Fix excert logic.

If no keyfile has been specified use the certificate file instead. Fix typo: we need to check the chain is not NULL, not the chain file. Reviewed-by: Matt Caswell <matt@openssl.org>
2014-11-17 16:30:51 +00:00 · 2014-11-17 16:30:51 +00:00 · 786370b1b0
commit 786370b1b0
parent 56e8dc542b
1 changed files with 10 additions and 4 deletions
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@ -1402,9 +1402,15 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
 		if (!exc->cert)
 			return 0;
 		if (exc->keyfile)
-			exc->keyfile = exc->certfile;
-		exc->key = load_key(err, exc->certfile, exc->certform, 0,
-					NULL, NULL, "Server Certificate");
+			{
+			exc->key = load_key(err, exc->keyfile, exc->keyform,
+					    0, NULL, NULL, "Server Key");
+			}
+		else
+			{
+			exc->key = load_key(err, exc->certfile, exc->certform,
+					    0, NULL, NULL, "Server Key");
+			}
 		if (!exc->key)
 			return 0;
 		if (exc->chainfile)
@ -1413,7 +1419,7 @@ int load_excert(SSL_EXCERT **pexc, BIO *err)
 						exc->chainfile, FORMAT_PEM,
 						NULL, NULL,
 						"Server Chain");
-			if (!exc->chainfile)
+			if (!exc->chain)
 				return 0;
 			}
 		}