Merge pull request #7828 from miyazakh/zd18141_ocspv2multi

Sever side checks OCSP even if it uses v2 multi
2024-08-07 17:40:23 -05:00
parent 92952a5538 c947fc8fda
commit 0ab1f1969d
1 changed files with 3 additions and 1 deletions
--- a/src/internal.c
+++ b/src/internal.c
@@ -14806,7 +14806,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                #ifdef HAVE_OCSP
                    #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
                        addToPendingCAs = 0;
-                        if (ssl->status_request_v2 && TLSX_CSR2_IsMulti(ssl->extensions)) {
+                        if (ssl->options.side == WOLFSSL_CLIENT_END &&
+                            ssl->status_request_v2 &&
+                            TLSX_CSR2_IsMulti(ssl->extensions)) {
                            ret = TLSX_CSR2_InitRequests(ssl->extensions,
                                                    args->dCert, 0, ssl->heap);
                            addToPendingCAs = 1;