fix typo and warning
diff --git a/ssl/ssl.h b/ssl/ssl.h index 3a8957a..5808625 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h
@@ -668,7 +668,7 @@ #define SSL_CERT_FLAG_SUITEB_128_LOS 0x30000 /* Perform all sorts of protocol violations for testing purposes */ -#define SSL_CERT_FLAG_BROKEN_PROTCOL 0x10000000 +#define SSL_CERT_FLAG_BROKEN_PROTOCOL 0x10000000 /* Flags for building certificate chains */ /* Treat any existing certificates as untrusted CAs */
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 20e43a8..5948756 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c
@@ -464,7 +464,7 @@ int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv) { int rv; - const char *arg, *argn; + const char *arg = NULL, *argn; if (pargc && *pargc == 0) return 0; if (!pargc || *pargc > 0)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index d529b85..3fbb489 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -2404,7 +2404,7 @@ /* Broken protocol test: return last used certificate: which may * mismatch the one expected. */ - if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL) + if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) return c->key; #endif @@ -2431,7 +2431,7 @@ /* Broken protocol test: use last key: which may * mismatch the one expected. */ - if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL) + if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) idx = c->key - c->pkeys; else #endif
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 952e9eb..c53eadf 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -690,7 +690,7 @@ EC_KEY *ec = s->cert->ecdh_tmp; #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL /* Allow any curve: not just those peer supports */ - if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL) + if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) return 1; #endif /* If Suite B, AES128 MUST use P-256 and AES256 MUST use P-384, @@ -3436,7 +3436,7 @@ tls1_set_shared_sigalgs(s); #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL - if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL) + if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) { /* Use first set signature preference to force message * digest, ignoring any peer preferences. @@ -3878,7 +3878,7 @@ goto end; #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL /* Allow any certificate to pass test */ - if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTCOL) + if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) { rv = CERT_PKEY_STRICT_FLAGS|CERT_PKEY_EXPLICIT_SIGN|CERT_PKEY_VALID|CERT_PKEY_SIGN; cpk->valid_flags = rv;