[tor-bugs] #4099 [Tor Browser]: Disable TLS Session resumption and Session IDs
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Dec 7 23:40:05 UTC 2011
#4099: Disable TLS Session resumption and Session IDs
----------------------------------------+-----------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone: TorBrowserBundle 2.2.x-stable
Component: Tor Browser | Version:
Keywords: MikePerryIteration20111211 | Parent:
Points: 2 | Actualpoints:
----------------------------------------+-----------------------------------
Changes (by mikeperry):
* cc: ioerror (added)
Comment:
At first glance, it looked like this was doable by calling
SSL_ConfigServerSessionIDCache() during nsNSSComponent::InitializeNSS().
However, the system appears to be written to use a default session ID
cache size if you set it to 0.
There does appear to be an SSL_NO_CACHE option that can be set with
SSL_OptionSet(), as well as an ssl_defaults that we can bang on to disable
session ID caching for each individual ssl socket.
I am going to try that and see what happens.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4099#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list