diff options
| author | PiBa-NL <pba_2k3@yahoo.com> | 2015-02-07 17:50:48 +0100 |
|---|---|---|
| committer | PiBa-NL <pba_2k3@yahoo.com> | 2015-02-07 17:50:48 +0100 |
| commit | 75372116092d861ab829d52f3d245325696cee66 (patch) | |
| tree | 06d1e740adf25515c92315dc34d496b73f1a56ae /config/haproxy-devel/pkg | |
| parent | e28f3357fa41438060791f4b339ab079721d64d6 (diff) | |
| download | pfsense-packages-75372116092d861ab829d52f3d245325696cee66.tar.gz pfsense-packages-75372116092d861ab829d52f3d245325696cee66.tar.bz2 pfsense-packages-75372116092d861ab829d52f3d245325696cee66.zip | |
haproxy-devel, 0.17, acl's are merged when duplicates exist, better client certificate handling, checkbox options for allowing no/invalid client certs instead of the 'none'-ca which wasn't 'user friendly'.
Diffstat (limited to 'config/haproxy-devel/pkg')
| -rw-r--r-- | config/haproxy-devel/pkg/haproxy_upgrade_config.inc | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc index 9dd575dd..9c602457 100644 --- a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc +++ b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc @@ -163,6 +163,22 @@ function haproxy_upgrade_config() { update_output_window($static_output); $configversion = "00.16"; } + if ($configversion < "00.17") { + $static_output .= "HAProxy, 00.17\n"; + update_output_window($static_output); + // remove 'none' ca-cert, and set checkbox to allow for no certificate instead. + foreach ($config['installedpackages']['haproxy']['ha_backends']['item'] as &$bind) { + $list = array(); + foreach ($bind['clientcert_ca']['item'] as $ca){ + if (empty($ca['cert_ca'])) + $bind['sslclientcert-none'] = 'yes'; + else + $list[] = $ca; + } + $bind['clientcert_ca']['item'] = $list; + } + $configversion = "00.17"; + } $writeconfigupdate = $config['installedpackages']['haproxy']['configversion'] <> $configversion; if ($writeconfigupdate) { |