From bdaf00e34162bfb30c5d2bc955a7420ffd4cc33b Mon Sep 17 00:00:00 2001
From: beck <>
Date: Mon, 27 Mar 2017 18:26:53 +0000
Subject: use a path of "/" if the URL does not include a trailing / - since
 the web server probably doesn't like it, even though you published the url
 without the trailing / in the certificate. (hello digicert!) ok claudio@

---
 src/usr.sbin/ocspcheck/ocspcheck.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/usr.sbin/ocspcheck/ocspcheck.c b/src/usr.sbin/ocspcheck/ocspcheck.c
index 90a9143ee8..3917515f64 100644
--- a/src/usr.sbin/ocspcheck/ocspcheck.c
+++ b/src/usr.sbin/ocspcheck/ocspcheck.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocspcheck.c,v 1.18 2017/03/27 18:14:20 beck Exp $ */
+/* $OpenBSD: ocspcheck.c,v 1.19 2017/03/27 18:26:53 beck Exp $ */
 /*
  * Copyright (c) 2017 Bob Beck <beck@openbsd.org>
  *
@@ -568,10 +568,13 @@ main(int argc, char **argv)
 	if ((request = ocsp_request_new_from_cert(certfile, nonce)) == NULL)
 		exit(1);
 
+	dspew("Built an %ld byte ocsp request\n", request->size);
+
 	if ((host = url2host(request->url, &port, &path)) == NULL)
 		errx(1, "Invalid OCSP url %s from %s", request->url,
 		    certfile);
-	dspew("Built an %ld byte ocsp request\n", request->size);
+	if (*path == '\0')
+		path = "/";
 	vspew("Using %s to host %s, port %d, path %s\n",
 	    port == 443 ? "https" : "http", host, port, path);
 
-- 
cgit v1.2.3-55-g6feb