mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-02-17 07:11:21 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: close ssl key file on error

Browse Source 
Explicitly close the FILE opened to read the ssl key file when parsing
fails to find a valid key.

This fix needs to be backported to 1.6.
This commit is contained in:
mildis 2016-06-22 17:46:29 +02:00 committed by Willy Tarreau
parent a58c4359bb
commit 16aa0153b5
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl_sock.c
View File

@ -5401,6 +5401,7 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
if (base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(struct tls_sess_key)) != sizeof(struct tls_sess_key)) {
if (err)
memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
fclose(f);
return ERR_ALERT | ERR_FATAL;
}
i++;
@ -5409,6 +5410,7 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
if (i < TLS_TICKETS_NO) {
if (err)
memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
fclose(f);
return ERR_ALERT | ERR_FATAL;
}