From ea444b92b7201e8dfa70da0ab16ae5802abc736b Mon Sep 17 00:00:00 2001 From: Doug MacEachern Date: Fri, 24 Aug 2001 23:25:14 +0000 Subject: [PATCH] force OpenSSL to ignore process local-caching and to always get/set/delete sessions using mod_ssl's callbacks PR: Obtained from: Submitted by: Madhusudan Mathihalli Reviewed by: dougm git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@90654 13f79535-47bb-0310-9956-ffa450edef68 --- ssl_engine_init.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/ssl_engine_init.c b/ssl_engine_init.c index ab5ad89f323..73e6f21b277 100644 --- a/ssl_engine_init.c +++ b/ssl_engine_init.c @@ -468,6 +468,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) BOOL bSkipFirst; int isca, pathlen; int i, n; + long cache_mode; /* * Create the server host:port string because we need it a lot @@ -529,10 +530,18 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) * Configure additional context ingredients */ SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); - if (mc->nSessionCacheMode == SSL_SCMODE_NONE) - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); - else - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER); + if (mc->nSessionCacheMode == SSL_SCMODE_NONE) { + cache_mode = SSL_SESS_CACHE_OFF; + } + else { + /* SSL_SESS_CACHE_NO_INTERNAL_LOOKUP will force OpenSSL + * to ignore process local-caching and + * to always get/set/delete sessions using mod_ssl's callbacks. + */ + cache_mode = SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_LOOKUP; + } + + SSL_CTX_set_session_cache_mode(ctx, cache_mode); /* * Configure callbacks for SSL context -- 2.47.2