From 1fda0a52029ba5fe5ea4e31da7a71ba94b217170 Mon Sep 17 00:00:00 2001 From: Remi Tricot-Le Breton Date: Wed, 7 Feb 2024 16:38:40 +0100 Subject: [PATCH] BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch When calling ckchs_dup (during a "set ssl cert" CLI command), if the modified store had OCSP auto update enabled then the new certificate would not keep the previous update mode and would not appear in the auto update list. This patch can be backported to 2.8. --- src/ssl_ckch.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 94af3621b0..de37bfb955 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -793,6 +793,8 @@ struct ckch_data *ssl_sock_copy_cert_key_and_chain(struct ckch_data *src, dst->ocsp_cid = OCSP_CERTID_dup(src->ocsp_cid); + dst->ocsp_update_mode = src->ocsp_update_mode; + return dst; error: