From 5a2154bf7cd40880cb28a8da58c708df9f5f541c Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Fri, 3 Jun 2022 10:42:48 +0200 Subject: [PATCH] BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield When loaded CA files are displayed via "show ssl ca-file" command, the in-progress transaction, if any, is also displayed. However, if the command yield, the transaction is re-displayed again and again. To fix the issue, old_cafile_entry field is used to remember the transaction was already displayed. This patch must be backported as far as 2.5. --- src/ssl_ckch.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 5a08bc72f6..88f8ad01ad 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -3118,13 +3118,13 @@ static int cli_io_handler_show_cafile(struct appctx *appctx) if (trash == NULL) return 1; - if (!ctx->old_cafile_entry) { - if (cafile_transaction.old_cafile_entry) { - chunk_appendf(trash, "# transaction\n"); - chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path); - - chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry)); - } + if (!ctx->old_cafile_entry && cafile_transaction.old_cafile_entry) { + chunk_appendf(trash, "# transaction\n"); + chunk_appendf(trash, "*%s", cafile_transaction.old_cafile_entry->path); + chunk_appendf(trash, " - %d certificate(s)\n", get_certificate_count(cafile_transaction.new_cafile_entry)); + if (applet_putchk(appctx, trash) == -1) + goto yield; + ctx->old_cafile_entry = cafile_transaction.new_cafile_entry; } /* First time in this io_handler. */ -- 2.39.5