diff options
author | Renato Botelho <renato@netgate.com> | 2016-02-03 18:01:26 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-02-03 18:01:26 -0200 |
commit | af0758169e63a4e7f6024c241d9254a8bc09908d (patch) | |
tree | a31903fc62c875e8d23a391beb8ae57ed0092c45 /crypto/openssl/ssl/t1_lib.c | |
parent | 79f27b5150f7b79a6f1bcd30e9233f1abb9c3e36 (diff) | |
parent | 6114d518f71115abacc5d610c4d668ef6e0b2f37 (diff) | |
download | FreeBSD-src-af0758169e63a4e7f6024c241d9254a8bc09908d.zip FreeBSD-src-af0758169e63a4e7f6024c241d9254a8bc09908d.tar.gz |
Merge remote-tracking branch 'origin/stable/10' into devel
Diffstat (limited to 'crypto/openssl/ssl/t1_lib.c')
-rw-r--r-- | crypto/openssl/ssl/t1_lib.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c index 27f1216..2e9b65b 100644 --- a/crypto/openssl/ssl/t1_lib.c +++ b/crypto/openssl/ssl/t1_lib.c @@ -2081,22 +2081,20 @@ int ssl_check_serverhello_tlsext(SSL *s) } # endif + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = NULL; + s->tlsext_ocsp_resplen = -1; /* * If we've requested certificate status and we wont get one tell the * callback */ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) - && s->ctx && s->ctx->tlsext_status_cb) { + && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) { int r; /* - * Set resp to NULL, resplen to -1 so callback knows there is no - * response. + * Call callback with resp == NULL and resplen == -1 so callback + * knows there is no response */ - if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = NULL; - } - s->tlsext_ocsp_resplen = -1; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); if (r == 0) { al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; |