From: William Lallemand Date: Tue, 23 Jun 2020 23:00:52 +0000 (+0200) Subject: BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted X-Git-Tag: v2.2-dev11~32 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9ab8f8d1b6a6a6cf3277f88d2b808057de1cd0e2;p=thirdparty%2Fhaproxy.git BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted In ticket #706 it was reported that a certificate which was added from the CLI can't be removed with 'del ssl cert' and is marked as 'Used'. The problem is that the certificate instances are not added to the created crtlist_entry, so they can't be deleted upon a 'del ssl crt-list', and the store can't never be marked 'Unused' because of this. This patch fixes the issue by adding the instances to the crtlist_entry, which is enough to fix the issue. --- diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c index 1d282a9f14..def0e22f6d 100644 --- a/src/ssl_crtlist.c +++ b/src/ssl_crtlist.c @@ -952,6 +952,8 @@ static int cli_io_handler_add_crtlist(struct appctx *appctx) chunk_appendf(trash, "."); i++; LIST_ADDQ(&store->ckch_inst, &new_inst->by_ckchs); + LIST_ADDQ(&entry->ckch_inst, &new_inst->by_crtlist_entry); + new_inst->crtlist_entry = entry; } appctx->st2 = SETCERT_ST_INSERT; /* fallthrough */