kike: disable TLS session reuse

This commit is contained in:
Přemysl Eric Janouch 2018-01-09 06:25:16 +01:00
parent 674ffb2f6d
commit 19400ee8b7
Signed by: p
GPG Key ID: B715679E3A361BE6

3
kike.c
View File

@ -3544,6 +3544,9 @@ irc_initialize_ssl_ctx (struct server_context *ctx,
(void) SSL_CTX_set_session_id_context (ctx->ssl_ctx, (void) SSL_CTX_set_session_id_context (ctx->ssl_ctx,
session_id_context, sizeof session_id_context); session_id_context, sizeof session_id_context);
// IRC is not particularly reconnect-heavy, prefer forward secrecy
SSL_CTX_set_session_cache_mode (ctx->ssl_ctx, SSL_SESS_CACHE_OFF);
// Gah, spare me your awkward semantics, I just want to push data! // Gah, spare me your awkward semantics, I just want to push data!
SSL_CTX_set_mode (ctx->ssl_ctx, SSL_CTX_set_mode (ctx->ssl_ctx,
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE); SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);