BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch

When calling ckchs_dup (during a "set ssl cert" CLI command), if the
modified store had OCSP auto update enabled then the new certificate
would not keep the previous update mode and would not appear in the auto
update list.

This patch can be backported to 2.8.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 94af3621b0425eccfc09924be352e8e52d14a183..de37bfb95549dd93063d8cc7ab115c74422678c3 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -793,6 +793,8 @@ struct ckch_data *ssl_sock_copy_cert_key_and_chain(struct ckch_data *src,
 
        dst->ocsp_cid = OCSP_CERTID_dup(src->ocsp_cid);
 
+       dst->ocsp_update_mode = src->ocsp_update_mode;
+
        return dst;
 
 error: