From 9ab8f8d1b6a6a6cf3277f88d2b808057de1cd0e2 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Wed, 24 Jun 2020 01:00:52 +0200 Subject: [PATCH] BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted In ticket #706 it was reported that a certificate which was added from the CLI can't be removed with 'del ssl cert' and is marked as 'Used'. The problem is that the certificate instances are not added to the created crtlist_entry, so they can't be deleted upon a 'del ssl crt-list', and the store can't never be marked 'Unused' because of this. This patch fixes the issue by adding the instances to the crtlist_entry, which is enough to fix the issue. --- src/ssl_crtlist.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c index 1d282a9f1..def0e22f6 100644 --- a/src/ssl_crtlist.c +++ b/src/ssl_crtlist.c @@ -952,6 +952,8 @@ static int cli_io_handler_add_crtlist(struct appctx *appctx) chunk_appendf(trash, "."); i++; LIST_ADDQ(&store->ckch_inst, &new_inst->by_ckchs); + LIST_ADDQ(&entry->ckch_inst, &new_inst->by_crtlist_entry); + new_inst->crtlist_entry = entry; } appctx->st2 = SETCERT_ST_INSERT; /* fallthrough */