MINOR: ssl: improve the errors when a crt can't be open

Issue #574 reported an unclear error when trying to open a file with not
enough permission.

  [ALERT] 096/032117 (835) : parsing [/etc/haproxy/haproxy.cfg:54] : 'bind :443' : error encountered while processing 'crt'.
  [ALERT] 096/032117 (835) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
  [ALERT] 096/032117 (835) : Fatal errors found in configuration.

Improve the error to give us more information:

  [ALERT] 097/142030 (240089) : parsing [test.cfg:22] : 'bind :443' : cannot open the file 'kikyo.pem.rsa'.
  [ALERT] 097/142030 (240089) : Error(s) found in configuration file : test.cfg
  [ALERT] 097/142030 (240089) : Fatal errors found in configuration.

This patch could be backported in 2.1.

(cherry picked from commit 7fd01b36257ffa9fe76930ccfe8a34ad40911fef)
Signed-off-by: William Lallemand <wlallemand@haproxy.org>

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 78ee777..dde326d 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3132,11 +3132,16 @@ static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_
        } else {
                /* reading from a file */
                in = BIO_new(BIO_s_file());
-               if (in == NULL)
+               if (in == NULL) {
+                       memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
                        goto end;
+               }
 
-               if (BIO_read_filename(in, path) <= 0)
+               if (BIO_read_filename(in, path) <= 0) {
+                       memprintf(err, "%scannot open the file '%s'.\n",
+                                 err && *err ? *err : "", path);
                        goto end;
+               }
        }
 
        /* Read Private Key */