diff options
author | Attila Molnar <attilamolnar@hush.com> | 2014-10-10 14:15:37 +0200 |
---|---|---|
committer | Attila Molnar <attilamolnar@hush.com> | 2014-10-10 14:15:37 +0200 |
commit | b4dc9d871cd8c7817c6dff17c76b66e989712ffc (patch) | |
tree | bc89a275861c991aac3c353b4c21434969dd300c | |
parent | 9179e51e513587cddd4c4171f0ad74c8f5bf052e (diff) |
m_ssl_openssl Disable session caching and session tickets
-rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 081b0153e..37d2a9cdf 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -128,14 +128,17 @@ class ModuleSSLOpenSSL : public Module SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, OnVerify); SSL_CTX_set_verify(clictx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, OnVerify); - const unsigned char session_id[] = "inspircd"; - SSL_CTX_set_session_id_context(ctx, session_id, sizeof(session_id) - 1); + SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); + SSL_CTX_set_session_cache_mode(clictx, SSL_SESS_CACHE_OFF); long opts = SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE; // Only turn options on if they exist #ifdef SSL_OP_SINGLE_ECDH_USE opts |= SSL_OP_SINGLE_ECDH_USE; #endif +#ifdef SSL_OP_NO_TICKET + opts |= SSL_OP_NO_TICKET; +#endif SSL_CTX_set_options(ctx, opts); SSL_CTX_set_options(clictx, opts); |