This is an automated email from the ASF dual-hosted git repository. cmcfarlen pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push: new 167a33d99 reconfigure should not apply a bad config even if exit_on_load_fail is off(0) (#9163) 167a33d99 is described below commit 167a33d99b114293035e4490e9ad0a07443e2487 Author: Chris McFarlen <ch...@mcfarlen.us> AuthorDate: Wed Nov 2 18:36:52 2022 -0500 reconfigure should not apply a bad config even if exit_on_load_fail is off(0) (#9163) --- iocore/net/SSLConfig.cc | 2 +- tests/gold_tests/tls/ssl_multicert_loader.test.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index 336c084cc..29b2fcfb8 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -570,7 +570,7 @@ SSLCertificateConfig::reconfigure() // If there are errors in the certificate configs and we had wanted to exit on error // we won't want to reset the config - if (retStatus || !params->configExitOnLoadError) { + if (retStatus) { configid = configProcessor.set(configid, lookup); } else { delete lookup; diff --git a/tests/gold_tests/tls/ssl_multicert_loader.test.py b/tests/gold_tests/tls/ssl_multicert_loader.test.py index dad0aa17b..53cb1e733 100644 --- a/tests/gold_tests/tls/ssl_multicert_loader.test.py +++ b/tests/gold_tests/tls/ssl_multicert_loader.test.py @@ -31,6 +31,7 @@ server.addResponse("sessionlog.json", request_header, response_header) ts.Disk.records_config.update({ 'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}', 'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}', + 'proxy.config.ssl.server.multicert.exit_on_load_fail': 0, }) ts.addDefaultSSLFiles() @@ -107,7 +108,7 @@ tr4.Processes.Default.StartBefore(ts2) ts2.ReturnCode = 2 ts2.Ready = 0 # Need this to be 0 because we are testing shutdown, this is to make autest not think ats went away for a bad reason. -ts.Disk.traffic_out.Content = Testers.ExcludesExpression( +ts2.Disk.traffic_out.Content = Testers.ExcludesExpression( 'Traffic Server is fully initialized', 'process should fail when invalid certificate specified') ts2.Disk.diags_log.Content = Testers.IncludesExpression('FATAL: failed to load SSL certificate file', 'check diags.log"')