On Thu, Nov 16, 2017 at 06:33:35PM +0100, Olivier Houchard wrote: > Hi, > > The first patch attempts fo fix session resumption with TLS 1.3, when > haproxy acts as a client, by storing the ASN1-encoded session in the struct > server, instead of storing the SSL_SESSION *directly. Directly keeping > SSL_SESSION doesn't seem to work well when concurrent connections are made > using the same session. > The second patch tries to make sure the SSL handshake is done before calling > the shutw method. Not doing so may be result in getting errors, which > ultimately leads to the client connection being closed, when it shouldn't be. > This mostly happens when more than 1 thread is used.
Merged, thanks! Willy
