projects / haproxy-2.5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 040b119) | patch
BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
authorWilliam Lallemand <wlallemand@haproxy.org>
Mon, 1 Feb 2021 14:31:00 +0000 (15:31 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Mon, 1 Feb 2021 16:58:21 +0000 (17:58 +0100)
commit8695ce0bae21238eba660438c819797a245be71e
tree26a0095925c22b4ebd03b4e1a21b79a25b02d21dtree | snapshot
parent040b1195f70d6a24204ede081451fd1dd71e6a34commit | diff
BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store

The "abort ssl cert" command is buggy and removes the current ckch store,
and instances, leading to SNI removal. It must only removes the new one.

This patch also adds a check in set_ssl_cert.vtc and
set_ssl_server_cert.vtc.

Must be backported as far as 2.2.
reg-tests/ssl/set_ssl_cert.vtc diff | blob | history
reg-tests/ssl/set_ssl_server_cert.vtc diff | blob | history
src/ssl_ckch.c diff | blob | history
haproxy-2.5 public tree. Stable production code.