MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.

This new global setting allows the user to change the SSL cache size in
number of sessions. It defaults to 20000.

include/types/global.h

@@ -97,6 +97,9 @@ struct global {
 		int chksize;       /* check buffer size in bytes, defaults to BUFSIZE */
 		int pipesize;      /* pipe size in bytes, system defaults if zero */
 		int max_http_hdr;  /* max number of HTTP headers, use MAX_HTTP_HDR if zero */
+#ifdef USE_OPENSSL
+		int sslcachesize;  /* SSL cache size in session, defaults to 20000 */
+#endif
 	} tune;
 	struct {
 		char *prefix;           /* path prefix of unix bind socket */

src/cfgparse.c

@@ -526,6 +526,16 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
 		}
 		global.tune.chksize = atol(args[1]);
 	}
+#ifdef USE_OPENSSL
+	else if (!strcmp(args[0], "tune.sslcachesize")) {
+		if (*(args[1]) == 0) {
+			Alert("parsing [%s:%d] : '%s' expects an integer argument.\n", file, linenum, args[0]);
+			err_code |= ERR_ALERT | ERR_FATAL;
+			goto out;
+		}
+		global.tune.sslcachesize = atol(args[1]);
+	}
+#endif
 	else if (!strcmp(args[0], "tune.bufsize")) {
 		if (*(args[1]) == 0) {
 			Alert("parsing [%s:%d] : '%s' expects an integer argument.\n", file, linenum, args[0]);
@@ -6704,7 +6714,7 @@ int check_config_validity()
 				SSL_CTX_set_options(listener->ssl_ctx.ctx, ssloptions);
 				SSL_CTX_set_mode(listener->ssl_ctx.ctx, sslmode);
 				SSL_CTX_set_verify(listener->ssl_ctx.ctx, SSL_VERIFY_NONE, NULL);
-				if (shared_context_init(0) < 0) {
+				if (shared_context_init(global.tune.sslcachesize) < 0) {
 					Alert("Unable to allocate SSL session cache.\n");
 					cfgerr++;
 					goto skip_ssl;

src/haproxy.c

@@ -125,6 +125,9 @@ struct global global = {
 		.bufsize = BUFSIZE,
 		.maxrewrite = MAXREWRITE,
 		.chksize = BUFSIZE,
+#ifdef USE_OPENSSL
+		.sslcachesize = 20000,
+#endif
 	},
 	/* others NULL OK */
 };