diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-15 15:49:53 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-15 15:54:55 +0100 |
| commit | 12743f58789ccfc3cb9d8b0d117b561252d6dc6d (patch) | |
| tree | c89a40e25932bde02e2042a7f4488f9df38d7cb2 | |
| parent | ef7fb36c906374cd0e73fa2a3d135fe6d6dc0061 (diff) | |
| download | gnutls-12743f58789ccfc3cb9d8b0d117b561252d6dc6d.tar.gz | |
ocsptool-common: iterate through all AIA items prior to decidig the OCSP server
| -rw-r--r-- | src/ocsptool-common.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c index 95eb731c35..de16cb5267 100644 --- a/src/ocsptool-common.c +++ b/src/ocsptool-common.c @@ -147,6 +147,7 @@ int send_ocsp_request(const char *server, unsigned char *p; const char *hostname; const char *path = ""; + unsigned i; unsigned int headers_size = 0, port; socket_st hd; @@ -156,15 +157,23 @@ int send_ocsp_request(const char *server, /* try to read URL from issuer certificate */ gnutls_datum_t data; - ret = gnutls_x509_crt_get_authority_info_access(cert, 0, - GNUTLS_IA_OCSP_URI, - &data, - NULL); + i = 0; + do { + ret = gnutls_x509_crt_get_authority_info_access(cert, i++, + GNUTLS_IA_OCSP_URI, + &data, + NULL); + } while(ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + + if (ret < 0) { + i = 0; + do { + ret = + gnutls_x509_crt_get_authority_info_access + (issuer, i++, GNUTLS_IA_OCSP_URI, &data, NULL); + } while(ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + } - if (ret < 0) - ret = - gnutls_x509_crt_get_authority_info_access - (issuer, 0, GNUTLS_IA_OCSP_URI, &data, NULL); if (ret < 0) { fprintf(stderr, "Cannot find URL from issuer: %s\n", |