RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-18 01:14:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated

Browse Source 
Don't try to load a bundle from a crt-list if the bundle support was
disabled with ssl-load-extra-files.

Must be backported to 2.3.
This commit is contained in:
William Lallemand 2020-11-20 18:23:40 +01:00
parent 06ce84a100
commit 7340457158
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl_crtlist.c
View File

@ -550,7 +550,7 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu
LIST_ADDQ(&newlist->ord_entries, &entry->by_crtlist);
LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
} else {
} else if (global_ssl.extra_files & SSL_GF_BUNDLE) {
/* If we didn't find the file, this could be a
bundle, since 2.3 we don't support multiple
certificate in the same OpenSSL store, so we