]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0bf9d12) | patch
MEDIUM: ssl: does not use default_ctx for 'generate-certificate' option
authorWilliam Lallemand <wlallemand@haproxy.com>
Thu, 11 Jan 2024 14:10:33 +0000 (15:10 +0100)
committerWilliam Lallemand <wlallemand@haproxy.com>
Fri, 12 Jan 2024 16:40:42 +0000 (17:40 +0100)
commitb80635a7e06afd30d7ba969e76edb46d9ae5aef7
treed34a7909b850a0a8600f29b392d0ea817737d654tree
parent0bf9d122a901aced2d550ba4ee5d6242c85ff75dcommit | diff
MEDIUM: ssl: does not use default_ctx for 'generate-certificate' option

The 'generate-certificates' option does not need its dedicated SSL_CTX
*, it only needs the default SSL_CTX.

Use the default SSL_CTX found in the sni_ctx to generate certificates.

It allows to remove all the specific default_ctx initialization, as
well as the default_ssl_conf and 'default_inst'.
include/haproxy/listener-t.h diff | blob | blame | history
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git