From e271e41d66a94d7d10e9170f9157b2a8a90d3bd5 Mon Sep 17 00:00:00 2001 From: Jung-uk Kim Date: Thu, 28 Jan 2016 18:44:11 +0000 Subject: Import OpenSSL 1.0.1r. --- ssl/t1_lib.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'ssl/t1_lib.c') diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 27f1216c5761..2e9b65b3fdce 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2081,22 +2081,20 @@ int ssl_check_serverhello_tlsext(SSL *s) } # endif + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = NULL; + s->tlsext_ocsp_resplen = -1; /* * If we've requested certificate status and we wont get one tell the * callback */ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) - && s->ctx && s->ctx->tlsext_status_cb) { + && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) { int r; /* - * Set resp to NULL, resplen to -1 so callback knows there is no - * response. + * Call callback with resp == NULL and resplen == -1 so callback + * knows there is no response */ - if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = NULL; - } - s->tlsext_ocsp_resplen = -1; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); if (r == 0) { al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; -- cgit v1.2.3