From fabc3174fe60b5748964a9cac2118a502b0c0a19 Mon Sep 17 00:00:00 2001
From: Jilles Tjoelker <jilles@stack.nl>
Date: Wed, 15 Jan 2014 21:50:08 +0100
Subject: [PATCH] openssl: Set some sort of session id context.

Without a session id context and if client certificates are used, OpenSSL
fails the handshake if an attempt is made to reuse an old session. Various
clients could not reconnect after a disconnection because of this.

See https://bugzilla.mozilla.org/show_bug.cgi?id=858394#c34 for a bug
report.
---
 libratbox/src/openssl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libratbox/src/openssl.c b/libratbox/src/openssl.c
index 63f01690..c84c7a8a 100644
--- a/libratbox/src/openssl.c
+++ b/libratbox/src/openssl.c
@@ -314,6 +314,7 @@ rb_init_ssl(void)
 	/* Disable SSLv2, make the client use our settings */
 	SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_CIPHER_SERVER_PREFERENCE);
 	SSL_CTX_set_verify(ssl_server_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, verify_accept_all_cb);
+	SSL_CTX_set_session_id_context(ssl_server_ctx, "libratbox", 9);
 
 	/* Set ECDHE on OpenSSL 1.00+, but make sure it's actually available because redhat are dicks
 	   and bastardise their OpenSSL for stupid reasons... */