RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-03-25 04:17:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl: ssl-(min|max)-ver parameter not duplicated for bundles in crt-list

Browse Source 
If a bundle is used in a crt-list, the ssl-min-ver and ssl-max-ver
options were not taken into account in entries other than the first one
because the corresponding fields in the ssl_bind_conf structure were not
copied in crtlist_dup_ssl_conf.

This should fix GitHub issue #2069.
This patch should be backported up to 2.4.
This commit is contained in:
Remi Tricot-Le Breton 2023-03-14 17:22:24 +01:00 committed by William Lallemand
parent d32c8e3ccb
commit 6549f53fb6
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/ssl_crtlist.c
View File

@ -142,6 +142,15 @@ struct ssl_bind_conf *crtlist_dup_ssl_conf(struct ssl_bind_conf *src)
if (!dst->ecdhe)
goto error;
}
dst->ssl_methods_cfg.flags = src->ssl_methods_cfg.flags;
dst->ssl_methods_cfg.min = src->ssl_methods_cfg.min;
dst->ssl_methods_cfg.max = src->ssl_methods_cfg.max;
dst->ssl_methods.flags = src->ssl_methods.flags;
dst->ssl_methods.min = src->ssl_methods.min;
dst->ssl_methods.max = src->ssl_methods.max;
return dst;
error: