Fix excert logic.
If no keyfile has been specified use the certificate file instead.
Fix typo: we need to check the chain is not NULL, not the chain file.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 786370b1b0)
This commit is contained in:
Dr. Stephen Henson
parent
3881d8106d
commit
764b6a3551
1 changed files with 10 additions and 4 deletions
14
apps/s_cb.c
14
apps/s_cb.c
|
|
@ -1407,9 +1407,15 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
|
|||
if (!exc->cert)
|
||||
return 0;
|
||||
if (exc->keyfile)
|
||||
exc->keyfile = exc->certfile;
|
||||
exc->key = load_key(err, exc->certfile, exc->certform, 0,
|
||||
NULL, NULL, "Server Certificate");
|
||||
{
|
||||
exc->key = load_key(err, exc->keyfile, exc->keyform,
|
||||
0, NULL, NULL, "Server Key");
|
||||
}
|
||||
else
|
||||
{
|
||||
exc->key = load_key(err, exc->certfile, exc->certform,
|
||||
0, NULL, NULL, "Server Key");
|
||||
}
|
||||
if (!exc->key)
|
||||
return 0;
|
||||
if (exc->chainfile)
|
||||
|
|
@ -1418,7 +1424,7 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
|
|||
exc->chainfile, FORMAT_PEM,
|
||||
NULL, NULL,
|
||||
"Server Chain");
|
||||
if (!exc->chainfile)
|
||||
if (!exc->chain)
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue