Merge pull request #7028 from ejohnstown/ocsp-err-ret

OCSP Error Return
2025-07-31 19:24:42 +02:00 · 2023-12-05 11:00:51 -07:00
parent b92aa59bd8 52658c51a9
commit 4c85a5a146
1 changed files with 7 additions and 3 deletions
--- a/src/ocsp.c
+++ b/src/ocsp.c
@@ -409,10 +409,14 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
 end:
    if (ret == 0 && validated == 1) {
        WOLFSSL_MSG("New OcspResponse validated");
-    } else if ((ret == ocsp->error) && (ocspResponse->single->status->status == CERT_UNKNOWN)) {
+    }
+    else if (ret == OCSP_CERT_REVOKED) {
+        WOLFSSL_MSG("OCSP revoked");
+    }
+    else if (ret == OCSP_CERT_UNKNOWN) {
        WOLFSSL_MSG("OCSP unknown");
-        ret = OCSP_CERT_UNKNOWN;
-    } else if (ret != OCSP_CERT_REVOKED) {
+    }
+    else {
        WOLFSSL_MSG("OCSP lookup failure");
        ret = OCSP_LOOKUP_FAIL;
    }