diff options
| author | jsing <> | 2017-09-20 16:38:23 +0000 |
|---|---|---|
| committer | jsing <> | 2017-09-20 16:38:23 +0000 |
| commit | fb6a5cd3b238292c260e3f47a3e095a98c9b76d8 (patch) | |
| tree | 90e17773e5aaa4182f0541da9e2fefacd5fe2369 /src/lib | |
| parent | cea2d752cf8e2424052795439901859e1aa2a1dc (diff) | |
| download | openbsd-fb6a5cd3b238292c260e3f47a3e095a98c9b76d8.tar.gz openbsd-fb6a5cd3b238292c260e3f47a3e095a98c9b76d8.tar.bz2 openbsd-fb6a5cd3b238292c260e3f47a3e095a98c9b76d8.zip | |
Provide a useful error if there are no OCSP URLs in the peer certificate.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libtls/tls_ocsp.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_ocsp.c b/src/lib/libtls/tls_ocsp.c index ce7098bb9c..9f6f940ecf 100644 --- a/src/lib/libtls/tls_ocsp.c +++ b/src/lib/libtls/tls_ocsp.c | |||
| @@ -173,8 +173,11 @@ tls_ocsp_setup_from_peer(struct tls *ctx) | |||
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | ocsp_urls = X509_get1_ocsp(ocsp->main_cert); | 175 | ocsp_urls = X509_get1_ocsp(ocsp->main_cert); |
| 176 | if (ocsp_urls == NULL) | 176 | if (ocsp_urls == NULL) { |
| 177 | tls_set_errorx(ctx, "no OCSP URLs in peer certificate"); | ||
| 177 | goto failed; | 178 | goto failed; |
| 179 | } | ||
| 180 | |||
| 178 | ocsp->ocsp_url = strdup(sk_OPENSSL_STRING_value(ocsp_urls, 0)); | 181 | ocsp->ocsp_url = strdup(sk_OPENSSL_STRING_value(ocsp_urls, 0)); |
| 179 | if (ocsp->ocsp_url == NULL) { | 182 | if (ocsp->ocsp_url == NULL) { |
| 180 | tls_set_errorx(ctx, "out of memory"); | 183 | tls_set_errorx(ctx, "out of memory"); |