From 19400ee8b7da6138e74a5dfc86547306ec55dc2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=99emysl=20Janouch?= <p.janouch@gmail.com>
Date: Tue, 9 Jan 2018 06:25:16 +0100
Subject: [PATCH] kike: disable TLS session reuse

---
 kike.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/kike.c b/kike.c
index dfd896f..33d80f4 100644
--- a/kike.c
+++ b/kike.c
@@ -3544,6 +3544,9 @@ irc_initialize_ssl_ctx (struct server_context *ctx,
 	(void) SSL_CTX_set_session_id_context (ctx->ssl_ctx,
 		session_id_context, sizeof session_id_context);
 
+	// IRC is not particularly reconnect-heavy, prefer forward secrecy
+	SSL_CTX_set_session_cache_mode (ctx->ssl_ctx, SSL_SESS_CACHE_OFF);
+
 	// Gah, spare me your awkward semantics, I just want to push data!
 	SSL_CTX_set_mode (ctx->ssl_ctx,
 		SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);