Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 15dc0e2a1cf2d5f637c5ec92100104a4d6782601
commit15dc0e2a1cf2d5f637c5ec92100104a4d6782601[log] [tgz]
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>Mon Jan 09 12:02:41 2023 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Mon Jan 09 15:43:41 2023 +0100
tree08a2be80ad17596f93a3fdf225359fba259fd885
parent2fb47afb1c1b908b805cb089fa2000afcabf872e [diff]
BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command

This CLI command crashed when called for a certificate which did not
have an OCSP response during startup because it assumed that the
ocsp_issuer pointer of the ckch_data object would be valid. It was only
true for already known OCSP responses though.
The ocsp issuer certificate is now taken either from the ocsp_issuer
pointer or looked for in the certificate chain. This is the same logic
as the one in ssl_sock_load_ocsp.

This patch does not need to be backported.
1 file changed
tree: 08a2be80ad17596f93a3fdf225359fba259fd885
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .mailmap
  16. .travis.yml
  17. BRANCHES
  18. CHANGELOG
  19. CONTRIBUTING
  20. INSTALL
  21. LICENSE
  22. MAINTAINERS
  23. Makefile
  24. README
  25. SUBVERS
  26. VERDATE
  27. VERSION