git.ipfire.org Git - thirdparty/haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Mon, 26 Feb 2024 16:53:02 +0000 (17:53 +0100)
committer	William Lallemand <wlallemand@haproxy.com>
	Mon, 26 Feb 2024 17:04:25 +0000 (18:04 +0100)
commit	4895fdac5a1da1b4d554791780ed1fb522b1a5cd
tree	f7b798f92dc2b4587a62c97cac76ed630f839cad	tree
parent	19559d44475b32cf24e85489ba31057c6fb6c963	commit \| diff

BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI

This patch reverts 2 fixes that were made in an attempt to fix the
ocsp-update feature used with the 'commit ssl cert' command.

The patches crash the worker when doing a soft-stop when the 'set ssl
ocsp-response' command was used, or during runtime if the ocsp-update
was used.

This was reported in issue #2462 and #2442.

The last patch reverted is the associated reg-test.

Revert "BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing"
This reverts commit 5e66bf26ecbf6439fafc8ef8857abe22e0874f4d.

Revert "BUG/MEDIUM: ocsp: Separate refcount per instance and per store"
This reverts commit 04b77f84d1b52185fc64735d7d81137479d68b00.

Revert "REGTESTS: ssl: Add OCSP related tests"
This reverts commit acd1b85d3442fc58164bd0fb96e72f3d4b501d15.

include/haproxy/ssl_ocsp-t.h		diff \| blob \| blame \| history
include/haproxy/ssl_ocsp.h		diff \| blob \| blame \| history
reg-tests/ssl/ocsp_auto_update.vtc		diff \| blob \| blame \| history
reg-tests/ssl/ocsp_update/multicert_both_certs.crt-list	[deleted file]	blob \| blame \| history
src/ssl_ckch.c		diff \| blob \| blame \| history
src/ssl_ocsp.c		diff \| blob \| blame \| history
src/ssl_sock.c		diff \| blob \| blame \| history