git.ipfire.org Git - thirdparty/haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Tue, 11 Feb 2025 14:15:06 +0000 (15:15 +0100)
committer	William Lallemand <wlallemand@haproxy.com>
	Mon, 17 Feb 2025 17:26:37 +0000 (18:26 +0100)
commit	cd6a02ace9fcf7ace2816a81846872346d22a9c0
tree	5938f9c95512c0245210b1c2d162afa2d26cec08	tree
parent	82f927817ea9eef33cc8dcc4469204ad11d0d504	commit \| diff

MEDIUM: ssl/crtlist: "crt" keyword in frontend

This patch implements the "crt" keywords in frontend, declaring an
implicit crt-list named after the frontend.

The patch is split in two steps:

The first step is the crt keyword parser, which parses crt lines and
fill a "cfg_crt_node" struct containing a ssl_bind_conf and a
ckch_conf which are put in a list to be used later.

After parsing the frontend section, as a 2nd step, a
post_section_parser is called, it will create a crt-list named after
the frontend and will fill it with certificates from the list of
cfg_crt_node. Once created this crt-list will be loaded in every "ssl"
bind lines that didn't declare any crt or crt-list.

Example:

    listen https
       bind :443 ssl
       crt foobar.pem
       crt test1.net.crt key test1.net.key

Implements part of #2854