diff options
Diffstat (limited to 'lib/auth/cert.c')
-rw-r--r-- | lib/auth/cert.c | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/lib/auth/cert.c b/lib/auth/cert.c index 465bcf4888..54a15db2ad 100644 --- a/lib/auth/cert.c +++ b/lib/auth/cert.c @@ -394,7 +394,7 @@ call_get_cert_callback(gnutls_session_t session, selected_certs_set(session, pcert, pcert_length, ocsp, ocsp_length, local_key, flags&GNUTLS_CERT_RETR_DEINIT_ALL?1:0, - NULL, NULL); + cred->glob_ocsp_func, cred->glob_ocsp_func_ptr); return 0; } else { @@ -1427,23 +1427,29 @@ _gnutls_server_select_cert(gnutls_session_t session, const gnutls_cipher_suite_e */ finished: if (idx >= 0) { - if (cred->certs[idx].ocsp_func) { - selected_certs_set(session, - &cred->certs[idx].cert_list[0], - cred->certs[idx].cert_list_length, - NULL, 0, - cred->certs[idx].pkey, 0, - cred->certs[idx].ocsp_func, - cred->certs[idx].ocsp_func_ptr); - } else { - selected_certs_set(session, - &cred->certs[idx].cert_list[0], - cred->certs[idx].cert_list_length, - &cred->certs[idx].ocsp_data[0], - cred->certs[idx].ocsp_data_length, - cred->certs[idx].pkey, 0, - NULL, NULL); + gnutls_status_request_ocsp_func ocsp_func = NULL; + void *ocsp_ptr = NULL; + gnutls_ocsp_data_st *ocsp = NULL; + unsigned nocsp = 0; + + if (cred->certs[idx].ocsp_data_length > 0) { + ocsp = &cred->certs[idx].ocsp_data[0]; + nocsp = cred->certs[idx].ocsp_data_length; + } else if (cred->glob_ocsp_func != NULL) { + ocsp_func = cred->glob_ocsp_func; + ocsp_ptr = cred->glob_ocsp_func_ptr; + } else if (cred->certs[idx].ocsp_func != NULL) { + ocsp_func = cred->certs[idx].ocsp_func; + ocsp_ptr = cred->certs[idx].ocsp_func_ptr; } + + selected_certs_set(session, + &cred->certs[idx].cert_list[0], + cred->certs[idx].cert_list_length, + ocsp, nocsp, + cred->certs[idx].pkey, 0, + ocsp_func, + ocsp_ptr); } else { gnutls_assert(); /* Certificate does not support REQUESTED_ALGO. */ |