BUG/MINOR: ssl/cli: "show ssl crt-list" lacks client-sigals

b6ae2aafde43 ("MINOR: ssl: allow to change the signature algorithm for
client authentication") implemented the client-sigals keyword in the
crt-list but never the dump of the keyword over the CLI.

Must be backported as far as 2.8.

(cherry picked from commit 037d2e5498917d2323a9ad748b9d97aaa688f351)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit d114a5cf61696bf0f3dde91bdf5b9cc1f80c6256)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>

diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index 71fa0a0..c90e371 100644 (file)
--- a/src/ssl_crtlist.c
+++ b/src/ssl_crtlist.c
@@ -955,6 +955,12 @@ static void dump_crtlist_conf(struct buffer *buf, const struct ssl_bind_conf *co
                space++;
        }
 
+       if (conf->client_sigalgs) {
+               if (space) chunk_appendf(buf, " ");
+               chunk_appendf(buf, "client-sigalgs %s", conf->client_sigalgs);
+               space++;
+       }
+
        /* the crt-lists only support ssl-min-ver and ssl-max-ver */
        if (conf->ssl_methods_cfg.min) {
                if (space) chunk_appendf(buf, " ");