[packages/pure-ftpd.git] / pure-ftpd-path_to_ssl_cert_in_config.patch

diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in
--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in	2004-02-29 12:17:00.000000000 +0100
+++ pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in	2004-08-17 02:00:46.000000000 +0200
@@ -57,6 +57,7 @@
 	TrustedIP		=> "-V",
 	AltLog			=> "-O",
 	PIDFile			=> "-g",
+	SSLCertFile		=> "-7",
 );
 
 my %numeric_switch_for = (
diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in
--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in	2004-02-29 12:17:14.000000000 +0100
+++ pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in	2004-08-17 02:00:46.000000000 +0200
@@ -55,6 +55,7 @@
 option_tuple = (
     ["IPV4Only[\s]+yes",                   "-4"                  ],
     ["IPV6Only[\s]+yes",                   "-6"                  ],    
+    ["SSLCertFile\s+(\S+)",                "-7", None            ],
     ["ChrootEveryone[\s]+yes",             "-A"                  ],
     ["TrustedGID[\s]+([\d]+)",             "-a", None            ],
     ["BrokenClientsCompatibility[\s]+yes", "-b"                  ],
diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in
--- pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in	2004-08-17 02:01:13.000000000 +0200
+++ pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in	2004-08-17 02:00:46.000000000 +0200
@@ -420,7 +420,8 @@
 # 3) Only compatible clients will log in.
 
 # TLS                      1
-
+# SSLCertFile	/etc/ssl/private/pure-ftpd.pem 
+#		or /var/lib/openssl/certs/ftpd.pem (current location in PLD)
 
 
 # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
diff -Nur pure-ftpd-1.0.20.bef/configure.ac pure-ftpd-1.0.20.new/configure.ac
--- pure-ftpd-1.0.20.bef/configure.ac	2004-06-20 19:41:27.000000000 +0200
+++ pure-ftpd-1.0.20.new/configure.ac	2004-08-17 02:00:46.000000000 +0200
@@ -1226,17 +1226,6 @@
   AC_DEFINE(WITH_TLS,,[Enable TLS])
 fi
 
-AC_ARG_WITH(certfile,
-[AS_HELP_STRING(--with-certfile=,certificate file (default: /etc/ssl/private/pure-ftpd.pem))],
-[ if test "x$withval" != "x" ; then
-    certfile="$withval"
-    AC_SUBST(certfile)
-    CPPFLAGS="$CPPFLAGS -DTLS_CERTIFICATE_FILE='\"$certfile\"'"
-    if test -e "$certfile"; then
-      AC_MSG_WARN(No certificate is installed in $certfile yet)
-    fi
-  fi ])
-  
 AC_ARG_WITH(rendezvous,
 [AS_HELP_STRING(--with-rendezvous,Enable Rendezvous support on MacOS X (experimental))],
 [ if test "x$withval" = "xyes" ; then
diff -Nur pure-ftpd-1.0.20.bef/man/pure-ftpd.8 pure-ftpd-1.0.20.new/man/pure-ftpd.8
--- pure-ftpd-1.0.20.bef/man/pure-ftpd.8	2004-02-29 21:10:06.000000000 +0100
+++ pure-ftpd-1.0.20.new/man/pure-ftpd.8	2004-08-17 02:00:46.000000000 +0200
@@ -9,7 +9,7 @@
 pure\-ftpd \- simple File Transfer Protocol server
 
 .SH "SYNOPSIS"
-.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
+.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-7 certificate file] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
 
 .br
 Alternative style :
@@ -22,6 +22,8 @@
 .br
 \-6 \-\-ipv6only
 .br
+\-7 \-\-sslcertfile
+.br
 \-a \-\-trustedgid
 .br
 \-A \-\-chrooteveryone
@@ -157,6 +159,9 @@
 .B \-6
 Listen only to IPv6 connections.
 .TP
+.B \-7 file
+Path to SSL certificate file.
+.TP
 .B \-a gid
 Regular users will be chrooted to their home directories, unless
 they belong to the specified gid. Note that root is always trusted,
diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.c pure-ftpd-1.0.20.new/src/ftpd.c
--- pure-ftpd-1.0.20.bef/src/ftpd.c	2004-07-17 15:28:22.000000000 +0200
+++ pure-ftpd-1.0.20.new/src/ftpd.c	2004-08-17 02:46:00.000000000 +0200
@@ -5097,8 +5097,15 @@
                 enforce_tls_auth > 2) {
                 die(421, LOG_ERR, MSG_CONF_ERR ": TLS");
             }
+	    if ((tlscert_file = strdup("")) == NULL)
+                die_mem();
             break;
-        }            
+        }
+	case '7': {
+	    if ((tlscert_file = strdup(optarg)) == NULL)
+                die_mem();
+	    break;
+        }
 #endif
         case 'e': {
             anon_only = 1;
diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.h pure-ftpd-1.0.20.new/src/ftpd.h
--- pure-ftpd-1.0.20.bef/src/ftpd.h	2004-03-02 20:08:59.000000000 +0100
+++ pure-ftpd-1.0.20.new/src/ftpd.h	2004-08-17 02:00:46.000000000 +0200
@@ -396,12 +396,6 @@
 # define VHOST_PATH CONFDIR "/pure-ftpd"
 #endif
 
-#ifdef WITH_TLS
-# ifndef TLS_CERTIFICATE_FILE
-#  define TLS_CERTIFICATE_FILE "/etc/ssl/private/pure-ftpd.pem"
-# endif
-#endif
-
 #define FAKE_SHELL "ftp"
 
 #ifndef PID_FILE
diff -Nur pure-ftpd-1.0.20.bef/src/ftpd_p.h pure-ftpd-1.0.20.new/src/ftpd_p.h
--- pure-ftpd-1.0.20.bef/src/ftpd_p.h	2004-02-29 22:49:28.000000000 +0100
+++ pure-ftpd-1.0.20.new/src/ftpd_p.h	2004-08-17 02:00:46.000000000 +0200
@@ -101,6 +101,7 @@
 #endif
 #ifdef WITH_TLS
     "Y:"
+    "7:"
 #endif    
     "zZ";
 
@@ -180,6 +181,7 @@
 # endif
 # ifdef WITH_TLS
     { "tls", 1, NULL, 'Y' },
+    { "sslcertfile", 1, NULL, '7'},
 # endif
     { "allowdotfiles", 0, NULL, 'z' },
     { "customerproof", 0, NULL, 'Z' },
diff -Nur pure-ftpd-1.0.20.bef/src/globals.h pure-ftpd-1.0.20.new/src/globals.h
--- pure-ftpd-1.0.20.bef/src/globals.h	2004-02-29 22:49:28.000000000 +0100
+++ pure-ftpd-1.0.20.new/src/globals.h	2004-08-17 02:00:46.000000000 +0200
@@ -167,6 +167,7 @@
 
 #ifdef WITH_TLS
 GLOBAL0(signed char enforce_tls_auth);
+GLOBAL0(char *tlscert_file);
 #endif
 
 GLOBAL0(char *atomic_prefix);
diff -Nur pure-ftpd-1.0.20.bef/src/tls.c pure-ftpd-1.0.20.new/src/tls.c
--- pure-ftpd-1.0.20.bef/src/tls.c	2004-02-29 22:49:27.000000000 +0100
+++ pure-ftpd-1.0.20.new/src/tls.c	2004-08-17 02:00:46.000000000 +0200
@@ -9,11 +9,12 @@
 # include "tls.h"
 # include "ftpwho-update.h"
 # include "messages.h"
+# include "globals.h"
 
 static void tls_error(void) 
 {
     logfile(LOG_ERR, "SSL/TLS [%s]: %s", 
-            TLS_CERTIFICATE_FILE,
+            tlscert_file,
             ERR_error_string(ERR_get_error(), NULL));
     _EXIT(EXIT_FAILURE);
 }
@@ -23,7 +24,7 @@
     DH *dh;
     BIO *bio;
 
-    if ((bio = BIO_new_file(TLS_CERTIFICATE_FILE, "r")) == NULL) {
+    if ((bio = BIO_new_file(tlscert_file, "r")) == NULL) {
         return -1;
     }
     if ((dh = PEM_read_bio_DHparams(bio, NULL, NULL
@@ -65,11 +66,11 @@
     tls_init_cache();
     SSL_CTX_set_options(tls_ctx, SSL_OP_ALL);    
     if (SSL_CTX_use_certificate_chain_file
-        (tls_ctx, TLS_CERTIFICATE_FILE) != 1) {
+        (tls_ctx, tlscert_file) != 1) {
         die(421, LOG_ERR,
-            MSG_FILE_DOESNT_EXIST ": [%s]", TLS_CERTIFICATE_FILE);
+            MSG_FILE_DOESNT_EXIST ": [%s]", tlscert_file);
     }
-    if (SSL_CTX_use_PrivateKey_file(tls_ctx, TLS_CERTIFICATE_FILE,
+    if (SSL_CTX_use_PrivateKey_file(tls_ctx, tlscert_file,
                                     SSL_FILETYPE_PEM) != 1) {
         tls_error();
     }
Commit	Line	Data
7797313a	1	diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in
	2	--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.pl.in 2004-02-29 12:17:00.000000000 +0100
	3	+++ pure-ftpd-1.0.20.new/configuration-file/pure-config.pl.in 2004-08-17 02:00:46.000000000 +0200
fe6666d1	4	@@ -57,6 +57,7 @@
6eed5aa7	5	TrustedIP => "-V",
	6	AltLog => "-O",
	7	PIDFile => "-g",
	8	+ SSLCertFile => "-7",
	9	);
	10
	11	my %numeric_switch_for = (
7797313a	12	diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in
	13	--- pure-ftpd-1.0.20.bef/configuration-file/pure-config.py.in 2004-02-29 12:17:14.000000000 +0100
	14	+++ pure-ftpd-1.0.20.new/configuration-file/pure-config.py.in 2004-08-17 02:00:46.000000000 +0200
fe6666d1	15	@@ -55,6 +55,7 @@
	16	option_tuple = (
	17	["IPV4Only[\s]+yes", "-4" ],
	18	["IPV6Only[\s]+yes", "-6" ],
	19	+ ["SSLCertFile\s+(\S+)", "-7", None ],
	20	["ChrootEveryone[\s]+yes", "-A" ],
	21	["TrustedGID[\s]+([\d]+)", "-a", None ],
	22	["BrokenClientsCompatibility[\s]+yes", "-b" ],
7797313a	23	diff -Nur pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in
	24	--- pure-ftpd-1.0.20.bef/configuration-file/pure-ftpd.conf.in 2004-08-17 02:01:13.000000000 +0200
	25	+++ pure-ftpd-1.0.20.new/configuration-file/pure-ftpd.conf.in 2004-08-17 02:00:46.000000000 +0200
6eed5aa7	26	@@ -420,7 +420,8 @@
	27	# 3) Only compatible clients will log in.
	28
	29	# TLS 1
	30	-
	31	+# SSLCertFile /etc/ssl/private/pure-ftpd.pem
	32	+# or /var/lib/openssl/certs/ftpd.pem (current location in PLD)
	33
	34
	35	# Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
7797313a	36	diff -Nur pure-ftpd-1.0.20.bef/configure.ac pure-ftpd-1.0.20.new/configure.ac
	37	--- pure-ftpd-1.0.20.bef/configure.ac 2004-06-20 19:41:27.000000000 +0200
	38	+++ pure-ftpd-1.0.20.new/configure.ac 2004-08-17 02:00:46.000000000 +0200
6eed5aa7	39	@@ -1226,17 +1226,6 @@
	40	AC_DEFINE(WITH_TLS,,[Enable TLS])
	41	fi
	42
	43	-AC_ARG_WITH(certfile,
	44	-[AS_HELP_STRING(--with-certfile=,certificate file (default: /etc/ssl/private/pure-ftpd.pem))],
	45	-[ if test "x$withval" != "x" ; then
	46	- certfile="$withval"
	47	- AC_SUBST(certfile)
	48	- CPPFLAGS="$CPPFLAGS -DTLS_CERTIFICATE_FILE='\"$certfile\"'"
	49	- if test -e "$certfile"; then
	50	- AC_MSG_WARN(No certificate is installed in $certfile yet)
	51	- fi
	52	- fi ])
	53	-
	54	AC_ARG_WITH(rendezvous,
	55	[AS_HELP_STRING(--with-rendezvous,Enable Rendezvous support on MacOS X (experimental))],
	56	[ if test "x$withval" = "xyes" ; then
7797313a	57	diff -Nur pure-ftpd-1.0.20.bef/man/pure-ftpd.8 pure-ftpd-1.0.20.new/man/pure-ftpd.8
	58	--- pure-ftpd-1.0.20.bef/man/pure-ftpd.8 2004-02-29 21:10:06.000000000 +0100
	59	+++ pure-ftpd-1.0.20.new/man/pure-ftpd.8 2004-08-17 02:00:46.000000000 +0200
fe6666d1	60	@@ -9,7 +9,7 @@
	61	pure\-ftpd \- simple File Transfer Protocol server
	62
	63	.SH "SYNOPSIS"
	64	-.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
	65	+.B pure\-ftpd [\-0] [\-1] [\-4] [\-6] [\-7 certificate file] [\-a gid] [\-A] [\-b] [\-B] [\-c clients] [\-C cnx/ip] [\-d [\-d]] [\-D] [\-e] [\-E] [\-f facility] [\-F fortunes file] [\-g pidfile] [\-G] [\-H] [\-i] [\-I] [\-j] [\-k percentage] [\-K] [\-l authentication[:config file]] [\-L max files:max depth] [\-m maxload] [\-M] [\-n maxfiles:maxsize] [\-N] [\-o] [\-O format:log file] [\-p first:last] [\-P ip address or host name] [\-q upload:download ratio] [\-Q upload:download ratio] [\-r] [\-R] [\-s] [\-S [address,][port]] [\-t upload bandwidth:download bandwidth] [\-T upload bandwidth:download bandwidth] [\-u uid] [\-U umask files:umask dirs] [\-v rendezvous name] [\-V ip address] [\-w] [\-W] [\-x] [\-X] [\-y max user sessions:max anon sessions] [\-Y tls behavior] [\-z] [\-Z]
	66
	67	.br
	68	Alternative style :
	69	@@ -22,6 +22,8 @@
	70	.br
	71	\-6 \-\-ipv6only
	72	.br
	73	+\-7 \-\-sslcertfile
	74	+.br
	75	\-a \-\-trustedgid
	76	.br
	77	\-A \-\-chrooteveryone
	78	@@ -157,6 +159,9 @@
	79	.B \-6
	80	Listen only to IPv6 connections.
	81	.TP
	82	+.B \-7 file
	83	+Path to SSL certificate file.
	84	+.TP
	85	.B \-a gid
	86	Regular users will be chrooted to their home directories, unless
	87	they belong to the specified gid. Note that root is always trusted,
7797313a	88	diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.c pure-ftpd-1.0.20.new/src/ftpd.c
	89	--- pure-ftpd-1.0.20.bef/src/ftpd.c 2004-07-17 15:28:22.000000000 +0200
	90	+++ pure-ftpd-1.0.20.new/src/ftpd.c 2004-08-17 02:46:00.000000000 +0200
	91	@@ -5097,8 +5097,15 @@
	92	enforce_tls_auth > 2) {
6eed5aa7	93	die(421, LOG_ERR, MSG_CONF_ERR ": TLS");
6eed5aa7	94	}
7797313a	95	+ if ((tlscert_file = strdup("")) == NULL)
7797313a	96	+ die_mem();
6eed5aa7	97	break;
	98	- }
	99	+ }
	100	+ case '7': {
7797313a	101	+ if ((tlscert_file = strdup(optarg)) == NULL)
7797313a	102	+ die_mem();
6eed5aa7	103	+ break;
	104	+ }
	105	#endif
	106	case 'e': {
	107	anon_only = 1;
7797313a	108	diff -Nur pure-ftpd-1.0.20.bef/src/ftpd.h pure-ftpd-1.0.20.new/src/ftpd.h
	109	--- pure-ftpd-1.0.20.bef/src/ftpd.h 2004-03-02 20:08:59.000000000 +0100
	110	+++ pure-ftpd-1.0.20.new/src/ftpd.h 2004-08-17 02:00:46.000000000 +0200
fe6666d1	111	@@ -396,12 +396,6 @@
	112	# define VHOST_PATH CONFDIR "/pure-ftpd"
	113	#endif
	114
	115	-#ifdef WITH_TLS
	116	-# ifndef TLS_CERTIFICATE_FILE
	117	-# define TLS_CERTIFICATE_FILE "/etc/ssl/private/pure-ftpd.pem"
	118	-# endif
	119	-#endif
	120	-
	121	#define FAKE_SHELL "ftp"
	122
	123	#ifndef PID_FILE
7797313a	124	diff -Nur pure-ftpd-1.0.20.bef/src/ftpd_p.h pure-ftpd-1.0.20.new/src/ftpd_p.h
	125	--- pure-ftpd-1.0.20.bef/src/ftpd_p.h 2004-02-29 22:49:28.000000000 +0100
	126	+++ pure-ftpd-1.0.20.new/src/ftpd_p.h 2004-08-17 02:00:46.000000000 +0200
6eed5aa7	127	@@ -101,6 +101,7 @@
	128	#endif
	129	#ifdef WITH_TLS
	130	"Y:"
	131	+ "7:"
	132	#endif
	133	"zZ";
	134
	135	@@ -180,6 +181,7 @@
	136	# endif
	137	# ifdef WITH_TLS
	138	{ "tls", 1, NULL, 'Y' },
	139	+ { "sslcertfile", 1, NULL, '7'},
	140	# endif
	141	{ "allowdotfiles", 0, NULL, 'z' },
	142	{ "customerproof", 0, NULL, 'Z' },
7797313a	143	diff -Nur pure-ftpd-1.0.20.bef/src/globals.h pure-ftpd-1.0.20.new/src/globals.h
	144	--- pure-ftpd-1.0.20.bef/src/globals.h 2004-02-29 22:49:28.000000000 +0100
	145	+++ pure-ftpd-1.0.20.new/src/globals.h 2004-08-17 02:00:46.000000000 +0200
6eed5aa7	146	@@ -167,6 +167,7 @@
	147
	148	#ifdef WITH_TLS
	149	GLOBAL0(signed char enforce_tls_auth);
	150	+GLOBAL0(char *tlscert_file);
	151	#endif
	152
	153	GLOBAL0(char *atomic_prefix);
7797313a	154	diff -Nur pure-ftpd-1.0.20.bef/src/tls.c pure-ftpd-1.0.20.new/src/tls.c
	155	--- pure-ftpd-1.0.20.bef/src/tls.c 2004-02-29 22:49:27.000000000 +0100
	156	+++ pure-ftpd-1.0.20.new/src/tls.c 2004-08-17 02:00:46.000000000 +0200
6eed5aa7	157	@@ -9,11 +9,12 @@
	158	# include "tls.h"
	159	# include "ftpwho-update.h"
	160	# include "messages.h"
	161	+# include "globals.h"
	162
	163	static void tls_error(void)
	164	{
	165	logfile(LOG_ERR, "SSL/TLS [%s]: %s",
	166	- TLS_CERTIFICATE_FILE,
	167	+ tlscert_file,
	168	ERR_error_string(ERR_get_error(), NULL));
	169	_EXIT(EXIT_FAILURE);
	170	}
	171	@@ -23,7 +24,7 @@
	172	DH *dh;
	173	BIO *bio;
	174
	175	- if ((bio = BIO_new_file(TLS_CERTIFICATE_FILE, "r")) == NULL) {
	176	+ if ((bio = BIO_new_file(tlscert_file, "r")) == NULL) {
	177	return -1;
	178	}
	179	if ((dh = PEM_read_bio_DHparams(bio, NULL, NULL
	180	@@ -65,11 +66,11 @@
	181	tls_init_cache();
	182	SSL_CTX_set_options(tls_ctx, SSL_OP_ALL);
	183	if (SSL_CTX_use_certificate_chain_file
	184	- (tls_ctx, TLS_CERTIFICATE_FILE) != 1) {
	185	+ (tls_ctx, tlscert_file) != 1) {
	186	die(421, LOG_ERR,
	187	- MSG_FILE_DOESNT_EXIST ": [%s]", TLS_CERTIFICATE_FILE);
	188	+ MSG_FILE_DOESNT_EXIST ": [%s]", tlscert_file);
	189	}
	190	- if (SSL_CTX_use_PrivateKey_file(tls_ctx, TLS_CERTIFICATE_FILE,
	191	+ if (SSL_CTX_use_PrivateKey_file(tls_ctx, tlscert_file,
	192	SSL_FILETYPE_PEM) != 1) {
	193	tls_error();
	194	}