William Lallemand 2c776f1c30 BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server ... This bug was introduced by d817dc73 ("MEDIUM: ssl: Load client certificates in a ckch for backend servers") in which the creation of the SSL_CTX for a server was moved to the configuration parser when using a "crt" keyword instead of being done in ssl_sock_prepare_srv_ctx(). The patch 0498fa40 ("BUG/MINOR: ssl: Default-server configuration ignored by server") made it worse by setting the same SSL_CTX for every servers using a default-server. Resulting in any SSL option on a server applied to every server in its backend. This patch fixes the issue by reintroducing a string which store the path of certificate inside the server structure, and loading the certificate in ssl_sock_prepare_srv_ctx() again. This is a quick fix to backport, a cleaner way can be achieve by always creating the SSL_CTX in ssl_sock_prepare_srv_ctx() and splitting properly the ssl_sock_load_srv_cert() function. This patch fixes issue #1488. Must be backported as far as 2.4.		2021-12-29 14:42:16 +01:00
..
haproxy	BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server	2021-12-29 14:42:16 +01:00
import	REORG: ebtree: split structures into their own file ebtree-t.h	2021-10-07 01:41:14 +02:00