luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

ca: fix a masked bug in leaf cert generation that would not be notified of root cert rotation after the first one (#15005) 

In practice this was masked by #14956 and was only uncovered fixing the
other bug.

  go test ./agent -run TestAgentConnectCALeafCert_goodNotLocal

would fail when only #14956 was fixed.
This commit is contained in:
R.B. Boyer 2022-10-17 13:24:27 -05:00 committed by GitHub
parent 4ba1e75259
commit ca916eec32
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.changelog/15005.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
ca: fix a masked bug in leaf cert generation that would not be notified of root cert rotation after the first one
```

1
agent/cache-types/connect_ca_leaf.go
View File

@ -165,6 +165,7 @@ func (c *ConnectCALeaf) fetchDone(rootUpdateCh chan struct{}) {
if len(c.rootWatchSubscribers) == 0 && c.rootWatchCancel != nil {
// This was the last request. Stop the root watcher.
c.rootWatchCancel()
c.rootWatchCancel = nil
}
}