MEDIUM: ssl/cli: relax crt insertion in crt-list of type directory

In previous versions of haproxy, insertions of certificates in a
crt-list from the CLI would require to have the path of the directory,
in the path of the certificate. This would help avoiding that the
certificate wasn't loaded upon a reload because it is not at the right
place.

However, since version 3.0 and crt-store, the name stored in the tree
could be an alias and not a path, so that does not make sense anymore.
Even though path would be right, the check is not right anymore in this
case.

The tool or user inserting the certificate must now check itself that
the certificate was placed at the right spot on the filesystem.

Reported in issue #3053.

Could be backported as far as haproxy 3.0.

src/ssl_crtlist.c

@@ -1390,24 +1390,6 @@ static int cli_parse_add_crtlist(char **args, char *payload, struct appctx *appc
 		goto error;
 	}
 
-	if (eb_gettag(crtlist->entries.b[EB_RGHT])) {
-		char *slash;
-
-		slash = strrchr(cert_path, '/');
-		if (!slash) {
-			memprintf(&err, "'%s' is a directory, certificate path '%s' must contain the directory path", (char *)crtlist->node.key, cert_path);
-			goto error;
-		}
-		/* temporary replace / by 0 to do an strcmp */
-		*slash = '\0';
-		if (strcmp(cert_path, (char*)crtlist->node.key) != 0) {
-			*slash = '/';
-			memprintf(&err, "'%s' is a directory, certificate path '%s' must contain the directory path", (char *)crtlist->node.key, cert_path);
-			goto error;
-		}
-		*slash = '/';
-	}
-
 	if (*cert_path != '@' && *cert_path != '/' && global_ssl.crt_base) {
 		if ((strlen(global_ssl.crt_base) + 1 + strlen(cert_path)) > sizeof(path) ||
 		    snprintf(path, sizeof(path), "%s/%s",  global_ssl.crt_base, cert_path) > sizeof(path)) {