BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield

When loaded CA files are displayed via "show ssl ca-file" command, the
in-progress transaction, if any, is also displayed. However, if the command
yield, the transaction is re-displayed again and again.

To fix the issue, old_cafile_entry field is used to remember the transaction
was already displayed.

This patch must be backported as far as 2.5.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 5a08bc72f6fb8e5bed931392e5e11d4d0b5fe076..88f8ad01ad7b4b34dc18b9712e5f7f03a4f4ab7f 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -3118,13 +3118,13 @@ static int cli_io_handler_show_cafile(struct appctx *appctx)
        if (trash == NULL)
                return 1;
 
-       if (!ctx->old_cafile_entry) {
-               if (cafile_transaction.old_cafile_entry) {
-                       chunk_appendf(trash, "# transaction\n");
-                       chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path);
-
-                       chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry));
-               }
+       if (!ctx->old_cafile_entry && cafile_transaction.old_cafile_entry) {
+               chunk_appendf(trash, "# transaction\n");
+               chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path);
+               chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry));
+               if (applet_putchk(appctx, trash) == -1)
+                       goto yield;
+               ctx->old_cafile_entry = cafile_transaction.new_cafile_entry;
        }
 
        /* First time in this io_handler. */