From 3c086872e930e1ba26160091316afd347bcb288a Mon Sep 17 00:00:00 2001
From: Micah Cowan <micah@cowan.name>
Date: Tue, 22 Apr 2008 23:27:21 -0700
Subject: [PATCH] Allow combined cert/key once again.

---
 src/ChangeLog | 6 ++++++
 src/openssl.c | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/src/ChangeLog b/src/ChangeLog
index 5cd5761f..4cb560cc 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2008-04-22  Jim Paris  <jim@jtan.com>
+
+	* openssl.c (ssl_init): Enable combined certificate/key in
+	single file (apparent regression from ~1.9). Resolves issue
+	#22767.
+
 2008-04-22  Steven Schubiger  <schubiger@gmail.com>
 
 	* http.c (print_response_line): Changed to make responses always
diff --git a/src/openssl.c b/src/openssl.c
index c33b4ad6..1f19a6f6 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -210,6 +210,13 @@ ssl_init ()
      than examining the error stack after a failed SSL_connect.  */
   SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, NULL);
 
+  /* Use the private key from the cert file unless otherwise specified. */
+  if (opt.cert_file && !opt.private_key)
+    {
+      opt.private_key = opt.cert_file;
+      opt.private_key_type = opt.cert_type;
+    }
+
   if (opt.cert_file)
     if (SSL_CTX_use_certificate_file (ssl_ctx, opt.cert_file,
                                       key_type_to_ssl_type (opt.cert_type))
-- 
2.39.2