GH357: Update ocsp.c

Add Host Header in OCSP query if no host header is set via -header

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Ben Laurie <ben@openssl.org>

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 44f5841fff5c4e2b71b925fa4dc63fd786554b54..5b3092a4d24593d013bbeb6e7004ff611a51621b 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1262,6 +1262,8 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
     BIO *cbio = NULL;
     SSL_CTX *ctx = NULL;
     OCSP_RESPONSE *resp = NULL;
+    int found, i;
+
     cbio = BIO_new_connect(host);
     if (!cbio) {
         BIO_printf(bio_err, "Error creating connect BIO\n");
@@ -1280,6 +1282,17 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
         sbio = BIO_new_ssl(ctx, 1);
         cbio = BIO_push(sbio, cbio);
     }
+    for (found = i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+       CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+       if (strcasecmp("host", hdr->name) == 0) {
+           found = 1;
+           break;
+       }
+    }
+
+    if (!found && !X509V3_add_value("Host", host, &headers))
+        BIO_printf(bio_err, "Error setting HTTP Host header\n");
+
     resp = query_responder(cbio, path, headers, req, req_timeout);
     if (!resp)
         BIO_printf(bio_err, "Error querying OCSP responder\n");