This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 6716a2e4f Ensure basic response is cleaned up
6716a2e4f is described below
commit 6716a2e4ff5f1b4e2eb02f8af9fa50b8bf514b6c
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Dec 11 08:59:55 2025 +0000
Ensure basic response is cleaned up
---
native/src/sslutils.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index 9888bdb0b..e71ebc8b8 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -1040,11 +1040,12 @@ static int process_ocsp_response(OCSP_REQUEST
*ocsp_req, OCSP_RESPONSE *ocsp_res
certid = OCSP_cert_to_id(NULL, cert, issuer);
if (certid == NULL) {
- return OCSP_STATUS_UNKNOWN;
+ X509_STORE_CTX_set_error(ctx, X509_V_ERR_OCSP_RESP_INVALID);
+ o = OCSP_STATUS_UNKNOWN;
+ goto clean_bs;
}
- ss = OCSP_resp_get0(bs, OCSP_resp_find(bs, certid, -1)); /* find by serial
number and get the matching response */
-
+ ss = OCSP_resp_get0(bs, OCSP_resp_find(bs, certid, -1)); /* find by serial
number and get the matching response */
i = OCSP_single_get0_status(ss, NULL, NULL, NULL, NULL);
if (i == V_OCSP_CERTSTATUS_GOOD)
o = OCSP_STATUS_OK;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
