haproxy

mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-14 15:34:35 +00:00

haproxy public development tree

Go to file

Remi Tricot-Le Breton fb00f31af4 BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list" If an unknown CA file was first mentioned in an "add ssl crt-list" CLI command, it would result in a call to X509_STORE_load_locations which performs a disk access which is forbidden during runtime. The same would happen if a "ca-verify-file" or "crl-file" was specified. This was due to the fact that the crt-list file parsing and the crt-list related CLI commands parsing use the same functions. The patch simply adds a new parameter to all the ssl_bind parsing functions so that they know if the call is made during init or by the CLI, and the ssl_store_load_locations function can then reject any new cafile_entry creation coming from a CLI call. It can be backported as far as 2.2.		2021-03-23 19:29:46 +01:00
.github	CI: github actions: update LibreSSL to 3.2.5	2021-03-20 09:32:52 +01:00
contrib	MINOR: opentracing: use pool_alloc(), not pool_alloc_dirty()	2021-03-22 15:35:53 +01:00
doc	CLEANUP: dynbuf: remove the unused b_alloc_fast() function	2021-03-22 16:28:05 +01:00
examples	CLEANUP: assorted typo fixes in the code and comments	2020-06-26 11:27:28 +02:00
include	BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"	2021-03-23 19:29:46 +01:00
reg-tests	BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"	2021-03-23 19:29:46 +01:00
scripts	BUILD: Makefile: move REGTESTST_TYPE default setting	2021-02-05 11:41:16 +01:00
src	BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"	2021-03-23 19:29:46 +01:00
tests	MEDIUM: config: remove the deprecated and dangerous global "debug" directive	2020-10-09 19:18:45 +02:00
.cirrus.yml	CI: cirrus: update FreeBSD image to 12.2	2021-02-12 16:04:52 +01:00
.gitattributes	MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes	2021-02-22 18:17:57 +01:00
.gitignore	CLEANUP: Update .gitignore	2020-09-12 13:11:24 +02:00
.travis.yml	CI: travis-ci: drop coverity scan builds	2020-12-22 19:39:23 +01:00
BRANCHES	DOC: fix some spelling issues over multiple files	2021-01-08 14:53:47 +01:00
CHANGELOG	[RELEASE] Released version 2.4-dev13	2021-03-19 17:16:18 +01:00
CONTRIBUTING	DOC: fix some spelling issues over multiple files	2021-01-08 14:53:47 +01:00
INSTALL	DOC: fix some spelling issues over multiple files	2021-01-08 14:53:47 +01:00
LICENSE
MAINTAINERS	DOC: Update the module list in MAINTAINERS file	2021-02-24 22:09:57 +01:00
Makefile	BUG/MINOR: protocol: add missing support of dgram unix socket.	2021-03-18 18:30:29 +01:00
README
ROADMAP
SUBVERS
VERDATE	[RELEASE] Released version 2.4-dev13	2021-03-19 17:16:18 +01:00
VERSION	[RELEASE] Released version 2.4-dev13	2021-03-19 17:16:18 +01:00

README

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)