1 files changed, 11 insertions, 3 deletions

diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c
index 7a0d6d8adf..e3e90aaa00 100644
--- a/src/lib/libtls/tls_config.c
+++ b/src/lib/libtls/tls_config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_config.c,v 1.61 2020/12/22 13:07:54 bcook Exp $ */
+/* $OpenBSD: tls_config.c,v 1.62 2021/01/21 19:09:10 eric Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -353,7 +353,8 @@ tls_config_add_keypair_file_internal(struct tls_config *config,
                 return (-1);
         if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0)
                 goto err;
-        if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
+        if (key_file != NULL &&
+            tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
                 goto err;
         if (ocsp_file != NULL &&
             tls_keypair_set_ocsp_staple_file(keypair, &config->error,
@@ -380,7 +381,8 @@ tls_config_add_keypair_mem_internal(struct tls_config *config, const uint8_t *ce
                 return (-1);
         if (tls_keypair_set_cert_mem(keypair, &config->error, cert, cert_len) != 0)
                 goto err;
-        if (tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0)
+        if (key != NULL &&
+            tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0)
                 goto err;
         if (staple != NULL &&
             tls_keypair_set_ocsp_staple_mem(keypair, &config->error, staple,
@@ -805,6 +807,12 @@ tls_config_skip_private_key_check(struct tls_config *config)
         config->skip_private_key_check = 1;
 }
 
+void
+tls_config_use_fake_private_key(struct tls_config *config)
+{
+        config->use_fake_private_key = 1;
+}
+
 int
 tls_config_set_ocsp_staple_file(struct tls_config *config, const char *staple_file)
 {