Skip to content

Commit

Permalink
Merge pull request #672 from orozery/tls-session-cache
Browse files Browse the repository at this point in the history
Cache TLS sessions
  • Loading branch information
orozery authored Jul 11, 2024
2 parents 4653671 + ad4d833 commit d2506e4
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 6 deletions.
5 changes: 3 additions & 2 deletions pkg/dataplane/server/dataplane.go
Original file line number Diff line number Diff line change
Expand Up @@ -237,8 +237,9 @@ func NewDataplane(
listeners: make(map[string]*listener.Listener),
listenerEnd: make(map[string]chan bool),
tlsConfig: &tls.Config{
MinVersion: tls.VersionTLS12,
ClientAuth: tls.RequireAndVerifyClientCert,
MinVersion: tls.VersionTLS12,
ClientAuth: tls.RequireAndVerifyClientCert,
ClientSessionCache: tls.NewLRUClientSessionCache(64),
},
logger: logger,
}
Expand Down
9 changes: 5 additions & 4 deletions pkg/util/tls/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,10 +102,11 @@ func (c *ParsedCertData) ServerConfig() *tls.Config {
// ClientConfig return a TLS configuration for a client.
func (c *ParsedCertData) ClientConfig(sni string) *tls.Config {
return &tls.Config{
MinVersion: tls.VersionTLS12,
Certificates: []tls.Certificate{c.certificate},
RootCAs: c.ca,
ServerName: sni,
MinVersion: tls.VersionTLS12,
ClientSessionCache: tls.NewLRUClientSessionCache(64),
Certificates: []tls.Certificate{c.certificate},
RootCAs: c.ca,
ServerName: sni,
}
}

Expand Down

0 comments on commit d2506e4

Please sign in to comment.