git.ipfire.org Git - thirdparty/haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Tue, 7 May 2024 07:20:06 +0000 (09:20 +0200)
committer	William Lallemand <wlallemand@haproxy.com>
	Fri, 17 May 2024 15:35:51 +0000 (17:35 +0200)
commit	1bc6e990f2dae7e573a193e96ccb84f16ca854d7
tree	fae7449f4f90dd92502fd5db6fb4253d98bd8247	tree
parent	2bcf38c7c844aa745c4603d37f8c94abc7572460	commit \| diff

MEDIUM: ssl/cli: handle crt-store keywords in crt-list over the CLI

This patch adds crt-store keywords from the crt-list on the CLI.

- keywords from crt-store can be used over the CLI when inserting
certificate in a crt-list
- keywords from crt-store are dumped when showing a crt-list content
over the CLI

The ckch_conf_kws.func function pointer needed a new "cli" parameter, in
order to differenciate loading that come from the CLI or from the
startup, as they don't behave the same. For example it must not try to
load a file on the filesystem when loading a crt-list line from the CLI.

dump_crtlist_sslconf() was renamed in dump_crtlist_conf() and takes a
new ckch_conf parameter in order to dump relevant crt-store keywords.

include/haproxy/ssl_ckch-t.h		diff \| blob \| blame \| history
include/haproxy/ssl_ckch.h		diff \| blob \| blame \| history
include/haproxy/ssl_ocsp.h		diff \| blob \| blame \| history
src/ssl_ckch.c		diff \| blob \| blame \| history
src/ssl_crtlist.c		diff \| blob \| blame \| history
src/ssl_ocsp.c		diff \| blob \| blame \| history