Add an option to support TLS session ticket resumption

[cyang1]

From some manual testing (by connecting to a local server run with openssl s_server -key key.pem -cert cert.pem -accept 44330 -tlsextdebug -www -state), it looks like there are two requirements here:

• Call either SSLSetSessionTicketsEnabled or SSLSetSessionOption with kSSLSessionOptionEnableSessionTickets, which will cause the client to send the SessionTicket extension in its initial ClientHello.
• Call SSLSetPeerID with something that uniquely identifies the remote (maybe domain + port?).
  Both of these are required, as with just the first, the client will just send an empty SessionTicket extension in its ClientHello every time. It seems like setting a peer ID is required so that Security Framework knows what to key the session ticket against.

In the openssl s_server output, a normal TLS handshake looks like:

SSL_accept:before/accept initialization
TLS client extension "session ticket" (id=35), len=0
...
SSL_accept:SSLv3 read client hello A
SSL_accept:SSLv3 write server hello A
SSL_accept:SSLv3 write certificate A
SSL_accept:SSLv3 write key exchange A
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL_accept:SSLv3 read client certificate A
SSL_accept:SSLv3 read client key exchange A
SSL_accept:SSLv3 read certificate verify A
SSL_accept:SSLv3 read finished A
SSL_accept:SSLv3 write session ticket A
SSL_accept:SSLv3 write change cipher spec A
SSL_accept:SSLv3 write finished A
SSL_accept:SSLv3 flush data

and a handshake with TLS session ticket resumption looks like:

SSL_accept:before/accept initialization
TLS client extension "session ticket" (id=35), len=176
...
SSL_accept:SSLv3 read client hello A
SSL_accept:SSLv3 write server hello A
SSL_accept:SSLv3 write change cipher spec A
SSL_accept:SSLv3 write finished A
SSL_accept:SSLv3 flush data
SSL_accept:SSLv3 read finished A

[kornelski]

I'm happy to accept pull requests implementing this functionality.