X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=crypto%2Fts%2Fts_rsp_sign.c;h=3c48352366bfb923909a56643df49e71cc5b88f1;hb=ae64fb528ecc1bc0452842c5217e5989df1177ad;hp=0c8e636fdf6a76f895abe52c7b0c125669d632e9;hpb=b4e88ccb2875b414c3882759a1f1c6a4a07df389;p=openssl.git

diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index 0c8e636fdf..3c48352366 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -233,7 +233,6 @@ int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
 
 int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
 	{
-	int i;
 
 	if (ctx->certs)
 		{
@@ -241,16 +240,11 @@ int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
 		ctx->certs = NULL;
 		}
 	if (!certs) return 1;
-	if (!(ctx->certs = sk_X509_dup(certs))) 
+	if (!(ctx->certs = X509_chain_up_ref(certs))) 
 		{
 		TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
-	for (i = 0; i < sk_X509_num(ctx->certs); ++i)
-		{
-		X509 *cert = sk_X509_value(ctx->certs, i);
-		CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509);
-		}
 
 	return 1;
 	}
@@ -466,18 +460,12 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
 	if (!result)
 		{
 		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-		if (ctx != NULL)
+		if (ctx->response != NULL)
 			{
-			TS_RESP_CTX_set_status_info_cond(ctx,
+			if (TS_RESP_CTX_set_status_info_cond(ctx,
 				TS_STATUS_REJECTION, "Error during response "
-				"generation.");
-			/* Check if the status info was set. */
-			if (ctx->response && ASN1_INTEGER_get(
-			    TS_RESP_get_status_info(ctx->response)->status)
-			    == TS_STATUS_GRANTED)
+				"generation.") == 0)
 				{
-				/* Status info wasn't set, don't
-				 * return a response. */
 				TS_RESP_free(ctx->response);
 				ctx->response = NULL;
 				}
@@ -983,7 +971,7 @@ TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
 	if (precision > 0)
 	{
 		/* Add fraction of seconds (leave space for dot and null). */
-		BIO_snprintf(p, 2 + precision, ".%ld", usec);
+		BIO_snprintf(p, 2 + precision, ".%06ld", usec);
 		/* We cannot use the snprintf return value, 
 		   because it might have been truncated. */
 		p += strlen(p);