From 786991e8b7a4f2da9843c5b11dcb0be7ba2c8a92 Mon Sep 17 00:00:00 2001
From: Emeric Brun <ebrun@exceliance.fr>
Date: Mon, 26 Nov 2012 18:37:12 +0100
Subject: [PATCH] BUG/MEDIUM: ssl: Fix handshake failure on session resumption
 with client cert.

Openssl session_id_context was not set on cached sessions so handshake returns an error.
---
 include/proto/shctx.h | 4 ++++
 src/shctx.c           | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/include/proto/shctx.h b/include/proto/shctx.h
index 6705664d5..379be355f 100644
--- a/include/proto/shctx.h
+++ b/include/proto/shctx.h
@@ -29,6 +29,10 @@
 #define SHCTX_DEFAULT_SIZE 20000
 #endif
 
+#ifndef SHCTX_APPNAME
+#define SHCTX_APPNAME "haproxy"
+#endif
+
 #define SHSESS_MAX_ENCODED_LEN SSL_MAX_SSL_SESSION_ID_LENGTH \
 				+ SHSESS_MAX_DATA_LEN \
 				+ SHSESS_MAX_FOOTER_LEN
diff --git a/src/shctx.c b/src/shctx.c
index 0db443dec..3375ead6c 100644
--- a/src/shctx.c
+++ b/src/shctx.c
@@ -447,6 +447,9 @@ void shared_context_set_cache(SSL_CTX *ctx)
 	SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
 	                                    SSL_SESS_CACHE_NO_INTERNAL |
 	                                    SSL_SESS_CACHE_NO_AUTO_CLEAR);
+
+	SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
+
 	if (!shctx)
 		return;