From c61c0b371bebe0619cf4628b60b7c79d19e97269 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Mon, 4 Dec 2017 18:46:39 +0100
Subject: [PATCH] BUG/MINOR: ssl: support tune.ssl.cachesize 0 again

Since the split of the shctx and the ssl cache, we lost the ability to
disable the cache with tune.ssl.cachesize 0.

Worst than that, when using this configuration, haproxy segfaults during
the configuration parsing.

Must be backported to 1.8.
---
 src/ssl_sock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index da1aecbcc..4741be11c 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4705,7 +4705,7 @@ int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
 			return -1;
 		}
 	}
-	if (!ssl_shctx) {
+	if (!ssl_shctx && global.tune.sslcachesize) {
 		alloc_ctx = shctx_init(&ssl_shctx, global.tune.sslcachesize,
 		                       sizeof(struct sh_ssl_sess_hdr) + SHSESS_BLOCK_MIN_SIZE,
 		                       sizeof(*sh_ssl_sess_tree),