]> git.kaiwu.me - haproxy.git/commit
projects / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3bb4617) | patch
BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
authorNenad Merdanovic <nmerdan@anine.io>
Fri, 25 Mar 2016 21:16:57 +0000 (22:16 +0100)
committerWilly Tarreau <w@1wt.eu>
Tue, 29 Mar 2016 14:03:37 +0000 (16:03 +0200)
commit1789115a52e5c512746717aacd71346a1e328ad5
tree9f60af3f055edd2b49bc3a5a735f2a97147d391etree | snapshot
parent3bb46177aca45f1b14f11c49683ab297d7f6f660commit | diff
BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present

Olivier Doucet reported the issue on the ML and tested that when using
more than TLS_TICKETS_NO keys in the file, the CPU usage is much higeher
than expected.

Lukas Tribus then provided a test case which showed that resumption doesn't
work at all in that case.

This fix needs to be backported to 1.6.

Signed-off-by: Nenad Merdanovic <nmerdan@anine.io>
src/ssl_sock.c diff | blob | history
haproxy upstream