summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/t1_lib.c
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2016-02-03 18:01:26 -0200
committerRenato Botelho <renato@netgate.com>2016-02-03 18:01:26 -0200
commitaf0758169e63a4e7f6024c241d9254a8bc09908d (patch)
treea31903fc62c875e8d23a391beb8ae57ed0092c45 /crypto/openssl/ssl/t1_lib.c
parent79f27b5150f7b79a6f1bcd30e9233f1abb9c3e36 (diff)
parent6114d518f71115abacc5d610c4d668ef6e0b2f37 (diff)
downloadFreeBSD-src-af0758169e63a4e7f6024c241d9254a8bc09908d.zip
FreeBSD-src-af0758169e63a4e7f6024c241d9254a8bc09908d.tar.gz
Merge remote-tracking branch 'origin/stable/10' into devel
Diffstat (limited to 'crypto/openssl/ssl/t1_lib.c')
-rw-r--r--crypto/openssl/ssl/t1_lib.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c
index 27f1216..2e9b65b 100644
--- a/crypto/openssl/ssl/t1_lib.c
+++ b/crypto/openssl/ssl/t1_lib.c
@@ -2081,22 +2081,20 @@ int ssl_check_serverhello_tlsext(SSL *s)
}
# endif
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ s->tlsext_ocsp_resp = NULL;
+ s->tlsext_ocsp_resplen = -1;
/*
* If we've requested certificate status and we wont get one tell the
* callback
*/
if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
- && s->ctx && s->ctx->tlsext_status_cb) {
+ && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {
int r;
/*
- * Set resp to NULL, resplen to -1 so callback knows there is no
- * response.
+ * Call callback with resp == NULL and resplen == -1 so callback
+ * knows there is no response
*/
- if (s->tlsext_ocsp_resp) {
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = NULL;
- }
- s->tlsext_ocsp_resplen = -1;
r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
if (r == 0) {
al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
OpenPOWER on IntegriCloud