diff options
Diffstat (limited to 'src/mod_openssl.c')
-rw-r--r-- | src/mod_openssl.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/mod_openssl.c b/src/mod_openssl.c index 39d3cd34..3f16ac84 100644 --- a/src/mod_openssl.c +++ b/src/mod_openssl.c @@ -2089,10 +2089,17 @@ network_init_ssl (server *srv, plugin_config_socket *s, plugin_data *p) return -1; } - /* disable session cache; session tickets are preferred */ - SSL_CTX_set_session_cache_mode(s->ssl_ctx, SSL_SESS_CACHE_OFF - | SSL_SESS_CACHE_NO_AUTO_CLEAR - | SSL_SESS_CACHE_NO_INTERNAL); + const int disable_sess_cache = + srv->srvconf.feature_flags + && !config_plugin_value_tobool( + array_get_element_klen(srv->srvconf.feature_flags, + CONST_STR_LEN("ssl.session-cache")), 0); + if (disable_sess_cache) + /* disable session cache; session tickets are preferred */ + SSL_CTX_set_session_cache_mode(s->ssl_ctx, + SSL_SESS_CACHE_OFF + | SSL_SESS_CACHE_NO_AUTO_CLEAR + | SSL_SESS_CACHE_NO_INTERNAL); if (s->ssl_empty_fragments) { #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS |