From 47f2f45c377bc7e061a8c81e76ff76c6a3dd1904 Mon Sep 17 00:00:00 2001
From: Nick Peng <pymumu@gmail.com>
Date: Thu, 16 Mar 2023 18:56:30 +0800
Subject: [PATCH] dns-server:  fix bind-tls issue

---
 src/dns_server.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/dns_server.c b/src/dns_server.c
index 3a2db76..7e19d7e 100644
--- a/src/dns_server.c
+++ b/src/dns_server.c
@@ -3328,7 +3328,7 @@ static int dns_server_dualstack_callback(const char *domain, dns_rtcode_t rtcode
 										 unsigned int ping_time, void *user_ptr)
 {
 	struct dns_request *request = (struct dns_request *)user_ptr;
-	tlog(TLOG_DEBUG, "dualstack result: domain: %s, ip: %s, type: %d, ping: %d", domain, ip, addr_type, ping_time);
+	tlog(TLOG_DEBUG, "dualstack result: domain: %s, ip: %s, type: %d, ping: %d, rcode: %d", domain, ip, addr_type, ping_time, rtcode);
 	if (request == NULL) {
 		return -1;
 	}
@@ -6658,7 +6658,7 @@ static int _dns_server_socket_tls(struct dns_bind_ip *bind_ip, DNS_CONN_TYPE con
 	SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, bind_ip);
 
 	/* Set the key and cert */
-	if (ssl_cert_file[0] != '\0' && SSL_CTX_use_certificate_file(ssl_ctx, ssl_cert_file, SSL_FILETYPE_PEM) <= 0) {
+	if (ssl_cert_file[0] != '\0' && SSL_CTX_use_certificate_chain_file(ssl_ctx, ssl_cert_file) <= 0) {
 		tlog(TLOG_ERROR, "load cert %s failed, %s", ssl_cert_file, ERR_error_string(ERR_get_error(), NULL));
 		goto errout;
 	}