openssl: Disable session tickets

author Attila Molnar <redacted>

Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)

committer Attila Molnar <redacted>

Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)
author Attila Molnar <redacted>
Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)
committer Attila Molnar <redacted>
Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)
diff --git a/libratbox/src/openssl.c b/libratbox/src/openssl.c

index 9a9b52d55cbdd1e70cab92bf9020abadbdc2128d..bac3ea1e60e30c2bd9ceda1cf30e8832ccebb11b 100644 (file)
--- a/libratbox/src/openssl.c
+++ b/libratbox/src/openssl.c
@@ -315,6 +315,9 @@ rb_init_ssl(void)
         SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE
  #ifdef SSL_OP_SINGLE_DH_USE
                         | SSL_OP_SINGLE_DH_USE
+#endif
+#ifdef SSL_OP_NO_TICKET
+                       | SSL_OP_NO_TICKET
  #endif
                         );
         SSL_CTX_set_verify(ssl_server_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, verify_accept_all_cb);
@@ -343,6 +346,11 @@ rb_init_ssl(void)
                            get_ssl_error(ERR_get_error()));
                 ret = 0;
         }
+
+#ifdef SSL_OP_NO_TICKET
+       SSL_CTX_set_options(ssl_client_ctx, SSL_OP_NO_TICKET);
+#endif
+
         return ret;
  }
author	Attila Molnar <redacted>
	Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)
committer	Attila Molnar <redacted>
	Mon, 9 Feb 2015 20:18:32 +0000 (21:18 +0100)