BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line

In srv_parse_crt, crt_base was checked but ca_base was used to build the
certifacte path.

This patch must be backported in 1.7, 1.6 and 1.5.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 24bb3687714677954b2ceb4d30cddf5b77f55790..0fca243d2a38591674ff18ad2a1200340c2930b2 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7714,7 +7714,7 @@ static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct ser
        }
 
        if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
-               memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
+               memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
        else
                memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);