From: William Lallemand <wlallemand@haproxy.com>
Date: Thu, 10 Oct 2019 09:38:13 +0000 (+0200)
Subject: MINOR: ssl: crt-list do ckchn_lookup
X-Git-Tag: v2.1-dev3~102
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eed4bf234e41e3cb4c6194b935bc7c1b23bf770c;p=thirdparty%2Fhaproxy.git

MINOR: ssl: crt-list do ckchn_lookup
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 726ffb279d..ca48a65ea6 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3853,23 +3853,19 @@ int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct
 			break;
 		}
 
-		if (stat(crt_path, &buf) == 0) {
-
-			ckchn =  ckchn_load_cert_file(crt_path, 0,  err);
-			if (!ckchn)
-				cfgerr++;
-			else
-				cfgerr = ssl_sock_load_ckchn(crt_path, ckchn, bind_conf, ssl_conf,
-							     &args[cur_arg], arg - cur_arg - 1, err);
-		} else {
-			ckchn =  ckchn_load_cert_file(crt_path, 1,  err);
-			if (!ckchn)
-				cfgerr++;
+		if ((ckchn = ckchn_lookup(crt_path)) == NULL) {
+			if (stat(crt_path, &buf) == 0)
+				ckchn = ckchn_load_cert_file(crt_path, 0,  err);
 			else
-				cfgerr = ssl_sock_load_multi_ckchn(crt_path, ckchn, bind_conf, ssl_conf,
-								   &args[cur_arg], arg - cur_arg - 1, err);
+				ckchn = ckchn_load_cert_file(crt_path, 1,  err);
 		}
 
+		if (!ckchn)
+			cfgerr++;
+		else
+			cfgerr += ssl_sock_load_ckchn(crt_path, ckchn, bind_conf, ssl_conf,
+			                              &args[cur_arg], arg - cur_arg - 1, err);
+
 		if (cfgerr) {
 			memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
 			break;