]> git.kaiwu.me - haproxy.git/commit
BUG/MINOR: ssl: don't print NULL errmsg in ssl_sock_prepare_all_ctx() 20260702-fips
authorWilliam Lallemand <wlallemand@haproxy.com>
Thu, 2 Jul 2026 15:00:57 +0000 (15:00 +0000)
committerWilliam Lallemand <wlallemand@haproxy.com>
Thu, 2 Jul 2026 15:51:59 +0000 (15:51 +0000)
commit3b25bf08a535929b29a1869cca261c099105e1ba
tree83d92ca37612d0f48f7193592a5dc6cac6797f75
parent8dcd9bff5a65c12e2cd081ac781bdf1147a4e2b4
BUG/MINOR: ssl: don't print NULL errmsg in ssl_sock_prepare_all_ctx()

When ssl_sock_prepare_all_ctx() encounters a non-zero errcode but errmsg
was never populated (because the underlying check already reported the
error directly via ha_alert()), the final ha_alert("%s", errmsg) call
emits a spurious "(null)" alert to the log.

Guard the ha_warning/ha_alert calls with a NULL check on errmsg.

This should be backported to all maintained branches.
src/ssl_sock.c