]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fde2a09)
BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
authorEmeric Brun <ebrun@haproxy.com>
Thu, 16 Aug 2018 13:11:12 +0000 (15:11 +0200)
committerWilly Tarreau <w@1wt.eu>
Thu, 16 Aug 2018 17:36:06 +0000 (19:36 +0200)
If there was an issue loading a keytype's part of a bundle, the bundle
was implicitly ignored without errors.

This patch should be backported in 1.8 (and perhaps 1.7)

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 064d728bde540f64ee389ca71ffcf6c2419ab903..a0bea59553a0b1b4c6c0246fc2e97ea2a143fe00 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3491,7 +3491,7 @@ int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
                                                }
 
                                                snprintf(fp, sizeof(fp), "%s/%s", path, dp);
-                                               ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
+                                               cfgerr += ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
 
                                                /* Successfully processed the bundle */
                                                goto ignore_entry;
Mirror of https://github.com/haproxy/haproxy.git