projects / haproxy-3.0.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bdd84c5) | patch
MINOR: ssl: Treat ocsp-update inconsistencies as fatal errors
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Thu, 12 Jan 2023 08:49:09 +0000 (09:49 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Thu, 12 Jan 2023 12:13:45 +0000 (13:13 +0100)
commit474f614975217a50385ba30e06e888613700ae31
tree98ab5d734ec9a7ebf1ecb3cc11089d8de31c480etree | snapshot
parentbdd84c5ffb66a772a1713668889f25ce9d3a29d0commit | diff
MINOR: ssl: Treat ocsp-update inconsistencies as fatal errors

If incompatibilities are found in a certificate's ocsp-update mode we
raised a single alert that will be considered fatal from here on. This
is changed because in case of incompatibilities we will end up with an
undefined behaviour. The ocsp response might or might not be updated
depending on the order in which the multiple ocsp-update options are
taken into account.
src/ssl_crtlist.c diff | blob | history
haproxy-3.0 public tree. Stable production code.