BUG/MINOR: ssl: can't open directories anymore
The commit 6be66ec ("MINOR: ssl: directories are loaded like crt-list")
broke the directory loading of the certificates. The <crtlist> wasn't
filled by the crtlist_load_cert_dir() function. And the entries were
not correctly initialized. Leading to a segfault during startup.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f1b0ba9..6da15b8 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4461,6 +4461,7 @@
}
memcpy(dir->node.key, path, strlen(path) + 1);
dir->entries = EB_ROOT_UNIQUE; /* it's a directory, files are unique */
+ LIST_INIT(&dir->ord_entries);
n = scandir(path, &de_list, 0, alphasort);
if (n < 0) {
@@ -4484,6 +4485,11 @@
goto ignore_entry;
}
+ /* directories don't use ssl_conf and filters */
+ entry->fcount = 0;
+ entry->filters = NULL;
+ entry->ssl_conf = NULL;
+
snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
if (stat(fp, &buf) != 0) {
memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
@@ -4532,9 +4538,8 @@
cfgerr |= ERR_ALERT | ERR_FATAL;
goto end;
}
-
entry->node.key = ckchs;
- entry->ssl_conf = NULL; /* directories don't use ssl_conf */
+ LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
ebpt_insert(&dir->entries, &entry->node);
/* Successfully processed the bundle */
@@ -4553,7 +4558,7 @@
goto end;
}
entry->node.key = ckchs;
- entry->ssl_conf = NULL; /* directories don't use ssl_conf */
+ LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
ebpt_insert(&dir->entries, &entry->node);
ignore_entry:
@@ -4577,8 +4582,9 @@
free(entry);
}
free(dir);
+ } else {
+ *crtlist = dir;
}
-
return cfgerr;
}