upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-06-09 00:32:33 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

MINOR: ssl: checks the consistency of a private key with the corresponding certificate

Browse source
This commit is contained in:
Emeric Brun 2012-10-26 13:35:33 +02:00 committed by Willy Tarreau
parent a7aa309c44
commit 61694ab373
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/ssl_sock.c
View file

@ -391,6 +391,13 @@ static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf
SSL_CTX_free(ctx);
return 1;
}
if (SSL_CTX_check_private_key(ctx) <= 0) {
memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
err && *err ? *err : "", path);
return 1;
}
/* we must not free the SSL_CTX anymore below, since it's already in
* the tree, so it will be discovered and cleaned in time.
*/