From 8ef706502aa2000531d36e4ac56dbdc7c30f718d Mon Sep 17 00:00:00 2001 From: Nenad Merdanovic Date: Sun, 14 Apr 2019 16:06:46 +0200 Subject: [PATCH] BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation Whenever HAProxy was reloaded with rotated keys, the resumption would be broken for previous encryption key. The bug was introduced with the addition of 80 byte keys in 9e7547 (MINOR: ssl: add support of aes256 bits ticket keys on file and cli.). This fix needs to be backported to 1.9. --- include/types/ssl_sock.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/types/ssl_sock.h b/include/types/ssl_sock.h index a2fff77f6..20b08a5c4 100644 --- a/include/types/ssl_sock.h +++ b/include/types/ssl_sock.h @@ -63,7 +63,7 @@ struct tls_sess_key_256 { union tls_sess_key{ unsigned char name[16]; - struct tls_sess_key_256 key_128; + struct tls_sess_key_128 key_128; struct tls_sess_key_256 key_256; } __attribute__((packed));