wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

ocsp: enable OPENSSL tlsext status cb for NGINX and HAPROXY

Browse Source
This commit is contained in:
Marco Oliverio
2025-02-17 14:53:49 +00:00
parent a1d1f0ddf1
commit 7db3c34e2b
3 changed files with 8 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@@ -8690,13 +8690,13 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl)
#ifdef OPENSSL_EXTRA
XFREE(ssl->param, ssl->heap, DYNAMIC_TYPE_OPENSSL);
#endif
#if defined(HAVE_OCSP) && defined(OPENSSL_ALL)
#if defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
if (ssl->ocspResp) {
XFREE(ssl->ocspResp, NULL, 0);
ssl->ocspResp = NULL;
ssl->ocspRespSz = 0;
}
#endif /* defined(HAVE_OCSP) && defined(OPENSSL_ALL) */
#endif /* defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) */
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
while (ssl->certReqCtx != NULL) {
CertReqCtx* curr = ssl->certReqCtx;
@@ -9021,13 +9021,13 @@ void FreeHandshakeResources(WOLFSSL* ssl)
* !WOLFSSL_POST_HANDSHAKE_AUTH */
#endif /* HAVE_TLS_EXTENSIONS && !NO_TLS */
#if defined(HAVE_OCSP) && defined(OPENSSL_ALL)
#if defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
if (ssl->ocspResp != NULL) {
XFREE(ssl->ocspResp, NULL, 0);
ssl->ocspResp = NULL;
ssl->ocspRespSz = 0;
}
#endif /* HAVE_OCSP && OPENSSL_ALL */
#endif /* defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) */
#ifdef WOLFSSL_STATIC_MEMORY
/* when done with handshake decrement current handshake count */

4
src/ssl.c
View File

@@ -17355,7 +17355,7 @@ void wolfSSL_ERR_load_SSL_strings(void)
}
#endif
#ifdef HAVE_OCSP
#if defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp)
{
if (s == NULL || resp == NULL)
@@ -17377,7 +17377,7 @@ long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp,
return WOLFSSL_SUCCESS;
}
#endif /* HAVE_OCSP */
#endif /* defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) */
#ifdef HAVE_MAX_FRAGMENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)

6
wolfssl/internal.h
View File

@@ -6133,12 +6133,10 @@ struct WOLFSSL {
void* ocspIOCtx;
byte ocspProducedDate[MAX_DATE_SZ];
int ocspProducedDateFormat;
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
byte* ocspResp;
int ocspRespSz;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
char* url;
#endif
char* url;
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
word32 response_idx;