From: Christopher Faulet Date: Fri, 3 Jun 2022 08:42:48 +0000 (+0200) Subject: BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield X-Git-Tag: v2.7-dev1~111 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a2154bf7cd40880cb28a8da58c708df9f5f541c;p=thirdparty%2Fhaproxy.git BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield When loaded CA files are displayed via "show ssl ca-file" command, the in-progress transaction, if any, is also displayed. However, if the command yield, the transaction is re-displayed again and again. To fix the issue, old_cafile_entry field is used to remember the transaction was already displayed. This patch must be backported as far as 2.5. --- diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 5a08bc72f6..88f8ad01ad 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -3118,13 +3118,13 @@ static int cli_io_handler_show_cafile(struct appctx *appctx) if (trash == NULL) return 1; - if (!ctx->old_cafile_entry) { - if (cafile_transaction.old_cafile_entry) { - chunk_appendf(trash, "# transaction\n"); - chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path); - - chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry)); - } + if (!ctx->old_cafile_entry && cafile_transaction.old_cafile_entry) { + chunk_appendf(trash, "# transaction\n"); + chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path); + chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry)); + if (applet_putchk(appctx, trash) == -1) + goto yield; + ctx->old_cafile_entry = cafile_transaction.new_cafile_entry; } /* First time in this io_handler. */