Changeset cc74801 in mod_gnutls for src/gnutls_ocsp.c


Ignore:
Timestamp:
Jun 10, 2016, 8:19:20 PM (3 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
a372379
Parents:
6b89353
Message:

Move generated vhost-wide OCSP config into a private structure

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_ocsp.c

    r6b89353 rcc74801  
    9191        ap_get_module_config(s->module_config, &gnutls_module);
    9292
    93     if (sc->ocsp_trust == NULL)
     93    if (sc->ocsp->trust == NULL)
    9494    {
    9595        ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, s,
     
    127127
    128128    unsigned int verify;
    129     ret = gnutls_ocsp_resp_verify(resp, *(sc->ocsp_trust), &verify, 0);
     129    ret = gnutls_ocsp_resp_verify(resp, *(sc->ocsp->trust), &verify, 0);
    130130    if (ret != GNUTLS_E_SUCCESS)
    131131    {
     
    253253
    254254
    255 /* TODO: fetch response from sc->ocsp_uri */
     255/* TODO: fetch response from sc->ocsp->uri */
    256256apr_status_t mgs_cache_ocsp_response(server_rec *s)
    257257{
     
    532532    }
    533533
    534     sc->ocsp_uri = mgs_cert_get_ocsp_uri(pconf, sc->certs_x509_crt_chain[0]);
    535 
    536     sc->ocsp_trust = apr_palloc(pconf,
    537                                 sizeof(gnutls_x509_trust_list_t));
     534    sc->ocsp = apr_palloc(pconf, sizeof(struct mgs_ocsp_data));
     535
     536    sc->ocsp->uri = mgs_cert_get_ocsp_uri(pconf,
     537                                          sc->certs_x509_crt_chain[0]);
     538
     539    sc->ocsp->trust = apr_palloc(pconf,
     540                                 sizeof(gnutls_x509_trust_list_t));
    538541     /* Only the direct issuer may sign the OCSP response or an OCSP
    539542      * signer. */
    540     int ret = mgs_create_ocsp_trust_list(sc->ocsp_trust,
     543    int ret = mgs_create_ocsp_trust_list(sc->ocsp->trust,
    541544                                         &(sc->certs_x509_crt_chain[1]),
    542545                                         1);
     
    549552    }
    550553    /* deinit trust list when the config pool is destroyed */
    551     apr_pool_cleanup_register(pconf, sc->ocsp_trust,
     554    apr_pool_cleanup_register(pconf, sc->ocsp->trust,
    552555                              mgs_cleanup_trust_list,
    553556                              apr_pool_cleanup_null);
Note: See TracChangeset for help on using the changeset viewer.