From e1e6fbb3fd6367a25b6db670a8376f008928731d Mon Sep 17 00:00:00 2001
From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Tue, 3 Oct 2023 15:05:56 +0200
Subject: [PATCH] DEV: sslkeylogger: handle file opening error

Prevent a Lua error if output file cannot be opened when logging SSL
keys. Report a warning instead with the error description.
---
 dev/sslkeylogger/sslkeylogger.lua | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/dev/sslkeylogger/sslkeylogger.lua b/dev/sslkeylogger/sslkeylogger.lua
index 432fe6528..e67bf77da 100644
--- a/dev/sslkeylogger/sslkeylogger.lua
+++ b/dev/sslkeylogger/sslkeylogger.lua
@@ -28,14 +28,18 @@ local function sslkeylog(txn, filename)
 
 	-- ensure that a key is written only once by using a session variable
 	if not txn:get_var('sess.sslkeylogdone') then
-		file = io.open(filename, 'a')
-		for fieldname, fetch in pairs(fields) do
-			if fetch() then
-				file:write(string.format('%s %s %s\n', fieldname, client_random, fetch()))
+		local file, err = io.open(filename, 'a')
+		if file then
+			for fieldname, fetch in pairs(fields) do
+				if fetch() then
+					file:write(string.format('%s %s %s\n', fieldname, client_random, fetch()))
+				end
 			end
+			file:close()
+		else
+			core.Warning("Cannot open SSL log file: " .. err .. ".")
 		end
 
-		file:close()
 		txn:set_var('sess.sslkeylogdone', true)
 	end
 end