From: William Lallemand Date: Thu, 2 Jul 2026 15:00:57 +0000 (+0000) Subject: BUG/MINOR: ssl: don't print NULL errmsg in ssl_sock_prepare_all_ctx() X-Git-Url: http://git.kaiwu.me/postgresql/log/contrib/postgres_fdw/%7B@url%7D?a=commitdiff_plain;h=refs%2Fheads%2F20260702-fips;p=haproxy.git BUG/MINOR: ssl: don't print NULL errmsg in ssl_sock_prepare_all_ctx() When ssl_sock_prepare_all_ctx() encounters a non-zero errcode but errmsg was never populated (because the underlying check already reported the error directly via ha_alert()), the final ha_alert("%s", errmsg) call emits a spurious "(null)" alert to the log. Guard the ha_warning/ha_alert calls with a NULL check on errmsg. This should be backported to all maintained branches. --- diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 275272a2b..1e34ce969 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -5444,9 +5444,11 @@ int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf) } if (errcode & ERR_WARN) { - ha_warning("%s", errmsg); + if (errmsg) + ha_warning("%s", errmsg); } else if (errcode & ERR_CODE) { - ha_alert("%s", errmsg); + if (errmsg) + ha_alert("%s", errmsg); err++; }