wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix bugs that made it so client side wasn't verifying certificate status.

Browse Source
This commit is contained in:
Hayden Roche
2020-12-15 09:13:32 -06:00
parent 801aa18b9e
commit eb6473b00f
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -9825,6 +9825,7 @@ static int ProcessCSR(WOLFSSL* ssl, byte* input, word32* inOutIdx,
{ {
int ret = 0; int ret = 0;
OcspRequest* request; OcspRequest* request;
WOLFSSL_ENTER("ProcessCSR");
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
CertStatus* status; CertStatus* status;
@@ -9906,6 +9907,7 @@ static int ProcessCSR(WOLFSSL* ssl, byte* input, word32* inOutIdx,
XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
#endif #endif
WOLFSSL_LEAVE("ProcessCSR", ret);
return ret; return ret;
} }
#endif #endif
@@ -11196,7 +11198,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args->fatal = TLSX_CSR_InitRequest(ssl->extensions, args->fatal = TLSX_CSR_InitRequest(ssl->extensions,
args->dCert, ssl->heap); args->dCert, ssl->heap);
doLookup = 0; doLookup = 0;
#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_CLIENT) #if defined(WOLFSSL_TLS13)
if (ssl->options.tls1_3) { if (ssl->options.tls1_3) {
TLSX* ext = TLSX_Find(ssl->extensions, TLSX* ext = TLSX_Find(ssl->extensions,
TLSX_STATUS_REQUEST); TLSX_STATUS_REQUEST);

2
src/tls.c
View File

@@ -3061,12 +3061,10 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (offset + resp_length != length) if (offset + resp_length != length)
ret = BUFFER_ERROR; ret = BUFFER_ERROR;
} }
#if !defined(NO_WOLFSSL_SERVER)
if (ret == 0) { if (ret == 0) {
csr->response.buffer = input + offset; csr->response.buffer = input + offset;
csr->response.length = resp_length; csr->response.length = resp_length;
} }
#endif
return ret; return ret;
} }

2
wolfssl/internal.h
View File

@@ -2352,7 +2352,7 @@ typedef struct {
union { union {
OcspRequest ocsp; OcspRequest ocsp;
} request; } request;
#if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) #if defined(WOLFSSL_TLS13)
buffer response; buffer response;
#endif #endif
} CertificateStatusRequest; } CertificateStatusRequest;