RT3963: Allow OCSP stapling with -rev and -www

Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/apps/s_server.c b/apps/s_server.c
index 3143078346ffde9eed8fde946fa8124c9c782d2a..a1fcb6e8783ef297cec845a6de8ff46b100bb945 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1871,6 +1871,14 @@ int s_server_main(int argc, char *argv[])
         if (ctx2)
             SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
     }
+    if (s_tlsextstatus) {
+        SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+        SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+        if (ctx2) {
+            SSL_CTX_set_tlsext_status_cb(ctx2, cert_status_cb);
+            SSL_CTX_set_tlsext_status_arg(ctx2, &tlscstatp);
+        }
+    }
 
     BIO_printf(bio_s_out, "ACCEPT\n");
     (void)BIO_flush(bio_s_out);
@@ -1989,10 +1997,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
             SSL_set_tlsext_debug_callback(con, tlsext_cb);
             SSL_set_tlsext_debug_arg(con, bio_s_out);
         }
-        if (s_tlsextstatus) {
-            SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
-            SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
-        }
 
         if (context
                 && !SSL_set_session_id_context(con,