You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by "ywkaras (via GitHub)" <gi...@apache.org> on 2023/03/16 20:37:46 UTC

[GitHub] [trafficserver] ywkaras opened a new pull request, #9528: Remove premature context updates in TSSslSecretSet().

ywkaras opened a new pull request, #9528:
URL: https://github.com/apache/trafficserver/pull/9528

   This PR partially reverts PR #8368.  SSL contexts (SSL_CTX) should only be updated by TSSslSecretUpdate() (which is only called for the main, not the related secret).  The update in TSSslSecretSet() is not merely redundant, it causes errors.  When an update is done, OpenSSL will check that the cert public key matches the private key.  Since TSSslSecretSet() can only set one at time, if it also updates, they will not match.
   
   Contexts for a loading confguration never have to be updated, becasue no SSL_CTX's have been created using it yet.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bneradt commented on pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "bneradt (via GitHub)" <gi...@apache.org>.

bneradt commented on PR #9528:
URL: https://github.com/apache/trafficserver/pull/9528#issuecomment-1546191065

   [approve ci cmake]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 commented on pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "ezelkow1 (via GitHub)" <gi...@apache.org>.

ezelkow1 commented on PR #9528:
URL: https://github.com/apache/trafficserver/pull/9528#issuecomment-1554942745

   [approve ci centos]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] github-actions[bot] closed pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] closed pull request #9528: Remove premature context updates in TSSslSecretSet().
URL: https://github.com/apache/trafficserver/pull/9528


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ywkaras commented on pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "ywkaras (via GitHub)" <gi...@apache.org>.

ywkaras commented on PR #9528:
URL: https://github.com/apache/trafficserver/pull/9528#issuecomment-1472730259

   Waiting on a confirmation for a Yahoo prod engineer that this fixes the problem they're having with one of our plugins.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ywkaras commented on pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "ywkaras (via GitHub)" <gi...@apache.org>.

ywkaras commented on PR #9528:
URL: https://github.com/apache/trafficserver/pull/9528#issuecomment-1500762918

   Leaving this as a draft, until the TSSslSecretXxx functions are fixed ( see https://github.com/apache/trafficserver/issues/9562 ).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] github-actions[bot] commented on pull request #9528: Remove premature context updates in TSSslSecretSet().

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] commented on PR #9528:
URL: https://github.com/apache/trafficserver/pull/9528#issuecomment-1683214273

   This pull request has been automatically marked as stale because it has not had recent activity. Marking it stale to flag it for further consideration by the community.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org