r16882@tombo: nickm | 2008-07-10 14:31:25 -0400

Fix for session-related bug found by Geoff Goodell. backport candidate, once tested. svn:r15821
author: Nick Mathewson <nickm@torproject.org> 2008-07-10 18:31:33 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-07-10 18:31:33 +0000
commit: cb7cc9e12d66907343e1522e7128de206c0dc86f (patch)
tree: 3ce09e05fe5441cb70ca80e3b2d3387c86045ec8 /src
parent: c717e19a295529e7fee014153ed0adadb2dfeb9d (diff)
download: tor-cb7cc9e12d66907343e1522e7128de206c0dc86f.tar.gz
tor-cb7cc9e12d66907343e1522e7128de206c0dc86f.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 46b2a11e2b..d2751d1653 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -564,6 +564,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
   SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
 #endif
   SSL_CTX_set_options(result->ctx, SSL_OP_SINGLE_DH_USE);
+  
+#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+  SSL_CTX_set_options(result->ctx,
+                      SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
+#endif
   /* Don't actually allow compression; it uses ram and time, but the data
    * we transmit is all encrypted anyway. */
   if (result->ctx->comp_methods)
author	Nick Mathewson <nickm@torproject.org>	2008-07-10 18:31:33 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-07-10 18:31:33 +0000
commit	cb7cc9e12d66907343e1522e7128de206c0dc86f (patch)
tree	3ce09e05fe5441cb70ca80e3b2d3387c86045ec8 /src
parent	c717e19a295529e7fee014153ed0adadb2dfeb9d (diff)
download	tor-cb7cc9e12d66907343e1522e7128de206c0dc86f.tar.gz tor-cb7cc9e12d66907343e1522e7128de206c0dc86f.zip