projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
12df11b
)
Actually silently ignore GET / OCSP requests
author
Viktor Dukhovni
<openssl-users@dukhovni.org>
Mon, 15 Jul 2019 17:12:04 +0000
(13:12 -0400)
committer
Viktor Dukhovni
<openssl-users@dukhovni.org>
Tue, 16 Jul 2019 10:11:15 +0000
(06:11 -0400)
Reviewed-by: Matt Caswell <matt@openssl.org>
apps/ocsp.c
patch
|
blob
|
history
diff --git
a/apps/ocsp.c
b/apps/ocsp.c
index 9f2cf453bed7212462d4d46f0f425872d3a9f1f8..71c6a56f2ff38681ac1e045d81742c814c45fee1 100644
(file)
--- a/
apps/ocsp.c
+++ b/
apps/ocsp.c
@@
-1436,9
+1436,11
@@
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*q = '\0';
/*
- * Skip "GET / HTTP..." requests often used by load-balancers
+ * Skip "GET / HTTP..." requests often used by load-balancers. Note:
+ * 'p' was incremented above to point to the first byte *after* the
+ * leading slash, so with 'GET / ' it is now an empty string.
*/
- if (p[
1
] == '\0')
+ if (p[
0
] == '\0')
goto out;
len = urldecode(p);