From 3b9a3853058daf871a312081658e572ff135dcc2 Mon Sep 17 00:00:00 2001
From: Nils Maier <maierman@web.de>
Date: Mon, 30 Sep 2013 16:11:38 +0200
Subject: [PATCH] AppleTLS: Enable --certificate

Tested against self-signed CA with nginx
---
 src/AppleTLSSession.cc      | 10 +++++-----
 src/MultiUrlRequestInfo.cc  |  3 +--
 src/OptionHandlerFactory.cc | 13 +++++++++++--
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/src/AppleTLSSession.cc b/src/AppleTLSSession.cc
index 57ec005b..4aeeb5f2 100644
--- a/src/AppleTLSSession.cc
+++ b/src/AppleTLSSession.cc
@@ -333,13 +333,13 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
   }
 #endif
 
-  if (ctx->getSide() != TLS_SERVER) {
-    // Done with client-only initialization
-    return;
-  }
-
   SecIdentityRef creds = ctx->getCredentials();
   if (!creds) {
+    if (ctx->getSide() != TLS_SERVER) {
+      // Done with client-only initialization
+      return;
+    }
+
     A2_LOG_ERROR("AppleTLS: No credentials");
     state_ = st_error;
     return;
diff --git a/src/MultiUrlRequestInfo.cc b/src/MultiUrlRequestInfo.cc
index 395ea692..0c9f6b2c 100644
--- a/src/MultiUrlRequestInfo.cc
+++ b/src/MultiUrlRequestInfo.cc
@@ -245,8 +245,7 @@ int MultiUrlRequestInfo::prepare()
 
 #ifdef ENABLE_SSL
     std::shared_ptr<TLSContext> clTlsContext(TLSContext::make(TLS_CLIENT));
-    if(!option_->blank(PREF_CERTIFICATE) &&
-       !option_->blank(PREF_PRIVATE_KEY)) {
+    if(!option_->blank(PREF_CERTIFICATE)) {
       clTlsContext->addCredentialFile(option_->get(PREF_CERTIFICATE),
                                       option_->get(PREF_PRIVATE_KEY));
     }
diff --git a/src/OptionHandlerFactory.cc b/src/OptionHandlerFactory.cc
index eba55c70..304de9e0 100644
--- a/src/OptionHandlerFactory.cc
+++ b/src/OptionHandlerFactory.cc
@@ -1155,11 +1155,20 @@ std::vector<OptionHandler*> OptionHandlerFactory::createOptionHandlers()
     handlers.push_back(op);
   }
   {
-    OptionHandler* op(new DefaultOptionHandler
+    OptionHandler* op(
+#ifdef HAVE_APPLETLS
+                      new DefaultOptionHandler
+                      (PREF_CERTIFICATE,
+                       TEXT_CERTIFICATE,
+                       NO_DEFAULT_VALUE)
+#else // HAVE_APPLETLS
+                      new LocalFilePathOptionHandler
                       (PREF_CERTIFICATE,
                        TEXT_CERTIFICATE,
                        NO_DEFAULT_VALUE,
-                       PATH_TO_FILE));
+                       false)
+#endif // HAVE_APPLETLS
+        );
     op->addTag(TAG_HTTP);
     op->addTag(TAG_HTTPS);
     handlers.push_back(op);