Fix excert logic.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 17 Nov 2014 16:30:51 +0000 (16:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 19 Nov 2014 22:50:00 +0000 (22:50 +0000)
If no keyfile has been specified use the certificate file instead.

Fix typo: we need to check the chain is not NULL, not the chain file.
Reviewed-by: Matt Caswell <matt@openssl.org>
apps/s_cb.c

index ed877af..c6c721e 100644 (file)
@@ -1402,9 +1402,15 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
                if (!exc->cert)
                        return 0;
                if (exc->keyfile)
-                       exc->keyfile = exc->certfile;
-               exc->key = load_key(err, exc->certfile, exc->certform, 0,
-                                       NULL, NULL, "Server Certificate");
+                       {
+                       exc->key = load_key(err, exc->keyfile, exc->keyform,
+                                           0, NULL, NULL, "Server Key");
+                       }
+               else
+                       {
+                       exc->key = load_key(err, exc->certfile, exc->certform,
+                                           0, NULL, NULL, "Server Key");
+                       }
                if (!exc->key)
                        return 0;
                if (exc->chainfile)
@@ -1413,7 +1419,7 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
                                                exc->chainfile, FORMAT_PEM,
                                                NULL, NULL,
                                                "Server Chain");
-                       if (!exc->chainfile)
+                       if (!exc->chain)
                                return 0;
                        }
                }