ocsptool: exit with error on verification failures

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-03-23 23:14:01 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-03-23 23:14:01 +0100
commit: f3dfc2f118e02b518d0901ecb83d9c5fb1d7c2e7 (patch)
tree: 5bea8abf7aec6942b567ad060d78e65f59c27d90 /src
parent: ed53e44f7cedd04bf3e21744fa1971b5620701ac (diff)
download: gnutls-f3dfc2f118e02b518d0901ecb83d9c5fb1d7c2e7.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/src/ocsptool.c b/src/ocsptool.c
index bb50330b9d..d73ad66562 100644
--- a/src/ocsptool.c
+++ b/src/ocsptool.c
@@ -443,6 +443,7 @@ static void verify_response(gnutls_datum_t *nonce)
 	gnutls_datum_t dat;
 	size_t size;
 	gnutls_x509_crt_t signer;
+	int v;
 
 	if (HAVE_OPT(LOAD_RESPONSE))
 		dat.data =
@@ -458,13 +459,15 @@ static void verify_response(gnutls_datum_t *nonce)
 
 	signer = load_signer();
 
-	_verify_response(&dat, nonce, signer);
+	v = _verify_response(&dat, nonce, signer);
+	if (v)
+		exit(1);
 }
 
 static void ask_server(const char *url)
 {
 	gnutls_datum_t resp_data;
-	int ret, v;
+	int ret, v = 0;
 	gnutls_x509_crt_t cert, issuer;
 	unsigned char noncebuf[23];
 	gnutls_datum_t nonce = { noncebuf, sizeof(noncebuf) };
@@ -511,6 +514,8 @@ static void ask_server(const char *url)
 		fwrite(resp_data.data, 1, resp_data.size, outfile);
 	}
 
+	if (v)
+		exit(1);
 }
 
 int main(int argc, char **argv)
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-03-23 23:14:01 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-03-23 23:14:01 +0100
commit	f3dfc2f118e02b518d0901ecb83d9c5fb1d7c2e7 (patch)
tree	5bea8abf7aec6942b567ad060d78e65f59c27d90 /src
parent	ed53e44f7cedd04bf3e21744fa1971b5620701ac (diff)
download	gnutls-f3dfc2f118e02b518d0901ecb83d9c5fb1d7c2e7.tar.gz