MINOR: ssl/cli: flush the server session cache upon 'commit ssl cert' Flush the SSL session cache when updating a certificate which is used on a server line. This prevent connections to be established with a cached session which was using the previous SSL_CTX. This patch also replace the ha_barrier with a thread_isolate() since there are more operations to do. The reg-test was also updated to remove the 'no-ssl-reuse' keyword which is now uneeded.

commit: e0de0a6b326ac17624c597a63c3b3c5a35faab54 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.org> Wed Feb 03 18:51:01 2021 +0100
committer: William Lallemand <wlallemand@haproxy.org> Wed Feb 03 18:51:01 2021 +0100
tree: 80f5befcaf0f1a293278fdbe748481793d8646fa
parent: 377d8786a79dad763ccdd40afbd52dccff9c9980 [diff] [blame]
diff --git a/reg-tests/ssl/set_ssl_server_cert.vtc b/reg-tests/ssl/set_ssl_server_cert.vtc
index 412e9f0..ccf7887 100644
--- a/reg-tests/ssl/set_ssl_server_cert.vtc
+++ b/reg-tests/ssl/set_ssl_server_cert.vtc

@@ -34,7 +34,7 @@
     listen clear-lst
         bind "fd@${clearlst}"
         retries 0 # 2nd SSL connection must fail so skip the retry
-        server s1 "${tmpdir}/ssl.sock" ssl verify none crt ${testdir}/client1.pem no-ssl-reuse
+        server s1 "${tmpdir}/ssl.sock" ssl verify none crt ${testdir}/client1.pem
 
     listen ssl-lst
         # crt: certificate of the server
commit	e0de0a6b326ac17624c597a63c3b3c5a35faab54	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.org>	Wed Feb 03 18:51:01 2021 +0100
committer	William Lallemand <wlallemand@haproxy.org>	Wed Feb 03 18:51:01 2021 +0100
tree	80f5befcaf0f1a293278fdbe748481793d8646fa
parent	377d8786a79dad763ccdd40afbd52dccff9c9980 [diff] [blame]