RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-17 17:04:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl

Browse Source 
Fix 541a534 ("BUG/MINOR: ssl/cli: fix build of SCTL and OCSP") was not
enough.

[wla: It will probably be better later to put the #ifdef in the
functions so they can return an error if they are not implemented]
This commit is contained in:
Emmanuel Hocdet 2019-10-30 17:41:27 +01:00 committed by William Lallemand
parent 1eb3b4828e
commit f6ac4fa745
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl_sock.c
View File

@ -9939,9 +9939,13 @@ static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appc
enum {
CERT_TYPE_PEM = 0,
#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
CERT_TYPE_OCSP,
#endif
CERT_TYPE_ISSUER,
#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
CERT_TYPE_SCTL,
#endif
CERT_TYPE_MAX,
};