From aa35f1fad70e954359972badf31a8d94f3fafe62 Mon Sep 17 00:00:00 2001
From: Emeric Brun <ebrun@exceliance.fr>
Date: Mon, 3 Sep 2012 11:53:36 +0200
Subject: [PATCH] MEDIUM: ssl: replace OpenSSL's session cache with the shared
 cache

OpenSSL's session cache is now totally disabled and we use our own
implementation instead.
---
 src/cfgparse.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 0cd9c2724..ca88e8684 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -62,6 +62,7 @@
 #include <proto/sample.h>
 #include <proto/server.h>
 #include <proto/session.h>
+#include <proto/shctx.h>
 #include <proto/raw_sock.h>
 #ifdef USE_OPENSSL
 #include <proto/ssl_sock.h>
@@ -6703,7 +6704,13 @@ out_uri_auth_compat:
 				SSL_CTX_set_options(listener->ssl_ctx.ctx, ssloptions);
 				SSL_CTX_set_mode(listener->ssl_ctx.ctx, sslmode);
 				SSL_CTX_set_verify(listener->ssl_ctx.ctx, SSL_VERIFY_NONE, NULL);
-				SSL_CTX_set_session_cache_mode(listener->ssl_ctx.ctx, SSL_SESS_CACHE_SERVER);
+				if (shared_context_init(0) < 0) {
+					Alert("Unable to allocate SSL session cache.\n");
+					cfgerr++;
+					goto skip_ssl;
+				}
+				shared_context_set_cache(listener->ssl_ctx.ctx);
+
 				SSL_CTX_set_info_callback(listener->ssl_ctx.ctx, ssl_sock_infocbk);
 
 				if (SSL_CTX_use_PrivateKey_file(listener->ssl_ctx.ctx, listener->ssl_cert, SSL_FILETYPE_PEM) <= 0) {