Skip to content

10.1.x: Add sni.yaml session ticket overrides (#13006)#13297

Merged
cmcfarlen merged 1 commit into
apache:10.1.xfrom
bneradt:cherry-pick-13044-10.1.x
Jun 25, 2026
Merged

10.1.x: Add sni.yaml session ticket overrides (#13006)#13297
cmcfarlen merged 1 commit into
apache:10.1.xfrom
bneradt:cherry-pick-13044-10.1.x

Conversation

@bneradt

@bneradt bneradt commented Jun 18, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Cherry-picked from #13044

Add ssl_ticket_enabled and ssl_ticket_number as sni.yaml overrides, apply them during SNI handling so they affect TLS 1.2 resumption and TLS 1.3 ticket issuance, and add unit and AuTest coverage plus docs and sample config updates.

Fixes #12953

(cherry picked from commit 8d75849)

@bneradt
Add sni.yaml session ticket overrides (apache#13006)
f8b4365 
Add ssl_ticket_enabled and ssl_ticket_number as sni.yaml overrides,
apply them during SNI handling so they affect TLS 1.2 resumption and TLS
1.3 ticket issuance, and add unit and AuTest coverage plus docs and
sample config updates.

Fixes apache#12953

(cherry picked from commit 8d75849)
(cherry picked from commit 4ed2e36)
Copilot AI review requested due to automatic review settings June 18, 2026 20:48
@bneradt bneradt added this to the 10.1.1 milestone Jun 18, 2026
@bneradt bneradt self-assigned this Jun 18, 2026
Copilot AI reviewed Jun 18, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

@bneradt bneradt added TLS Tests Documentation Backport Marked for backport for an LTS patch release labels Jun 18, 2026
@bneradt bneradt changed the title Add sni.yaml session ticket overrides (#13006) 10.1.x: Add sni.yaml session ticket overrides (#13006) Jun 18, 2026
@bneradt bneradt mentioned this pull request Jun 18, 2026
Merged
@bneradt bneradt requested a review from cmcfarlen June 18, 2026 22:54
@ezelkow1 ezelkow1 requested a review from Copilot June 22, 2026 22:23
Copilot AI reviewed Jun 22, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 2 comments.

Comment thread tests/gold_tests/tls/tls_sni_ticket.test.py
Comment on lines +176 to +180
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_out "$$session_path" -tls1_2 && '
f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | '
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && '
f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | '
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && '
Comment thread tests/gold_tests/tls/tls_sni_ticket.test.py
Comment on lines +182 to +186
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && '
f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | '
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2 && '
f'echo -e "GET / HTTP/1.1\\r\\nHost: {servername}\\r\\n\\r\\n" | '
f'openssl s_client -connect 127.0.0.1:{port} -servername {servername} -sess_in "$$session_path" -tls1_2')
@bneradt bneradt mentioned this pull request Jun 25, 2026
Merged
@bneradt bneradt modified the milestones: 10.1.1, 10.1.3 Jun 25, 2026
@cmcfarlen cmcfarlen merged commit 682c17a into apache:10.1.x Jun 25, 2026
15 checks passed
@github-project-automation github-project-automation Bot moved this to For v10.1.1 in ATS v10.1.x Jun 25, 2026
@cmcfarlen cmcfarlen moved this from For v10.1.1 to Picked v10.1.1 in ATS v10.1.x Jun 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments
@cmcfarlen cmcfarlen Awaiting requested review from cmcfarlen

Assignees

@bneradt bneradt

Labels

Backport Marked for backport for an LTS patch release Documentation Tests TLS

Projects

ATS v10.1.x
Status: Picked v10.1.1

Milestone

10.1.3

Development

Successfully merging this pull request may close these issues.

3 participants

@bneradt @cmcfarlen