projects / haproxy-3.1.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 456c399) | patch
MINOR: ssl: disable server side default CRL check with WolfSSL
authorDamien Claisse <d.claisse@criteo.com>
Tue, 8 Oct 2024 13:32:49 +0000 (13:32 +0000)
committerWilliam Lallemand <wlallemand@haproxy.com>
Thu, 10 Oct 2024 07:31:19 +0000 (09:31 +0200)
commitba7c03c18ef9d6a5cdf7cf9a6f2840723b5e2e59
tree62fb4c9d903e96930694936662a81552af85e5d1tree | snapshot
parent456c3997b203ab12306e9010ffb5507c905970e0commit | diff
MINOR: ssl: disable server side default CRL check with WolfSSL

Patch 64a77e3ea5 disabled CRL check when no CRL file was provided, but
it only did it on bind side. Add the same fix in server context
initialization side.
This allows to enable peer verification (verify required) on a server
using TLS, without having to provide a CRL file.
src/ssl_sock.c diff | blob | history
haproxy-3.1 public tree. Stable production code.