BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
authorChristopher Faulet <cfaulet@haproxy.com>
Tue, 31 May 2022 16:06:30 +0000 (18:06 +0200)
committerChristopher Faulet <cfaulet@haproxy.com>
Wed, 1 Jun 2022 14:28:15 +0000 (16:28 +0200)
commit1f08fa46fb5c2ec02f740b716a9674dc72a5cadc
tree6dc78aba65a30a6921a8572271af4c64b71b5d8e
parent926fefca8dba3ca7aed3ef7fccf6aa5cffe3cf05
BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified

When a CA or a CRL entry is being modified, we must take care to no delete
it because the corresponding ongoing transaction still references it. If we
do so, it leads to a null-deref and a crash may be exeperienced if changes
are commited.

This patch must be backported as far as 2.5.
src/ssl_ckch.c