Disable the use of session tickets on TLSv1.2 by default

[PleasantMachine9]

See #1886 and #1898

Since currently session resumption is not supported by urllib3,
there is no reason to request tickets from the server.
It takes up extra bytes in transit (~200 bytes), and raises
some minor security concerns.

See also: https://blog.filippo.io/we-need-to-talk-about-session-tickets/

Hopefully we can add support for resumption, but until then, this flag (NO_TICKET) has no reason to be off.

[codecov]

Codecov Report

Merging #1970 into master will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##            master     #1970   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           24        24           
  Lines         2187      2189    +2     
=========================================
+ Hits          2187      2189    +2     

Impacted Files	Coverage Δ
src/urllib3/util/ssl_.py	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d560e21...1bda47f. Read the comment docs.

[PleasantMachine9]

test_ssl_failed_fingerprint_verification
where MaxRetryError("HTTPSConnectionPool(host='localhost', port=49868): Max retries exceeded with url: / (Caused by NewConne...ection.HTTPSConnection object at 0x10c3e5190>: Failed to establish a new connection: [Errno 61] Connection refused'))") = .value

This looks like a flaky test case to me? I don't see how my change would affect this TC.

[sethmlarson]

This looks like a flaky test case to me? I don't see how my change would affect this TC.

Our CI is a bit flaky sometimes :) might not have been caused by your change.

[sethmlarson]

It may not say so in the Python documentation, but according to OpenSSL OP_NO_TICKET is meant for server-side sockets only?

https://www.openssl.org/docs/man1.1.1/man3/SSL_set_options.html

[sethmlarson]

So I confirmed in Wireshark that for TLS 1.2 specifically setting OP_NO_TICKET does indeed disable the session_ticket (35) extension from being sent with ClientHello.

[PleasantMachine9]

Practically speaking it wouldn't make sense for it to be server-side only, so it's probably a documentation issue in openssl.

As per the RFC detailing tickets for TLS 1.2, the client is the first party to indicate whether they support tickets, by including the empty extension.

So it makes sense that we should be able to tell openssl not to send that extension.

[PleasantMachine9]

Trying again for the TCs

[sethmlarson]

This looks good to me now, thanks for putting this together!