From 04af1c692c24e260bd75163d9e52be367c5ab5c4 Mon Sep 17 00:00:00 2001
From: Ruslan Drozhdzh <30860269+rdrozhdzh@users.noreply.github.com>
Date: Tue, 8 Sep 2020 16:36:06 +0300
Subject: [PATCH] plugin/forward: init ClientSessionCache in tls.Config (#4108)

* plugin/forward: init ClientSessionCache in tls.Config

 - ClientSessionCache may speed up a TLS handshake in upcoming connections
   to the same TLS server

Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>

* add comment

Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>
---
 plugin/forward/setup.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/plugin/forward/setup.go b/plugin/forward/setup.go
index fff6ce33f..0c2455dfe 100644
--- a/plugin/forward/setup.go
+++ b/plugin/forward/setup.go
@@ -1,6 +1,7 @@
 package forward
 
 import (
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"strconv"
@@ -117,6 +118,11 @@ func parseStanza(c *caddy.Controller) (*Forward, error) {
 	if f.tlsServerName != "" {
 		f.tlsConfig.ServerName = f.tlsServerName
 	}
+
+	// Initialize ClientSessionCache in tls.Config. This may speed up a TLS handshake
+	// in upcoming connections to the same TLS server.
+	f.tlsConfig.ClientSessionCache = tls.NewLRUClientSessionCache(len(f.proxies))
+
 	for i := range f.proxies {
 		// Only set this for proxies that need it.
 		if transports[i] == transport.TLS {