From 19400ee8b7da6138e74a5dfc86547306ec55dc2d Mon Sep 17 00:00:00 2001 From: Přemysl Janouch Date: Tue, 9 Jan 2018 06:25:16 +0100 Subject: kike: disable TLS session reuse --- kike.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kike.c b/kike.c index dfd896f..33d80f4 100644 --- a/kike.c +++ b/kike.c @@ -3544,6 +3544,9 @@ irc_initialize_ssl_ctx (struct server_context *ctx, (void) SSL_CTX_set_session_id_context (ctx->ssl_ctx, session_id_context, sizeof session_id_context); + // IRC is not particularly reconnect-heavy, prefer forward secrecy + SSL_CTX_set_session_cache_mode (ctx->ssl_ctx, SSL_SESS_CACHE_OFF); + // Gah, spare me your awkward semantics, I just want to push data! SSL_CTX_set_mode (ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE); -- cgit v1.2.3-70-g09d2