BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation

Whenever HAProxy was reloaded with rotated keys, the resumption would be
broken for previous encryption key. The bug was introduced with the addition
of 80 byte keys in 9e7547 (MINOR: ssl: add support of aes256 bits ticket keys
on file and cli.).

This fix needs to be backported to 1.9.

diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h
index a2fff77f65f4db5406f36fba2d0fc48580854274..20b08a5c422d421d57994a05e534ca6e75e0f871 100644 (file)
--- a/include/types/ssl_sock.h
+++ b/include/types/ssl_sock.h
@@ -63,7 +63,7 @@ struct tls_sess_key_256 {
 
 union tls_sess_key{
        unsigned char name[16];
-       struct tls_sess_key_256 key_128;
+       struct tls_sess_key_128 key_128;
        struct tls_sess_key_256 key_256;
 } __attribute__((packed));