From ddd13d677b0fc62c34d246b3d060c9cb5de04d82 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 19 Nov 2012 02:46:46 +0000
Subject: [PATCH] fix typo and warning

---
 ssl/ssl.h      | 2 +-
 ssl/ssl_conf.c | 2 +-
 ssl/ssl_lib.c  | 4 ++--
 ssl/t1_lib.c   | 6 +++---
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 3a8957a770..58086250e2 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -668,7 +668,7 @@ struct ssl_session_st
 #define SSL_CERT_FLAG_SUITEB_128_LOS		0x30000
 
 /* Perform all sorts of protocol violations for testing purposes */
-#define SSL_CERT_FLAG_BROKEN_PROTCOL		0x10000000
+#define SSL_CERT_FLAG_BROKEN_PROTOCOL		0x10000000
 
 /* Flags for building certificate chains */
 /* Treat any existing certificates as untrusted CAs */
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 20e43a8d9b..5948756883 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -464,7 +464,7 @@ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value)
 int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv)
 	{
 	int rv;
-	const char *arg, *argn;
+	const char *arg = NULL, *argn;
 	if (pargc && *pargc == 0)
 		return 0;
 	if (!pargc || *pargc > 0)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d529b8541f..3fbb489539 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2404,7 +2404,7 @@ CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
 	/* Broken protocol test: return last used certificate: which may
 	 * mismatch the one expected.
 	 */
-	if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+	if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
 		return c->key;
 #endif
 
@@ -2431,7 +2431,7 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
 	/* Broken protocol test: use last key: which may
 	 * mismatch the one expected.
 	 */
-	if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+	if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
 		idx = c->key - c->pkeys;
 	else
 #endif
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 952e9ebe30..c53eadfe30 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -690,7 +690,7 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
 	EC_KEY *ec = s->cert->ecdh_tmp;
 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
 	/* Allow any curve: not just those peer supports */
-	if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+	if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
 		return 1;
 #endif
 	/* If Suite B, AES128 MUST use P-256 and AES256 MUST use P-384,
@@ -3436,7 +3436,7 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
 	tls1_set_shared_sigalgs(s);
 
 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-	if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+	if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
 		{
 		/* Use first set signature preference to force message
 		 * digest, ignoring any peer preferences.
@@ -3878,7 +3878,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
 			goto end;
 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
 		/* Allow any certificate to pass test */
-		if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL)
+		if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
 			{
 			rv = CERT_PKEY_STRICT_FLAGS|CERT_PKEY_EXPLICIT_SIGN|CERT_PKEY_VALID|CERT_PKEY_SIGN;
 			cpk->valid_flags = rv;
-- 
2.34.1