git.99rst.org Git - openwrt-packages.git/blob

   1 commit 9923082f94e0af83d03e030f4274d3db374b248c
   2 Author: Emeric Brun <ebrun@haproxy.com>
   3 Date:   Thu Aug 16 15:11:12 2018 +0200
   4
   5     BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
   6
   7     If there was an issue loading a keytype's part of a bundle, the bundle
   8     was implicitly ignored without errors.
   9
  10     This patch should be backported in 1.8 (and perhaps 1.7)
  11
  12     (cherry picked from commit eb155b6ca6c1a8aaffa30285d453909b97979f5f)
  13     Signed-off-by: Willy Tarreau <w@1wt.eu>
  14
  15 diff --git a/src/ssl_sock.c b/src/ssl_sock.c
  16 index 49389f01..9f0ff1f0 100644
  17 --- a/src/ssl_sock.c
  18 +++ b/src/ssl_sock.c
  19 @@ -3475,7 +3475,7 @@ int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
  20                                                 }
  21
  22                                                 snprintf(fp, sizeof(fp), "%s/%s", path, dp);
  23 -                                               ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
  24 +                                               cfgerr += ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
  25
  26                                                 /* Successfully processed the bundle */
  27                                                 goto ignore_entry;