From 50155e9562232a7d30aa895ae3b3ebb2e1bf2be2 Mon Sep 17 00:00:00 2001
From: jyelon <jyelon@gmail.com>
Date: Tue, 22 Mar 2022 16:55:20 -0400
Subject: [PATCH] Minor change to cert loading

---
 luprex/core/cpp/driver-ssl.cpp | 23 +++++------------------
 1 file changed, 5 insertions(+), 18 deletions(-)

diff --git a/luprex/core/cpp/driver-ssl.cpp b/luprex/core/cpp/driver-ssl.cpp
index 348112b6..55d28581 100644
--- a/luprex/core/cpp/driver-ssl.cpp
+++ b/luprex/core/cpp/driver-ssl.cpp
@@ -165,16 +165,12 @@ static bool contains_privatekey(const char *fn) {
     
 void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
     std::vector<std::string> key_paths;
-    std::vector<std::string> chain_paths;
     std::vector<std::string> cert_paths;
 
     for (const auto & entry : std::filesystem::directory_iterator(dir)) {
         std::string fn = entry.path();
-        int count = count_certificates(fn.c_str());
-        if (count == 1) {
+        if (count_certificates(fn.c_str()) >= 1) {
             cert_paths.push_back(fn);
-        } else if (count > 1) {
-            chain_paths.push_back(fn);
         }
         if (contains_privatekey(fn.c_str())) {
             key_paths.push_back(fn);
@@ -185,16 +181,12 @@ void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
         std::cerr << "Directory contains multiple certs: " << dir << std::endl;
         exit(1);
     }
-    if (chain_paths.size() > 1) {
-        std::cerr << "Directory contains multiple chains: " << dir << std::endl;
-        exit(1);
-    }
     if (key_paths.size() > 1) {
         std::cerr << "Directory contains multiple keys: " << dir << std::endl;
         exit(1);
     }
-    if (cert_paths.empty() && chain_paths.empty()) {
-        std::cerr << "Directory doesn't contain a certificate: " << dir << std::endl;
+    if (cert_paths.empty()) {
+        std::cerr << "Directory doesn't contain a cert: " << dir << std::endl;
         exit(1);
     }
     if (key_paths.empty()) {
@@ -205,13 +197,8 @@ void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
     int status;
     status = SSL_CTX_use_PrivateKey_file(ctx, key_paths[0].c_str(), SSL_FILETYPE_PEM);
     assert(status == 1);
-    if (chain_paths.empty()) {
-        status = SSL_CTX_use_certificate_file(ctx, cert_paths[0].c_str(), SSL_FILETYPE_PEM);
-        assert(status == 1);
-    } else {
-        status = SSL_CTX_use_certificate_chain_file(ctx, chain_paths[0].c_str());
-        assert(status == 1);
-    }
+    status = SSL_CTX_use_certificate_chain_file(ctx, cert_paths[0].c_str());
+    assert(status == 1);
 }
 
 } // namespace drvssl