mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-11-10 05:21:00 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)

Browse Source 
This bugfix is the same as the following one:
    "BUG/MINOR: ssl_ckch: Wrong OCSP CID after modifying an SSL certficate"
where the OCSP CID had to be reset when updating a certificate.

Must be backported to 2.8.
This commit is contained in:
Frédéric Lécaille 2023-12-06 11:42:42 +01:00 committed by William Lallemand
parent 75f5977ff4
commit 917f7c74d3
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/hlua.c
View File

@ -12911,6 +12911,13 @@ __LJMP static int hlua_ckch_set(lua_State *L)
goto end; goto end;
} }
/* Reset the OCSP CID */
if (cert_ext->type == CERT_TYPE_PEM || cert_ext->type == CERT_TYPE_KEY ||
cert_ext->type == CERT_TYPE_ISSUER) {
OCSP_CERTID_free(new_ckchs->data->ocsp_cid);
new_ckchs->data->ocsp_cid = NULL;
}
/* apply the change on the duplicate */ /* apply the change on the duplicate */
if (cert_ext->load(filename, payload, data, &err) != 0) { if (cert_ext->load(filename, payload, data, &err) != 0) {
memprintf(&err, "%sCan't load the payload for '%s'", err ? err : "", cert_ext->ext); memprintf(&err, "%sCan't load the payload for '%s'", err ? err : "", cert_ext->ext);