BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line

When deleting a crt-list line through a "del ssl crt-list" call on the
CLI, we ended up free'ing the corresponding ckch instances without fully
clearing their contents. It left some dangling references on other
objects because the attache SSL_CTX was not deleted, as well as all the
ex_data referenced by it (OCSP responses for instance).

This patch can be backported up to branch 2.4.

diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index 25c859bb1b884e1a3de3bf808a00935f8436b5fc..bebaccae04f201d2ad83d08f6e68287ce7fdd60c 100644 (file)
--- a/src/ssl_crtlist.c
+++ b/src/ssl_crtlist.c
@@ -1530,7 +1530,7 @@ static int cli_parse_del_crtlist(char **args, char *payload, struct appctx *appc
                        LIST_DELETE(&link_ref->list);
                        free(link_ref);
                }
-               free(inst);
+               ckch_inst_free(inst);
        }
 
        crtlist_free_filters(entry->filters);