Allow combined cert/key once again.

2008-04-22 23:27:21 -07:00 · 2008-04-22 23:27:21 -07:00 · 3c086872e9
parent b2ad06272d
commit 3c086872e9
2 changed files with 13 additions and 0 deletions
--- a/src/ChangeLog
+++ b/src/ChangeLog
@ -1,3 +1,9 @@
+2008-04-22  Jim Paris  <jim@jtan.com>
+
+	* openssl.c (ssl_init): Enable combined certificate/key in
+	single file (apparent regression from ~1.9). Resolves issue
+	#22767.
+
 2008-04-22  Steven Schubiger  <schubiger@gmail.com>

 	* http.c (print_response_line): Changed to make responses always
--- a/src/openssl.c
+++ b/src/openssl.c
@ -210,6 +210,13 @@ ssl_init ()
     than examining the error stack after a failed SSL_connect.  */
  SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL);

+  /* Use the private key from the cert file unless otherwise specified. */
+  if (opt.cert_file && !opt.private_key)
+    {
+      opt.private_key = opt.cert_file;
+      opt.private_key_type = opt.cert_type;
+    }
+
  if (opt.cert_file)
    if (SSL_CTX_use_certificate_file (ssl_ctx, opt.cert_file,
                                      key_type_to_ssl_type (opt.cert_type))