RT3963: Allow OCSP stapling with -rev and -www
authorAdam Eijdenberg <eijdenberg@google.com>
Thu, 30 Jul 2015 01:34:35 +0000 (21:34 -0400)
committerRich Salz <rsalz@openssl.org>
Fri, 31 Jul 2015 15:15:42 +0000 (11:15 -0400)
Reviewed-by: Matt Caswell <matt@openssl.org>
apps/s_server.c

index 3143078..a1fcb6e 100644 (file)
@@ -1871,6 +1871,14 @@ int s_server_main(int argc, char *argv[])
         if (ctx2)
             SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
     }
+    if (s_tlsextstatus) {
+        SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+        SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+        if (ctx2) {
+            SSL_CTX_set_tlsext_status_cb(ctx2, cert_status_cb);
+            SSL_CTX_set_tlsext_status_arg(ctx2, &tlscstatp);
+        }
+    }
 
     BIO_printf(bio_s_out, "ACCEPT\n");
     (void)BIO_flush(bio_s_out);
@@ -1989,10 +1997,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
             SSL_set_tlsext_debug_callback(con, tlsext_cb);
             SSL_set_tlsext_debug_arg(con, bio_s_out);
         }
-        if (s_tlsextstatus) {
-            SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
-            SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
-        }
 
         if (context
                 && !SSL_set_session_id_context(con,