BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified When a CA or a CRL entry is being modified, we must take care to no delete it because the corresponding ongoing transaction still references it. If we do so, it leads to a null-deref and a crash may be exeperienced if changes are commited. This patch must be backported as far as 2.5.

commit: 1f08fa46fb5c2ec02f740b716a9674dc72a5cadc [log] [tgz]
author: Christopher Faulet <cfaulet@haproxy.com> Tue May 31 18:06:30 2022 +0200
committer: Christopher Faulet <cfaulet@haproxy.com> Wed Jun 01 16:28:15 2022 +0200
tree: 6dc78aba65a30a6921a8572271af4c64b71b5d8e
parent: 926fefca8dba3ca7aed3ef7fccf6aa5cffe3cf05 [diff] [blame]
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 0ed81d6..ad84eea 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c

@@ -3252,6 +3252,11 @@
 
 	filename = args[3];
 
+	if (cafile_transaction.path && strcmp(cafile_transaction.path, filename) == 0) {
+		memprintf(&err, "ongoing transaction for the CA file '%s'", filename);
+		goto error;
+	}
+
 	cafile_entry = ssl_store_get_cafile_entry(filename, 0);
 	if (!cafile_entry) {
 		memprintf(&err, "CA file '%s' doesn't exist!\n", filename);
@@ -3524,6 +3529,11 @@
 
 	filename = args[3];
 
+	if (crlfile_transaction.path && strcmp(crlfile_transaction.path, filename) == 0) {
+		memprintf(&err, "ongoing transaction for the CRL file '%s'", filename);
+		goto error;
+	}
+
 	cafile_entry = ssl_store_get_cafile_entry(filename, 0);
 	if (!cafile_entry) {
 		memprintf(&err, "CRL file '%s' doesn't exist!\n", filename);
commit	1f08fa46fb5c2ec02f740b716a9674dc72a5cadc	[log] [tgz]
author	Christopher Faulet <cfaulet@haproxy.com>	Tue May 31 18:06:30 2022 +0200
committer	Christopher Faulet <cfaulet@haproxy.com>	Wed Jun 01 16:28:15 2022 +0200
tree	6dc78aba65a30a6921a8572271af4c64b71b5d8e
parent	926fefca8dba3ca7aed3ef7fccf6aa5cffe3cf05 [diff] [blame]