From 26654e7a59f7097d263ad5b29c7a9dea58401ee8 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.org>
Date: Wed, 30 Mar 2022 12:01:32 +0200
Subject: [PATCH] MINOR: ssl: add "crt" in the cert_exts array

The cert_exts array does handle "crt" the default way, however
you might stil want to look for these extensions in the array.
---
 include/haproxy/ssl_ckch-t.h | 1 +
 src/ssl_ckch.c               | 1 +
 2 files changed, 2 insertions(+)

diff --git a/include/haproxy/ssl_ckch-t.h b/include/haproxy/ssl_ckch-t.h
index f6c7f0940..c630e9811 100644
--- a/include/haproxy/ssl_ckch-t.h
+++ b/include/haproxy/ssl_ckch-t.h
@@ -135,6 +135,7 @@ struct cafile_entry {
 
 enum {
 	CERT_TYPE_PEM = 0,
+	CERT_TYPE_CRT,
 	CERT_TYPE_KEY,
 #if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
 	CERT_TYPE_OCSP,
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 597f3f2d7..01bda1e80 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -1118,6 +1118,7 @@ int ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_ty
 
 struct cert_exts cert_exts[] = {
 	{ "",        CERT_TYPE_PEM,      &ssl_sock_load_pem_into_ckch }, /* default mode, no extensions */
+	{ "crt",     CERT_TYPE_CRT,      &ssl_sock_load_pem_into_ckch },
 	{ "key",     CERT_TYPE_KEY,      &ssl_sock_load_key_into_ckch },
 #if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
 	{ "ocsp",    CERT_TYPE_OCSP,     &ssl_sock_load_ocsp_response_from_file },