From ff4a0f656211499e1098a5bdd03e65034c14c0b9 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Wed, 17 Apr 2024 20:28:36 +0200
Subject: [PATCH] BUG/MINOR: ssl: check on forbidden character on wrong value

The check on the forbidden '/' for the crt-store load keyword was done
on the keyword instead of the value itself.

No backport needed.
---
 src/ssl_ckch.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index fea0b9631..81752e191 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -4086,7 +4086,7 @@ static int crtstore_parse_load(char **args, int section_type, struct proxy *curp
 				if (strcmp("alias", args[cur_arg]) == 0) {
 					int rv;
 
-					if (*args[cur_arg] == '/') {
+					if (*args[cur_arg + 1] == '/') {
 						memprintf(err, "parsing [%s:%d] : cannot parse '%s' value '%s', '/' is forbidden as the first character.\n",
 						          file, linenum, args[cur_arg], args[cur_arg + 1]);
 						err_code |= ERR_ALERT | ERR_FATAL;