|
|
|
|
@ -460,8 +460,11 @@ ssl_tlsext_status_cb(SSL *ssl, void *arg)
|
|
|
|
|
|
|
|
|
|
int len = (int)buffer_string_length(ssl_stapling);
|
|
|
|
|
|
|
|
|
|
/* WolfSSL does not require copy */
|
|
|
|
|
uint8_t *ocsp_resp = (uint8_t *)ssl_stapling->ptr;
|
|
|
|
|
/* wolfSSL caller is going to XFREE() */
|
|
|
|
|
uint8_t *ocsp_resp = XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL);
|
|
|
|
|
if (NULL == ocsp_resp)
|
|
|
|
|
return SSL_TLSEXT_ERR_NOACK; /* ignore OCSP request if error occurs */
|
|
|
|
|
memcpy(ocsp_resp, ssl_stapling->ptr, (uint32_t)len);
|
|
|
|
|
|
|
|
|
|
if (!SSL_set_tlsext_status_ocsp_resp(ssl, ocsp_resp, len)) {
|
|
|
|
|
log_error(hctx->r->conf.errh, __FILE__, __LINE__,
|
|
|
|
|
|
