RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-10 03:02:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line

Browse Source 
In srv_parse_crt, crt_base was checked but ca_base was used to build the
certifacte path.

This patch must be backported in 1.7, 1.6 and 1.5.
This commit is contained in:
Christopher Faulet 2017-11-23 09:13:32 +01:00 committed by Willy Tarreau
parent 34adb2af96
commit ff3a41eb3f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl_sock.c
View File

@ -7714,7 +7714,7 @@ static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct ser
}
if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
else
memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);