From 75372116092d861ab829d52f3d245325696cee66 Mon Sep 17 00:00:00 2001
From: PiBa-NL <pba_2k3@yahoo.com>
Date: Sat, 7 Feb 2015 17:50:48 +0100
Subject: haproxy-devel, 0.17, acl's are merged when duplicates exist, better
 client certificate handling, checkbox options for allowing no/invalid client
 certs instead of the 'none'-ca which wasn't 'user friendly'.

---
 config/haproxy-devel/pkg/haproxy_upgrade_config.inc | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'config/haproxy-devel/pkg')

diff --git a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc
index 9dd575dd..9c602457 100644
--- a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc
+++ b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc
@@ -163,6 +163,22 @@ function haproxy_upgrade_config() {
 		update_output_window($static_output);
 		$configversion = "00.16";
 	}
+	if ($configversion < "00.17") {
+		$static_output .= "HAProxy, 00.17\n";
+		update_output_window($static_output);
+		// remove 'none' ca-cert, and set checkbox to allow for no certificate instead.
+		foreach ($config['installedpackages']['haproxy']['ha_backends']['item'] as &$bind) {
+			$list = array();
+			foreach ($bind['clientcert_ca']['item'] as $ca){
+				if (empty($ca['cert_ca']))
+					$bind['sslclientcert-none'] = 'yes';
+				else
+					$list[] = $ca;
+			}
+			$bind['clientcert_ca']['item'] = $list;
+		}
+		$configversion = "00.17";
+	}
 	
 	$writeconfigupdate = $config['installedpackages']['haproxy']['configversion'] <> $configversion;
 	if ($writeconfigupdate) {
-- 
cgit v1.2.3