Github user persiaAziz commented on a diff in the pull request:
https://github.com/apache/trafficserver/pull/942#discussion_r76885786
--- Diff: iocore/net/SSLUtils.cc ---
@@ -2018,11 +2047,17 @@ SSLParseCertificateConfiguration(const
SSLConfigParams *params, SSLCertLookup *l
char *tok_state = NULL;
char *line = NULL;
ats_scoped_str file_buf;
+ ats_scoped_str ticket_key_filename;
unsigned line_num = 0;
matcher_line line_info;
const matcher_tags sslCertTags = {NULL, NULL, NULL, NULL, NULL, NULL,
false};
+ // load the global ticket key for later use
+ REC_ReadConfigStringAlloc(ticket_key_filename,
"proxy.config.ssl.server.ticket_key.filename");
+ ats_scoped_str
ticket_key_path(Layout::relative_to(params->serverCertPathOnly,
ticket_key_filename));
+ global_default_keyblock = ssl_create_ticket_keyblock(ticket_key_path);
// this function just returns a keyblock
--- End diff --
hmm.. I have a checking for the file path, if the file path is null, then a
random key will be generated. I guess we could do the same for invalid files
too?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
