diff options
| author | Yossi Gottlieb <yossigo@users.noreply.github.com> | 2020-07-10 11:33:47 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-10 11:33:47 +0300 |
| commit | 3e6f2b1a45176ac3d81b95cb6025f30d7aaa1393 (patch) | |
| tree | 5193a087d79e760908849f3b191fc513bff21eae /src/tls.c | |
| parent | 5266293a0fdee57fe6bb8a408a2e2ff0c66f0259 (diff) | |
| download | redis-3e6f2b1a45176ac3d81b95cb6025f30d7aaa1393.tar.gz | |
TLS: Session caching configuration support. (#7420)
* TLS: Session caching configuration support.
* TLS: Remove redundant config initialization.
Diffstat (limited to 'src/tls.c')
| -rw-r--r-- | src/tls.c | 12 |
1 files changed, 9 insertions, 3 deletions
@@ -148,9 +148,6 @@ void tlsInit(void) { } pending_list = listCreate(); - - /* Server configuration */ - server.tls_auth_clients = 1; /* Secure by default */ } /* Attempt to configure/reconfigure TLS. This operation is atomic and will @@ -184,6 +181,15 @@ int tlsConfigure(redisTLSContextConfig *ctx_config) { SSL_CTX_set_options(ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); #endif + if (ctx_config->session_caching) { + SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER); + SSL_CTX_sess_set_cache_size(ctx, ctx_config->session_cache_size); + SSL_CTX_set_timeout(ctx, ctx_config->session_cache_timeout); + SSL_CTX_set_session_id_context(ctx, (void *) "redis", 5); + } else { + SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); + } + int protocols = parseProtocolsConfig(ctx_config->protocols); if (protocols == -1) goto error; |