MINOR: ssl: improve the errors when a crt can't be open

Issue #574 reported an unclear error when trying to open a file with not
enough permission.

  [ALERT] 096/032117 (835) : parsing [/etc/haproxy/haproxy.cfg:54] : 'bind :443' : error encountered while processing 'crt'.
  [ALERT] 096/032117 (835) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
  [ALERT] 096/032117 (835) : Fatal errors found in configuration.

Improve the error to give us more information:

  [ALERT] 097/142030 (240089) : parsing [test.cfg:22] : 'bind :443' : cannot open the file 'kikyo.pem.rsa'.
  [ALERT] 097/142030 (240089) : Error(s) found in configuration file : test.cfg
  [ALERT] 097/142030 (240089) : Fatal errors found in configuration.

This patch could be backported in 2.1.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 282e343625875e4b12af29d9847c159c73aa875a..b1670456bb4688760a0c5d45ba8f86a30e32e299 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3323,11 +3323,16 @@ static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_
        } else {
                /* reading from a file */
                in = BIO_new(BIO_s_file());
-               if (in == NULL)
+               if (in == NULL) {
+                       memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
                        goto end;
+               }
 
-               if (BIO_read_filename(in, path) <= 0)
+               if (BIO_read_filename(in, path) <= 0) {
+                       memprintf(err, "%scannot open the file '%s'.\n",
+                                 err && *err ? *err : "", path);
                        goto end;
+               }
        }
 
        /* Read Private Key */