mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-08-06 15:17:01 +02:00
8218aed90e
The default SSL_CTX used by a specific frontend is the one of the first ckch instance created for this frontend. If this instance has SNIs, then the SSL context is linked to the instance through the list of SNIs contained in it. If the instance does not have any SNIs though, then the SSL_CTX is only referenced by the bind_conf structure and the instance itself has no link to it. When trying to update a certificate used by the default instance through a cli command, a new version of the default instance was rebuilt but the default SSL context referenced in the bind_conf structure would not be changed, resulting in a buggy behavior in which depending on the SNI used by the client, he could either use the new version of the updated certificate or the original one. This patch adds a reference to the default SSL context in the default ckch instances so that it can be hot swapped during a certificate update. This should fix GitHub issue #1143. It can be backported as far as 2.2. |
||
|---|---|---|
| .github | ||
| contrib | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| BRANCHES | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| ROADMAP | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)