MEDIUM: Add support for updating TLS ticket keys via socket
Until now, HAproxy needed to be restarted to change the TLS ticket
keys. With this patch, the TLS keys can be updated on a per-file
basis using the admin socket. Two new socket commands have been
introduced: "show tls-keys" and "set ssl tls-keys".
Signed-off-by: Nenad Merdanovic <nmerdan@anine.io>
diff --git a/include/types/applet.h b/include/types/applet.h
index c2db0ec..5efeea5 100644
--- a/include/types/applet.h
+++ b/include/types/applet.h
@@ -99,6 +99,11 @@
struct pattern_expr *expr;
struct chunk chunk;
} map;
+#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
+ struct {
+ struct tls_keys_ref *ref;
+ } tlskeys;
+#endif
struct {
int connected;
struct hlua_socket *socket;