BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified

When a CA or a CRL entry is being modified, we must take care to no delete
it because the corresponding ongoing transaction still references it. If we
do so, it leads to a null-deref and a crash may be exeperienced if changes
are commited.

This patch must be backported as far as 2.5.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 0ed81d6d45e1c9b63e85a056952ae61d2055cdb4..ad84eeacc1c750fed4a71b20f161a0fec0f16ec3 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -3252,6 +3252,11 @@ static int cli_parse_del_cafile(char **args, char *payload, struct appctx *appct
 
        filename = args[3];
 
+       if (cafile_transaction.path && strcmp(cafile_transaction.path, filename) == 0) {
+               memprintf(&err, "ongoing transaction for the CA file '%s'", filename);
+               goto error;
+       }
+
        cafile_entry = ssl_store_get_cafile_entry(filename, 0);
        if (!cafile_entry) {
                memprintf(&err, "CA file '%s' doesn't exist!\n", filename);
@@ -3524,6 +3529,11 @@ static int cli_parse_del_crlfile(char **args, char *payload, struct appctx *appc
 
        filename = args[3];
 
+       if (crlfile_transaction.path && strcmp(crlfile_transaction.path, filename) == 0) {
+               memprintf(&err, "ongoing transaction for the CRL file '%s'", filename);
+               goto error;
+       }
+
        cafile_entry = ssl_store_get_cafile_entry(filename, 0);
        if (!cafile_entry) {
                memprintf(&err, "CRL file '%s' doesn't exist!\n", filename);