BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.

If there was an issue loading a keytype's part of a bundle, the bundle
was implicitly ignored without errors.

This patch should be backported in 1.8 (and perhaps 1.7)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 064d728..a0bea59 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3491,7 +3491,7 @@ int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
                                                }
 
                                                snprintf(fp, sizeof(fp), "%s/%s", path, dp);
-                                               ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
+                                               cfgerr += ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
 
                                                /* Successfully processed the bundle */
                                                goto ignore_entry;