BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert.

author Emeric Brun <ebrun@exceliance.fr>

Mon, 26 Nov 2012 17:37:12 +0000 (18:37 +0100)

committer Willy Tarreau <w@1wt.eu>

Mon, 26 Nov 2012 17:43:21 +0000 (18:43 +0100)
author Emeric Brun <ebrun@exceliance.fr>
Mon, 26 Nov 2012 17:37:12 +0000 (18:37 +0100)
committer Willy Tarreau <w@1wt.eu>
Mon, 26 Nov 2012 17:43:21 +0000 (18:43 +0100)
diff --git a/include/proto/shctx.h b/include/proto/shctx.h

index 6705664d55d2cd3d7f4b7d16df6a9c8e8cafbf38..379be355f7c08230e01785c87d16440b3cee9790 100644 (file)
--- a/include/proto/shctx.h
+++ b/include/proto/shctx.h
@@ -29,6 +29,10 @@
  #define SHCTX_DEFAULT_SIZE 20000
  #endif
  
+#ifndef SHCTX_APPNAME
+#define SHCTX_APPNAME "haproxy"
+#endif
+
  #define SHSESS_MAX_ENCODED_LEN SSL_MAX_SSL_SESSION_ID_LENGTH \
                                 + SHSESS_MAX_DATA_LEN \
                                 + SHSESS_MAX_FOOTER_LEN
diff --git a/src/shctx.c b/src/shctx.c

index 0db443decb1e8dfe9d70e25ed445c84e80ae7add..3375ead6c6c9a8ec278fd75f928965f9ccb40da3 100644 (file)
--- a/src/shctx.c
+++ b/src/shctx.c
@@ -447,6 +447,9 @@ void shared_context_set_cache(SSL_CTX *ctx)
         SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
                                             SSL_SESS_CACHE_NO_INTERNAL |
                                             SSL_SESS_CACHE_NO_AUTO_CLEAR);
+
+       SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
+
         if (!shctx)
                 return;
author	Emeric Brun <ebrun@exceliance.fr>
	Mon, 26 Nov 2012 17:37:12 +0000 (18:37 +0100)
committer	Willy Tarreau <w@1wt.eu>
	Mon, 26 Nov 2012 17:43:21 +0000 (18:43 +0100)
include/proto/shctx.h		patch \| blob \| blame \| history
src/shctx.c		patch \| blob \| blame \| history