Browse Source

[mod_wolfssl] copy stapling buf for OCSP resp

master
Glenn Strauss 10 months ago
parent
commit
86a6c9ca35
  1. 7
      src/mod_wolfssl.c

7
src/mod_wolfssl.c

@ -460,8 +460,11 @@ ssl_tlsext_status_cb(SSL *ssl, void *arg)
int len = (int)buffer_string_length(ssl_stapling);
/* WolfSSL does not require copy */
uint8_t *ocsp_resp = (uint8_t *)ssl_stapling->ptr;
/* wolfSSL caller is going to XFREE() */
uint8_t *ocsp_resp = XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL);
if (NULL == ocsp_resp)
return SSL_TLSEXT_ERR_NOACK; /* ignore OCSP request if error occurs */
memcpy(ocsp_resp, ssl_stapling->ptr, (uint32_t)len);
if (!SSL_set_tlsext_status_ocsp_resp(ssl, ocsp_resp, len)) {
log_error(hctx->r->conf.errh, __FILE__, __LINE__,

Loading…
Cancel
Save