a32a68bd3b
This patch adds the "set ssl ca-file" and "commit ssl ca-file" commands, following the same logic as the certificate update equivalents. When trying to update a ca-file entry via a "set" command, we start by looking for the entry in the cafile_tree and then building a new cafile_entry out of the given payload. This new object is not added to the cafile_tree until "commit" is called. During a "commit" command, we insert the newly built cafile_entry in the cafile_tree, while keeping the previous entry as well. We then iterate over all the instances linked in the old cafile_entry and rebuild a new ckch instance for every one of them. The newly inserted cafile_entry is used for all those new instances and their respective SSL contexts. When all the contexts are properly created, the old instances get replaced by the new ones and the old cafile_entry is removed from the tree. This fixes a subpart of GitHub issue #1057. |
||
|---|---|---|
| .. | ||
| haproxy | ||
| import | ||