Merge branch 'main' into client-pod-attributes

clusterlink-net · Jul 16, 2024 · ef96048 · ef96048
2 parents 7f0e384 + d2506e4
commit ef96048
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 6 deletions.
diff --git a/pkg/dataplane/server/dataplane.go b/pkg/dataplane/server/dataplane.go
@@ -237,8 +237,9 @@ func NewDataplane(
 		listeners:      make(map[string]*listener.Listener),
 		listenerEnd:    make(map[string]chan bool),
 		tlsConfig: &tls.Config{
-			MinVersion: tls.VersionTLS12,
-			ClientAuth: tls.RequireAndVerifyClientCert,
+			MinVersion:         tls.VersionTLS12,
+			ClientAuth:         tls.RequireAndVerifyClientCert,
+			ClientSessionCache: tls.NewLRUClientSessionCache(64),
 		},
 		logger: logger,
 	}

diff --git a/pkg/util/tls/util.go b/pkg/util/tls/util.go
@@ -102,10 +102,11 @@ func (c *ParsedCertData) ServerConfig() *tls.Config {
 // ClientConfig return a TLS configuration for a client.
 func (c *ParsedCertData) ClientConfig(sni string) *tls.Config {
 	return &tls.Config{
-		MinVersion:   tls.VersionTLS12,
-		Certificates: []tls.Certificate{c.certificate},
-		RootCAs:      c.ca,
-		ServerName:   sni,
+		MinVersion:         tls.VersionTLS12,
+		ClientSessionCache: tls.NewLRUClientSessionCache(64),
+		Certificates:       []tls.Certificate{c.certificate},
+		RootCAs:            c.ca,
+		ServerName:         sni,
 	}
 }