projects / haproxy-3.0.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 97c2734) | patch
BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Mon, 25 Mar 2024 15:50:24 +0000 (16:50 +0100)
committerWilliam Lallemand <wlallemand@haproxy.com>
Wed, 27 Mar 2024 10:38:28 +0000 (11:38 +0100)
commitb1d623949c3b60ccb41c18d44c874d183dda2ca4
treeb9ec2feeca2711bb4da0a73ae0a58cf85d6c92batree | snapshot
parent97c2734f44fa89d59a61f66955966f9381b4ae8bcommit | diff
BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities

The inconsistencies in 'ocsp-update' parameter were only checked when
parsing a crt-list line so if a certificate was used on a bind line
after being used in a crt-list with 'ocsp-update' set to 'on', then no
error would be raised. This patch helps detect such inconsistencies.

This patch can be backported up to branch 2.8.
src/ssl_sock.c diff | blob | history
haproxy-3.0 public tree. Stable production code.