OPENSSL_free(thost);
OPENSSL_free(tport);
OPENSSL_free(tpath);
+ thost = tport = tpath = NULL;
if (!OCSP_parse_url(opt_arg(), &host, &port, &path, &use_ssl)) {
BIO_printf(bio_err, "%s Error parsing URL\n", prog);
goto end;
/* If running as responder don't verify our own response */
if (cbio) {
- if (--accept_count <= 0) {
+ /* If not unlimited, see if we took all we should. */
+ if (accept_count != -1 && --accept_count <= 0) {
ret = 0;
goto end;
}
OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
const char *host, const char *path,
const char *port, int use_ssl,
- const STACK_OF(CONF_VALUE) *headers,
+ STACK_OF(CONF_VALUE) *headers,
int req_timeout)
{
BIO *cbio = NULL;
SSL_CTX *ctx = NULL;
OCSP_RESPONSE *resp = NULL;
+ int found, i;
+
cbio = BIO_new_connect(host);
if (!cbio) {
BIO_printf(bio_err, "Error creating connect BIO\n");
sbio = BIO_new_ssl(ctx, 1);
cbio = BIO_push(sbio, cbio);
}
+ for (found = i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+ CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+ if (strcasecmp("host", hdr->name) == 0) {
+ found = 1;
+ break;
+ }
+ }
+
+ if (!found && !X509V3_add_value("Host", host, &headers))
+ BIO_printf(bio_err, "Error setting HTTP Host header\n");
+
resp = query_responder(cbio, path, headers, req, req_timeout);
if (!resp)
BIO_printf(bio_err, "Error querying OCSP responder\n");