# HG changeset patch # Parent 3e2f451bd0366149bb0d56782351ad69fd05a9b9 Stapling : fixing indentation diff -r 3e2f451bd036 src/event/ngx_event_openssl_stapling.c --- a/src/event/ngx_event_openssl_stapling.c Sat Mar 28 18:19:44 2015 +0100 +++ b/src/event/ngx_event_openssl_stapling.c Sat Mar 28 18:23:41 2015 +0100 @@ -677,37 +677,37 @@ ngx_ssl_stapling_ocsp_handler(ngx_ssl_oc for (i = 0; i < nelts; i++, cert++, issuer++) { - id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509); - if (id == NULL) { - ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, - "OCSP_cert_to_id() failed"); - goto error; + id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509); + if (id == NULL) { + ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, + "OCSP_cert_to_id() failed"); + goto error; + } + + if (OCSP_resp_find_status(basic, id, &n, NULL, NULL, + &thisupdate, &nextupdate) + != 1) + { + ngx_log_error(NGX_LOG_ERR, ctx->log, 0, + "certificate status not found in the OCSP response"); + goto error; + } + + if (n != V_OCSP_CERTSTATUS_GOOD) { + ngx_log_error(NGX_LOG_ERR, ctx->log, 0, + "certificate status \"%s\" in the OCSP response", + OCSP_cert_status_str(n)); + goto error; + } + + if (OCSP_check_validity(thisupdate, nextupdate, 300, -1) != 1) { + ngx_ssl_error(NGX_LOG_ERR, ctx->log, 0, + "OCSP_check_validity() failed"); + goto error; + } + + OCSP_CERTID_free(id); } - - if (OCSP_resp_find_status(basic, id, &n, NULL, NULL, - &thisupdate, &nextupdate) - != 1) - { - ngx_log_error(NGX_LOG_ERR, ctx->log, 0, - "certificate status not found in the OCSP response"); - goto error; - } - - if (n != V_OCSP_CERTSTATUS_GOOD) { - ngx_log_error(NGX_LOG_ERR, ctx->log, 0, - "certificate status \"%s\" in the OCSP response", - OCSP_cert_status_str(n)); - goto error; - } - - if (OCSP_check_validity(thisupdate, nextupdate, 300, -1) != 1) { - ngx_ssl_error(NGX_LOG_ERR, ctx->log, 0, - "OCSP_check_validity() failed"); - goto error; - } - - OCSP_CERTID_free(id); - } /* END OF For each 'cert/issuer' pair */ OCSP_BASICRESP_free(basic); OCSP_RESPONSE_free(ocsp); @@ -1179,15 +1179,14 @@ ngx_ssl_ocsp_dummy_handler(ngx_event_t * static ngx_int_t ngx_ssl_ocsp_create_request(ngx_ssl_ocsp_ctx_t *ctx) { - int len; - u_char *p; - uintptr_t escape; - ngx_str_t binary, base64; - ngx_buf_t *b; - OCSP_CERTID *id; - OCSP_REQUEST *ocsp; - + int len; + u_char *p; + uintptr_t escape; ngx_uint_t i, nelts; + ngx_str_t binary, base64; + ngx_buf_t *b; + OCSP_CERTID *id; + OCSP_REQUEST *ocsp; ngx_ssl_certificate_t *cert; ngx_ssl_certificate_t *issuer; @@ -1204,20 +1203,20 @@ ngx_ssl_ocsp_create_request(ngx_ssl_ocsp for (i = 0; i < nelts; i++, cert++, issuer++) { - id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509); - if (id == NULL) { - ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, - "OCSP_cert_to_id() failed"); - goto failed; + id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509); + if (id == NULL) { + ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, + "OCSP_cert_to_id() failed"); + goto failed; + } + + if (OCSP_request_add0_id(ocsp, id) == NULL) { + ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, + "OCSP_request_add0_id() failed"); + goto failed; + } } - if (OCSP_request_add0_id(ocsp, id) == NULL) { - ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0, - "OCSP_request_add0_id() failed"); - goto failed; - } - } /* END OF For each 'cert/issuer' pair */ - len = i2d_OCSP_REQUEST(ocsp, NULL); if (len <= 0) { ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,