[trafficserver] branch master updated: reconfigure should not apply a bad config even if exit_on_load_fail is off(0) (#9163)

Wed, 02 Nov 2022 16:37:06 -0700 

This is an automated email from the ASF dual-hosted git repository.

cmcfarlen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 167a33d99 reconfigure should not apply a bad config even if 
exit_on_load_fail is off(0) (#9163)
167a33d99 is described below

commit 167a33d99b114293035e4490e9ad0a07443e2487
Author: Chris McFarlen <ch...@mcfarlen.us>
AuthorDate: Wed Nov 2 18:36:52 2022 -0500

    reconfigure should not apply a bad config even if exit_on_load_fail is 
off(0) (#9163)
---
 iocore/net/SSLConfig.cc                           | 2 +-
 tests/gold_tests/tls/ssl_multicert_loader.test.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 336c084cc..29b2fcfb8 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -570,7 +570,7 @@ SSLCertificateConfig::reconfigure()
 
   // If there are errors in the certificate configs and we had wanted to exit 
on error
   // we won't want to reset the config
-  if (retStatus || !params->configExitOnLoadError) {
+  if (retStatus) {
     configid = configProcessor.set(configid, lookup);
   } else {
     delete lookup;
diff --git a/tests/gold_tests/tls/ssl_multicert_loader.test.py 
b/tests/gold_tests/tls/ssl_multicert_loader.test.py
index dad0aa17b..53cb1e733 100644
--- a/tests/gold_tests/tls/ssl_multicert_loader.test.py
+++ b/tests/gold_tests/tls/ssl_multicert_loader.test.py
@@ -31,6 +31,7 @@ server.addResponse("sessionlog.json", request_header, 
response_header)
 ts.Disk.records_config.update({
     'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}',
     'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.server.multicert.exit_on_load_fail': 0,
 })
 
 ts.addDefaultSSLFiles()
@@ -107,7 +108,7 @@ tr4.Processes.Default.StartBefore(ts2)
 
 ts2.ReturnCode = 2
 ts2.Ready = 0  # Need this to be 0 because we are testing shutdown, this is to 
make autest not think ats went away for a bad reason.
-ts.Disk.traffic_out.Content = Testers.ExcludesExpression(
+ts2.Disk.traffic_out.Content = Testers.ExcludesExpression(
     'Traffic Server is fully initialized',
     'process should fail when invalid certificate specified')
 ts2.Disk.diags_log.Content = Testers.IncludesExpression('FATAL: failed to load 
SSL certificate file', 'check diags.log"')

Reply via email to