BUG/MINOR: ssl: ckch->chain must be initialized

author Emmanuel Hocdet <manu@gandi.net>

Thu, 24 Oct 2019 16:28:33 +0000 (18:28 +0200)

committer William Lallemand <wlallemand@haproxy.org>

Thu, 31 Oct 2019 15:53:28 +0000 (16:53 +0100)
author Emmanuel Hocdet <manu@gandi.net>
Thu, 24 Oct 2019 16:28:33 +0000 (18:28 +0200)
committer William Lallemand <wlallemand@haproxy.org>
Thu, 31 Oct 2019 15:53:28 +0000 (16:53 +0100)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c

index 207b4518d68a81fc991cc49cefe4812cddb9790b..c6878e4608aee04caffd96fff9a8eb87eaa987ae 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3196,6 +3196,11 @@ static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_
                         goto end;
                 }
  
+       /* no chain */
+       if (ckch->chain == NULL) {
+               ckch->chain = sk_X509_new_null();
+       }
+
         ret = ERR_get_error();
         if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
                 memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
author	Emmanuel Hocdet <manu@gandi.net>
	Thu, 24 Oct 2019 16:28:33 +0000 (18:28 +0200)
committer	William Lallemand <wlallemand@haproxy.org>
	Thu, 31 Oct 2019 15:53:28 +0000 (16:53 +0100)