From a00eaeb877d092e1fdc7468d53f7930c98e3ebca Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Fri, 4 Jan 2019 13:16:47 -0700 Subject: [PATCH] add ocsp stapling test and initialize values --- scripts/ocsp-stapling.test | 27 +++++++++++++++++++++++++++ src/internal.c | 3 +++ 2 files changed, 30 insertions(+) diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index 11b0c41a3..a314f21a4 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -178,6 +178,33 @@ if [ ! -z "$size" ]; then printf 'OK\n' fi +# test interop fail case +ready_file=`pwd`/wolf_ocsp_readyF$$ +printf '%s\n' "ready file: $ready_file" +./examples/server/server -o -R $ready_file & +wolf_pid=$! +wait_for_readyFile $ready_file +if [ ! -f $ready_file ]; then + printf '%s\n' "Failed to create ready file: \"$ready_file\"" + exit 1 +else + # should fail if ocspstapling is also enabled + RPORTSELECTED=`cat $ready_file` + echo "hi" | openssl s_client -status -connect 127.0.0.1:${RPORTSELECTED} -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem + if [ $? -eq 0 ]; then + printf '%s\n' "Succeeded when should have failed" + remove_single_rF $ready_file + exit 1 + fi + remove_single_rF $ready_file + wait $wolf_pid + if [ $? -ne 1 ]; then + printf '%s\n' "wolfSSL server unexpected fail value" + exit 1 + fi +fi + + # create a port 0 port to use with openssl ocsp responder ./examples/server/server -R $ready_file -p $resume_port & wait_for_readyFile $ready_file diff --git a/src/internal.c b/src/internal.c index 9a88638e8..a76d664dd 100644 --- a/src/internal.c +++ b/src/internal.c @@ -14168,6 +14168,9 @@ static int CreateOcspRequest(WOLFSSL* ssl, OcspRequest* request, { int ret; + if (request != NULL) + XMEMSET(request, 0, sizeof(OcspRequest)); + InitDecodedCert(cert, certData, length, ssl->heap); /* TODO: Setup async support here */ ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, ssl->ctx->cm);