BUG/MEDIUM: ssl/cli: tls-keys commands are missing permission checks

Both 'set ssl tls-key' and 'show tls-keys' command are missing the
permission checks so the commands can be used only in admin mode.

Must be backported to 3.3. This can be a breaking change for some users.

Initially reported by Cameron Brown.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 41619bef570688a220b2f4031f00d400f4453b7d..23ad58cbe24fa9571f56bf1abd4eaa0d223ea7f3 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -8086,8 +8086,8 @@ static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *app
 {
        struct show_keys_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
 
-       if ((appctx->cli_ctx.level & ACCESS_LVL_MASK) < ACCESS_LVL_ADMIN)
-               ha_warning("'%s %s' accessed without admin rights, this won't be supported anymore starting from haproxy 3.3\n", args[0], args[1]);
+       if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
+               return 1;
 
        /* no parameter, shows only file list */
        if (!*args[2]) {
@@ -8113,8 +8113,8 @@ static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appc
        struct tls_keys_ref *ref;
        int ret;
 
-       if ((appctx->cli_ctx.level & ACCESS_LVL_MASK) < ACCESS_LVL_ADMIN)
-               ha_warning("'%s %s %s' accessed without admin rights, this won't be supported anymore starting from haproxy 3.3\n", args[0], args[1], args[2]);
+       if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
+               return 1;
 
        /* Expect two parameters: the filename and the new new TLS key in encoding */
        if (!*args[3] || !*args[4])