1 files changed, 0 insertions, 48 deletions

diff --git a/net/haproxy/patches/040-BUG-MINOR-ssl-cli-free-the-previous-ckch-content-once-a-PEM-is-loaded.patch b/net/haproxy/patches/040-BUG-MINOR-ssl-cli-free-the-previous-ckch-content-once-a-PEM-is-loaded.patch
deleted file mode 100644
index 8c93e9a45..000000000
--- a/net/haproxy/patches/040-BUG-MINOR-ssl-cli-free-the-previous-ckch-content-once-a-PEM-is-loaded.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-commit 9f77fd742697cc2774c6a50204cb9f5b6909e930
-Author: William Lallemand <wlallemand@haproxy.com>
-Date:   Thu Jan 23 10:56:05 2020 +0100
-
-    BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
-    
-    When using "set ssl cert" on the CLI, if we load a new PEM, the previous
-    sctl, issuer and OCSP response are still loaded. This doesn't make any
-    sense since they won't be usable with a new private key.
-    
-    This patch free the previous data.
-    
-    Should be backported in 2.1.
-    
-    (cherry picked from commit 75b15f790f2be0600483476c1505fec0ce898e35)
-    Signed-off-by: Willy Tarreau <w@1wt.eu>
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index b65da399f..e320d908f 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -3196,6 +3196,26 @@ static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_
- 		goto end;
- 	}
- 
-+	/* once it loaded the PEM, it should remove everything else in the ckch */
-+	if (ckch->ocsp_response) {
-+		free(ckch->ocsp_response->area);
-+		ckch->ocsp_response->area = NULL;
-+		free(ckch->ocsp_response);
-+		ckch->ocsp_response = NULL;
-+	}
-+
-+	if (ckch->sctl) {
-+		free(ckch->sctl->area);
-+		ckch->sctl->area = NULL;
-+		free(ckch->sctl);
-+		ckch->sctl = NULL;
-+	}
-+
-+	if (ckch->ocsp_issuer) {
-+		X509_free(ckch->ocsp_issuer);
-+		ckch->ocsp_issuer = NULL;
-+	}
-+
- 	/* no error, fill ckch with new context, old context will be free at end: */
- 	SWAP(ckch->key, key);
- 	SWAP(ckch->dh, dh);