typo: should be OPENSSL_free
[openssl.git] / ssl / ssl_conf.c
index c920af5..65ff021 100644 (file)
@@ -251,13 +251,13 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
             onoff = 0;
             value++;
         }
-        if (!strcasecmp(value, "automatic")) {
+        if (strcasecmp(value, "automatic") == 0) {
             if (onoff == -1)
                 onoff = 1;
         } else if (onoff != -1)
             return 0;
     } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-        if (!strcmp(value, "auto"))
+        if (strcmp(value, "auto") == 0)
             onoff = 1;
     }
 
@@ -344,7 +344,7 @@ static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value)
         c = cctx->ctx->cert;
     }
     if (cctx->ssl) {
-        rv = SSL_use_certificate_file(cctx->ssl, value, SSL_FILETYPE_PEM);
+        rv = SSL_use_certificate_chain_file(cctx->ssl, value);
         c = cctx->ssl->cert;
     }
     if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) {
@@ -433,9 +433,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
     SSL_CONF_CMD_SWITCH("bugs", 0),
     SSL_CONF_CMD_SWITCH("no_comp", 0),
     SSL_CONF_CMD_SWITCH("ecdh_single", SSL_CONF_FLAG_SERVER),
-#ifndef OPENSSL_NO_TLSEXT
     SSL_CONF_CMD_SWITCH("no_ticket", 0),
-#endif
     SSL_CONF_CMD_SWITCH("serverpref", SSL_CONF_FLAG_SERVER),
     SSL_CONF_CMD_SWITCH("legacy_renegotiation", 0),
     SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_SERVER),
@@ -477,9 +475,7 @@ static const ssl_switch_tbl ssl_cmd_switches[] = {
     {SSL_OP_ALL, 0},            /* bugs */
     {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */
     {SSL_OP_SINGLE_ECDH_USE, 0}, /* ecdh_single */
-#ifndef OPENSSL_NO_TLSEXT
     {SSL_OP_NO_TICKET, 0},      /* no_ticket */
-#endif
     {SSL_OP_CIPHER_SERVER_PREFERENCE, 0}, /* serverpref */
     /* legacy_renegotiation */
     {SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, 0},
@@ -546,11 +542,11 @@ static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx,
     for (i = 0, t = ssl_conf_cmds; i < OSSL_NELEM(ssl_conf_cmds); i++, t++) {
         if (ssl_conf_cmd_allowed(cctx, t)) {
             if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-                if (t->str_cmdline && !strcmp(t->str_cmdline, cmd))
+                if (t->str_cmdline && strcmp(t->str_cmdline, cmd) == 0)
                     return t;
             }
             if (cctx->flags & SSL_CONF_FLAG_FILE) {
-                if (t->str_file && !strcasecmp(t->str_file, cmd))
+                if (t->str_file && strcasecmp(t->str_file, cmd) == 0)
                     return t;
             }
         }