mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-11-08 12:31:21 +01:00
Code Issues Projects Releases Wiki Activity

BUILD: ssl/ckch: fix ckch_conf_kws parsing without ACME

Browse Source 
Without ACME, the tmp_pkey and tmp_x509 functions are not available, the
patch checks HAVE_ACME to use them.
This commit is contained in:
William Lallemand 2025-11-06 12:22:38 +01:00
parent 22f92804d6
commit a8498cde74
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/ssl_ckch.c
View File

@ -4733,7 +4733,7 @@ static int ckch_conf_load_pem_or_generate(void *value, char *buf, struct ckch_st
{ {
char path[PATH_MAX]; char path[PATH_MAX];
int err_code = 0; int err_code = 0;
struct stat sb; struct stat sb __maybe_unused;
if (cli) if (cli)
return 0; return 0;
@ -4741,6 +4741,7 @@ static int ckch_conf_load_pem_or_generate(void *value, char *buf, struct ckch_st
if (err_code & ERR_CODE) if (err_code & ERR_CODE)
goto out; goto out;
#ifdef HAVE_ACME
errno = 0; errno = 0;
/* if ACME is enabled and the file does not exists, generate the PEM */ /* if ACME is enabled and the file does not exists, generate the PEM */
if (s->conf.acme.id && (stat(path, &sb) == -1 && errno == ENOENT)) { if (s->conf.acme.id && (stat(path, &sb) == -1 && errno == ENOENT)) {
@ -4754,7 +4755,9 @@ static int ckch_conf_load_pem_or_generate(void *value, char *buf, struct ckch_st
goto out; goto out;
} }
} else { } else
#endif
{
err_code |= ssl_sock_load_pem_into_ckch(path, buf, s->data, err); err_code |= ssl_sock_load_pem_into_ckch(path, buf, s->data, err);
} }
out: out:
@ -4764,7 +4767,7 @@ static int ckch_conf_load_key_or_generate(void *value, char *buf, struct ckch_st
{ {
char path[PATH_MAX]; char path[PATH_MAX];
int err_code = 0; int err_code = 0;
struct stat sb; struct stat sb __maybe_unused;
if (cli) if (cli)
return 0; return 0;
@ -4772,13 +4775,16 @@ static int ckch_conf_load_key_or_generate(void *value, char *buf, struct ckch_st
if (err_code & ERR_CODE) if (err_code & ERR_CODE)
goto out; goto out;
#ifdef HAVE_ACME
errno = 0; errno = 0;
/* if ACME is enabled and the file does not exists, and no key was previously loaded generate the key */ /* if ACME is enabled and the file does not exists, and no key was previously loaded generate the key */
if (s->conf.acme.id && if (s->conf.acme.id &&
(stat(path, &sb) == -1 && errno == ENOENT) && (stat(path, &sb) == -1 && errno == ENOENT) &&
(!s->data->key)) { (!s->data->key)) {
s->data->key = acme_gen_tmp_pkey(); s->data->key = acme_gen_tmp_pkey();
} else { } else
#endif
{
err_code |= ssl_sock_load_key_into_ckch(path, buf, s->data, err); err_code |= ssl_sock_load_key_into_ckch(path, buf, s->data, err);
} }
out: out: