mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2026-01-25 12:01:10 +01:00
4cf0d3f1e8
The certificate chain that gets passed in the SSL_CTX through SSL_CTX_set1_chain has its reference counter increased by OpenSSL itself. But since the ssl_sock_load_cert_chain function might create a brand new certificate chain if none exists in the ckch_data (sk_X509_new_null), then we ended up returning a new certificate chain to the caller that was never destroyed. This patch can be backported to all stable branches but it might need to be reworked for branches older than 2.4 because of commit ec805a32b9 that refactorized the modified code.
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)