From f03e520c3b70871d315e2a53027bb97d6a1fb238 Mon Sep 17 00:00:00 2001 From: Helene Durand Date: Mon, 24 Jun 2024 16:49:32 +0200 Subject: [PATCH] MEDIUM: Add global ocsp-update keywords Added: - ocsp-update.disable - ocsp-update.httpproxy - ocsp-update.maxdelay - ocsp-update.mindelay - ocs-update.mode --- section-parsers.go | 5 +++++ tests/configs/haproxy.cfg.go | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/section-parsers.go b/section-parsers.go index 5a86440..0fcc391 100644 --- a/section-parsers.go +++ b/section-parsers.go @@ -436,6 +436,11 @@ func (p *configParser) getGlobalParser() *Parsers { //nolint: maintidx addParser(parser, &sequence, &simple.Number{Name: "ssl-security-level"}) addParser(parser, &sequence, &parsers.HTTPErrCodes{}) addParser(parser, &sequence, &parsers.HTTPFailCodes{}) + addParser(parser, &sequence, &simple.OnOff{Name: "ocsp-update.disable"}) + addParser(parser, &sequence, &simple.Word{Name: "ocsp-update.httpproxy"}) + addParser(parser, &sequence, &simple.Number{Name: "ocsp-update.mindelay"}) + addParser(parser, &sequence, &simple.Number{Name: "ocsp-update.maxdelay"}) + addParser(parser, &sequence, &simple.OnOff{Name: "ocsp-update.mode"}) // the ConfigSnippet must be at the end to parsers load order to ensure // the overloading of any option has been declared previously addParser(parser, &sequence, &parsers.ConfigSnippet{}) diff --git a/tests/configs/haproxy.cfg.go b/tests/configs/haproxy.cfg.go index 68a1d0d..9e8e88b 100644 --- a/tests/configs/haproxy.cfg.go +++ b/tests/configs/haproxy.cfg.go @@ -62,6 +62,11 @@ global tune.ssl.default-dh-param 2048 ssl-default-bind-client-sigalgs RSA+SHA256 ssl-default-bind-sigalgs ECDSA+SHA256:RSA+SHA256 + ocsp-update.disable off + ocsp-update.httpproxy 127.0.0.1:123 + ocsp-update.maxdelay 10 + ocsp-update.mindelay 7 + ocsp-update.mode on ###_config-snippet_### END # random comment after snippet