From 453a01387be1304d9d89e597dd915cf1501da14b Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Wed, 25 Mar 2026 11:54:09 +0100 Subject: [PATCH] BUG/MEDIUM: ssl/cli: tls-keys commands are missing permission checks Both 'set ssl tls-key' and 'show tls-keys' command are missing the permission checks so the commands can be used only in admin mode. Must be backported to 3.3. This can be a breaking change for some users. Initially reported by Cameron Brown. --- src/ssl_sock.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 41619bef5..23ad58cbe 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -8086,8 +8086,8 @@ static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *app { struct show_keys_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx)); - if ((appctx->cli_ctx.level & ACCESS_LVL_MASK) < ACCESS_LVL_ADMIN) - ha_warning("'%s %s' accessed without admin rights, this won't be supported anymore starting from haproxy 3.3\n", args[0], args[1]); + if (!cli_has_level(appctx, ACCESS_LVL_ADMIN)) + return 1; /* no parameter, shows only file list */ if (!*args[2]) { @@ -8113,8 +8113,8 @@ static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appc struct tls_keys_ref *ref; int ret; - if ((appctx->cli_ctx.level & ACCESS_LVL_MASK) < ACCESS_LVL_ADMIN) - ha_warning("'%s %s %s' accessed without admin rights, this won't be supported anymore starting from haproxy 3.3\n", args[0], args[1], args[2]); + if (!cli_has_level(appctx, ACCESS_LVL_ADMIN)) + return 1; /* Expect two parameters: the filename and the new new TLS key in encoding */ if (!*args[3] || !*args[4])