From 3c086872e930e1ba26160091316afd347bcb288a Mon Sep 17 00:00:00 2001 From: Micah Cowan Date: Tue, 22 Apr 2008 23:27:21 -0700 Subject: [PATCH] Allow combined cert/key once again. --- src/ChangeLog | 6 ++++++ src/openssl.c | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/src/ChangeLog b/src/ChangeLog index 5cd5761f..4cb560cc 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,9 @@ +2008-04-22 Jim Paris + + * openssl.c (ssl_init): Enable combined certificate/key in + single file (apparent regression from ~1.9). Resolves issue + #22767. + 2008-04-22 Steven Schubiger * http.c (print_response_line): Changed to make responses always diff --git a/src/openssl.c b/src/openssl.c index c33b4ad6..1f19a6f6 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -210,6 +210,13 @@ ssl_init () than examining the error stack after a failed SSL_connect. */ SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL); + /* Use the private key from the cert file unless otherwise specified. */ + if (opt.cert_file && !opt.private_key) + { + opt.private_key = opt.cert_file; + opt.private_key_type = opt.cert_type; + } + if (opt.cert_file) if (SSL_CTX_use_certificate_file (ssl_ctx, opt.cert_file, key_type_to_ssl_type (opt.cert_type))