BUG/MINOR: cli: restore "set ssl tls-key" command

in 32af203b75 ("REORG: cli: move ssl CLI functions to ssl_sock.c")
"set ssl tls-key" was accidentally replaced with "set ssl tls-keys"
(keys instead of key). This is undocumented and breaks upgrades from
1.6 to 1.7.

This patch restores "set ssl tls-key" and also registers a helptext.

This should be backported to 1.7.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2f16d2871059ed9b3796c7f435a6cc62e94f6097..45bb906b808adad92f9c9014795f5217226594f8 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7906,6 +7906,7 @@ static int cli_parse_set_ocspresponse(char **args, struct appctx *appctx, void *
 static struct cli_kw_list cli_kws = {{ },{
 #if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
        { { "show", "tls-keys", NULL }, "show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified", cli_parse_show_tlskeys, NULL },
+       { { "set", "ssl", "tls-key", NULL }, "set ssl tls-key [id|keyfile] <tlskey>: set the next TLS key for the <id> or <keyfile> listener to <tlskey>", cli_parse_set_tlskeys, NULL },
        { { "set", "ssl", "tls-keys", NULL }, NULL, cli_parse_set_tlskeys, NULL },
 #endif
        { { "set", "ssl", "ocsp-response", NULL }, NULL, cli_parse_set_ocspresponse, NULL },