From: William Lallemand <wlallemand@haproxy.com>
Date: Fri, 9 May 2025 16:23:06 +0000 (+0200)
Subject: BUG/MINOR: ssl: doesn't fill conf->crt with first arg
X-Git-Tag: v3.2-dev16~47
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0c4abf5a2280152f30a090902ac8ac9e288ba21f;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: doesn't fill conf->crt with first arg

Commit c7f29afc ("MEDIUM: ssl: replace "crt" lines by "ssl-f-use"
lines") forgot to remove an the allocation of the crt field which was
done with the first argument.

Since ssl-f-use takes keywords, this would put the first keyword in
"crt" instead of the certificate name.
---

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 1a786f98d..c71e070d6 100644
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -2200,12 +2200,6 @@ static int proxy_parse_ssl_f_use(char **args, int section_type, struct proxy *cu
 		goto error;
 	}
 
-	ckch_conf->crt = strdup(args[1]);
-	if (!ckch_conf->crt) {
-		memprintf(err, "not enough memory!");
-		goto error;
-	}
-
 	while (*args[cur_arg]) {
 		int foundcrtstore = 0; /* found a crt-store keyword */
 		int found = 0;         /* found a crt-list or crt-store keyword */