MB-59835: Disable OpenSSL session caching

jimwwalker · jimwwalker · commit f11cd84f052f · 2023-11-28T14:37:59.000Z
OpenSSL session caching has been linked to a crash, disabling the cache should avoid the problem. Change-Id: Id03d2281cea61720cdef38b574ac6d95a9858a5e Reviewed-on: https://review.couchbase.org/c/kv_engine/+/201619 Reviewed-by: Trond Norbye <trond.norbye@couchbase.com> Well-Formed: Restriction Checker Tested-by: Jim Walker <jim@couchbase.com>
diff --git a/daemon/tls_configuration.cc b/daemon/tls_configuration.cc
@@ -174,6 +174,8 @@ cb::openssl::unique_ssl_ctx_ptr TlsConfiguration::createServerContext(
     SSL_CTX_set_mode(server_ctx,
                      SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
                              SSL_MODE_ENABLE_PARTIAL_WRITE);
+    // MB-59835: Session cache has been linked to a crash..
+    SSL_CTX_set_session_cache_mode(server_ctx, SSL_SESS_CACHE_OFF);
 
     if (!SSL_CTX_load_verify_locations(server_ctx, ca_file.c_str(), nullptr)) {
         throw CreateSslContextException("Failed to use: " + ca_file,
