projects / haproxy-2.1.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7ad6548) | patch
BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
authorWilliam Lallemand <wlallemand@haproxy.com>
Fri, 7 Feb 2020 19:45:24 +0000 (20:45 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Fri, 7 Feb 2020 20:01:20 +0000 (21:01 +0100)
commit23fb0371b699ca8d213edcd59faf08ea16315908
tree88c929cca44ca4d9d3749e6c8dabf1178888a54ftree | snapshot
parent7ad65480d13d378321c432e6f623344200c3ee9acommit | diff
BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init

The code which is supposed to apply the bind_conf configuration on the
SSL_CTX was not called correctly. Indeed it was called with the previous
SSL_CTX so the new ones were left with default settings. For example the
ciphers were not changed.

This patch fixes #429.

Must be backported in 2.1.

(cherry picked from commit 696f317f13151e4427e3f9a8b560730ed6a7bb40)
Signed-off-by: William Lallemand <wlallemand@haproxy.org>
src/ssl_sock.c diff | blob | history
haproxy-2.1 public tree. Stable production code.