You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2021/11/17 19:10:56 UTC
[trafficserver] branch 9.1.x updated: Prevent bad ssl_multicert.config load from being swapped in (#8515)
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 9.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/9.1.x by this push:
new b18b1b3 Prevent bad ssl_multicert.config load from being swapped in (#8515)
b18b1b3 is described below
commit b18b1b33536506c0171db89c21636886c4adf9cc
Author: Randall Meyer <rr...@apache.org>
AuthorDate: Mon Nov 15 16:24:15 2021 -0800
Prevent bad ssl_multicert.config load from being swapped in (#8515)
retStatus contains the load status of the config file, but wasn't used
to check if it successful before being swapped in
This is a follow up to #8256
(cherry picked from commit a3293582360ec8620c3f499064b438acde9ddb57)
---
iocore/net/SSLConfig.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 4c34d67..24daee5 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -497,7 +497,7 @@ SSLCertificateConfig::reconfigure()
}
// If there are errors in the certificate configs and we had wanted to exit on error
// we won't want to reset the config
- if (lookup->is_valid || !params->configExitOnLoadError) {
+ if (retStatus || !params->configExitOnLoadError) {
configid = configProcessor.set(configid, lookup);
} else {
delete lookup;