BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
When loaded CA files are displayed via "show ssl ca-file" command, the
in-progress transaction, if any, is also displayed. However, if the command
yield, the transaction is re-displayed again and again.
To fix the issue, old_cafile_entry field is used to remember the transaction
was already displayed.
This patch must be backported as far as 2.5.
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 5a08bc7..88f8ad0 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -3118,13 +3118,13 @@
if (trash == NULL)
return 1;
- if (!ctx->old_cafile_entry) {
- if (cafile_transaction.old_cafile_entry) {
- chunk_appendf(trash, "# transaction\n");
- chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path);
-
- chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry));
- }
+ if (!ctx->old_cafile_entry && cafile_transaction.old_cafile_entry) {
+ chunk_appendf(trash, "# transaction\n");
+ chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path);
+ chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry));
+ if (applet_putchk(appctx, trash) == -1)
+ goto yield;
+ ctx->old_cafile_entry = cafile_transaction.new_cafile_entry;
}
/* First time in this io_handler. */