wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 03:07:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

OCSP/CRL

Browse Source 
Added comments for the usage of OCSP_WANT_READ used with the CRL I/O
callback.
This commit is contained in:
John Safranek
2022-11-23 16:35:10 -08:00
parent 909fd726cd
commit 88f3570fe4
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@ -13482,6 +13482,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ret = CheckCertCRL(SSL_CM(ssl)->crl, ret = CheckCertCRL(SSL_CM(ssl)->crl,
args->dCert); args->dCert);
#ifdef WOLFSSL_NONBLOCK_OCSP #ifdef WOLFSSL_NONBLOCK_OCSP
/* The CRL lookup I/O callback is using the
* same WOULD_BLOCK error code as OCSP's I/O
* callback, and it is enabling it using the
* same flag. */
if (ret == OCSP_WANT_READ) { if (ret == OCSP_WANT_READ) {
args->lastErr = ret; args->lastErr = ret;
goto exit_ppc; goto exit_ppc;
@ -13852,6 +13856,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_MSG("Doing Leaf CRL check"); WOLFSSL_MSG("Doing Leaf CRL check");
ret = CheckCertCRL(SSL_CM(ssl)->crl, args->dCert); ret = CheckCertCRL(SSL_CM(ssl)->crl, args->dCert);
#ifdef WOLFSSL_NONBLOCK_OCSP #ifdef WOLFSSL_NONBLOCK_OCSP
/* The CRL lookup I/O callback is using the
* same WOULD_BLOCK error code as OCSP's I/O
* callback, and it is enabling it using the
* same flag. */
if (ret == OCSP_WANT_READ) { if (ret == OCSP_WANT_READ) {
goto exit_ppc; goto exit_ppc;
} }