BUG/MINOR: ssl/cli: error when the ca-file is empty "set ssl ca-file" does not return any error when a ca-file is empty or only contains comments. This could be a problem is the file was malformated and did not contain any PEM header. It must be backported as far as 2.5.

commit: ec7eb59d206a2eb58b1d325483d196e8daaf9285 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.org> Thu Aug 18 15:53:02 2022 +0200
committer: William Lallemand <wlallemand@haproxy.org> Fri Aug 19 19:56:53 2022 +0200
tree: 534a0dd2227cebaf676eeb923533563787f14387
parent: 86a53c566935c8f331a694b50a49f918364d0aa2 [diff]
diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 0992240..9827928 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c

@@ -1140,7 +1140,8 @@
 						retval = !X509_STORE_add_crl(ca_e->ca_store, info->crl);
 					}
 				}
-				retval = retval || (i != sk_X509_INFO_num(infos));
+				/* return an error if we didn't compute all the X509_INFO or if there was none */
+				retval = retval ||  (i != sk_X509_INFO_num(infos)) || ( sk_X509_INFO_num(infos) == 0);
 
 				/* Cleanup */
 				sk_X509_INFO_pop_free(infos, X509_INFO_free);
commit	ec7eb59d206a2eb58b1d325483d196e8daaf9285	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.org>	Thu Aug 18 15:53:02 2022 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Fri Aug 19 19:56:53 2022 +0200
tree	534a0dd2227cebaf676eeb923533563787f14387
parent	86a53c566935c8f331a694b50a49f918364d0aa2 [diff]