BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch

When calling ckchs_dup (during a "set ssl cert" CLI command), if the
modified store had OCSP auto update enabled then the new certificate
would not keep the previous update mode and would not appear in the auto
update list.

This patch can be backported to 2.8.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 94af362..de37bfb 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -793,6 +793,8 @@ struct ckch_data *ssl_sock_copy_cert_key_and_chain(struct ckch_data *src,
 
        dst->ocsp_cid = OCSP_CERTID_dup(src->ocsp_cid);
 
+       dst->ocsp_update_mode = src->ocsp_update_mode;
+
        return dst;
 
 error: