mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 07:07:04 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: put ssl_sock_load_ca under SSL_NO_GENERATE_CERTIFICATES

Browse Source 
ssl_sock_load_ca and ssl_sock_free_ca definitions are compiled only, if
SSL_NO_GENERATE_CERTIFICATES is not set. In case, when we set this define and
build haproxy, linker throws an error. So, let's fix this.

This should be backported in all stable versions.
This commit is contained in:
Valentine Krasnobaeva 2025-01-23 13:46:46 +01:00 committed by William Lallemand
parent 670182bc9e
commit c987f30245
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl_sock.c
View File

@ -4788,8 +4788,10 @@ int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
/* initialize all certificate contexts */
err += ssl_sock_prepare_all_ctx(bind_conf);
#ifndef SSL_NO_GENERATE_CERTIFICATES
/* initialize CA variables if the certificates generation is enabled */
err += ssl_sock_load_ca(bind_conf);
#endif
return -err;
}
@ -4881,7 +4883,9 @@ REGISTER_POST_DEINIT(ssl_sock_deinit);
/* Destroys all the contexts for a bind_conf. This is used during deinit(). */
void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
{
#ifndef SSL_NO_GENERATE_CERTIFICATES
ssl_sock_free_ca(bind_conf);
#endif
ssl_sock_free_all_ctx(bind_conf);
ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);
free(bind_conf->ca_sign_file);