClientSessionCache:            utls.NewLRUClientSessionCache(0),
 		}
 
 		if meekConfig.UseObfuscatedSessionTickets {

psiphon/net.go

@@ -35,6 +35,7 @@ import (
 
 	"github.com/Psiphon-Labs/dns"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common"
+	utls "github.com/Psiphon-Labs/utls"
 )
 
 const DNS_PORT = 53
@@ -252,6 +253,7 @@ func MakeUntunneledHTTPClient(
 			SNIServerName:                 "",
 			SkipVerify:                    skipVerify,
 			TrustedCACertificatesFilename: untunneledDialConfig.TrustedCACertificatesFilename,
+			ClientSessionCache:            utls.NewLRUClientSessionCache(0),
 		})
 
 	transport := &http.Transport{

psiphon/tlsDialer.go

@@ -137,6 +137,11 @@ type CustomTLSConfig struct {
 	// ObfuscatedSessionTicketKey enables obfuscated session tickets
 	// using the specified key.
 	ObfuscatedSessionTicketKey string
+
+	// ClientSessionCache specifies a cache to use to persist session
+	// tickets, enabling TLS session resumability across multiple
+	// CustomTLSDial calls or dialers using the same CustomTLSConfig.
+	ClientSessionCache utls.ClientSessionCache
 }
 
 func SelectTLSProfile(
@@ -237,8 +242,13 @@ func CustomTLSDial(
 		selectedTLSProfile = SelectTLSProfile("", config.ClientParameters)
 	}
 
+	clientSessionCache := config.ClientSessionCache
+	if clientSessionCache == nil {
+		clientSessionCache = utls.NewLRUClientSessionCache(0)
+	}
+
 	tlsConfig := &utls.Config{
-		ClientSessionCache: utls.NewLRUClientSessionCache(0),
+		ClientSessionCache: clientSessionCache,
 	}
 
 	if config.SkipVerify {