From 764b6a3551919e3e98b5048891688c4a615291d7 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 17 Nov 2014 16:30:51 +0000 Subject: [PATCH] Fix excert logic. If no keyfile has been specified use the certificate file instead. Fix typo: we need to check the chain is not NULL, not the chain file. Reviewed-by: Matt Caswell (cherry picked from commit 786370b1b09b919d9306f27336e13783e4fe3fd0) --- apps/s_cb.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/apps/s_cb.c b/apps/s_cb.c index cf34e00a4c..e597eb360f 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1407,9 +1407,15 @@ int load_excert(SSL_EXCERT **pexc, BIO *err) if (!exc->cert) return 0; if (exc->keyfile) - exc->keyfile = exc->certfile; - exc->key = load_key(err, exc->certfile, exc->certform, 0, - NULL, NULL, "Server Certificate"); + { + exc->key = load_key(err, exc->keyfile, exc->keyform, + 0, NULL, NULL, "Server Key"); + } + else + { + exc->key = load_key(err, exc->certfile, exc->certform, + 0, NULL, NULL, "Server Key"); + } if (!exc->key) return 0; if (exc->chainfile) @@ -1418,7 +1424,7 @@ int load_excert(SSL_EXCERT **pexc, BIO *err) exc->chainfile, FORMAT_PEM, NULL, NULL, "Server Chain"); - if (!exc->chainfile) + if (!exc->chain) return 0; } } -- 2.25.1