commit 40ddea8222fdee9852927846ef2bc67d910ea359
author Remi Tricot-Le Breton <rlebreton@haproxy.com> Tue Apr 13 16:07:29 2021 +0200
committer William Lallemand <wlallemand@haproxy.org> Mon May 17 10:50:24 2021 +0200
tree 5906b30e1c8fc087dc832d77c57f7a4a9d97e883
parent 4458b9732d97d30aeb83fe02b6b767b1fc689a38

MINOR: ssl: Add reference to default ckch instance in bind_conf

In order for the link between the cafile_entry and the default ckch
instance to be built, we need to give a pointer to the instance during
the ssl_sock_prepare_ctx call.

src/ssl_sock.c

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 8f9f535..c7e1005 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2933,6 +2933,7 @@
 		SSL_CTX_free(bind_conf->default_ctx);
 		SSL_CTX_up_ref(ckch_inst->ctx);
 		bind_conf->default_ctx = ckch_inst->ctx;
+		bind_conf->default_inst = ckch_inst;
 	}
 }
 
@@ -3368,6 +3369,7 @@
 		bind_conf->default_ssl_conf = ssl_conf;
 		ckch_inst->is_default = 1;
 		SSL_CTX_up_ref(ctx);
+		bind_conf->default_inst = ckch_inst;
 	}
 
 	/* Always keep a reference to the newly constructed SSL_CTX in the
@@ -4903,7 +4905,7 @@
 		errcode |= ssl_sock_prep_ctx_and_inst(bind_conf, NULL, bind_conf->initial_ctx, NULL, &errmsg);
 	}
 	if (bind_conf->default_ctx) {
-		errcode |= ssl_sock_prep_ctx_and_inst(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx, NULL, &errmsg);
+		errcode |= ssl_sock_prep_ctx_and_inst(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx, bind_conf->default_inst, &errmsg);
 	}
 
 	node = ebmb_first(&bind_conf->sni_ctx);
@@ -5054,6 +5056,7 @@
 	bind_conf->initial_ctx = NULL;
 	SSL_CTX_free(bind_conf->default_ctx);
 	bind_conf->default_ctx = NULL;
+	bind_conf->default_inst = NULL;
 	bind_conf->default_ssl_conf = NULL;
 }