Check privkey and tag to allow session resumption

diff --git a/cbs-srv.py b/cbs-srv.py
index 2a0fd2e9b3c41e968ddb8277b4ee0774a2745b25..be2bb15baa16851dde3ee2562ed17ce185d80e04 100755 (executable)
--- a/cbs-srv.py
+++ b/cbs-srv.py
@@ -207,8 +207,12 @@ def main():
     # Set up the TLS server that blindly accepts all client certs.
     ctxt = SSL.Context(SSL.TLS_SERVER_METHOD)
     ctxt.set_verify(SSL.VERIFY_PEER, accept_client_cert)
+    ctxt.set_session_cache_mode(SSL.SESS_CACHE_SERVER)
+    ctxt.set_session_id(b'CornedBeefSandwich')
+
     ctxt.use_certificate_file(conf['cert'])
     ctxt.use_privatekey_file(conf['pkey'])
+    ctxt.check_privatekey()
 
     with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
         sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)