MINOR: SSL: Store the ASN1 representation of client sessions. Instead of storing the SSL_SESSION pointer directly in the struct server, store the ASN1 representation, otherwise, session resumption is broken with TLS 1.3, when multiple outgoing connections want to use the same session.

commit: e6060c5d877e78cfab04cca4f603340540206994 [log] [tgz]
author: Olivier Houchard <ohouchard@haproxy.com> Thu Nov 16 17:42:52 2017 +0100
committer: Willy Tarreau <w@1wt.eu> Thu Nov 16 19:03:32 2017 +0100
tree: 9919cac0748f87613f458a68516e2504dad02e0f
parent: f02050662b1699a3c107a3275bc624104df98a49 [diff] [blame]
diff --git a/include/types/server.h b/include/types/server.h
index adedca4..d22f05a 100644
--- a/include/types/server.h
+++ b/include/types/server.h

@@ -274,7 +274,11 @@
 	char *sni_expr;             /* Temporary variable to store a sample expression for SNI */
 	struct {
 		SSL_CTX *ctx;
-		SSL_SESSION **reused_sess;
+		struct {
+			unsigned char *ptr;
+			int size;
+			int allocated_size;
+		} * reused_sess;
 		char *ciphers;			/* cipher suite to use if non-null */
 		int options;			/* ssl options */
 		struct tls_version_filter methods;	/* ssl methods */
commit	e6060c5d877e78cfab04cca4f603340540206994	[log] [tgz]
author	Olivier Houchard <ohouchard@haproxy.com>	Thu Nov 16 17:42:52 2017 +0100
committer	Willy Tarreau <w@1wt.eu>	Thu Nov 16 19:03:32 2017 +0100
tree	9919cac0748f87613f458a68516e2504dad02e0f
parent	f02050662b1699a3c107a3275bc624104df98a49 [diff] [blame]