OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
28-Sep-2007 19:45:12
Branch: HEAD Handle:
2007092818451100
Modified files:
openssl/ssl t1_lib.c
Log:
Move no status notification to
ssl_check_serverhello_tlsext() to ensure
no status is notified even if no server extensions are
present.
Summary:
Revision Changes Path
1.49 +29 -29 openssl/ssl/t1_lib.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/ssl/t1_lib.c
============================================================
================
$ cvs diff -u -r1.48 -r1.49 t1_lib.c
--- openssl/ssl/t1_lib.c 26 Sep 2007 21:56:59 -0000 1.48
+++ openssl/ssl/t1_lib.c 28 Sep 2007 17:45:11 -0000 1.49
-992,35 +992,6
}
}
- /* If we've requested certificate status and we wont get
one
- * tell the callback
- */
- if ((s->tlsext_status_type != -1) &&
!(s->tlsext_status_expected)
- && s->ctx->tlsext_status_cb)
- {
- int r;
- /* Set resp to NULL, resplen to -1 so callback knows
- * there is no response.
- */
- if (s->tlsext_ocsp_resp)
- {
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = NULL;
- }
- s->tlsext_ocsp_resplen = -1;
- r = s->ctx->tlsext_status_cb(s,
s->ctx->tlsext_status_arg);
- if (r == 0)
- {
- *al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
- return 0;
- }
- if (r < 0)
- {
- *al = SSL_AD_INTERNAL_ERROR;
- return 0;
- }
- }
-
*p = data;
return 1;
}
-1340,6 +1311,35
}
#endif
+ /* If we've requested certificate status and we wont get
one
+ * tell the callback
+ */
+ if ((s->tlsext_status_type != -1) &&
!(s->tlsext_status_expected)
+ && s->ctx->tlsext_status_cb)
+ {
+ int r;
+ /* Set resp to NULL, resplen to -1 so callback knows
+ * there is no response.
+ */
+ if (s->tlsext_ocsp_resp)
+ {
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ s->tlsext_ocsp_resp = NULL;
+ }
+ s->tlsext_ocsp_resplen = -1;
+ r = s->ctx->tlsext_status_cb(s,
s->ctx->tlsext_status_arg);
+ if (r == 0)
+ {
+ al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ if (r < 0)
+ {
+ al = SSL_AD_INTERNAL_ERROR;
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ }
+
switch (ret)
{
case SSL_TLSEXT_ERR_ALERT_FATAL:
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
