Update docs.

[openssl.git] / apps / ocsp.c

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 885e68e363349863186aee3266ca5ab243754033..3dc36c4bdc4a4ab67b5a6f68f1e780fd487123af 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -64,6 +64,7 @@
 #include <openssl/ocsp.h>
 #include <openssl/err.h>
 #include <openssl/ssl.h>
+#include <openssl/bn.h>
 
 /* Maximum leeway in validity period: default 5 minutes */
 #define MAX_VALIDITY_PERIOD    (5 * 60)
@@ -123,6 +124,7 @@ int MAIN(int argc, char **argv)
        int accept_count = -1;
        int badarg = 0;
        int i;
+       int ignore_err = 0;
        STACK *reqnames = NULL;
        STACK_OF(OCSP_CERTID) *ids = NULL;
 
@@ -137,6 +139,7 @@ int MAIN(int argc, char **argv)
        if (!load_config(bio_err, NULL))
                goto end;
        SSL_load_error_strings();
+       OpenSSL_add_ssl_algorithms();
        args = argv + 1;
        reqnames = sk_new_null();
        ids = sk_OCSP_CERTID_new_null();
@@ -182,6 +185,8 @@ int MAIN(int argc, char **argv)
                                }
                        else badarg = 1;
                        }
+               else if (!strcmp(*args, "-ignore_err"))
+                       ignore_err = 1;
                else if (!strcmp(*args, "-noverify"))
                        noverify = 1;
                else if (!strcmp(*args, "-nonce"))
@@ -722,6 +727,11 @@ int MAIN(int argc, char **argv)
                        BIO_printf(bio_err, "SSL is disabled\n");
                        goto end;
 #endif
+                       if (ctx == NULL)
+                               {
+                               BIO_printf(bio_err, "Error creating SSL context.\n");
+                               goto end;
+                               }
                        SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
                        sbio = BIO_new_ssl(ctx, 1);
                        cbio = BIO_push(sbio, cbio);
@@ -781,8 +791,10 @@ int MAIN(int argc, char **argv)
 
        if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL)
                {
-               BIO_printf(out, "Responder Error: %s (%ld)\n",
+               BIO_printf(out, "Responder Error: %s (%d)\n",
                                OCSP_response_status_str(i), i);
+               if (ignore_err)
+                       goto redo_accept;
                ret = 0;
                goto end;
                }
@@ -845,7 +857,7 @@ int MAIN(int argc, char **argv)
 
                if(i <= 0)
                        {
-                       BIO_printf(bio_err, "Response Verify Failure\n", i);
+                       BIO_printf(bio_err, "Response Verify Failure\n");
                        ERR_print_errors(bio_err);
                        }
                else
@@ -1215,7 +1227,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
                return 0;
        BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
        i2d_OCSP_RESPONSE_bio(cbio, resp);
-       BIO_flush(cbio);
+       (void)BIO_flush(cbio);
        return 1;
        }